CN117236701B - Robust risk identification method based on game analysis - Google Patents

Abstract

The invention discloses a robust risk identification method based on game analysis, which is used for obtaining cost benefit information of a risk identification model relative to the attribute of original data based on expert experience; constructing a cost benefit matrix based on the attribute according to the cost benefit information; obtaining a mixing strategy balancing probability based on the cost benefit matrix, and determining a Bernoulli random variable by utilizing the mixing strategy balancing probability and the Bernoulli distribution; and sampling the Bernoulli random variable by using a preset algorithm to process the original data to obtain processed data, and training the risk identification model by using the processed data to obtain a robust risk identification model. According to the invention, through analyzing the attack benefits and the cost of the data attributes, the information use probability in the artificial intelligence algorithm is dynamically adjusted so as to reduce the attack benefits of potential attackers, thereby reducing the probability of attack success and providing a robust risk identification model.

Description

Robust risk identification method based on game analysis

Technical Field

The invention relates to the technical field of next-generation Internet application safety, network space safety and artificial intelligence safety research, in particular to a robust risk identification method based on game analysis.

Background

The basis of artificial intelligence techniques is optimization techniques (e.g., gradient-based random gradient descent algorithms) that aim at searching a model in a selected model space that minimizes or maximizes the objective function (as determined by the specific task), thereby achieving model training optimization. The technique generally uses a back-propagation algorithm to find the gradient of the smart model, followed by a random gradient descent algorithm to refine the model. In the process, data information continuously enters the model to become an information basis for model judgment. However, due to the limitations of using a stochastic gradient descent algorithm alone, it is difficult for the smart model to distinguish between correlations and causal relationships present in the data (where causal relationships are part of correlations representing direct causal effects of both, and in addition to causal relationships, correlations include confusion bias due to the existence of common causes and selection bias due to the existence of common results, these non-causal correlations can lead to instability in risk identification), resulting in failure to overcome the limitations of the data collection phase (e.g., selection bias exists for data generated by only a single enterprise, and cannot cover all details of the attack faced). Therefore, this simple random gradient descent algorithm may cause the smart model to learn some abnormal correlations, resulting in erroneous decisions. This non-causal correlation is the goal that potential attackers may utilize. Game theory is a mathematical tool for analyzing interactions among different behavior subjects, judging the behaviors of the different behavior subjects under the assumption of a physical person through formalizing the economic attribute of the interactions, and making optimal decisions according to expected behaviors to cope with the behaviors. In game theory, the cost benefit matrix is a basic analysis element, and each behavior body selects a strategy with higher benefit to be executed due to the existence of rational person assumption, so that reasonable simplification makes it possible to predict opponent behaviors. In practice, costs and benefits can be observed and collected in long-term social practice, while gambling helps specific behavioral principals translate costs and benefits into expectations for opponent behavior, thereby objectively characterizing opponent behavior.

With the application and popularization of internet technology, countries and enterprises are frequently contacted with the internet to bring long-tail effect, so that the traditional method of manually performing risk identification cannot cope with mass service data in the internet age. For this reason, countries and enterprises begin to introduce artificial intelligence technology to perform intelligent risk recognition, such as network gambling risk recognition based on a multi-layer perceptron technology and money laundering risk recognition based on an integrated tree model. However, smart risk identification technologies also face potential attack challenges: potential attackers can adjust their own patterns of behavior to bypass the risk identification system, thereby gaining tremendous economic benefits. This hidden potential attack behavior brings risks and economic losses to the enterprise on the one hand; on the other hand, the method also brings difficulty to the supervision and protection of the country. Therefore, how to increase the robustness of the recognition risk becomes an important component of the economic and social development.

Disclosure of Invention

The present invention aims to solve at least one of the technical problems in the related art to some extent.

