WO2017028738A1 - Region-based risk control method and device - Google Patents

Region-based risk control method and device Download PDF

Info

Publication number
WO2017028738A1
WO2017028738A1 PCT/CN2016/094664 CN2016094664W WO2017028738A1 WO 2017028738 A1 WO2017028738 A1 WO 2017028738A1 CN 2016094664 W CN2016094664 W CN 2016094664W WO 2017028738 A1 WO2017028738 A1 WO 2017028738A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
behavior event
area
risk control
transfer rule
Prior art date
Application number
PCT/CN2016/094664
Other languages
French (fr)
Chinese (zh)
Inventor
王维强
郭亮
冯力国
费斌杰
蒋博赟
Original Assignee
阿里巴巴集团控股有限公司
王维强
郭亮
冯力国
费斌杰
蒋博赟
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司, 王维强, 郭亮, 冯力国, 费斌杰, 蒋博赟 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2017028738A1 publication Critical patent/WO2017028738A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling

Definitions

  • the present application relates to the field of Internet information processing technologies, and in particular, to a region-based risk control method and device.
  • the information interaction platform constructed by Internet technology belongs to the virtual space, which is different from the physical space to which the real life belongs. Then, the risk control method for the events occurring in the information interaction platform and the risk control method for the events occurring in the real life. different.
  • risk control is usually carried out in a regionalized manner. Specifically, for a certain area, the area is divided into a plurality of different areas according to the geographical location, and risk control strategies are assigned to different areas obtained by the division, and the risk control strategies are used to control the area. For example, if a region in Area A has a large number of user information leakage events in the Internet information interaction platform, a high-level risk control strategy will be adopted for the region, thus reducing the risk of user information leakage again in the region.
  • the risk control methods used in the existing risk control systems are relatively fixed, and cannot flexibly adapt to the development needs of the Internet information interaction platform, making the implementation of risk control strategies often lagging behind.
  • the occurrence of risk events has led to poor network security of the Internet information exchange platform, that is, the risk control of the Internet information interaction platform.
  • the degree is relatively low.
  • the embodiment of the present application provides a region-based risk control method and device, which is used to solve the problem that the risk control precision of the Internet information interaction platform in the prior art is relatively low.
  • a region-based risk control method that includes:
  • a zone-based risk control device that includes:
  • An acquiring unit configured to acquire a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in the first set time;
  • a determining unit configured to determine an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule; and determine, according to the area transfer rule, that the target user is in the first setting And a second network area to which the first behavior event is transferred from the first network area to a fixed time;
  • the embodiment of the present application obtains a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event whose frequency is higher than a set threshold in the first set time; a mapping relationship between the behavior event and the regional transfer rule, determining an area transfer rule corresponding to the first behavior event; determining, according to the area transfer rule, that the target user performs the first behavior within the set time.
  • the second network area to which the event is transferred by the first network area adjusting the risk control level of the second network area according to the first behavior event and a preset risk control policy.
  • the second network region to which the first behavior event is transferred can be effectively estimated according to the first behavior event generated in the first network region, and the second network can be effectively adjusted in time.
  • the risk control strategy of the network area avoids the risk control strategy lags behind the occurrence of the risk event, realizes the precise control of the risk event, and improves the network security of the Internet information interaction platform.
  • FIG. 1 is a schematic flowchart of a region-based risk control method according to an embodiment of the present application
  • FIG. 2 is a schematic flowchart of determining a mapping relationship between a behavior event and a region transfer rule
  • FIG. 3 is a schematic structural diagram of a region-based risk control device according to an embodiment of the present application.
  • an embodiment of the present application provides a region-based risk control method and device, and acquires a first behavior event generated by a target user in a first network region, where the first behavior event belongs to the first device.
  • a behavior event having a frequency higher than a set threshold is generated in a predetermined time; determining, according to a mapping relationship between the behavior event and the regional transfer rule, an area transfer rule corresponding to the first behavior event; determining, according to the regional transfer rule, Adjusting, by the target user, the first behavior event from the first network area to the second network area within the set time; adjusting the location according to the first behavior event and a preset risk control policy The risk control level of the second network area.
  • Step 101 Acquire a first behavior event generated by the target user in the first network area.
  • the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in a first set time.
  • the first behavior event here may be a subscription behavior event initiated by the target user on the Internet information interaction platform, or a payment behavior event initiated by the target user on the Internet information interaction platform, or the target user may be on the Internet information interaction platform. Initiated network transaction behavior events and so on.
  • S21 Acquire environmental data of a target behavior event generated by the user in the second set time.
  • the environmental data includes real space data and/or virtual space data.
  • the target behavior event that generates the target behavior event for the second set time and the environment data that generates the target behavior event that meets the second set time are selected from the acquired historical data.
  • the environmental data included in each of the at least two groups is aggregated to obtain different network regions.
  • the multi-dimensional space network including the respective grid points is divided into different network regions.
  • the regional transfer rule generated by the target behavior event in the second set time is determined, and the stability of the target behavior event occurring in the regions satisfying the regional transfer rule is determined, and Once the target behavior event is generated in any of these areas that satisfy the regional transfer rule, it is possible to predict in advance that the possibility of occurrence in other areas in the areas satisfying the regional transfer rule is increased, and the risk control strategy for other areas in time is timely. Make adjustments to avoid the risk control strategy lags behind the risk event and effectively improve the accuracy of risk control.
  • the mapping relationship between the different behavior events and the determined regional transfer rule may be separately established in the database according to different behavior events.
  • Step 104 Adjust a risk control level of the second network area according to the first behavior event and a preset risk control policy.
  • the acquiring unit 31 is configured to acquire a first behavior event that is generated by the target user in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in the first set time;
  • an area transfer rule that is generated by the user to generate the target behavior event, where the area transfer rule includes at least two network areas, and the area overlap degree in the at least two network areas is greater than Set a threshold;
  • the determining unit 32 analyzes, according to the environment data, an area transfer rule that the user generates the target behavior event, including:
  • the risk control device provided by the embodiment of the present application is capable of effectively estimating the second network region to which the first behavior event is transferred according to the first behavior event generated in the first network region, based on the region transfer rule corresponding to the behavior event.
  • the risk control strategy of the second network area can be adjusted in time and effectively to avoid the risk control strategy lags behind the occurrence of the risk event, achieve precise control of the risk event, and improve the network security of the Internet information interaction platform.
  • embodiments of the present application can be provided as a method, apparatus (device), or computer program product.
  • the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware.
  • the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Educational Administration (AREA)
  • Game Theory and Decision Science (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed are a region-based risk control method and device, the method comprising: acquiring a first behavior event generated by a target user in a first network region (101); determining a region transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior events and the region transfer rule (102); determining, according to the region transfer rule, that the first behavior event is transferred from the first network region to a second network region by the target user within a set period of time (103); and adjusting a risk control level of the second network region according to the first behavior event and a preset risk control policy (104). Based on the region transfer rule corresponding to the behavior event, transfer of the first behavior event to the second network region can be effectively estimated according to the first behavior event generated in the first network region, thus adjusting the risk control policy of the second network region in a timely and effective way, avoiding the situation where the risk control policy lags behind the occurrence of risk events, realizing precise control over risk events, and improving network security in Internet information interaction.

