CN111199474B - Risk prediction method and device based on network map data of two parties and electronic equipment - Google Patents
Risk prediction method and device based on network map data of two parties and electronic equipment Download PDFInfo
- Publication number
- CN111199474B CN111199474B CN201911290972.8A CN201911290972A CN111199474B CN 111199474 B CN111199474 B CN 111199474B CN 201911290972 A CN201911290972 A CN 201911290972A CN 111199474 B CN111199474 B CN 111199474B
- Authority
- CN
- China
- Prior art keywords
- user
- data
- nodes
- feature data
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000010586 diagram Methods 0.000 claims abstract description 62
- 238000012549 training Methods 0.000 claims abstract description 11
- 238000003860 storage Methods 0.000 claims description 26
- 230000006399 behavior Effects 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 17
- 238000004220 aggregation Methods 0.000 claims description 9
- 230000002776 aggregation Effects 0.000 claims description 9
- 239000000284 extract Substances 0.000 claims description 4
- 238000004422 calculation algorithm Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 7
- 230000003542 behavioural effect Effects 0.000 description 5
- 238000007405 data analysis Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 238000013075 data extraction Methods 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000007796 conventional method Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000005304 joining Methods 0.000 description 2
- 238000005065 mining Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000012954 risk control Methods 0.000 description 2
- 238000013058 risk prediction model Methods 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000002238 attenuated effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013016 damping Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Engineering & Computer Science (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a risk prediction method and device based on network map data of two parties and electronic equipment. The method comprises the following steps: acquiring basic characteristic data and behavior characteristic data of a historical user, and constructing a two-party network relation graph, wherein the two-party network relation graph comprises two types of nodes, namely user nodes and information nodes; extracting global graph characteristic data of the historical user from the network relation graph of the two parties; establishing a fraud prediction model, and training the fraud prediction model; and acquiring basic characteristic data and behavior characteristic data of the target user, adding the target user into the network relation diagram of the two parties to extract global diagram characteristic data of the target user, inputting the fraud prediction model, and calculating a fraud prediction value of the target user to predict risk. The risk prediction method improves the utilization rate of data, improves the precision of a fraud model and improves the service level.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a risk prediction method and apparatus based on network map data of both parties, an electronic device, and a storage medium.
Background
Credit models for applying loans via the internet have been developed. However, applying for loans online brings convenience to people and also increases the risk of fraud and credit to the credit business sector compared to the traditional credit model. If the identification and processing of fraud is not performed well, immeasurable losses are incurred to the internet financial platform.
Recently, the scale of the intranet loan is gradually increased, and the wind control of the network loan is important. It was reported that over 2000 network lending companies in 2017 completed over 2000 billions of borrowings, and that large numbers of borrowings exposed these companies to frequent fraud. To identify these fraud, the network lender has the following problems: sparse credit-related data; high frequency, high order, high speed of lending behavior; iterative updating of fraudulent activity, etc. Therefore, it is critical how to monitor these fraud in real time and feed them back into the business process in time.
In the prior art, a special fraud model is established to score fraud of an application user, but the probability of occurrence of the fraud is low, the data is single, the data volume is insufficient, and particularly, a large amount of missing or incomplete data exists in the data of the relational network graph, so that a fraudster or the fraud can not be accurately and efficiently identified when the existing fraud model is used for model optimization, and the problems of low model precision and the like are caused.
In summary, it is necessary to provide a more accurate risk prediction method.
Disclosure of Invention
In order to solve the above problems, the present invention provides a risk prediction method based on two-party network map data, including: acquiring basic characteristic data and behavior characteristic data of a historical user, and constructing a two-party network relation diagram, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing the user, and the information nodes are nodes which are related with different users; extracting global graph characteristic data of the historical user from the network relation graph of the two parties; establishing a fraud prediction model, and training the fraud prediction model by using global graph feature data and fraud expression data of the historical user; and acquiring basic characteristic data and behavior characteristic data of the target user, adding the target user into the network relation diagram of the two parties to extract global diagram characteristic data of the target user, inputting the fraud prediction model, and calculating a fraud prediction value of the target user to predict risk.
Preferably, the extracting global graph feature data of the historical user from the two-party network relation graph includes: and calculating the association degree of all the user nodes and the information nodes in the network relation graph of the two parties according to the importance of the access degree so as to determine the global graph characteristic data of the historical users.