The object of the present invention is to solve the problem of resistant attacks in risk identification systems. Therefore, the invention provides a robust risk recognition method based on game analysis, and the method constructs a model training method with random strategies by means of a game model, so that the uncertainty of training reduces the attack income of potential attackers, improves the attack cost, and further reduces the occurrence of the attack.

It is another object of the present invention to provide a robust risk identification device based on game analysis.

To achieve the above objective, in one aspect, the present invention provides a robust risk identification method based on game analysis, including:

obtaining cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience;

constructing a cost benefit matrix based on attributes according to the cost benefit information;

obtaining a mixing strategy balancing probability based on the cost benefit matrix, and determining a Bernoulli random variable by utilizing the mixing strategy balancing probability and the Bernoulli distribution;

and sampling the Bernoulli random variable by using a preset algorithm to process the original data to obtain processed data, and training the risk identification model by using the processed data to obtain a robust risk identification model.

The robust risk identification method based on game analysis of the embodiment of the invention can also have the following additional technical characteristics:

in one embodiment of the invention, the cost benefit information includes cost required for the attack, benefit when the model is trained using the attribute for the attack, benefit when the model is not trained using the attribute for the attack, and benefit when the model is not trained using the attribute for the attack.

In one embodiment of the present invention, obtaining a mixing policy equalization probability according to the cost benefit matrix includes:

determining a use probability expression and an unused probability expression of the attribute;

constructing an equilibrium equation according to the used probability expression and the unused probability expression;

and solving the balance equation to obtain a mixed strategy balance probability, so as to determine the use probability of the attribute according to the mixed strategy balance probability.

In one embodiment of the present invention, sampling the bernoulli random variable using a preset algorithm to process the raw data to obtain processed data includes:

independently and uniformly sampling the Bernoulli random variable through a Monte Carlo algorithm to obtain a sampling value of the Bernoulli random variable;

and carrying out data processing on the original data by using the sampling value to obtain the processed data.

In one embodiment of the present invention, after obtaining the processed data, the method further comprises:

presetting model optimization stop conditions;

performing model training optimization by using the processed data, judging whether the optimized model meets the model optimization stopping condition, if not, continuing to sample the data and adopting the method to process the data for training; if yes, judging whether the expert experience is updated.

To achieve the above object, another aspect of the present invention provides a robust risk recognition apparatus based on game analysis, including:

the cost benefit information acquisition module is used for acquiring cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience;

the cost benefit matrix construction module is used for constructing a cost benefit matrix based on the attribute according to the cost benefit information;

the probability calculation variable determining module is used for obtaining a mixed strategy balancing probability based on the cost benefit matrix and determining a Bernoulli random variable by utilizing the mixed strategy balancing probability and the Bernoulli distribution;

the data optimization model training module is used for sampling the Bernoulli random variables by using a preset algorithm to process the original data to obtain processed data, and training the risk recognition model by using the processed data to obtain a robust risk recognition model.

According to the robust risk identification method and device based on game analysis, through analysis of the attack benefits and the cost of the data attributes, the information use probability in the artificial intelligent algorithm is dynamically adjusted, so that the attack benefits of potential attackers are reduced, the probability of attack success is reduced, and a robust risk identification model is provided. Meanwhile, the limitation of the data collection stage can be effectively limited, so that the causal relation between the input and the output is enhanced by using the cost benefit knowledge, and support is provided for robust identification.

Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.

Drawings

The foregoing and/or additional aspects and advantages of the invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, in which:

FIG. 1 is a flow chart of a robust risk identification method based on gaming analysis in accordance with an embodiment of the present invention;

FIG. 2 is a logic diagram of robust risk identification based on gaming analysis in accordance with an embodiment of the present invention;

FIG. 3 is a schematic diagram of a business scenario according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a robust risk identification device based on game analysis according to an embodiment of the present invention.

Detailed Description

It should be noted that, without conflict, the embodiments of the present invention and features of the embodiments may be combined with each other. The invention will be described in detail below with reference to the drawings in connection with embodiments.