Description

一种基于区域的风险控制方法和设备Regional based risk control method and device 技术领域Technical field
本申请涉及互联网信息处理技术领域,尤其涉及一种基于区域的风险控制方法和设备。The present application relates to the field of Internet information processing technologies, and in particular, to a region-based risk control method and device.
背景技术Background technique
随着科学技术的发展,互联网技术给人们的生产和生活带来了极大的便利。然而,在现实生活中,人们确定做任何一件事情都存在风险,只是事情不同,所面对的风险大小不同而已,因此在决定做任何一件事情之前,往往会对该做的事情进行风险控制。例如:针对一种新产品,在决定生产该新产品之前,需要对该新产品是否能够带来收益进行风险控制。一般地,产品生产者根据生产其他产品的经验,预估可能出现的风险事件,并对可能出现的风险事件进行风险控制。With the development of science and technology, Internet technology has brought great convenience to people's production and life. However, in real life, people are determined to be risky in doing anything, but things are different and the risks they face are different. Therefore, before deciding to do anything, they often risk the doing. control. For example, for a new product, before deciding to produce the new product, it is necessary to control the risk of whether the new product can bring benefits. In general, product producers estimate the possible risk events based on the experience of producing other products and conduct risk control on possible risk events.
但是,通过互联网技术构建的信息交互平台属于虚拟空间,与现实生活所属的实体空间不同,那么对于信息交互平台中发生的事件进行风险控制的方式与对现实生活中发生的事件进行风险控制的方式不同。However, the information interaction platform constructed by Internet technology belongs to the virtual space, which is different from the physical space to which the real life belongs. Then, the risk control method for the events occurring in the information interaction platform and the risk control method for the events occurring in the real life. different.
在现有的风险控制系统中,通常采用区域化方式进行风险控制。具体地,针对某一个地区,按照地理位置将该地区划分成为多个不同区域,为划分得到的不同区域指定风险控制策略,并利用这些风险控制策略对该地区进行风险控制。例如:A地区中的一个区域出现互联网信息交互平台中大量用户信息泄漏事件,那么针对该区域将采取高级别的风险控制策略,这样降低该区域再次出现用户信息泄漏的风险。In existing risk control systems, risk control is usually carried out in a regionalized manner. Specifically, for a certain area, the area is divided into a plurality of different areas according to the geographical location, and risk control strategies are assigned to different areas obtained by the division, and the risk control strategies are used to control the area. For example, if a region in Area A has a large number of user information leakage events in the Internet information interaction platform, a high-level risk control strategy will be adopted for the region, thus reducing the risk of user information leakage again in the region.
然而,由于风险本身存在多变的特性,那么现有的风险控制系统中所采用的风险控制方式相对比较固定,不能够灵活地适应互联网信息交互平台的发展需要,使得风险控制策略的实施往往滞后于风险事件的发生,导致互联网信息交互平台的网络安全性比较差,也就是说,互联网信息交互平台的风险控制精 度比较低。However, due to the variable nature of the risk itself, the risk control methods used in the existing risk control systems are relatively fixed, and cannot flexibly adapt to the development needs of the Internet information interaction platform, making the implementation of risk control strategies often lagging behind. The occurrence of risk events has led to poor network security of the Internet information exchange platform, that is, the risk control of the Internet information interaction platform. The degree is relatively low.
发明内容Summary of the invention
有鉴于此,本申请实施例提供了一种基于区域的风险控制方法和设备,用于解决现有技术中互联网信息交互平台的风险控制精度比较低的问题。In view of this, the embodiment of the present application provides a region-based risk control method and device, which is used to solve the problem that the risk control precision of the Internet information interaction platform in the prior art is relatively low.
一种基于区域的风险控制方法,包括:A region-based risk control method that includes:
获取目标用户在第一网络区域中产生的第一行为事件,其中,所述第一行为事件属于设定时间内产生频率高于设定门限值的行为事件;Obtaining, by the target user, a first behavior event generated in the first network area, where the first behavior event belongs to a behavior event whose generated frequency is higher than a set threshold in a set time;
根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;Determining an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule;
根据所述区域转移规则,确定所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;Determining, according to the area transfer rule, a second network area to which the target user transfers the first behavior event from the first network area within the set time;
根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。And adjusting a risk control level of the second network area according to the first behavior event and a preset risk control policy.
一种基于区域的风险控制设备,包括:A zone-based risk control device that includes:
获取单元,用于获取目标用户在第一网络区域中产生的第一行为事件,其中,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;An acquiring unit, configured to acquire a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in the first set time;
确定单元,用于根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;以及根据所述区域转移规则,确定所述目标用户在所述第一设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;a determining unit, configured to determine an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule; and determine, according to the area transfer rule, that the target user is in the first setting And a second network area to which the first behavior event is transferred from the first network area to a fixed time;
控制单元,用于根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。And a control unit, configured to adjust a risk control level of the second network area according to the first behavior event and a preset risk control policy.
本申请有益效果如下:The beneficial effects of the application are as follows:
本申请实施例获取目标用户在第一网络区域中产生的第一行为事件,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;根据 行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;根据所述区域转移规则,确定所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。这样,基于行为事件对应的区域转移规则,能够根据第一网络区域中产生的第一行为事件,有效地预估到第一行为事件转移至的第二网络区域,并能够及时有效地调整第二网络区域的风险控制策略,避免风险控制策略滞后于风险事件发生的情形,实现对风险事件的精确控制,提升互联网信息交互平台的网络安全性。The embodiment of the present application obtains a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event whose frequency is higher than a set threshold in the first set time; a mapping relationship between the behavior event and the regional transfer rule, determining an area transfer rule corresponding to the first behavior event; determining, according to the area transfer rule, that the target user performs the first behavior within the set time The second network area to which the event is transferred by the first network area; adjusting the risk control level of the second network area according to the first behavior event and a preset risk control policy. In this way, based on the regional transfer rule corresponding to the behavior event, the second network region to which the first behavior event is transferred can be effectively estimated according to the first behavior event generated in the first network region, and the second network can be effectively adjusted in time. The risk control strategy of the network area avoids the risk control strategy lags behind the occurrence of the risk event, realizes the precise control of the risk event, and improves the network security of the Internet information interaction platform.
附图说明DRAWINGS
