CN109873836A - A kind of methods of risk assessment and device of data - Google Patents
A kind of methods of risk assessment and device of data Download PDFInfo
- Publication number
- CN109873836A CN109873836A CN201910251249.2A CN201910251249A CN109873836A CN 109873836 A CN109873836 A CN 109873836A CN 201910251249 A CN201910251249 A CN 201910251249A CN 109873836 A CN109873836 A CN 109873836A
- Authority
- CN
- China
- Prior art keywords
- risk
- user behavior
- behavior data
- data
- indexes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012502 risk assessment Methods 0.000 title claims abstract description 75
- 238000000034 method Methods 0.000 title claims abstract description 36
- 230000006399 behavior Effects 0.000 claims description 142
- 238000012545 processing Methods 0.000 claims description 16
- 238000003860 storage Methods 0.000 claims description 2
- 238000013480 data collection Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 19
- 238000004590 computer program Methods 0.000 description 10
- 238000012986 modification Methods 0.000 description 10
- 230000004048 modification Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 10
- 230000006870 function Effects 0.000 description 9
- 238000013500 data storage Methods 0.000 description 4
- 238000013209 evaluation strategy Methods 0.000 description 4
- 238000000605 extraction Methods 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000001680 brushing effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 238000012954 risk control Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000003542 behavioural effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012854 evaluation process Methods 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 239000000843 powder Substances 0.000 description 1
- 238000010223 real-time analysis Methods 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 238000003892 spreading Methods 0.000 description 1
- 210000002268 wool Anatomy 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present embodiments relate to the methods of risk assessment and device of technical field of data security more particularly to a kind of data to reduce operation complexity to reduce data collection capacity.The embodiment of the present invention includes: obtain user behavior data;Corresponding risk assessment strategies are determined according to the user behavior data, include N number of risk indicator in the risk assessment strategies;The M risk indicator that the user behavior data meets rule is selected from N number of risk indicator, wherein a risk indicator is corresponding with a rule, M≤N;According to the M risk indicator, the risk probability of the user behavior data is calculated.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a method and a device for risk assessment of data.
Background
In the rapid development process of the internet, more and more services are provided, the internet is more and more complex, the rights and interests of users and the information value are higher and higher, and the challenge of service security is larger and larger.
In addition to the invasion and attack of the traditional network hacker, the new risks brought by the new business form, such as number stealing in a warehouse, stealing and seeing, the risks of pulling a great amount of wool, brushing amount, brushing popularity, maliciously releasing bad information and the like brought by marketing activities, the risks of pulling powder and maliciously spreading bad information in a social scene and the risks of cheating in a payment scene, all of which can bring great impact on the stable operation of enterprises.
In addition to solving the above problems encountered by the business by using a conventional security scheme, the business needs to be subjected to sufficient risk assessment and timely control. The general method of risk control of the existing business security is to abstract features in data with known risks and then compare the data with unknown risks with the abstract features to see whether the features are available. Feature extraction is generally based on statistical principles such as frequency statistics, maximum statistics, recent statistics, behavioral habits, and the like. This approach typically requires the collection of large amounts of data, the creation of complex models, and extensive computation.
Disclosure of Invention
The application provides a method and a device for risk assessment of data, which are used for reducing data acquisition amount and reducing operation complexity.
The risk assessment method for data provided by the embodiment of the invention comprises the following steps:
acquiring user behavior data;
determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes;
m risk indexes of which the user behavior data meet rules are selected from the N risk indexes, wherein one risk index corresponds to one rule, and M is less than or equal to N;
and calculating the risk probability of the user behavior data according to the M risk indexes.
In an optional embodiment, after the obtaining the user behavior data and before the determining the corresponding risk assessment policy according to the user behavior data, the method further includes:
judging whether the user behavior data is in a black and white list or not;
if yes, directly determining the risk probability of the user behavior data;
otherwise, executing the step of determining the corresponding risk assessment strategy according to the user behavior data.
In an optional embodiment, the extracting M risk indicators that the user behavior data satisfies a rule from the N risk indicators includes:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
In an optional embodiment, the calculating the risk probability of the user behavior data according to the M risk indicators includes:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
In an alternative embodiment, the risk probability of the user behavior data is calculated according to the following formula:
wherein p is the risk probability of the user behavior data; s is the sum of the risk indexes corresponding to the N risk indexes in the risk assessment strategy; hMAnd the risk index corresponding to the Mth risk index of which the user behavior data meets the rule is obtained.