Preferably, the extracting global graph feature data of the target user includes: and calculating the association degree of all user nodes and information nodes in the network relation diagram of the two parties added into the target user according to the importance of the access degree, so as to determine global diagram feature data with the maximum association degree with the target user.
Preferably, the risk prediction method further comprises: and (3) presetting a threshold value, comparing the calculated association degree with the preset threshold value, and extracting feature data of the user nodes or the information nodes corresponding to the association degree larger than the preset threshold value as feature data of the global feature map.
Preferably, the global graph feature data includes general features, global cluster coefficients and/or connectivity of the whole graph.
Preferably, the user node comprises user personal characteristic data and network characteristic data.
Preferably, the information node includes at least one of APP information, location information, address book information, call record information, device information, and operator information.
Preferably, the prediction method further comprises: setting a risk threshold value, and comparing the calculated risk prediction value of the target user with the risk threshold value to perform risk classification on the target user.
In addition, the invention also provides a risk prediction device, which comprises: the data acquisition module acquires basic characteristic data and behavior characteristic data of a historical user, and constructs a two-party network relation diagram, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing users, and the information nodes are nodes which are related with different users; the data processing module is used for extracting global graph characteristic data of the historical user from the network relation graph of the two parties; the model building module is used for building a fraud prediction model and training the fraud prediction model by using the global graph characteristic data and the fraud expression data of the historical user; and the calculation module is used for acquiring basic characteristic data and behavior characteristic data of the target user, adding the target user into the network relation diagram of the two parties to extract global diagram characteristic data of the target user, inputting the fraud prediction model, and calculating a fraud prediction value of the target user to predict risk.
Preferably, the risk prediction device further includes a first determining module, and the first determining module calculates the association degree of each node for all user nodes and information nodes in the two-party network relationship graph according to the importance of the access degree, so as to determine global graph feature data of the historical user.
Preferably, the risk prediction device further includes a second determining module, and the second determining module calculates the association degree of each node according to the importance of the access degree for all user nodes and information nodes in the network relationship graph of the two parties joining the target user, so as to determine global graph feature data with the maximum association degree with the target user.
Preferably, the risk prediction device further includes a comparison module, where the comparison module is configured to preset a threshold, compare the calculated association degree with the preset threshold, and extract feature data of the user node or the information node corresponding to the association degree greater than the preset threshold as feature data of the global feature map.
Preferably, the global graph feature data includes general features, global cluster coefficients and/or connectivity of the whole graph.
Preferably, the user node comprises user personal characteristic data and network characteristic data.
Preferably, the information node includes at least one of APP information, location information, address book information, call record information, device information, and operator information.
Preferably, the risk prediction device further comprises a setting module, wherein the setting module is used for setting a risk threshold value, and comparing the calculated risk prediction value of the target user with the risk threshold value so as to classify the risk of the target user.
In addition, the invention also provides electronic equipment, wherein the electronic equipment comprises: a processor; and a memory storing computer executable instructions that, when executed, cause the processor to perform the risk prediction method of the present invention.
Furthermore, the present invention provides a computer readable storage medium, wherein the computer readable storage medium stores one or more programs, which when executed by a processor, implement the risk prediction method of the present invention.
Advantageous effects
Compared with the prior art, the risk prediction method is widely applied, is suitable for large-scale data processing and data analysis, and particularly can also be used for performing risk prediction on the user represented by the user node by using mining of group graph features (quadrilateral feature data) under the condition that the feature data of the user node is incomplete or missing, so that the accuracy of risk prediction is improved. In addition, the risk prediction method of the invention predicts risk by using the unmatched features, thereby improving the precision of the fraud model; the utilization rate of the data is improved, and the target data is optimized; the risk of network loan is reduced; the service level is improved.
Drawings
In order to make the technical problems solved by the present invention, the technical means adopted and the technical effects achieved more clear, specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted, however, that the drawings described below are merely illustrative of exemplary embodiments of the present invention and that other embodiments of the present invention may be derived from these drawings by those skilled in the art without undue effort.
Fig. 1 is a flowchart of an example of a risk prediction method based on two-party network map data of the present invention.
Fig. 2 is a partial schematic diagram of a two-party network relationship diagram of embodiment 1 of the present invention.
Fig. 3 is a schematic block diagram of a process of constructing a risk prediction model of embodiment 1 of the present invention.
Fig. 4 is a diagram of an example of graph data extraction in a two-party network relationship graph of the present invention.
Fig. 5 is a flowchart of another example of the risk prediction method based on the two-party network map data of the present invention.