In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.

The following describes a robust risk identification method and device based on game analysis according to an embodiment of the present invention with reference to the accompanying drawings.

It can be understood that the robust risk recognition method based on game analysis of the present invention mainly relates to a risk recognition scenario, as shown in fig. 3, for example, in a risk recognition task, an defender can perform risk recognition by using technical means such as artificial intelligence; and an attacker can modify the corresponding attribute of the attacker by observing the identification result of the defender on different data, so that risk identification is avoided, and further illegal risk behaviors are implemented. The basic idea of the invention is to obtain the optimal probability distribution used or discarded by the input attribute by introducing game analysis, and use the input attribute according to the corresponding probability distribution, thereby controlling the influence of the attribute on model decision. Since the amount of information flowing into the model from different attributes is strongly correlated with the frequency of use of that attribute in the optimization process of machine learning. When the frequency of use of the attribute in gradient descent is reduced, the importance of the attribute in the model decision stage can be correspondingly reduced, so that the decision result is affected. Meanwhile, the probability distribution of the original data is changed when the attack occurs, so that the model is induced to make an erroneous decision. Thus, by reducing the importance of vulnerable attributes, the robustness of risk identification may be increased. Because the interaction of the attack and defense parties can be modeled as a two-person game process, the probability of the attacker attacking the specific attribute is described by introducing priori knowledge of cost benefits, and the probability distribution is used for guiding model training, so that a robust risk identification model can be obtained. Based on the idea, the invention provides a robust risk recognition model training method based on game analysis, which can introduce cost benefits as priori knowledge into the training process of the model, thereby improving the capability of the model to extract causal relations and being a safer and more robust model for risk recognition training in the Internet age.

Fig. 1 is a flowchart of a robust risk identification method based on game analysis according to an embodiment of the present invention, and fig. 2 is a logic flow diagram of a method according to an embodiment of the present invention.

As shown in fig. 1 and 2, the method includes, but is not limited to, the steps of:

s1, obtaining cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience.

Specifically, according to historical information and priori knowledge, the cost and the benefit of the attack attribute are obtained, and data support is provided for subsequent game analysis.

In one embodiment of the invention, for any attribute in D-dimension D，/>The cost and benefit variables are obtained through expert experience: including the cost required for the attack->Attack modelBenefit +.>Challenge without model training +.>Inlet ∈A, model training without attack ∈A>And +.A model training without attack ∈ ->。

S2, constructing a cost benefit matrix based on the attribute according to the cost benefit information.

Specifically, a cost benefit matrix is constructed from the cost benefit information. Such structured cost benefit information is a solution process that can simplify the equalization.

In one embodiment of the invention, for any attributeConstructing a cost benefit matrix by using the information acquired in step S1, as shown in table 1:

TABLE 1

And S3, obtaining a mixing strategy equalization probability based on the cost benefit matrix, and determining a Bernoulli random variable by utilizing the mixing strategy equalization probability and the Bernoulli distribution.

Specifically, the cost benefit matrix obtained in step S2 is used to find the equalization probability, thereby obtaining the usage attributeIs a probability of (2). Comprising the following steps:

assume use ofThe probability of (2) is +.>Then do not use->The probability of (2) is +.>

Listing aboutIs the equilibrium equation of (2):

∙(/>) +(/>)∙(/>) =/>∙/>+(/>∙/>

solving the equalization probability:

s4, sampling Bernoulli random variables by using a preset algorithm to process the original data to obtain processed data, and training the risk identification model by using the processed data to obtain a robust risk identification model.

In particular, utilizeTo construct a distribution of mask random variables using probabilities such that information into the model can be adjusted using the mask, including:

using the probabilities determined in step S3The mask is constructed. Wherein->For the sake of +>Obeying bernoulli distribution as shown in table 2:

TABLE 2

When (when)Property +.>May be used for model training; on the contrary, attribute ++>Is not available for model training.