An embodiment of the present invention further provides a risk assessment apparatus for data, including:
the acquiring unit is used for acquiring user behavior data;
the processing unit is used for determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes;
a selecting unit, configured to select M risk indicators that satisfy a rule with the user behavior data from the N risk indicators, where one risk indicator corresponds to one rule, and M is equal to or less than N;
and the calculating unit is used for calculating the risk probability of the user behavior data according to the M risk indexes.
In an optional embodiment, the selecting unit is specifically configured to:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
In an optional embodiment, the computing unit is specifically configured to:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
An embodiment of the present invention further provides an electronic device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method as described above.
Embodiments of the present invention also provide a non-transitory computer-readable storage medium storing computer instructions for causing the computer to perform the method as described above.
In the embodiment of the invention, one risk evaluation strategy comprises N risk indexes, and one risk index corresponds to one rule. And determining a corresponding risk evaluation strategy according to the acquired user behavior data, selecting M risk indexes of which the user behavior data meet the rules from the N risk indexes, and calculating the risk probability of the user behavior data according to the selected M risk indexes. According to the embodiment of the invention, the user behavior data is directly compared with the risk assessment strategy, and feature extraction is not required based on the statistical principle, so that a large amount of data is not required to be collected, complex operation is omitted, the risk assessment process is simplified, and the efficiency is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
FIG. 1 is a diagram illustrating a system architecture suitable for use with the present invention;
fig. 2 is a schematic flow chart of a method for risk assessment of data according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a method for risk assessment of data according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a risk assessment apparatus for data according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, a system architecture to which the embodiment of the present invention is applicable includes a terminal 101, a server 102, a processor 103, and a Druid 104. The terminal 101 may be installed with a client or a browser, where the client is an Application (APP). The server 102 is a server corresponding to the client. The server 102 receives the service data collected by the browser or the client of the user.
The terminal 101 may be an electronic device with a wireless communication function, such as a mobile phone, a tablet computer, or a dedicated handheld device, and may also be a device connected to the internet in a wired access manner, such as a Personal Computer (PC), a notebook computer, or a server. Server 102 may be a computer or other network device. The server 102 may be a stand-alone device or a server cluster formed by a plurality of servers. Preferably, the server 102 may employ cloud computing technology for information processing.
The processor 103 receives the service data sent by the server 102, processes the received service data, and then transmits the processed service data to the drive 104. In addition, the processor 103 also directly receives the existing service data and the offline data of the external system, processes the data and sends the processed data to the Druid 104.
The Druid104 is a distributed data storage system that supports real-time analysis. Compared with the traditional OLAP (Online Analytical Processing) system, the system has remarkable performance improvement on the aspects of data Processing scale and data Processing real-time performance, and embraces mainstream open source ecology including Hadoop and the like. It should be noted that, in the embodiment of the present invention, the data storage system for analyzing and processing data is the droid, the data storage system is not limited to the droid, and other data storage systems capable of performing risk assessment and calculation on data are all suitable for use in the embodiment of the present invention.
The terminal 101, the server 102, the gateway 103, and the drive 104 may communicate with each other via an INTERNET network, or may communicate with each other via a Mobile communication System such as a Global System for Mobile Communications (GSM) System or a Long Term Evolution (LTE) System.
In order to perform risk control on business data, an embodiment of the present invention provides a method for risk assessment of data, and as shown in fig. 2, the method for risk assessment of data provided by the embodiment of the present invention includes the following steps:
step 201, user behavior data is obtained.
Step 202, determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes.
And 203, selecting M risk indexes of which the user behavior data meet rules from the N risk indexes, wherein one risk index corresponds to one rule, and M is less than or equal to N.
And 204, calculating the risk probability of the user behavior data according to the M risk indexes.
In the embodiment of the invention, one risk evaluation strategy comprises N risk indexes, and one risk index corresponds to one rule. And determining a corresponding risk evaluation strategy according to the acquired user behavior data, selecting M risk indexes of which the user behavior data meet the rules from the N risk indexes, and calculating the risk probability of the user behavior data according to the selected M risk indexes. According to the embodiment of the invention, the user behavior data is directly compared with the risk assessment strategy, and feature extraction is not required based on the statistical principle, so that a large amount of data is not required to be collected, complex operation is omitted, the risk assessment process is simplified, and the efficiency is improved.