Fig. 6 is a flowchart of still another example of the risk prediction method based on the two-party network map data of the present invention.
Fig. 7 is a block diagram showing the configuration of an example of a risk prediction apparatus according to embodiment 2 of the present invention.
Fig. 8 is a block diagram showing another example of the risk prediction apparatus according to embodiment 2 of the present invention.
Fig. 9 is a block diagram showing the configuration of still another example of the risk prediction apparatus according to embodiment 2 of the present invention.
Fig. 10 is a block diagram of an exemplary embodiment of an electronic device according to the present invention.
Fig. 11 is a block diagram of an exemplary embodiment of a computer readable medium according to the present invention.
Detailed Description
Exemplary embodiments of the present invention will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments can be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art. The same reference numerals in the drawings denote the same or similar elements, components or portions, and thus a repetitive description thereof will be omitted.
The features, structures, characteristics or other details described in a particular embodiment do not exclude that may be combined in one or more other embodiments in a suitable manner, without departing from the technical idea of the invention.
In the description of specific embodiments, features, structures, characteristics, or other details described in the present invention are provided to enable one skilled in the art to fully understand the embodiments. However, it is not excluded that one skilled in the art may practice the present invention without one or more of the specific features, structures, characteristics, or other details.
The flow diagrams depicted in the figures are exemplary only, and do not necessarily include all of the elements and operations/steps, nor must they be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the order of actual execution may be changed according to actual situations.
The block diagrams depicted in the figures are merely functional entities and do not necessarily correspond to physically separate entities. That is, the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various devices, elements, components or portions, this should not be limited by these terms. These words are used to distinguish one from the other. For example, a first device may also be referred to as a second device without departing from the spirit of the invention.
The term "and/or" and/or "includes all combinations of any of the associated listed items and one or more.
Example 1
Next, a risk prediction method based on both-party network map data of the present invention will be described with reference to fig. 1 to 6.
First embodiment
Fig. 1 is a flowchart of an example of a risk prediction method based on two-party network map data according to the present invention. As shown in fig. 1, a risk prediction method based on network map data of both parties includes the following steps.
Step S101, basic characteristic data and behavior characteristic data of a historical user are obtained, and a two-party network relation diagram is constructed, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing users, and the information nodes are nodes which are used for associating different users.
And step S102, extracting global graph characteristic data of the historical user from the network relation graph of the two parties.
And step S103, establishing a fraud prediction model, and training the fraud prediction model by using the global graph characteristic data and the fraud expression data of the historical user.
Step S104, basic feature data and behavior feature data of the target user are obtained, the target user is added into the network relation diagram of the two parties to extract global diagram feature data of the target user, the fraud prediction model is input, and fraud prediction values of the target user are calculated to conduct risk prediction.
Specifically, in step S101, basic feature data and behavior feature data of the history user are acquired, and a two-party network relationship diagram is constructed.
In this embodiment, the basic feature data of the history user includes feature data of gender, age, occupation, and the like. The behavioral characteristic data includes user-associated behavioral data including behavioral characteristic data between persons associated with the user, behavioral characteristic data of a user associated with the device, and the like, and financial behavioral data. The financial behavior data refers to data related to the financial behavior of the user, such as monthly income, annual income, loan information, repayment information, overdue information, etc.
For data acquisition, such as SDK embedding on a user authorization basis, all relevant data that is legal and used for data analysis is acquired. In certain specific scenes, behavior data in the APP can be obtained in a buried point mode. After the data is acquired, a network relationship diagram is constructed, see fig. 2.
In the present invention, the inventor adopts a construction method different from the conventional method, namely, a two-party network, namely, nodes in a network relationship are divided into two types of nodes (user nodes and information nodes), one type of nodes is a node representing users, and the other type of nodes is a node which associates different users, and the two types of nodes are shown in fig. 3. Specifically, for example, using a device id, a wifi address, a GPS range, and the like as nodes, feature data associated with users is collected, and such nodes are referred to as information nodes. In other words, all data of the user is divided into data of the user node and data of the information node. Based on the two types of nodes, a two-party network relation graph is constructed.
Further, the user node and the information node are connected through a connection (or edge), wherein each node may include one or more labels, and each node may further include an attribute, where the attribute may exist in any key value pair, for example, a key is a string, a value is a Java string and primitive data, or an array of these data types. Likewise, a contact may also include characteristics and attributes.
Specifically, the user node includes user personal characteristic data and network characteristic data. The information node includes at least one of APP information, location information, address book information, call record information, device information, and operator information.
