Search

CN-121997318-A - Information processing method, apparatus, electronic device, storage medium, and program product

CN121997318ACN 121997318 ACN121997318 ACN 121997318ACN-121997318-A

Abstract

The embodiment of the application provides an information processing method, an information processing device, electronic equipment, a storage medium and a program product, wherein bottom data can be classified into three categories, and the fragmentation difference of the bottom is isolated, so that an upper model does not need to care about the specific source of the data, a large amount of adapting codes do not need to be written for each condition, and the method is convenient to maintain and unify. And then, the information loss is converted into the feature of risk assessment by generating derivative information, so that the problem of risk blind areas caused by permission rejection is solved. And then, based on a dynamic weight adjustment mechanism of the real-time state information, the model can distinguish between abnormality and maliciousness, misjudgment caused by model rigidification is reduced, and the experience of legal users is greatly improved while the safety is ensured. Finally, through multi-dimensional information fusion, an attacker needs to perfectly simulate normal equipment in all dimensions at the same time, so that the cost and difficulty of the attack are greatly improved, and a safety break caused by single-feature missing or improper processing is effectively blocked.

Inventors

  • LI JIA
  • GAO SONG
  • JIANG HAIJIAN
  • XU ZHU

Assignees

  • 中国银联股份有限公司

Dates

Publication Date
20260508
Application Date
20251225

Claims (15)

  1. 1. An information processing method, characterized by comprising: Acquiring meta information of target equipment, wherein the meta information comprises basic information, environment information and risk information; processing the meta-information to generate at least one type of derivative information, wherein the derivative information is used for representing an abnormal behavior mode implicit in the meta-information; according to the state information of the target equipment, adjusting weight coefficients corresponding to at least one type of derivative information; And weighting the meta information and the derivative information based on the adjusted weight coefficient to obtain risk characteristics of the target equipment, wherein the risk characteristics are used for representing the risk probability of the target equipment.
  2. 2. The method of claim 1, wherein the derived information comprises at least one of: The non-collected information is used for representing information which is not collected due to permission rejection but the missing behavior itself contains risks; The abnormal change information is used for representing information which is supposed to be kept fixed but is subjected to abnormal change; abnormal rest information, which is used to characterize information that should change over time but remain continuously stationary.
  3. 3. The method of claim 2, wherein said processing said meta-information generates at least one type of derived information comprising at least one of: determining at least one key information acquisition authority based on the meta information, and generating the non-acquired information according to an authorization response result of the key information acquisition authority; Comparing the current value of the selected stable item with a dynamic baseline based on the selected stable item in the meta-information, and determining abnormal change information generated by abnormal change of information; And determining abnormal static information generated due to abnormal static information according to the state of the selected dynamic item in a period of time meeting the context condition.
  4. 4. The method according to claim 1, wherein the adjusting the weight coefficient corresponding to the derived information of at least one type according to the state information of the target device includes: And inputting the state information of the target equipment into a regression algorithm, wherein the regression algorithm is used for adjusting at least one type of weight coefficient corresponding to the derivative information according to the state information of the target equipment and outputting the adjusted weight coefficient.
  5. 5. The method of claim 4, wherein the regression algorithm comprises a Cox regression algorithm.
  6. 6. The method of claim 1, wherein weighting the meta-information and the derived information based on the adjusted weight coefficients yields risk characteristics of the target device, comprising: carrying out quantization processing on the meta information and the derivative information to obtain quantization results of the meta information and the derivative information; And carrying out weighting processing based on the adjusted weight coefficient and the quantization results of the meta-information and the derivative information to obtain the risk characteristics of the target equipment.
  7. 7. The method of claim 6, wherein the weighting based on the adjusted weight coefficients and the quantization results of the meta-information and the derived information to obtain risk characteristics of the target device comprises: determining a first weighting value according to the quantization results of the risk information and the derivative information and the corresponding weighting coefficient; Determining a second weighting value according to the quantization results of the meta information and the derivative information and the corresponding weighting coefficient; the risk feature is determined based on the first weighted value and the second weighted value.
  8. 8. The method according to any one of claims 1-7, further comprising: a risk contribution factor marker is output, the risk contribution factor marker being used to indicate one or more specific risk information items that contribute most to the risk feature.
  9. 9. The method according to any one of claims 1-7, further comprising: when the risk characteristics of the target equipment represent that the risk probability of the target equipment is larger than a preset threshold, the risk clue of the target equipment is sent to a background server corresponding to a first application, so that the background server uploads the risk clue to a risk clue sharing platform, wherein the risk clue comprises at least one of an identifier of the target equipment and a risk account identifier associated with the target equipment; The risk clues in the risk clue sharing platform are used for indicating a background server of other applications to perform risk control based on the risk clues.
  10. 10. The method of any of claims 1-7, wherein the number of target devices is a plurality, the method further comprising: clustering the plurality of target devices based on the risk characteristics of the plurality of target devices and the associated clustering elements to identify other risk devices; The clustering element comprises at least one of equipment environment space information, transaction counter-party information, risk score contribution factors and equipment activity time sequence information.
  11. 11. The method of claim 10, wherein the clustering the plurality of target devices to identify other risk devices based on risk characteristics and associated cluster elements of the plurality of target devices comprises: Constructing a feature triplet for representing each target device according to the risk feature, the risk contribution factor and at least one clustering element; Based on the feature triples, community division is carried out on a plurality of target devices by using a community detection algorithm, and an initial community set is obtained; And carrying out iterative optimization on the initial community set based on a preset quality function until preset optimization conditions are met to obtain an optimized community division result, wherein the probability that equipment in the same community is identified as equipment belonging to the same risk community is higher than that of equipment in different communities.
  12. 12. An information processing apparatus, characterized by comprising: The acquisition module is used for acquiring meta information of the target equipment, wherein the meta information comprises basic information, environment information and risk information; the first processing module is used for processing the meta-information and generating at least one type of derivative information, wherein the derivative information is used for representing an abnormal behavior mode implicit in the meta-information; The second processing module is used for adjusting weight coefficients corresponding to at least one type of derived information according to the state information of the target equipment; And the third processing module is used for carrying out weighting processing on the meta-information and the derivative information based on the adjusted weight coefficient to obtain the risk characteristics of the target equipment, wherein the risk characteristics are used for representing the risk probability of the target equipment.
  13. 13. An electronic device is characterized by comprising a memory and a processor; The memory stores computer-executable instructions; The processor executing computer-executable instructions stored in the memory, causing the processor to perform the method of any one of claims 1-11.
  14. 14. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1-11.
  15. 15. A computer program product comprising a computer program which, when executed by a processor, implements the method of any of claims 1-11.