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the following drawings will be briefly described in the description of the embodiments. It is obvious that the drawings in the following description are only some embodiments of the present application, Those skilled in the art can also obtain other drawings based on these drawings without paying for inventive labor.
图1为本申请实施例提供的一种基于区域的风险控制方法的流程示意图;FIG. 1 is a schematic flowchart of a region-based risk control method according to an embodiment of the present application;
图2为确定行为事件与区域转移规则之间的映射关系的流程示意图;2 is a schematic flowchart of determining a mapping relationship between a behavior event and a region transfer rule;
图3为本申请实施例提供的一种基于区域的风险控制设备的结构示意图。FIG. 3 is a schematic structural diagram of a region-based risk control device according to an embodiment of the present application.
具体实施方式detailed description
为了实现本申请的目的,本申请实施例提供了一种基于区域的风险控制方法和设备,获取目标用户在第一网络区域中产生的第一行为事件,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;根据所述区域转移规则,确定所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。这样,基于 行为事件对应的区域转移规则,能够根据第一网络区域中产生的第一行为事件,有效地预估到第一行为事件转移至的第二网络区域,并能够及时有效地调整第二网络区域的风险控制策略,避免风险控制策略滞后于风险事件发生的情形,实现对风险事件的精确控制,提升互联网信息交互平台的网络安全性。In order to achieve the purpose of the present application, an embodiment of the present application provides a region-based risk control method and device, and acquires a first behavior event generated by a target user in a first network region, where the first behavior event belongs to the first device. A behavior event having a frequency higher than a set threshold is generated in a predetermined time; determining, according to a mapping relationship between the behavior event and the regional transfer rule, an area transfer rule corresponding to the first behavior event; determining, according to the regional transfer rule, Adjusting, by the target user, the first behavior event from the first network area to the second network area within the set time; adjusting the location according to the first behavior event and a preset risk control policy The risk control level of the second network area. In this way, based on The area transfer rule corresponding to the behavior event can effectively predict the second network area to which the first behavior event is transferred according to the first behavior event generated in the first network area, and can adjust the second network area in time and effectively. The risk control strategy avoids the risk control strategy lags behind the occurrence of risk events, achieves precise control of risk events, and improves the network security of the Internet information interaction platform.
下面结合说明书附图对本申请各个实施例作进一步地详细描述。显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本申请保护的范围。The various embodiments of the present application are further described in detail below with reference to the accompanying drawings. It is apparent that the described embodiments are only a part of the embodiments of the present application, and not all of them. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without departing from the inventive scope are the scope of the present application.
图1为本申请实施例提供的一种基于区域的风险控制方法的流程示意图。所述方法可以如下所示。FIG. 1 is a schematic flowchart of a region-based risk control method according to an embodiment of the present application. The method can be as follows.
步骤101:获取目标用户在第一网络区域中产生的第一行为事件。Step 101: Acquire a first behavior event generated by the target user in the first network area.
其中,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件。The first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in a first set time.
在步骤101中,本申请实施例中将第一网络区域作为区域转移的起始目标,从数据库中获取目标用户在第一设定时间内在第一网络区域中产生的至少一种类型的第一行为事件。In step 101, in the embodiment of the present application, the first network area is used as a starting target of the area transfer, and the first type of the at least one type generated by the target user in the first network area in the first set time is obtained from the database. Behavioral events.
这里的第一行为事件可以是目标用户在互联网信息交互平台上发起的订购行为事件,也可以是目标用户在互联网信息交互平台上发起的支付行为事件,还可以是目标用户在互联网信息交互平台上发起的网络交易行为事件等等。The first behavior event here may be a subscription behavior event initiated by the target user on the Internet information interaction platform, or a payment behavior event initiated by the target user on the Internet information interaction platform, or the target user may be on the Internet information interaction platform. Initiated network transaction behavior events and so on.
当获取到目标用户在第一网络区域内产生的至少一种类型的第一行为事件时,确定每一种类型的第一行为事件的产生频率。The frequency of occurrence of each type of first behavioral event is determined when at least one type of first behavioral event generated by the target user within the first network region is obtained.
进一步地,确定每一种类型的第一行为事件的产生频率是否高于设定门限值,将产生频率高于设定门限值的第一行为事件作为触发调整关联网络区域的风险控制等级的依据。Further, determining whether the frequency of occurrence of each type of the first behavior event is higher than a set threshold, and generating a first behavior event having a frequency higher than the set threshold as a risk control level for triggering adjustment of the associated network region Basis.
需要说明的是,本申请实施例中所描述的“第一设定时间”对应的时间长 度与后续描述的“第二设定时间”对应的时间长度可以相同,也可以不同,这里不做限定;这里的“第一”和“第二”没有其他特殊含义,仅仅用于区分不同的设定时间。It should be noted that the “first set time” described in the embodiment of the present application corresponds to a long time. The length of time corresponding to the "second set time" described in the following may be the same or different, and is not limited herein; the "first" and "second" herein have no other special meaning, and are only used to distinguish different ones. set time.
关于设定门限值的大小可以根据实际需要确定,也可以根据实验数据确定,这里对于大小取值不做限定。The size of the threshold value can be determined according to actual needs, or can be determined according to experimental data. Here, the value of the size is not limited.
步骤102:根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则。Step 102: Determine an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule.
在步骤102中,首先,介绍一下行为事件与区域转移规则之间的映射关系的确定方式。In step 102, first, a method for determining the mapping relationship between the behavior event and the regional transfer rule is introduced.
在本申请实施例中,行为事件与区域转移规则之间的映射关系的确定方式可以采用下面描述的方式,也可以采用其他方式,这里对于其他方式不做具体限定。In the embodiment of the present application, the manner of determining the mapping relationship between the behavior event and the area transfer rule may be in the manner described below, or may be other manners, and the other manners are not specifically limited herein.
具体地,如图2所示,为确定行为事件与区域转移规则之间的映射关系的流程示意图。Specifically, as shown in FIG. 2, a schematic flowchart of determining a mapping relationship between a behavior event and a region transfer rule.
S21:获取第二设定时间内用户产生目标行为事件的环境数据。S21: Acquire environmental data of a target behavior event generated by the user in the second set time.
其中,所述环境数据包含现实空间数据和/或虚拟空间数据。The environmental data includes real space data and/or virtual space data.