In existing data extraction, extraction is typically not performed for nodes that are unlabeled or have few labels. In order to extract and use the feature data of such nodes as described above, the inventors of the present invention propose global graph feature data that is determined based on extracting the data of all the nodes (including the nodes that are not labeled or are less labeled), as follows.
Specifically, in step S102, global graph feature data of the historical user is extracted from the two-party network relationship graph, where the global feature data is a feature that reflects the overall network graph, such as a feature that represents overall connectivity or a general feature.
Further, the global feature data includes general features, global cluster coefficients, and/or connectivity of the reaction ensemble graph.
In the present invention, the clustering coefficient is a coefficient for evaluating the aggregation level of the nodes in the relationship graph, and includes a local clustering coefficient and a global clustering coefficient. Specifically, the local cluster coefficient is a coefficient indicating the degree of aggregation between nodes in the local feature data, and the global cluster coefficient is a coefficient indicating the degree of aggregation of the whole in the entire network relationship graph (i.e., both-side network relationship graph).
In this example, for all user nodes and information nodes in the two-party network relationship graph, the association degree of each node is calculated according to the importance of the access degree, so as to determine the global graph feature data of the historical user.
Preferably, a PageRank algorithm is used to calculate PR values of all user nodes and information nodes (the total number of the nodes is N) in the network relation diagram of the two parties, and after iterative operation, PR values of each node are obtained.
It should be noted that, the PR value refers to the probability that a web page is accessed by other web pages, and in the present invention, the PR value refers to the probability that a user node is associated by other nodes, and represents the association degree of the node. The larger the PR value, the greater the likelihood of fraud for that node.
In addition, the PR value calculation also comprises the presetting of the damping coefficient d, and the PR value can be set manually according to actual needs.
After being calculated by the PageRank algorithm, PR values (representing association degrees) of each node are compared with a preset threshold value, and feature data of user nodes or information nodes corresponding to the association degrees larger than the preset threshold value are extracted as global feature map feature data.
In addition, the weights are adjusted based on the historical fraud performance data to obtain a fraud probability for each non-marking user. For example, over time, the weights of the historical nodes may be attenuated based on the calculated data.
Next, in step S103, a fraud prediction model is built, which is trained using the non-matching feature data and fraud performance data of the historical user.
Specifically, for the creation of the fraud prediction Model, a Model Tree (Model Tree) or the like may be created using CART algorithm or XGB algorithm. In this embodiment, a Model Tree (Model Tree) is created using the XGB algorithm.
The foregoing is merely illustrative, and is not to be construed as limiting the present invention. In other embodiments, other algorithms may be used, or two or more algorithms may be used in combination, etc.
In this embodiment, the fraud prediction model is trained using the global map feature data of the historical user as the feature (X) of the input layer and the fraud performance data of the historical user as the feature (Y) of the output layer (as training data). In this embodiment, the fraud performance data of the historic user is, for example, fraud probability.
In addition, training the fraud model using the training data includes defining good and bad samples. As a specific example, a good or bad sample may be defined using "whether the user has fraud" as a label, i.e. the label value "whether the user has fraud" is specified as 0 or 1, where 1 indicates that the user has fraud and 0 indicates that the user has no fraud.
For each target user, the fraud prediction value (fraud probability in this example) for each target product output by the fraud prediction model is typically a value between 0 and 1. The closer to 1 the target user is more prone to fraud.
Thus, using the fraud prediction model, fraud prediction for the user can be achieved.
Next, in step S104, basic feature data and behavior feature data of the target user are acquired, the target user is added to the two-party network relationship graph to extract global graph feature data of the target user, the fraud prediction model is input, and a fraud prediction value of the target user is calculated to perform risk prediction.
Note that the specific meaning of the global map feature data of the target user and the history user is identical, and thus a specific description of the global map feature data of the target user is omitted.
And then, calculating the association degree of all user nodes and information nodes in the network relation diagram of the two parties added into the target user according to the importance of the access degree, so as to determine the global diagram feature data with the maximum association degree with the target user.
It should be noted that, the degree of association of the nodes is calculated according to the PageRank algorithm to determine the global graph feature data of the target user is the same as the global graph feature data of the history user, and therefore, the description thereof is omitted.
Preferably, the prediction method further comprises: setting a risk threshold, comparing the calculated risk prediction value of the target user with the risk threshold to risk classify the target user, e.g. into a fraudulent user and a non-fraudulent user, and further classifying the fraudulent user into risk classes.