Obtain%) Wherein->Is the Bernoulli random variable of the last step.

In one embodiment of the invention, the mask is sampled using Monte Carlo algorithm and acts on the raw data to filter the data information, including:

according to the d Bernoulli distributions constructed in the previous step (i.e) Independent and equidistributed sampling is respectively carried out to obtain sampling values of mask variables +.>。

Sampling valueThe original data is acted on according to the following equationDTo adjust the information in the data:

wherein the method comprises the steps ofRepresenting the hadamard product.

Further, the processed data is utilizedReplace original dataDRandom gradient descent is performed to train a robust risk identification model.

Further, if the condition of training end is not reached, returning to step S4 to sample and re-perform the next training round.

Further, if the priori knowledge and the historical information change, returning to the step S1 to acquire the information again, and calculating the corresponding use probability.

In summary, the invention dynamically adjusts the information use probability in the artificial intelligent algorithm through the attack income and cost analysis of the data attribute so as to reduce the attack income of potential attackers, thereby reducing the probability of attack success and providing a robust risk identification model. Meanwhile, the method is a data-independent method, and can effectively limit the limitation of a data collection stage, so that the causal relation between input and output is enhanced by using cost benefit knowledge, and support is provided for robust identification.

According to the robust risk recognition method based on game analysis, the problem of attack resistance in risk recognition is modeled by utilizing game analysis, and the training process of the model is improved in a data-independent and model-independent mode through the introduction of expert experience and knowledge, so that the capability of the model for extracting causality is greatly improved. Meanwhile, the training method for limiting information entering the model by using the mask theoretically increases uncertainty and required attack cost faced by an attacker, reduces the probability of being attacked, and improves the robustness of risk identification.

In order to implement the above embodiment, as shown in fig. 4, a robust risk recognition apparatus 10 based on game analysis is further provided in this embodiment, where the apparatus 10 includes a cost benefit information acquisition module 100, a cost benefit matrix construction module 200, a probability calculation variable determination module 300, and a data optimization model training module 400;

a cost benefit information obtaining module 100, configured to obtain cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience;

a cost benefit matrix construction module 200 for constructing a cost benefit matrix based on the attribute according to the cost benefit information;

the probability calculation variable determining module 300 is configured to obtain a mixed policy equalization probability based on the cost benefit matrix, and determine a bernoulli random variable by using the mixed policy equalization probability and the bernoulli distribution;

the data optimization model training module 400 is configured to sample the bernoulli random variable by using a preset algorithm to process the original data to obtain processed data, and train the risk recognition model by using the processed data to obtain a robust risk recognition model.

Further, cost benefit information includes costs required for the attack, benefits when the model is trained using the attributes for the attack, benefits when the model is not trained using the attributes for the attack, and benefits when the model is not trained using the attributes for the attack.

Further, the probability calculation variable determining module 300 is further configured to:

determining a use probability expression and an unused probability expression of the attribute;

constructing an equilibrium equation according to the used probability expression and the unused probability expression;

and solving the balance equation to obtain a mixed strategy balance probability, so as to determine the use probability of the attribute according to the mixed strategy balance probability.

Further, the data optimization model training module 400 is further configured to:

independently and uniformly sampling the Bernoulli random variable through a Monte Carlo algorithm to obtain a sampling value of the Bernoulli random variable;

and carrying out data processing on the original data by using the sampling value to obtain the processed data.

Further, after the data optimization model training module 400, further includes: the data updating judging module is used for:

presetting model optimization stop conditions;

model training optimization is carried out by using the processed data, whether the optimized model meets the model optimization stopping condition is judged, if not, the data is continuously sampled and the data is processed by adopting the method for training; if yes, judging whether the expert experience is updated.