在S21中,获取第二设定时间内用户产生目标行为事件的环境数据可以理解为提取该用户的历史数据,这一历史数据包含目标行为事件、产生该目标行为事件的环境数据以及产生该目标行为事件的时间。In S21, acquiring environmental data of the target behavior event generated by the user in the second set time may be understood as extracting historical data of the user, the historical data including the target behavior event, the environmental data generating the target behavior event, and generating the target The time of the behavioral event.
在得到该历史数据时,从获取的历史数据中选择出产生该目标行为事件的时间满足第二设定时间的目标行为事件以及产生满足第二设定时间的目标行为事件的环境数据。When the historical data is obtained, the target behavior event that generates the target behavior event for the second set time and the environment data that generates the target behavior event that meets the second set time are selected from the acquired historical data.
本申请实施例中所涉及到的环境数据包含现实空间数据和/或虚拟空间数据,其中,现实空间数据可以是指基于定位服务(英文:Location Based Services;缩写:LBS)获取的用户所使用的终端设备的位置信息;也可以是指用户所使用的终端设备所在的城市信息、区域码等;虚拟空间数据可以是指网络之间的 协议(英文:Internet Protocol;缩写:IP)地址;也可以是指唯一素材识别码(英文:Unique Material Identifier;缩写:UMID);还可以是WiFi地址等等。The environmental data involved in the embodiment of the present application includes real space data and/or virtual space data, where the real space data may refer to a user acquired by a location based service (English: Location Based Services; abbreviation: LBS). Location information of the terminal device; may also refer to the city information, the area code, etc. of the terminal device used by the user; the virtual space data may refer to the network between Protocol (English: Internet Protocol; abbreviation: IP) address; can also refer to the unique material identifier (English: Unique Material Identifier; abbreviation: UMID); can also be a WiFi address and so on.
可选地,在获取环境数据之后,需要对环境数据进行转化,例如:对于现实空间数据,采用数据分析等方式将其现实空间数据按照空间维度转换成为一个网格点,例如:目标行为事件发生的现实空间数据为LBS,那么可以将获取到的LBS转换成为地理位置为XXXXXX的点;对于虚拟空间数据,同样采用数据分析等方式将其虚拟空间数据按照空间维度转换成为一个网格点,例如:目标行为事件发生的虚拟空间数据为IP地址(128.10.2.21),那么可以将获取到的IP地址转换成为128.10.2.0。Optionally, after the environment data is acquired, the environment data needs to be converted. For example, for real-world data, the real-space data is converted into a grid point according to the spatial dimension by using data analysis, for example, the target behavior event occurs. The real-space data is LBS, then the obtained LBS can be converted into a point with a geographic location of XXXXXX; for virtual space data, the virtual space data is also converted into a grid point according to the spatial dimension by means of data analysis, for example, : The virtual space data of the target behavior event is the IP address (128.10.2.21), then the obtained IP address can be converted to 128.10.2.0.
这里需要说明的是,网格点属于多维空间网络,即设定多维空间网络中包含多个维度,每一个维度可以从1到任意,将转化得到的网格点映射在多维空间网络中,即每一网格点在多维空间网络中对应一个唯一的多维空间位置。It should be noted that the grid points belong to a multi-dimensional space network, that is, the multi-dimensional space network is set to contain multiple dimensions, and each dimension can be mapped from 1 to any, and the transformed grid points are mapped in the multi-dimensional space network, that is, Each grid point corresponds to a unique multidimensional spatial location in a multidimensional space network.
S22:根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则。S22: Analyze, according to the environmental data, an area transfer rule that is generated by the user to generate the target behavior event.
其中,所述区域转移规则中包含至少两个网络区域,且所述至少两个网络区域中区域重合度大于设定阈值。The area transfer rule includes at least two network areas, and the area coincidence degree in the at least two network areas is greater than a set threshold.
在S22中,可选地,所述第二设定时间被划分为至少两个时间区间,所述至少两个时间区间内包含的时间点连续。In S22, optionally, the second set time is divided into at least two time intervals, and the time points included in the at least two time intervals are consecutive.
具体地,第一步,按照所述目标行为事件的产生时间,将所述环境数据划分为至少两组,其中,每一组中包含的所述环境数据的产生时间属于一个时间区间。Specifically, in the first step, the environment data is divided into at least two groups according to the generation time of the target behavior event, wherein the generation time of the environment data included in each group belongs to a time interval.
第二步,将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域。In the second step, the environmental data included in each of the at least two groups is aggregated to obtain different network regions.
具体地,将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域,包括:Specifically, the environmental data included in each of the at least two groups is aggregated to obtain different network regions, including:
针对每一组中包含的所述环境数据,执行: For the environmental data contained in each group, perform:
将其中一组中包含的所述环境数据转化为多维空间网络中的网格点,并确定所述多维空间网络中的各个网格点之间的关联关系;其中,所述关联关系基于各个网格点在多维空间网络中的坐标位置关系确定。Converting the environmental data contained in one of the groups into grid points in the multi-dimensional space network, and determining an association relationship between the grid points in the multi-dimensional space network; wherein the association relationship is based on each network The positional relationship of the grid points in the multidimensional space network is determined.
利用所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。The multi-dimensional space network including the respective grid points is divided into different network areas by using the association relationship.
例如:根据图形聚类的算法和所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。For example, according to the algorithm of graph clustering and the association relationship, the multi-dimensional space network including the respective grid points is divided into different network regions.
再例如:根据关联规则和所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。For another example, the multi-dimensional space network including the respective grid points is divided into different network areas according to the association rule and the association relationship.
第三步,从所述至少两组聚合得到的网络区域中选择其中两组。In the third step, two of the network regions obtained by the at least two groups of aggregations are selected.
第四步,分别从选择的每一组聚合得到的网络区域中选择一个网络区域,计算选择的两个网络区域的区域重合度。In the fourth step, a network area is selected from each of the selected network areas, and the area overlap degree of the selected two network areas is calculated.
需要说明的是,这里的区域重合度指的是两个网络区域中所包含的相同的坐标位置点所形成区域占两个网络区域的比例。It should be noted that the area coincidence degree refers to the ratio of the area formed by the same coordinate position points included in the two network areas to the two network areas.
第五步,当计算得到的区域重合度大于设定阈值时,确定选择的两个网络区域之间满足区域转移规则。In the fifth step, when the calculated area coincidence degree is greater than a set threshold, it is determined that the selected two network areas satisfy the area transfer rule.
这里需要说明的是,第三步至第五步可以多次执行,直至确定出所述至少两组聚合得到的网络区域中所有满足区域转移规则的至少两个网络区域。It should be noted that the third step to the fifth step may be performed multiple times until it is determined that at least two network areas satisfying the area transfer rule in the network area obtained by the at least two groups of aggregations are determined.