In other examples, the fraudulent user determined based on the calculation performs a corresponding process, such as "bad" marking, rejecting, reducing confidence, etc.
It is to be noted that the above-mentioned embodiments are merely preferred embodiments, and are not to be construed as limiting the present invention.
Second embodiment
When the network relation graph is constructed, some user characteristic data (sample data) are missing or incomplete, for example, after the user characteristic data are processed, a plurality of missing values exist in the processed vector data, or some user characteristic data are not acquired. Therefore, such feature data cannot be used in data analysis, or the use of such feature data is inefficient.
The present inventors have proposed improvements to the above problems, specifically as follows.
The second embodiment is described with reference to fig. 4 and 5, and differs from the first embodiment in that, in step S102, the local map feature data of the history user is extracted from the two-party network relationship map, but is not limited thereto, and the local map feature data and the global map feature data of the history user may be extracted.
In a second embodiment, the risk prediction method further comprises determining local map feature data, in particular, the local map feature data comprises at least one of degree sequence feature data, polygon feature data, local cluster coefficients. The graph data extraction is specifically seen in fig. 4.
Further, the degree sequence characteristic data comprises an out degree and an in degree. In addition, the method also comprises the steps of associating the number of the application users, associating the proportion of the fraudulent user numbers, weighting the number of the application users and weighting the fraudulent user numbers.
In the present invention, the polygon feature is a ring feature representing a path, and in the case of the two-party network relationship diagram, the path forms a ring (or is closed) in the two-party network relationship diagram.
In this embodiment, the polygon feature is a quadrilateral feature (also referred to as a quadrilateral closure), and further, the polygon feature data is quadrilateral feature data formed by associating two user nodes with different information nodes, wherein the data of one user node corresponds to the data of the target user. Therefore, the data of all the nodes included in the quadrilateral feature is represented by the quadrilateral feature data, and even when the feature data of any one of the user nodes in the quadrilateral feature is incomplete or missing, the risk prediction can be performed for the user represented by the user node by using the quadrilateral feature data.
Specifically, the quadrangular feature data includes basic statistics data, tag data, and weighting coefficients, and more specifically, the basic statistics data of the quadrangular feature data includes the number of quadrilaterals, and the average/maximum/median number of quadrilaterals of the associated application users. The tag data includes a proportion of quadrilaterals associated with the rogue user, an average/maximum/median number of quadrilaterals associated with the rogue user. The weighting coefficients comprise the number of weighted total quadrilaterals, the number of weighted average/maximum/median quadrilaterals of associated application users and the number of weighted average/maximum/median quadrilaterals of associated fraudulent users. However, the above is merely illustrative and is not to be construed as limiting the invention.
It should be noted that, here, the weighting is actually based on the operation of the edge, and the strength also refers to the strength of the edge, for example, in anti-fraud, the relationship based on the identification card is stronger than the relationship based on the device, and the anti-fraud comparison focuses on the timeliness, and the timeliness factor of the relationship is added, so that the weighting is defined as a weighting coefficient comprehensively.
In other examples, information data for an unknown user node (or information node) is calculated based on quadrilateral characteristic data and information data for known user nodes and information nodes. For example, in one quadrangular feature data, information data of two information nodes and information data of one user node are known, in which case, based on the known information data, information data of an unknown user node can be calculated. Thus, the validity of the usage data is improved.
Furthermore, the polygonal features may also be triangular features (also referred to as triangular closed), or triangular features and quadrilateral features, but are not limited thereto, which are just preferred embodiments and are not to be construed as limiting the invention.
More specifically, the local cluster coefficients include cluster coefficients of different degrees, such as a 1 degree cluster coefficient, a 2 degree cluster coefficient, a 3 degree cluster coefficient, and the like. Further, a 1 degree cluster coefficient refers to a coefficient containing an information node and a user node, wherein the user node does not contain a rogue user node, a 2 degree cluster coefficient refers to a coefficient containing an information node and a user node, and the user node contains a rogue user node, and a 3 degree cluster coefficient refers to a coefficient containing only an information node and a rogue user node. In addition, the local cluster coefficients also include connectivity of the reaction quadrilateral features.
In addition, the second embodiment is different from the first embodiment in that in step S104, basic feature data and behavior feature data of a target user are acquired, the target user is added to the two-party network relationship diagram to extract local map feature data of the target user, the fraud prediction model is input, and a fraud prediction value of the target user is calculated to perform risk prediction. Without being limited thereto, in other examples, local map feature data and global map feature data may also be extracted for risk prediction.