In the embodiment of the invention, in order to simplify the risk assessment process, a black and white list is preset. After the obtaining of the user behavior data and before the determining of the corresponding risk assessment policy according to the user behavior data, the method further includes:
judging whether the user behavior data is in a black and white list or not;
if yes, directly determining the risk probability of the user behavior data;
otherwise, executing the step of determining the corresponding risk assessment strategy according to the user behavior data.
In a specific implementation process, before risk assessment is performed on user behavior data, whether the user behavior data is located in a black-and-white list is determined. Generally, the user behavior data in the black list can be directly determined as high-risk data, and the user behavior data in the white list can be directly determined as low-risk data. Of course, the user behavior data in the white list may also be determined as high risk data, and the user behavior data in the black list may be determined as low risk data. Or, the risk probability is given to the user behavior data in the black and white list, for example, the risk probability of the user behavior data in the black list is determined to be 90% -99%, and the risk probability of the user behavior data in the white list is determined to be 1% -10%. And the risk condition of the user behavior data can be directly evaluated by judging whether the user behavior data is in a black and white list, so that the risk evaluation process is simplified.
In the embodiment of the present invention, the user behavior data may specifically be login data, registration data, transaction data, and the like of the user.
According to the embodiment of the invention, different risk assessment strategies are formulated according to different types of user behavior data, and each risk assessment strategy comprises N risk indexes. For example, three risk indicators are formulated for user login data, which are login times in a first unit time, password input error times in a second unit time, and last login time, and constitute a risk assessment policy corresponding to the user login data.
Further, each risk indicator corresponds to a rule. For example, in the risk assessment policy for user login data, the rule corresponding to the risk indicator "login number in first unit time" is "login number in 5 minutes is greater than 10". It should be noted that, in different scenarios, one risk indicator may change its corresponding rule. For example, for a public account, the risk indicator "login times in a first unit time" corresponds to a rule of "login times in 5 minutes is greater than 20 times"; for the private account, the rule corresponding to the risk indicator "the number of logins in the first unit time" is "the number of logins in 10 minutes is greater than 5". For another example, in the daytime, the rule corresponding to the risk indicator "the login frequency in the first unit time" is "the login frequency in 5 minutes is greater than 15 times"; at night, the rule corresponding to the risk indicator "the number of logins in the first unit time" is "the number of logins in 5 minutes is greater than 10". In addition, different risk indicators may correspond to the same rule, for example, both the rule of the risk indicator "number of password input errors in second unit time" and the rule of the risk indicator "number of account input errors in fourth unit time" may be "number of input errors in 2 minutes is greater than or equal to 5 times".
Further, in order to facilitate comparing the user behavior data with the risk indicators, in this embodiment of the present invention, the step 203 of selecting M risk indicators, of which the user behavior data meets the rule, from the N risk indicators includes:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
As can be seen from the above description, the risk indicators correspond to rules. In the embodiment of the invention, the rule corresponding to each risk index is determined according to N risk indexes in the risk assessment strategy. And extracting characteristic data corresponding to the risk assessment strategy from the user behavior data. For example, the risk assessment policy includes three risk indicators, which are the last login time, the login times in the first unit time, and the number of login terminals in the same time. And determining a rule corresponding to each risk index, wherein the rule corresponding to the last login time is that the distance from the current time is more than 3 months, the rule corresponding to the login times in the first unit time is that the login times in 5 minutes are more than or equal to 10 times, and the rule corresponding to the number of login terminals in the same time is that the login terminals are more than 3. And determining characteristic data according to the user behavior data, wherein the characteristic data are respectively 'the time of last login is 2 days from the current time', 'login is performed for 12 times in 5 minutes', and 'login is performed for 4 terminals at the same time'. And respectively comparing the characteristic data with the rules of the three risk indexes, determining that the characteristic data of the user's 12 logins in 5 minutes' meets the rule corresponding to the login times in the first unit time, and determining that the characteristic data 'logins 4 terminals in the same time' meets the rule corresponding to the number of the login terminals in the same time, and selecting two risk indexes from the three risk indexes, namely the login times in the first unit time and the number of the login terminals in the same time.