也就是说,通过计算重合度,确定出目标行为事件在第二设定时间内产生的区域转移规则,并且能够确定目标行为事件在满足区域转移规则的这些区域内发生的稳定性,同时意味着,目标行为事件一旦在满足区域转移规则的这些区域中任意一个区域产生,那么可以预先预计出在满足区域转移规则的这些区域中其他区域产生的可能性增大,及时对其他区域的风险控制策略进行调整,避免风险控制策略滞后于风险事件的情形,有效地提升风险控制的精确度。That is to say, by calculating the coincidence degree, the regional transfer rule generated by the target behavior event in the second set time is determined, and the stability of the target behavior event occurring in the regions satisfying the regional transfer rule is determined, and Once the target behavior event is generated in any of these areas that satisfy the regional transfer rule, it is possible to predict in advance that the possibility of occurrence in other areas in the areas satisfying the regional transfer rule is increased, and the risk control strategy for other areas in time is timely. Make adjustments to avoid the risk control strategy lags behind the risk event and effectively improve the accuracy of risk control.
S23:根据分析得到的区域转移规则,建立目标行为事件与所述区域转移规则之间的映射关系。 S23: Establish a mapping relationship between the target behavior event and the regional transfer rule according to the regional transfer rule obtained by the analysis.
在本申请实施例中,在得到行为事件与区域转移规则之间的映射关系之后,可以在数据库中根据行为事件的不同,分别建立不同行为事件与确定的区域转移规则之间的映射关系。In the embodiment of the present application, after obtaining the mapping relationship between the behavior event and the regional transfer rule, the mapping relationship between the different behavior events and the determined regional transfer rule may be separately established in the database according to different behavior events.
在获取到第一行为事件时,根据建立的目标行为事件与区域转移规则之间的映射关系,得到第一行为事件对应的区域转移规则。When the first behavior event is obtained, according to the mapping relationship between the established target behavior event and the regional transfer rule, the regional transfer rule corresponding to the first behavior event is obtained.
步骤103:根据所述区域转移规则,确定所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域。Step 103: Determine, according to the area transfer rule, a second network area to which the target user transfers the first behavior event from the first network area within the set time.
在步骤103中,在步骤102中,确定第一行为事件的区域转移规则,即得到的区域转移规则中包含除第一网络区域之外的至少一个第二网络区域,那么将包含在区域转移规则中的至少一个第二网络区域作为所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的目标网络区域。In step 103, in step 102, the area transfer rule of the first behavior event is determined, that is, the obtained area transfer rule includes at least one second network area other than the first network area, and then the area transfer rule is included. At least one of the second network areas is a target network area to which the target user transfers the first behavior event from the first network area within the set time.
步骤104:根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。Step 104: Adjust a risk control level of the second network area according to the first behavior event and a preset risk control policy.
在步骤104中,具体地,若所述第一行为事件的风险等级小于设定风险等级,则根据预设的风险控制策略,降低所述第二网络区域的风险控制等级;In step 104, specifically, if the risk level of the first behavior event is less than the set risk level, reducing the risk control level of the second network area according to the preset risk control policy;
若所述第一行为事件的风险等级大于设定风险等级,则根据预设的风险控制策略,提高所述第二网络区域的风险控制等级。If the risk level of the first behavior event is greater than the set risk level, the risk control level of the second network area is increased according to a preset risk control policy.
需要说明的是,所述第一行为事件的风险等级可以通过该第一行为事件发生之后所造成的危害程度确定其的风险等级,一般风险等级可以分为低等级、中等级和高等级。危害程度严重对应的风险等级为高等级;危害程度中等对应的风险等级为中等级;危害程度小或者没有对应的风险等级为低等级。It should be noted that the risk level of the first behavior event may be determined by the degree of harm caused by the occurrence of the first behavior event, and the general risk level may be classified into a low level, a medium level, and a high level. The risk level corresponding to the severity of the hazard is a high level; the medium level of the corresponding hazard level is a medium level; the degree of hazard is small or the corresponding risk level is a low level.
当所述第一行为事件的风险等级小于设定风险等级时,确定所述第一行为事件属于低风险事件;当所述第一行为事件的风险等级大于设定风险等级时,确定所述第一行为事件属于高风险事件。Determining that the first behavior event belongs to a low-risk event when the risk level of the first behavior event is less than a set risk level; determining the first when the risk level of the first behavior event is greater than a set risk level A behavioral event is a high-risk event.
可选地,根据所述第一行为事件和预设的风险控制策略,分别对确定的区域转移规则中包含的所有网络区域进行风险控制调整,例如:若所述第一行为 事件属于低风险事件,则将确定的区域转移规则中包含的所有网络区域的风险控制策略调整为宽松(或者,降低风险控制等级);Optionally, performing risk control adjustment on all network areas included in the determined area transfer rule according to the first behavior event and the preset risk control policy, for example, if the first behavior If the event is a low-risk event, the risk control strategy of all network areas included in the determined area transfer rule is adjusted to be loose (or, reduce the risk control level);
若所述第一行为事件属于低风险事件,则将确定的区域转移规则中包含的所有网络区域的风险控制策略调整为收紧(或者,提高风险控制等级)。If the first behavior event belongs to a low-risk event, the risk control policy of all network areas included in the determined area transfer rule is adjusted to be tightened (or the risk control level is increased).
通过本申请实施例的方案,获取目标用户在第一网络区域中产生的第一行为事件,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;根据所述区域转移规则,确定所述目标用户在所述设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。这样,基于行为事件对应的区域转移规则,能够根据第一网络区域中产生的第一行为事件,有效地预估到第一行为事件转移至的第二网络区域,并能够及时有效地调整第二网络区域的风险控制策略,避免风险控制策略滞后于风险事件发生的情形,实现对风险事件的精确控制,提升互联网信息交互平台的网络安全性。Obtaining, by the solution of the embodiment of the present application, a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event in which the generated frequency is higher than the set threshold in the first set time; Determining, according to the mapping relationship between the behavior event and the regional transfer rule, an area transfer rule corresponding to the first behavior event; determining, according to the area transfer rule, that the target user is to be the first time in the set time The second network area to which the behavior event is transferred by the first network area; and the risk control level of the second network area is adjusted according to the first behavior event and a preset risk control policy. In this way, based on the regional transfer rule corresponding to the behavior event, the second network region to which the first behavior event is transferred can be effectively estimated according to the first behavior event generated in the first network region, and the second network can be effectively adjusted in time. The risk control strategy of the network area avoids the risk control strategy lags behind the occurrence of the risk event, realizes the precise control of the risk event, and improves the network security of the Internet information interaction platform.
图3为本申请实施例提供的一种基于区域的风险控制设备的结构示意图,所述风险控制设备包括:获取单元31、确定单元32和控制单元33,其中:FIG. 3 is a schematic structural diagram of a region-based risk control device according to an embodiment of the present disclosure. The risk control device includes: an obtaining unit 31, a determining unit 32, and a control unit 33, where:
获取单元31,用于获取目标用户在第一网络区域中产生的第一行为事件,其中,所述第一行为事件属于第一设定时间内产生频率高于设定阈值的行为事件;The acquiring unit 31 is configured to acquire a first behavior event that is generated by the target user in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in the first set time;
