Search

CN-122022486-A - Risk data control method, system and server

CN122022486ACN 122022486 ACN122022486 ACN 122022486ACN-122022486-A

Abstract

The invention provides a risk data control method, a risk data control system and a risk data control server, which relate to the field of information security processing, wherein the method is used for carrying out global acquisition on user behavior data, carrying out multidimensional image construction and behavior baseline modeling on the user behavior data, realizing comprehensive understanding and real-time monitoring on user behaviors and improving behavior monitoring coverage; in addition, the method greatly improves the accuracy rate and response speed of wind control detection through the multi-layer detection logic constructed by risk scoring and auditing, comprehensively improves the risk prevention and control capability, the operation efficiency, the user experience and the service value, and fundamentally solves the problems of poor risk prevention and control capability and low service safety level of enterprises and platforms.

Inventors

  • Ma Chunchuo
  • YU DEMING
  • WANG WEIDONG

Assignees

  • 北京合思汇智信息技术有限公司

Dates

Publication Date
20260512
Application Date
20260203

Claims (10)

  1. 1. A risk data control method, the method comprising: Acquiring behavior data corresponding to a user based on an interaction event of the user, and acquiring portrait data and risk behavior baseline data corresponding to the user; Determining a risk scoring result corresponding to the behavior data through the risk behavior baseline data; acquiring business rule parameters corresponding to the behavior data, and determining a risk level corresponding to the behavior data by utilizing the business rule parameters and the risk scoring result; After auditing the behavior data by utilizing an auditing strategy corresponding to the risk level, determining an auditing decision result corresponding to the behavior data through auditing result data and auditing action data corresponding to the behavior data; and determining a risk behavior management and control result corresponding to the user based on the portrait data and the auditing decision result.
  2. 2. The risk data control method according to claim 1, wherein acquiring behavior data corresponding to a user based on an interaction event of the user includes: acquiring an interaction event corresponding to the user by utilizing a page access event, an element click event, a form operation event and a rolling scaling event corresponding to the user; Acquiring one or more of equipment identification data, network identification data and browser identification data corresponding to the interaction event based on the network front end corresponding to the user, and determining first acquisition data corresponding to the network front end by utilizing the identification data; Acquiring one or more business data of operation data, information data, logistics data and payment data corresponding to the interaction event based on a server corresponding to the user, and determining second acquisition data corresponding to the server by utilizing the business data; determining behavior acquisition data corresponding to the user through the first acquisition data and the second acquisition data, and acquiring a data cleaning strategy, a data desensitizing strategy and a data standardization processing strategy corresponding to the user; And carrying out data processing on the behavior acquisition data sequentially by using the data cleaning strategy, the data desensitizing strategy and the data standardization processing strategy to obtain behavior data corresponding to the user.
  3. 3. The risk data control method according to claim 1, wherein acquiring the portrait data and risk behavior baseline data corresponding to the user includes: acquiring a preset offline data bin corresponding to the user, acquiring one or more offline feature data of population feature data, geographic feature data, consumption feature data, behavior feature data, credit feature data and social feature data corresponding to the user through the offline data bin, and determining offline portrait data corresponding to the user through the offline feature data; Acquiring one or more offline baseline data of a time baseline, a space baseline and a device baseline corresponding to the offline portrait data through the offline data bin; Acquiring one or more real-time characteristic data of login frequency data, transaction amount data and active duration data corresponding to the user in the behavior data by using a preset statistical duration, and determining real-time portrait data corresponding to the user through the real-time characteristic data; acquiring demographic characteristics corresponding to the user through the preset statistical time length, and determining real-time baseline data corresponding to the real-time portrait data by utilizing the demographic characteristics; and determining the portrait data corresponding to the user according to the offline portrait data and the real-time portrait data, and determining the risk behavior baseline data corresponding to the user according to the offline baseline data and the real-time baseline data.
  4. 4. The risk data control method according to claim 1, characterized in that before the step of determining a risk score result corresponding to the behavior data from the portrait data and the risk behavior baseline data, the method further comprises: Determining one or more frequency parameters of registration frequency, operation frequency, login frequency, order ordering frequency and refund frequency corresponding to the behavior data by using the portrait data, and determining a rule detection result corresponding to the behavior data by using the frequency parameters; acquiring data deviation characteristics of the risk behavior baseline data and the behavior data, and determining a statistical detection result corresponding to the behavior data through the data deviation characteristics; acquiring a hidden characteristic detection result corresponding to the behavior data through a machine learning model which is trained in advance; Acquiring an abnormal relation detection result corresponding to the behavior data by using a pre-deployed graph neural network; and determining abnormal result data corresponding to the user based on the rule detection result, the statistical detection result, the hidden characteristic detection result and the abnormal relation detection result, and updating the behavior data by utilizing the abnormal result data.