Note that the specific meaning of the local map feature data of the target user and the history user is identical, and thus a specific description of the local map feature data of the target user is omitted.
In other examples, the prediction method further comprises: and further updating the relation diagram of the two networks by using the calculated data. Specifically, the information data of the unknown user node or the information node is calculated, the calculated information data of the user node or the information node is added into the network relation diagram of the two parties, and the information data of the next unknown user node (or the information node) is calculated as known data in quadrilateral characteristic data.
Therefore, not only the information data of the unknown and incomplete nodes can be calculated by the quadrilateral characteristic data, but also the calculated information data of the nodes can be used as new known data to further update the graph data of the two-party network relationship graph.
Preferably, for example, the calculated information data of the user node (or information node) is detected, the calculated information data of the user node (or information node) is compared with the detected information data of the user node (or information node), and the calculated information data is corrected based on the detected information data so that the graph data is more accurate.
Further, the corrected information data of the user node (or information node) is used to further update the graph data of the two-party network relationship graph, and the graph data is stored for subsequent data analysis and the like.
Since the second embodiment is the same as the other portions of the first embodiment, descriptions of the other portions are omitted.
Third embodiment
The third embodiment is described with reference to fig. 6, and differs from the first embodiment in that, in step S102, unmatched feature data of a history user including first unmatched feature data and second unmatched feature data is extracted from the two-party network relationship diagram.
In many cases, information or data mismatch occurs. In particular, in the case where data originates from different channels, data mismatch of the same user may occur due to the different data sources. In the present invention, such data mismatch as described above is referred to as first mismatch feature data.
Further, step S102 also includes determining first mismatch feature data.
Preferably, in case of different data sources, based on determining the jaccard distance, the similarity (or dissimilarity) of the same user node or information node is calculated to determine the first mismatch feature data.
For example, the feature data of the user node 1 acquired from the channel Q1 is a, the feature data of the user node 1 acquired from the channel Q2 is B, and the Jaccard distance is determined by the Jaccard (Jaccard) algorithm, see specifically the following expression 1.
Expression 1
D j (A,B)=1-J(A,B)
Wherein D is j (a, B) refers to a jaccard distance for describing dissimilarity; a is a sample set A; b is sample set B.
By determining D j (a, B) the dissimilarity (or degree of mismatch) of the user nodes 1 can be calculated to determine first mismatch feature data and extracted from the two-party network relationship graph.
It should be noted that, the method for calculating the similarity is not limited to the Jaccard algorithm, and includes a cosine angle method and the like.
Further, preferably, based on determining the shortest distance between two adjacent nodes, the matching degree (non-matching degree) of the same user node (or information node) is calculated to determine the first non-matching feature data.
In this example, all nodes in the constructed two-party network relationship graph are preferably traversed, for example, by means of breadth-first search. The path length between each node and its neighbor node is calculated and recorded, e.g., using Dijkstra's algorithm, from which the shortest path length of each user node (or information node) and its neighbor node is found.
Further, in the case of different data sources, for example, using the shortest path length between the user node (or information node) and its neighboring node, the matching degree (or the non-matching degree) of the same user node (or information node) is calculated, thereby determining the first non-matching feature, and extracting from the network relationship diagram of both sides.
In addition, in the case where personal information collides with the rest of network information, for example, the crowd of a certain user and other users in geographic locations is monitored, but the actual location information of the user is completely different from the location information of the other users, such mismatch is referred to as second mismatch feature data, for example, mismatch degree information feature data in the geographic information dimension in the present invention.
More specifically, the second mismatch feature data includes at least one of a mismatch of personal information and network information of the same user node, a mismatch of geographic information of two user nodes associated with each other, and a mismatch of information of the user node and the information node associated with each other.
In this example, the risk prediction method further includes: information data of the user node and its associated user node is monitored for a match to determine second non-matching characteristic data.
In addition, the third embodiment is different from the first embodiment in that in step S104, basic feature data and behavior feature data of a target user are acquired, the target user is added to the two-party network relationship diagram to extract unmatched feature data of the target user, the fraud prediction model is input, and a fraud prediction value of the target user is calculated to perform risk prediction. In other examples, unmatched feature data and global map feature data may also be extracted, without being limited thereto, which is for illustration only and is not to be construed as limiting the invention.