确定单元32,用于根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;以及根据所述区域转移规则,确定所述目标用户在所述第一设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;a determining unit 32, configured to determine an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule; and determine, according to the area transfer rule, that the target user is in the first And a second network area to which the first behavior event is transferred from the first network area within a set time;
控制单元33,用于根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。 The control unit 33 is configured to adjust a risk control level of the second network area according to the first behavior event and a preset risk control policy.
具体地,所述控制单元33,具体用于若所述第一行为事件属于低风险事件,根据预设的风险控制策略,降低所述第二网络区域的风险控制等级;Specifically, the control unit 33 is specifically configured to: if the first behavior event belongs to a low-risk event, reduce a risk control level of the second network region according to a preset risk control policy;
若所述第一行为事件属于高风险事件,根据预设的风险控制策略,提高所述第二网络区域的风险控制等级。If the first behavior event belongs to a high-risk event, the risk control level of the second network region is increased according to a preset risk control policy.
具体地,所述确定单元32通过以下方式确定行为事件与区域转移规则之间的映射关系:Specifically, the determining unit 32 determines a mapping relationship between the behavior event and the area transfer rule by:
获取第二设定时间内用户产生目标行为事件的环境数据,其中,所述环境数据包含现实空间数据和/或虚拟空间数据;Acquiring environment data of the target behavior event generated by the user in the second set time, wherein the environment data includes real space data and/or virtual space data;
根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,其中,所述区域转移规则中包含至少两个网络区域,且所述至少两个网络区域中区域重合度大于设定阈值;And analyzing, according to the environment data, an area transfer rule that is generated by the user to generate the target behavior event, where the area transfer rule includes at least two network areas, and the area overlap degree in the at least two network areas is greater than Set a threshold;
根据分析得到的所述区域转移规则,建立所述目标行为事件与所述区域转移规则之间的映射关系。And establishing, according to the analyzed regional transfer rule, a mapping relationship between the target behavior event and the regional transfer rule.
可选地,所述第二设定时间被划分为至少两个时间区间,所述至少两个时间区间内包含的时间点连续;Optionally, the second set time is divided into at least two time intervals, and the time points included in the at least two time intervals are consecutive;
所述确定单元32根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,包括:The determining unit 32 analyzes, according to the environment data, an area transfer rule that the user generates the target behavior event, including:
按照所述目标行为事件的产生时间,将所述环境数据划分为至少两组,其中,每一组中包含的所述环境数据的产生时间属于一个时间区间;The environmental data is divided into at least two groups according to the generation time of the target behavior event, wherein the generation time of the environmental data included in each group belongs to a time interval;
将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域;Aggregating the environmental data included in each of the at least two groups to obtain different network regions;
从所述至少两组聚合得到的网络区域中选择其中两组;Selecting two of the network regions obtained by the at least two groups of aggregations;
分别从选择的每一组聚合得到的网络区域中选择一个网络区域,计算选择的两个网络区域的区域重合度;Selecting one network area from each of the selected network areas obtained by the aggregation, and calculating the area coincidence degree of the selected two network areas;
当计算得到的区域重合度大于设定阈值时,确定选择的两个网络区域之间满足区域转移规则。When the calculated area coincidence degree is greater than the set threshold, it is determined that the area transfer rule is satisfied between the selected two network areas.
具体地,所述确定单元32将所述至少两组中每一组包含的所述环境数据 聚合得到不同的网络区域,包括:Specifically, the determining unit 32 includes the environmental data included in each of the at least two groups Aggregation yields different network areas, including:
针对每一组中包含的所述环境数据,执行:For the environmental data contained in each group, perform:
将其中一组中包含的所述环境数据转化为多维空间网络中的网格点,并确定所述多维空间网络中的各个网格点之间的关联关系;Converting the environmental data contained in one of the groups into grid points in the multi-dimensional space network, and determining an association relationship between the grid points in the multi-dimensional space network;
利用所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。The multi-dimensional space network including the respective grid points is divided into different network areas by using the association relationship.
需要说明的是,本申请实施例提供的风险控制设备可以通过软件方式实现,也可以通过硬件方式实现,这里不做限定。It should be noted that the risk control device provided by the embodiment of the present disclosure may be implemented by using a software, or may be implemented by using a hardware, which is not limited herein.
本申请实施例提供的风险控制设备基于行为事件对应的区域转移规则,能够根据第一网络区域中产生的第一行为事件,有效地预估到第一行为事件转移至的第二网络区域,并能够及时有效地调整第二网络区域的风险控制策略,避免风险控制策略滞后于风险事件发生的情形,实现对风险事件的精确控制,提升互联网信息交互平台的网络安全性。The risk control device provided by the embodiment of the present application is capable of effectively estimating the second network region to which the first behavior event is transferred according to the first behavior event generated in the first network region, based on the region transfer rule corresponding to the behavior event. The risk control strategy of the second network area can be adjusted in time and effectively to avoid the risk control strategy lags behind the occurrence of the risk event, achieve precise control of the risk event, and improve the network security of the Internet information interaction platform.
本领域的技术人员应明白,本申请的实施例可提供为方法、装置(设备)、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, apparatus (device), or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本申请是参照根据本申请实施例的方法、装置(设备)和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of a method, apparatus, and computer program product according to embodiments of the present application. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设 备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions can also be stored in a bootable computer or other programmable data processing device. In a computer readable memory that operates in a particular manner, causing instructions stored in the computer readable memory to produce an article of manufacture comprising an instruction device implemented in one or more flows and/or block diagrams of the flowchart The function specified in the box or in multiple boxes.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
尽管已描述了本申请的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本申请范围的所有变更和修改。While the preferred embodiment of the present application has been described, it will be apparent that those skilled in the art can make further changes and modifications to the embodiments. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments and the modifications and
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。 It will be apparent to those skilled in the art that various modifications and changes can be made in the present application without departing from the scope of the application. Thus, it is intended that the present invention cover the modifications and variations of the present invention.