Further, the risk probability of the user behavior data is determined according to the selected M risk indexes. The calculating the risk probability of the user behavior data according to the M risk indicators includes:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
In a specific implementation process, each risk index in the N risk indexes of the risk assessment strategy corresponds to a risk index. And adding the risk indexes of the M risk indexes according to the M risk indexes selected from the N risk indexes to obtain the risk score of the user behavior data. For example, the risk index of the risk assessment policy is 30 for the last login time, 40 for the number of login times in the first unit time, and 30 for the number of login terminals in the same time. Because the risk indexes of the user behavior data meeting the rule are the login times in the first unit time and the number of the login terminals in the same time, adding the risk index of the login times in the first unit time and the risk index of the number of the login terminals in the same time to obtain the risk score of 70 of the user behavior data. In the embodiment of the invention, the risk score is divided into risk grades, for example, 0-35 is divided into low-level risk, 36-65 is divided into medium-level risk, and 66-100 is divided into high-level risk. Since the risk score of the user behavior data obtained by the above calculation is 70 points, the risk level of the user behavior data is a high risk, that is, the risk probability is high.
In addition, the risk probability of the user behavior data can be directly calculated according to a formula, and the risk probability of the user behavior data can be calculated according to the following formula:
wherein p is the risk probability of the user behavior data; s is the sum of the risk indexes corresponding to the N risk indexes in the risk assessment strategy; hMAnd the risk index corresponding to the Mth risk index of the user behavior data meeting the rule.
The above examples are still illustrative. The risk indexes corresponding to the three risk indexes of the risk assessment strategy are respectively 30, 40 and 30, the sum of the risk indexes is 100, namely S is 100. The risk indexes corresponding to the risk indexes of the user behavior data meeting the rule are respectively 40 and 30, namely H1Is 40, H230, the risk probability of the user behavior data
In order to more clearly understand the present invention, the above flow is described in detail below with specific embodiments, and the embodiments of the present invention provide a method for risk assessment of data, the flow of the method is shown in fig. 3, and may include the following steps:
step 301: and receiving a risk assessment request, wherein the risk assessment request comprises user behavior data to be assessed.
Step 302: judging whether the user behavior data is in a black and white list, if so, executing a step 303; otherwise, step 304 is performed.
Step 303: and directly determining the risk probability of the user behavior data, determining that the user behavior data is unsafe data if the user behavior data is in a blacklist, and determining that the user behavior data is safe data if the user behavior data is in a whitelist.
Step 304: and determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes.
Step 305: rules for each risk indicator are determined.
Step 306: and extracting characteristic data corresponding to the risk assessment strategy from the user behavior data.
Step 307: and selecting M risk indexes with characteristic data meeting the rules from the N risk indexes, and determining the risk index corresponding to each risk index in the M risk indexes.
Step 308: and adding the risk indexes of the selected risk indexes to obtain the risk score of the user behavior data.
Step 309: and determining the risk level of the user behavior data according to the risk score.
Based on the same technical concept, an embodiment of the present invention further provides a risk assessment apparatus for data, as shown in fig. 4, including:
an obtaining unit 401, configured to obtain user behavior data;
a processing unit 402, configured to determine a corresponding risk assessment policy according to the user behavior data, where the risk assessment policy includes N risk indicators;
a selecting unit 403, configured to select M risk indicators that satisfy the rules with the user behavior data from the N risk indicators, where one risk indicator corresponds to one rule, and M is equal to or smaller than N;
a calculating unit 404, configured to calculate a risk probability of the user behavior data according to the M risk indicators.
Further, the processing unit 402 is further configured to:
judging whether the user behavior data is in a black and white list or not;
if yes, directly determining the risk probability of the user behavior data;
otherwise, executing the step of determining the corresponding risk assessment strategy according to the user behavior data.
Further, the selecting unit 403 is specifically configured to:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
Further, the calculating unit 404 is specifically configured to:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
Further, the calculating unit 404 is specifically configured to calculate the risk probability of the user behavior data according to the following formula:
wherein p is the risk probability of the user behavior data; s is the sum of the risk indexes corresponding to the N risk indexes in the risk assessment strategy; hMAnd the risk index corresponding to the Mth risk index of which the user behavior data meets the rule is obtained.
Based on the same principle, the present invention also provides an electronic device, as shown in fig. 5, including:
the system comprises a processor 501, a memory 502, a transceiver 503 and a bus interface 504, wherein the processor 501, the memory 502 and the transceiver 503 are connected through the bus interface 504;
the processor 501 is configured to read the program in the memory 502, and execute the following method:
acquiring user behavior data;
determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes;
m risk indexes of which the user behavior data meet rules are selected from the N risk indexes, wherein one risk index corresponds to one rule, and M is less than or equal to N;
and calculating the risk probability of the user behavior data according to the M risk indexes.