According to the robust risk recognition device based on game analysis, the problem of attack resistance in risk recognition is modeled by utilizing game analysis, and the training process of the model is improved in a data-independent and model-independent mode through the introduction of expert experience and knowledge, so that the capability of extracting causality of the model is greatly improved. Meanwhile, uncertainty faced by an attacker and required attack cost are increased, probability of being attacked is reduced, and robustness of risk identification is improved.

In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.

Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present invention, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise.

Claims (2)

1. A robust risk identification method based on gaming analysis, the method comprising:

obtaining cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience;

constructing a cost benefit matrix based on attributes according to the cost benefit information;

obtaining a mixing strategy balancing probability based on the cost benefit matrix, and determining a Bernoulli random variable by utilizing the mixing strategy balancing probability and the Bernoulli distribution;

sampling the Bernoulli random variable by using a preset algorithm to process the original data to obtain processed data, and training the risk identification model by using the processed data to obtain a robust risk identification model;

the cost benefit information comprises cost required by the attack, benefit when the model is trained by using the attribute, benefit when the model is attacked and not trained by using the attribute, benefit when the model is not attacked and not trained by using the attribute and benefit when the model is not attacked and not trained by using the attribute;

obtaining a mixing strategy equalization probability according to the cost benefit matrix, wherein the mixing strategy equalization probability comprises the following steps:

determining a use probability expression and an unused probability expression of the attribute;

constructing an equilibrium equation according to the used probability expression and the unused probability expression;

solving the equilibrium equation to obtain a mixed strategy equilibrium probability, and determining the use probability of the attribute according to the mixed strategy equilibrium probability;

sampling the Bernoulli random variable by using a preset algorithm to process the original data to obtain processed data, wherein the method comprises the following steps:

independently and uniformly sampling the Bernoulli random variable through a Monte Carlo algorithm to obtain a sampling value of the Bernoulli random variable;

carrying out data processing on the original data by utilizing the sampling value to obtain processed data;

after obtaining the processed data, the method further comprises:

presetting model optimization stop conditions;

performing model training optimization by using the processed data, judging whether the optimized model meets the model optimization stopping condition, if not, continuing to sample the data and processing the data for training; if yes, judging whether the expert experience is updated.

2. A robust risk identification device based on gaming analysis, comprising:

the cost benefit information acquisition module is used for acquiring cost benefit information of the attribute of the risk identification model relative to the original data based on expert experience;

the cost benefit matrix construction module is used for constructing a cost benefit matrix based on the attribute according to the cost benefit information;

the probability calculation variable determining module is used for obtaining a mixed strategy balancing probability based on the cost benefit matrix and determining a Bernoulli random variable by utilizing the mixed strategy balancing probability and the Bernoulli distribution;

the data optimization model training module is used for sampling the Bernoulli random variables by using a preset algorithm to process the original data to obtain processed data, and training the risk recognition model by using the processed data to obtain a robust risk recognition model;

the cost benefit information comprises cost required by the attack, benefit when the model is trained by using the attribute, benefit when the model is attacked and not trained by using the attribute, benefit when the model is not attacked and not trained by using the attribute and benefit when the model is not attacked and not trained by using the attribute;

the probability calculation variable determining module is further configured to:

determining a use probability expression and an unused probability expression of the attribute;

constructing an equilibrium equation according to the used probability expression and the unused probability expression;

solving the equilibrium equation to obtain a mixed strategy equilibrium probability, and determining the use probability of the attribute according to the mixed strategy equilibrium probability;

the data optimization model training module is further used for:

independently and uniformly sampling the Bernoulli random variable through a Monte Carlo algorithm to obtain a sampling value of the Bernoulli random variable;

carrying out data processing on the original data by utilizing the sampling value to obtain processed data;

after the data optimization model training module, further comprising: the data updating judging module is used for:

presetting model optimization stop conditions;

performing model training optimization by using the processed data, judging whether the optimized model meets the model optimization stopping condition, if not, continuing to sample the data and processing the data for training; if yes, judging whether the expert experience is updated.