  5. 5. The risk data control method according to claim 1, wherein the step of determining a risk score result corresponding to the behavior data from the risk behavior baseline data includes: acquiring account risk baseline data corresponding to the risk behavior baseline data, and determining the corresponding account security risk scoring result by using login data, equipment data and comparison results of account data corresponding to the user and the account risk baseline data in the behavior data; Acquiring transaction risk baseline data corresponding to the risk behavior baseline data, and determining a transaction fraud risk scoring result of the user by using transaction amount data, transaction frequency data, commodity type data, receiving information data, payment behavior data, equipment environment data and comparison results of transaction time sequence data and the transaction risk baseline data corresponding to the user in the behavior data; Acquiring marketing risk baseline data corresponding to the risk behavior baseline data, and determining a marketing cheating risk scoring result of the user by using comparison results of discount amount data, activity participation data, popularization behavior data and bill characteristic data corresponding to the user in the behavior data and the marketing risk baseline data; Acquiring credit risk baseline data corresponding to the risk behavior baseline data, and determining a credit breach risk scoring result of the user by using return rate data, return reason data, account period delinquent data and a comparison result of credit history data corresponding to the user in the behavior data and the credit risk baseline data; and determining a risk scoring result corresponding to the behavior data according to the account security risk scoring result, the transaction fraud risk scoring result, the marketing cheating risk scoring result and the credit default risk scoring result.
  6. 6. The risk data control method according to claim 1, wherein the step of obtaining a business rule parameter corresponding to the behavior data and determining a risk level corresponding to the behavior data by using the business rule parameter and the risk scoring result includes: determining a plurality of threshold intervals corresponding to the behavior data based on the risk values corresponding to the risk scoring results; Determining business rule parameters corresponding to the behavior data by using monitoring rules, verification rules, restriction rules, interception rules and blocking rules corresponding to the behavior data; Acquiring a service processing strategy corresponding to the threshold interval through the service rule parameters; and determining the risk level corresponding to the behavior data based on the service processing strategy.
  7. 7. The risk data control method according to claim 1, wherein the step of determining an audit decision result corresponding to the behavior data by audit result data and audit action data corresponding to the behavior data after performing audit processing on the behavior data by using an audit processing policy corresponding to the risk level includes: acquiring a risk value corresponding to the risk scoring result, and judging whether the risk value is larger than a preset risk threshold value or not; If yes, auditing the portrait data and the behavior data by utilizing an auditing processing strategy corresponding to the risk level; if not, auditing the behavior data by utilizing an auditing processing strategy corresponding to the risk level; obtaining an auditing decision result corresponding to the behavior data, and determining auditing result data corresponding to the behavior data by utilizing a risk judging result, a risk type result, a treatment deciding result, a treatment reason result and a risk amount result which are contained in the auditing decision result; and determining auditing action data corresponding to the auditing result data by utilizing the auditing decision result.
  8. 8. The risk data control method of claim 1, wherein determining the risk behavior management result corresponding to the user based on the portrait data and the audit decision result includes: constructing a corresponding relation map of the user through the portrait data and the auditing decision result; Performing association processing on the relationship data corresponding to the equipment mark, the IP address, the receiving address, the payment account and the behavior mode of the user based on the relationship map to obtain a relationship network corresponding to the user; Acquiring group behavior data corresponding to the user by utilizing the relation network, and acquiring risk behavior data corresponding to the user according to the group behavior data; And determining a risk behavior management and control result corresponding to the user according to the risk behavior data.
  9. 9. A risk data control system, the system comprising: The data acquisition module is used for acquiring behavior data corresponding to a user based on an interaction event of the user, and acquiring portrait data and risk behavior baseline data corresponding to the user; the risk score calculation module is used for determining a risk score result corresponding to the behavior data through the risk behavior baseline data; The risk level determining module is used for acquiring the business rule parameters corresponding to the behavior data and determining the risk level corresponding to the behavior data by utilizing the business rule parameters and the risk scoring result; The auditing processing control module is used for determining an auditing decision result corresponding to the behavior data through auditing result data and auditing action data corresponding to the behavior data after auditing the behavior data by utilizing an auditing processing strategy corresponding to the risk level; and the management and control result acquisition module is used for determining a risk behavior management and control result corresponding to the user based on the portrait data and the auditing decision result.
  10. 10. A server comprising a processor and a memory, the memory storing computer executable instructions executable by the processor, the processor executing the computer executable instructions to implement the steps of the risk data control method of any of claims 1 to 8.