Further, the processor 501 is specifically configured to:
judging whether the user behavior data is in a black and white list or not;
if yes, directly determining the risk probability of the user behavior data;
otherwise, executing the step of determining the corresponding risk assessment strategy according to the user behavior data.
Further, the processor 501 is specifically configured to:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
Further, the processor 501 is specifically configured to:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
Further, the processor 501 is specifically configured to calculate the risk probability of the user behavior data according to the following formula:
wherein p is the risk probability of the user behavior data; s is the sum of the risk indexes corresponding to the N risk indexes in the risk assessment strategy; hMAnd the risk index corresponding to the Mth risk index of which the user behavior data meets the rule is obtained.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A method for risk assessment of data, comprising:
acquiring user behavior data;
determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes;
m risk indexes of which the user behavior data meet rules are selected from the N risk indexes, wherein one risk index corresponds to one rule, and M is less than or equal to N;
and calculating the risk probability of the user behavior data according to the M risk indexes.
2. The method of claim 1, wherein after obtaining the user behavior data and before determining the corresponding risk assessment policy based on the user behavior data, further comprising:
judging whether the user behavior data is in a black and white list or not;
if yes, directly determining the risk probability of the user behavior data;
otherwise, executing the step of determining the corresponding risk assessment strategy according to the user behavior data.
3. The method of claim 1, wherein said extracting M risk indicators from said N risk indicators that said user behavior data satisfies a rule comprises:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
4. The method of claim 1, wherein said calculating a risk probability for said user behavior data based on said M risk indicators comprises:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
5. The method of claim 1, wherein the risk probability of the user behavior data is calculated according to the following formula:
wherein p is the risk probability of the user behavior data; s is the sum of the risk indexes corresponding to the N risk indexes in the risk assessment strategy; hMAnd the risk index corresponding to the Mth risk index of which the user behavior data meets the rule is obtained.
6. A risk assessment device for data, comprising:
the acquiring unit is used for acquiring user behavior data;
the processing unit is used for determining a corresponding risk assessment strategy according to the user behavior data, wherein the risk assessment strategy comprises N risk indexes;
a selecting unit, configured to select M risk indicators that satisfy a rule with the user behavior data from the N risk indicators, where one risk indicator corresponds to one rule, and M is equal to or less than N;
and the calculating unit is used for calculating the risk probability of the user behavior data according to the M risk indexes.
7. The apparatus of claim 6, wherein the selection unit is specifically configured to:
determining a rule for any one of the N risk indicators;
extracting feature data corresponding to the risk assessment policy from the user behavior data;
and selecting M risk indexes of which the characteristic data meet the rules from the N risk indexes.
8. The apparatus of claim 6, wherein the computing unit is specifically configured to:
for any risk indicator of the M risk indicators, determining a corresponding risk index of the risk indicator;
adding the risk indexes to calculate the risk score of the user behavior data;
and determining the risk grade of the user behavior data according to the risk score, and taking the risk grade as the risk probability of the user behavior data.