Claims (10)

  1. 一种基于区域的风险控制方法,其特征在于,包括:A region-based risk control method, comprising:
    获取目标用户在第一网络区域中产生的第一行为事件,其中,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;Obtaining, by the target user, a first behavior event generated in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in a first set time;
    根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;Determining an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule;
    根据所述区域转移规则,确定所述目标用户在所述第一设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域;Determining, according to the area transfer rule, the second network area to which the target user transfers the first behavior event from the first network area in the first set time;
    根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。And adjusting a risk control level of the second network area according to the first behavior event and a preset risk control policy.
  2. 如权利要求1所述的风险控制方法,其特征在于,根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级,包括:The risk control method according to claim 1, wherein the risk control level of the second network area is adjusted according to the first behavior event and a preset risk control policy, including:
    若所述第一行为事件的风险等级小于设定风险等级,则根据预设的风险控制策略,降低所述第二网络区域的风险控制等级;If the risk level of the first behavior event is less than the set risk level, reducing the risk control level of the second network area according to the preset risk control policy;
    若所述第一行为事件的风险等级大于设定风险等级,则根据预设的风险控制策略,提高所述第二网络区域的风险控制等级。If the risk level of the first behavior event is greater than the set risk level, the risk control level of the second network area is increased according to a preset risk control policy.
  3. 如权利要求1或2所述的风险控制方法,其特征在于,通过以下方式确定行为事件与区域转移规则之间的映射关系:The risk control method according to claim 1 or 2, wherein the mapping relationship between the behavior event and the area transfer rule is determined by:
    获取第二设定时间内用户产生目标行为事件的环境数据,其中,所述环境数据包含现实空间数据和/或虚拟空间数据;Acquiring environment data of the target behavior event generated by the user in the second set time, wherein the environment data includes real space data and/or virtual space data;
    根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,其中,所述区域转移规则中包含至少两个网络区域,且所述至少两个网络区域中区域重合度大于设定阈值;And analyzing, according to the environment data, an area transfer rule that is generated by the user to generate the target behavior event, where the area transfer rule includes at least two network areas, and the area overlap degree in the at least two network areas is greater than Set a threshold;
    根据分析得到的所述区域转移规则,建立所述目标行为事件与所述区域转移规则之间的映射关系。And establishing, according to the analyzed regional transfer rule, a mapping relationship between the target behavior event and the regional transfer rule.
  4. 如权利要求3所述的风险控制方法,其特征在于,所述第二设定时间 被划分为至少两个时间区间,所述至少两个时间区间内包含的时间点连续;The risk control method according to claim 3, wherein said second set time Divided into at least two time intervals, the time points included in the at least two time intervals being continuous;
    根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,包括:And analyzing, according to the environmental data, an area transfer rule that is generated by the user to generate the target behavior event, including:
    按照所述目标行为事件的产生时间,将所述环境数据划分为至少两组,其中,每一组中包含的所述环境数据的产生时间属于一个时间区间;The environmental data is divided into at least two groups according to the generation time of the target behavior event, wherein the generation time of the environmental data included in each group belongs to a time interval;
    将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域;Aggregating the environmental data included in each of the at least two groups to obtain different network regions;
    从所述至少两组聚合得到的网络区域中选择其中两组;Selecting two of the network regions obtained by the at least two groups of aggregations;
    分别从选择的每一组聚合得到的网络区域中选择一个网络区域,计算选择的两个网络区域的区域重合度;Selecting one network area from each of the selected network areas obtained by the aggregation, and calculating the area coincidence degree of the selected two network areas;
    当计算得到的区域重合度大于设定阈值时,确定选择的两个网络区域之间满足区域转移规则。When the calculated area coincidence degree is greater than the set threshold, it is determined that the area transfer rule is satisfied between the selected two network areas.
  5. 如权利要求4所述的风险控制方法,其特征在于,将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域,包括:The risk control method according to claim 4, wherein the environmental data included in each of the at least two groups is aggregated to obtain different network regions, including:
    针对每一组中包含的所述环境数据,执行:For the environmental data contained in each group, perform:
    将其中一组中包含的所述环境数据转化为多维空间网络中的网格点,并确定所述多维空间网络中的各个网格点之间的关联关系;Converting the environmental data contained in one of the groups into grid points in the multi-dimensional space network, and determining an association relationship between the grid points in the multi-dimensional space network;
    利用所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。The multi-dimensional space network including the respective grid points is divided into different network areas by using the association relationship.
  6. 一种基于区域的风险控制设备,其特征在于,包括:A region-based risk control device, comprising:
    获取单元,用于获取目标用户在第一网络区域中产生的第一行为事件,其中,所述第一行为事件属于第一设定时间内产生频率高于设定门限值的行为事件;An acquiring unit, configured to acquire a first behavior event generated by the target user in the first network area, where the first behavior event belongs to a behavior event that generates a frequency higher than a set threshold in the first set time;
    确定单元,用于根据行为事件与区域转移规则之间的映射关系,确定所述第一行为事件对应的区域转移规则;以及根据所述区域转移规则,确定所述目标用户在所述第一设定时间内将所述第一行为事件由所述第一网络区域转移至的第二网络区域; a determining unit, configured to determine an area transfer rule corresponding to the first behavior event according to a mapping relationship between the behavior event and the area transfer rule; and determine, according to the area transfer rule, that the target user is in the first setting And a second network area to which the first behavior event is transferred from the first network area to a fixed time;
    控制单元,用于根据所述第一行为事件和预设的风险控制策略,调整所述第二网络区域的风险控制等级。And a control unit, configured to adjust a risk control level of the second network area according to the first behavior event and a preset risk control policy.
  7. 如权利要求6所述的风险控制设备,其特征在于,A risk control device according to claim 6 wherein:
    所述控制单元,具体用于若所述第一行为事件的风险等级小于设定风险等级,则根据预设的风险控制策略,降低所述第二网络区域的风险控制等级;The control unit is specifically configured to: if the risk level of the first behavior event is less than a set risk level, reduce a risk control level of the second network area according to a preset risk control policy;
    若所述第一行为事件属于高风险事件的风险等级大于设定风险等级,则根据预设的风险控制策略,提高所述第二网络区域的风险控制等级。If the risk behavior level of the first behavior event belongs to the high risk event is greater than the set risk level, the risk control level of the second network area is increased according to the preset risk control policy.
  8. 如权利要求6或7所述的风险控制设备,其特征在于,所述确定单元通过以下方式确定行为事件与区域转移规则之间的映射关系:The risk control device according to claim 6 or 7, wherein the determining unit determines a mapping relationship between the behavior event and the area transfer rule by:
    获取第二设定时间内用户产生目标行为事件的环境数据,其中,所述环境数据包含现实空间数据和/或虚拟空间数据;Acquiring environment data of the target behavior event generated by the user in the second set time, wherein the environment data includes real space data and/or virtual space data;
    根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,其中,所述区域转移规则中包含至少两个网络区域,且所述至少两个网络区域中区域重合度大于设定阈值;And analyzing, according to the environment data, an area transfer rule that is generated by the user to generate the target behavior event, where the area transfer rule includes at least two network areas, and the area overlap degree in the at least two network areas is greater than Set a threshold;
    根据分析得到的所述区域转移规则,建立所述目标行为事件与所述区域转移规则之间的映射关系。And establishing, according to the analyzed regional transfer rule, a mapping relationship between the target behavior event and the regional transfer rule.
  9. 如权利要求8所述的风险控制设备,其特征在于,所述第二设定时间被划分为至少两个时间区间,所述至少两个时间区间内包含的时间点连续;The risk control device according to claim 8, wherein the second set time is divided into at least two time intervals, and the time points included in the at least two time intervals are continuous;
    所述确定单元根据所述环境数据,分析得到所述用户产生所述目标行为事件的区域转移规则,包括:The determining unit analyzes, according to the environmental data, an area transfer rule that the user generates the target behavior event, including:
    按照所述目标行为事件的产生时间,将所述环境数据划分为至少两组,其中,每一组中包含的所述环境数据的产生时间属于一个时间区间;The environmental data is divided into at least two groups according to the generation time of the target behavior event, wherein the generation time of the environmental data included in each group belongs to a time interval;
    将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域;Aggregating the environmental data included in each of the at least two groups to obtain different network regions;
    从所述至少两组聚合得到的网络区域中选择其中两组;Selecting two of the network regions obtained by the at least two groups of aggregations;
    分别从选择的每一组聚合得到的网络区域中选择一个网络区域,计算选择的两个网络区域的区域重合度; Selecting one network area from each of the selected network areas obtained by the aggregation, and calculating the area coincidence degree of the selected two network areas;
    当计算得到的区域重合度大于设定阈值时,确定选择的两个网络区域之间满足区域转移规则。When the calculated area coincidence degree is greater than the set threshold, it is determined that the area transfer rule is satisfied between the selected two network areas.
  10. 如权利要求5所述的风险控制设备,其特征在于,所述确定单元将所述至少两组中每一组包含的所述环境数据聚合得到不同的网络区域,包括:The risk control device according to claim 5, wherein the determining unit aggregates the environmental data included in each of the at least two groups to obtain different network regions, including:
    针对每一组中包含的所述环境数据,执行:For the environmental data contained in each group, perform:
    将其中一组中包含的所述环境数据转化为多维空间网络中的网格点,并确定所述多维空间网络中的各个网格点之间的关联关系;Converting the environmental data contained in one of the groups into grid points in the multi-dimensional space network, and determining an association relationship between the grid points in the multi-dimensional space network;
    利用所述关联关系,将包含所述各个网格点的所述多维空间网络划分成不同的网络区域。 The multi-dimensional space network including the respective grid points is divided into different network areas by using the association relationship.
PCT/CN2016/094664 2015-08-20 2016-08-11 Region-based risk control method and device WO2017028738A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510514749.2 2015-08-20
CN201510514749.2A CN106469346B (en) 2015-08-20 2015-08-20 A kind of risk control method and equipment based on region