Since the specific meaning of the mismatch feature data of the target user and the history user is the same, the description thereof is omitted. In addition, the determination and extraction methods of the mismatch feature data of the target user and the history user are also the same, and thus a description of this part is omitted.
Since the third embodiment is the same as the other portions of the first and second embodiments, descriptions of the other portions are omitted.
Fourth embodiment
The fourth embodiment differs from the first embodiment in that in step S102, local map feature data, global map feature data, and mismatch feature data of the history user are extracted from the two-party network relationship map, wherein the mismatch feature data includes first mismatch feature data and/or second mismatch feature data. Without being limited thereto, in other examples, any combination of the above three feature data may also be extracted.
Further, the fourth embodiment is different from the first embodiment in that in step S104, basic feature data and behavior feature data of a target user are acquired, the target user is added to the two-party network relationship graph to extract local map feature data, global map feature data and mismatch feature data of the target user, the fraud prediction model is input, and a fraud prediction value of the target user is calculated to perform risk prediction. In other examples, any combination of the above three feature data may be extracted.
Since the fourth embodiment is the same as the other portions of the first, second, and third embodiments, descriptions of the other portions are omitted.
The foregoing is merely a preferred embodiment and is not to be construed as limiting the invention. In other examples, step S104 may also be split into two steps (S601 and S104), see in particular fig. 6.
Those skilled in the art will appreciate that all or part of the steps implementing the above-described embodiments are implemented as a program (computer program) executed by a computer data processing apparatus. The above-described method provided by the present invention can be implemented when the computer program is executed. Moreover, the computer program may be stored in a computer readable storage medium, which may be a readable storage medium such as a magnetic disk, an optical disk, a ROM, a RAM, or a storage array composed of a plurality of storage media, for example, a magnetic disk or a tape storage array. The storage medium is not limited to a centralized storage, but may be a distributed storage, such as cloud storage based on cloud computing.
Next, effect verification is performed by applying the risk prediction method of the present invention to a specific service, specifically referring to table 1 below.
And (3) injection: traditional model: integrated learning model based on personal graph data and characteristics
The risk prediction model of the invention: integrated learning model based on network diagram data and characteristics of two parties
As can be seen from table 1, compared with the conventional method, KS of the prediction model in the risk prediction method of the present invention is improved by 0.08, which is close to 27%, and AUC is improved by 4%, thereby greatly improving accuracy of the fraud model, and also bringing a drop in the first pass rate, and improving the business level.
Compared with the prior art, the risk prediction method is widely applied, is suitable for large-scale data processing and data analysis, and particularly can also be used for performing risk prediction on the user represented by the user node by using mining of group graph features (quadrilateral feature data) under the condition that the feature data of the user node is incomplete or missing, so that the accuracy of risk prediction is improved. In addition, the risk prediction method of the invention predicts risk by using the unmatched features, thereby improving the precision of the fraud model; the utilization rate of the data is improved, and the target data is optimized; the risk of network loan is reduced; the service level is improved.
Example 2
The following describes apparatus embodiments of the invention that may be used to perform method embodiments of the invention. Details described in the embodiments of the device according to the invention should be regarded as additions to the embodiments of the method described above; for details not disclosed in the embodiments of the device according to the invention, reference may be made to the above-described method embodiments.
Referring to fig. 7, 8 and 9, the present invention further provides a risk prediction apparatus 700 based on graph data, the risk prediction apparatus 700 comprising: the data acquisition module 701 acquires basic feature data and behavior feature data of a historical user, and constructs a two-party network relation diagram, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing users, and the information nodes are nodes which are related with different users; the data processing module 702 extracts global graph feature data of the historical user from the network relationship graph of the two parties; a model building module 703 that builds a fraud prediction model that is trained using the global map feature data and fraud performance data of the historical user; and the calculating module 704 is used for acquiring basic characteristic data and behavior characteristic data of the target user, adding the target user into the network relation diagram of the two parties to extract global diagram characteristic data of the target user, inputting the fraud prediction model, and calculating a fraud prediction value of the target user to predict risk.
Preferably, as shown in fig. 8, the risk prediction apparatus further includes a first determining module 801, where the first determining module calculates, for all user nodes and information nodes in the two-party network relationship graph, a degree of association of each node according to the importance of the degree of ingress and egress, so as to determine global graph feature data of the historical user.
Preferably, the risk prediction device further includes a second determining module, and the second determining module calculates the association degree of each node according to the importance of the access degree for all user nodes and information nodes in the network relationship graph of the two parties joining the target user, so as to determine global graph feature data with the maximum association degree with the target user.