Description

Information processing method, apparatus, electronic device, storage medium, and program product Technical Field The present application relates to the field of information security technologies, and in particular, to an information processing method, an information processing apparatus, an electronic device, a storage medium, and a program product. Background With the popularization of mobile payment, the frequency of operations such as payment, transfer and the like performed by users through smart phones is remarkably increased, and risks existing in the operation process are correspondingly increased. At present, a risk prevention and control mode mainly collects basic information, environment information, risk labels and the like of mobile equipment (mobile terminal) where an APP is located through a single mobile application program (APP for short), judges risk conditions based on the information and includes reference factors for APP comprehensive risk decision. However, the risk prevention and control mode has certain limitations, such as problems of fragmented adaptation, insufficient acquisition rate, excessive wind control and prevention and control loss. Disclosure of Invention The embodiment of the application provides an information processing method, an information processing device, electronic equipment, a storage medium and a program product, which are used for solving the problems of fragmentation adaptation, insufficient acquisition rate, excessive wind control and prevention and control loss. In a first aspect, an embodiment of the present application provides an information processing method, including: Acquiring meta information of target equipment, wherein the meta information comprises basic information, environment information and risk information; processing the meta-information to generate at least one type of derivative information, wherein the derivative information is used for representing an abnormal behavior mode implicit in the meta-information; according to the state information of the target equipment, adjusting weight coefficients corresponding to at least one type of derivative information; And weighting the meta information and the derivative information based on the adjusted weight coefficient to obtain risk characteristics of the target equipment, wherein the risk characteristics are used for representing the risk probability of the target equipment. In one possible embodiment, the derived information includes at least one of: The non-collected information is used for representing information which is not collected due to permission rejection but the missing behavior itself contains risks; The abnormal change information is used for representing information which is supposed to be kept fixed but is subjected to abnormal change; abnormal rest information, which is used to characterize information that should change over time but remain continuously stationary. In a possible implementation manner, the processing the meta-information generates at least one kind of derivative information, including at least one of the following: determining at least one key information acquisition authority based on the meta information, and generating the non-acquired information according to an authorization response result of the key information acquisition authority; Comparing the current value of the selected stable item with a dynamic baseline based on the selected stable item in the meta-information, and determining abnormal change information generated by abnormal change of information; And determining abnormal static information generated due to abnormal static information according to the state of the selected dynamic item in a period of time meeting the context condition. In a possible implementation manner, the adjusting, according to the state information of the target device, a weight coefficient corresponding to at least one type of derived information includes: And inputting the state information of the target equipment into a regression algorithm, wherein the regression algorithm is used for adjusting at least one type of weight coefficient corresponding to the derivative information according to the state information of the target equipment and outputting the adjusted weight coefficient. In one possible embodiment, the regression algorithm comprises a Cox regression algorithm. In a possible implementation manner, weighting the meta information and the derived information based on the adjusted weight coefficient to obtain a risk feature of the target device includes: carrying out quantization processing on the meta information and the derivative information to obtain quantization results of the meta information and the derivative information; And carrying out weighting processing based on the adjusted weight coefficient and the quantization results of the meta-information and the derivative information to obtain the risk characteristics of the target equipment. In a possi