Publications (1)

Publication Number Publication Date
WO2017028738A1 true WO2017028738A1 (en) 2017-02-23

Family

ID=58050782

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/094664 WO2017028738A1 (en) 2015-08-20 2016-08-11 Region-based risk control method and device

Country Status (2)

Country Link
CN (1) CN106469346B (en)
WO (1) WO2017028738A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110210868A (en) * 2019-05-20 2019-09-06 腾讯科技(深圳)有限公司 The processing method and electronic equipment of numerical value transfer data
CN117455128A (en) * 2023-12-26 2024-01-26 广盛(天津)电力智能科技有限公司 Multi-target data output method based on intelligent energy management system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109948800B (en) * 2019-03-11 2023-07-18 创新先进技术有限公司 Risk control method and system thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070239870A1 (en) * 2006-04-10 2007-10-11 Square D Company Network-enabled electrical power equipment with integrated content management system
US20070244748A1 (en) * 2006-04-17 2007-10-18 Tony Smith Domains template management system
CN102088754A (en) * 2010-12-06 2011-06-08 中国人民解放军信息工程大学 Network access behavior-based access control method and system for wireless local area network
CN104038929A (en) * 2014-05-09 2014-09-10 宇龙计算机通信科技(深圳)有限公司 Network access anomaly identification method and network access anomaly identification device
CN104184819A (en) * 2014-08-29 2014-12-03 城云科技(杭州)有限公司 Multi-hierarchy load balancing cloud resource monitoring method
CN104469848A (en) * 2014-11-06 2015-03-25 中国科学院计算技术研究所 Method for load balancing among heterogeneous access networks

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070239870A1 (en) * 2006-04-10 2007-10-11 Square D Company Network-enabled electrical power equipment with integrated content management system
US20070244748A1 (en) * 2006-04-17 2007-10-18 Tony Smith Domains template management system
CN102088754A (en) * 2010-12-06 2011-06-08 中国人民解放军信息工程大学 Network access behavior-based access control method and system for wireless local area network
CN104038929A (en) * 2014-05-09 2014-09-10 宇龙计算机通信科技(深圳)有限公司 Network access anomaly identification method and network access anomaly identification device
CN104184819A (en) * 2014-08-29 2014-12-03 城云科技(杭州)有限公司 Multi-hierarchy load balancing cloud resource monitoring method
CN104469848A (en) * 2014-11-06 2015-03-25 中国科学院计算技术研究所 Method for load balancing among heterogeneous access networks

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110210868A (en) * 2019-05-20 2019-09-06 腾讯科技(深圳)有限公司 The processing method and electronic equipment of numerical value transfer data
CN110210868B (en) * 2019-05-20 2022-12-30 腾讯科技(深圳)有限公司 Numerical value transfer data processing method and electronic equipment
CN117455128A (en) * 2023-12-26 2024-01-26 广盛(天津)电力智能科技有限公司 Multi-target data output method based on intelligent energy management system
CN117455128B (en) * 2023-12-26 2024-03-22 广盛(天津)电力智能科技有限公司 Multi-target data output method based on intelligent energy management system

Also Published As

Publication number Publication date
CN106469346A (en) 2017-03-01
CN106469346B (en) 2018-10-02

Similar Documents

Publication Publication Date Title
US11023577B2 (en) Anomaly detection for time series data having arbitrary seasonality
MY195917A (en) Blockchain-Based Data Processing Method And Device
CN105243252B (en) A kind of method and device of account risk assessment
CN109561052B (en) Method and device for detecting abnormal flow of website
WO2017028738A1 (en) Region-based risk control method and device
JP2012194967A5 (en)
US9612873B2 (en) Dynamically scalable data collection and analysis for target device
US9330160B2 (en) Software application complexity analysis
CN107483292B (en) Dynamic monitoring method for cloud platform
WO2021120975A1 (en) Monitoring method and apparatus
CN110688442A (en) Electronic map point location aggregation method based on multilayer grid blocks
CN104615658A (en) Method for confirming user identity
CN109802976A (en) Cloud hard disk dynamic dispatching method, device and the electronic system of Open Stack cloud platform
Boustani et al. Seer grid: Privacy and utility implications of two-level load prediction in smart grids
WO2017092255A1 (en) On-line tuning method and system for application
US20200042373A1 (en) Device operation anomaly identification and reporting system
TWI665899B (en) Area-based risk control method and equipment
CN103530190A (en) Load forecasting method and device
US20200036684A1 (en) Cluster-based determination of signatures for detection of anomalous data traffic
CN103795591A (en) Method and device for analyzing zombie community
US20180196653A1 (en) Methods for adaptive placement of applications and devices thereof
US20130275108A1 (en) Performance simulation of services
CN104657476A (en) On-line analytical processing method and system
JP2017509047A (en) Report on technology sector size using patent assets
Sheeba et al. WFCM based big sensor data error detection and correction in wireless sensor network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16836602

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16836602

Country of ref document: EP

Kind code of ref document: A1