Description

Risk data control method, system and server Technical Field The present invention relates to the field of information security processing, and in particular, to a risk data control method, a risk data control system, and a risk data server. Background With rapid development of digital economy, wind control challenges caused by malicious behaviors of users in various fields such as the electronic commerce platform field, the enterprise service field and the financial science and technology field are increasingly serious. In an actual scene, problems such as account security risks (such as account theft and library collision attacks), transaction fraud risks (such as false transactions, cash register, credit card robbery), marketing cheating risks (such as malicious wool, bill swiping, false popularization), credit default risks (such as malicious return of goods and delinquent money) and the like frequently occur, and serious losses are caused to platforms and enterprises. The wind control means in the prior art mainly depend on a rule engine and manual auditing, and have obvious limitations, such as that the rule needs manual maintenance and is difficult to cover complex and changeable attack methods, the rule is easy to be clearly and pertinently bypassed by black production, the manual auditing cost is high, mass transactions are difficult to deal with, the response is lag, and the problem is often found after the loss occurs. In recent years, with the maturation of AI technology (machine learning, deep learning, graphic neural network) and the improvement of service digitization degree (full-link behavior data can be collected and real-time computing capability is enhanced), intelligent air control becomes an industry standard. However, the existing schemes lack multi-focus single-point capability (such as anomaly detection and risk scoring), and lack an end-to-end wind control system which is capable of covering behavior acquisition, image construction, real-time detection, intelligent decision making, partner identification and continuous optimization, and particularly have shortcomings in the aspects of counter evolution, map analysis, man-machine coordination and the like. Disclosure of Invention In addition, the method greatly improves the accuracy and response speed of wind control detection through the multi-layer detection logic constructed by risk scoring and auditing treatment, comprehensively improves the risk prevention and control capability, the operation efficiency, the user experience and the service value, and fundamentally solves the problems of poor risk prevention and control capability and low service safety level of enterprises and platforms. In a first aspect, an embodiment of the present invention provides a risk data control method, including: Acquiring behavior data corresponding to a user based on an interaction event of the user, and acquiring portrait data and risk behavior baseline data corresponding to the user; determining a risk scoring result corresponding to the behavior data through the risk behavior baseline data; Acquiring business rule parameters corresponding to the behavior data, and determining a risk level corresponding to the behavior data by utilizing the business rule parameters and a risk scoring result; after auditing the behavior data by using an auditing strategy corresponding to the risk level, determining an auditing decision result corresponding to the behavior data by auditing result data corresponding to the behavior data and auditing action data; And determining a risk behavior management and control result corresponding to the user based on the portrait data and the auditing decision result. Optionally, acquiring behavior data corresponding to the user based on the interaction event of the user includes: acquiring interaction events corresponding to the user by using page access events, element click events, form operation events and rolling scaling events corresponding to the user; Acquiring one or more of equipment identification data, network identification data and browser identification data corresponding to the interaction event based on the network front end corresponding to the user, and determining first acquisition data corresponding to the network front end by utilizing the identification data; acquiring one or more business data in operation data, information data, logistics data and payment data corresponding to the interaction event based on a server corresponding to the user, and determining second acquisition data corresponding to the server by utilizing the business data; determining behavior acquisition data corresponding to a user through the first acquisition data and the second acquisition data, and acquiring a data cleaning strategy, a data desensitizing strategy and a data standardization processing strategy corresponding to the user; and carrying out data processing on the behavior acquisition data sequentially by utilizing