9. An electronic device, comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-5.
10. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910251249.2A CN109873836A (en) | 2019-03-29 | 2019-03-29 | A kind of methods of risk assessment and device of data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910251249.2A CN109873836A (en) | 2019-03-29 | 2019-03-29 | A kind of methods of risk assessment and device of data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109873836A true CN109873836A (en) | 2019-06-11 |
Family
ID=66921708
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910251249.2A Pending CN109873836A (en) | 2019-03-29 | 2019-03-29 | A kind of methods of risk assessment and device of data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109873836A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111080873A (en) * | 2019-12-31 | 2020-04-28 | 中国银行股份有限公司 | Key characteristic-based bank vault control method and device |
| CN114710367A (en) * | 2022-06-01 | 2022-07-05 | 武汉极意网络科技有限公司 | Method and device for determining barrier cost of network flow and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104881783A (en) * | 2015-05-14 | 2015-09-02 | 中国科学院信息工程研究所 | E-bank account fraudulent conduct and risk detecting method and system |
| CN105590055A (en) * | 2014-10-23 | 2016-05-18 | 阿里巴巴集团控股有限公司 | Method and apparatus for identifying trustworthy user behavior in network interaction system |
| CN107067157A (en) * | 2017-03-01 | 2017-08-18 | 北京奇艺世纪科技有限公司 | Business risk appraisal procedure, device and air control system |
| US20180068243A1 (en) * | 2016-09-08 | 2018-03-08 | Secure Systems Innovation Corporation | Method and system for risk measurement and modeling |
| CN109409641A (en) * | 2018-09-03 | 2019-03-01 | 平安科技(深圳)有限公司 | Risk evaluating method, device, computer equipment and storage medium |
| CN109508903A (en) * | 2018-12-14 | 2019-03-22 | 平安国际融资租赁有限公司 | Methods of risk assessment, device, computer equipment and storage medium |
-
2019
- 2019-03-29 CN CN201910251249.2A patent/CN109873836A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105590055A (en) * | 2014-10-23 | 2016-05-18 | 阿里巴巴集团控股有限公司 | Method and apparatus for identifying trustworthy user behavior in network interaction system |
| CN104881783A (en) * | 2015-05-14 | 2015-09-02 | 中国科学院信息工程研究所 | E-bank account fraudulent conduct and risk detecting method and system |
| US20180068243A1 (en) * | 2016-09-08 | 2018-03-08 | Secure Systems Innovation Corporation | Method and system for risk measurement and modeling |
| CN107067157A (en) * | 2017-03-01 | 2017-08-18 | 北京奇艺世纪科技有限公司 | Business risk appraisal procedure, device and air control system |
| CN109409641A (en) * | 2018-09-03 | 2019-03-01 | 平安科技(深圳)有限公司 | Risk evaluating method, device, computer equipment and storage medium |
| CN109508903A (en) * | 2018-12-14 | 2019-03-22 | 平安国际融资租赁有限公司 | Methods of risk assessment, device, computer equipment and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111080873A (en) * | 2019-12-31 | 2020-04-28 | 中国银行股份有限公司 | Key characteristic-based bank vault control method and device |
| CN114710367A (en) * | 2022-06-01 | 2022-07-05 | 武汉极意网络科技有限公司 | Method and device for determining barrier cost of network flow and electronic equipment |
| CN114710367B (en) * | 2022-06-01 | 2022-08-02 | 武汉极意网络科技有限公司 | Method and device for determining barrier cost of network flow and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106682906B (en) | A risk identification, business processing method and device | |
| EP3373543B1 (en) | Service processing method and apparatus | |
| CN110442712B (en) | Risk determination method, device, server and document review system | |
| CN110705996B (en) | User behavior identification method, system and device based on feature mask | |
| CN111522724B (en) | Method and device for determining abnormal account number, server and storage medium | |
| CN107809740B (en) | Wi-Fi hotspot deployment optimization method, server and storage medium | |
| CN110457601A (en) | Identification method and device for social account, storage medium and electronic device | |
| CN110166344A (en) | A kind of identity recognition methods, device and relevant device | |
| CN113850669A (en) | User grouping method, apparatus, computer equipment, and computer-readable storage medium | |
| CN110874638B (en) | Behavior analysis-oriented meta-knowledge federation method, device, electronic equipment and system | |
| WO2024054781A1 (en) | Entity profile for access control | |
| HK1224102A1 (en) | Method and device for processing network operation | |
| TWI701932B (en) | Identity authentication method, server and client equipment | |
| CN109873836A (en) | A kind of methods of risk assessment and device of data | |
| CN117093627A (en) | Information mining methods, devices, electronic equipment and storage media | |
| CN114169451A (en) | Behavior data classification processing method, device, equipment and storage medium | |
| CN114328646A (en) | Data detection method and device, computer equipment and storage medium | |
| CN111291259B (en) | Data screening method and device, electronic equipment and storage medium | |
| WO2021155844A1 (en) | Method for making social networking account recommendation and electronic device | |
| CN110009170B (en) | Model scoring correction method and device and server | |
| CN117726167A (en) | User risk assessment method, device, equipment and storage medium | |
| CN112560961B (en) | Target identification method and device based on graph clustering, electronic equipment and storage medium | |
| CN115907765B (en) | Data processing method, device, computer equipment and readable storage medium | |
| CN116886999A (en) | Data processing method, device, electronic equipment and storage medium | |
| CN114938285A (en) | Data security identification method and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190611 |