Preferably, as shown in fig. 9, the risk prediction apparatus further includes a comparison module 901, where the comparison module is configured to preset a threshold, compare the calculated association degree with the preset threshold, and extract feature data of a user node or an information node corresponding to the association degree greater than the preset threshold as feature data of the global feature map.
Preferably, the global graph feature data includes general features, global cluster coefficients and/or connectivity of the whole graph.
Preferably, the user node comprises user personal characteristic data and network characteristic data.
Preferably, the information node includes at least one of APP information, location information, address book information, call record information, device information, and operator information.
Preferably, the risk prediction device further comprises a setting module, wherein the setting module is used for setting a risk threshold value, and comparing the calculated risk prediction value of the target user with the risk threshold value so as to classify the risk of the target user.
In example 2, the same parts as those in example 1 are omitted.
It will be appreciated by those skilled in the art that the modules in the embodiments of the apparatus described above may be distributed in an apparatus as described, or may be distributed in one or more apparatuses different from the embodiments described above with corresponding changes. The modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.
Example 3
The following describes an embodiment of an electronic device according to the present invention, which may be regarded as a specific physical implementation of the above-described embodiment of the method and apparatus according to the present invention. Details described in relation to the embodiments of the electronic device of the present invention should be considered as additions to the embodiments of the method or apparatus described above; for details not disclosed in the embodiments of the electronic device of the present invention, reference may be made to the above-described method or apparatus embodiments.
Fig. 10 is a block diagram of an exemplary embodiment of an electronic device according to the present invention. An electronic apparatus 200 according to the embodiment of the present invention is described below with reference to fig. 10. The electronic device 200 shown in fig. 10 is merely an example, and should not be construed as limiting the functionality and scope of use of embodiments of the present invention.
As shown in fig. 10, the electronic device 200 is in the form of a general purpose computing device. The components of the electronic device 200 may include, but are not limited to: at least one processing unit 210, at least one memory unit 220, a bus 230 connecting the different system components (including the memory unit 220 and the processing unit 210), a display unit 240, and the like.
Wherein the storage unit stores program code that is executable by the processing unit 210 such that the processing unit 210 performs the steps according to various exemplary embodiments of the present invention described in the electronic prescription stream processing method section above in this specification. For example, the processing unit 210 may perform the steps shown in fig. 1.
The memory unit 220 may include readable media in the form of volatile memory units, such as Random Access Memory (RAM) 2201 and/or cache memory 2202, and may further include Read Only Memory (ROM) 2203.
The storage unit 220 may also include a program/utility 2204 having a set (at least one) of program modules 2205, such program modules 2205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 230 may be a bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 200 may also communicate with one or more external devices 300 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 200, and/or any device (e.g., router, modem, etc.) that enables the electronic device 200 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 250. Also, the electronic device 200 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through a network adapter 260. Network adapter 260 may communicate with other modules of electronic device 200 via bus 230. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 200, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the exemplary embodiments described herein may be implemented in software, or may be implemented in software in combination with necessary hardware. Thus, the technical solution according to the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a computer readable storage medium (may be a CD-ROM, a usb disk, a mobile hard disk, etc.) or on a network, and includes several instructions to cause a computing device (may be a personal computer, a server, or a network device, etc.) to perform the above-mentioned method according to the present invention. The computer program, when executed by a data processing device, enables the computer readable medium to carry out the above-described method of the present invention, namely: and training the created user risk control model by using APP downloading sequence vector data and overdue information of the historical user as training data, and calculating a financial risk prediction value of the target user by using the created user risk control model.
As shown in fig. 11, the computer program may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable storage medium may also be any readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
In summary, the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functionality of some or all of the components in accordance with embodiments of the present invention may be implemented in practice using a general purpose data processing device such as a microprocessor or Digital Signal Processor (DSP). The present invention can also be implemented as an apparatus or device program (e.g., a computer program and a computer program product) for performing a portion or all of the methods described herein. Such a program embodying the present invention may be stored on a computer readable medium, or may have the form of one or more signals. Such signals may be downloaded from an internet website, provided on a carrier signal, or provided in any other form.
The above-described specific embodiments further describe the objects, technical solutions and advantageous effects of the present invention in detail, and it should be understood that the present invention is not inherently related to any particular computer, virtual device or electronic apparatus, and various general-purpose devices may also implement the present invention. The foregoing description of the embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the invention.
Claims (14)
1. The risk prediction method based on the network map data of both parties is characterized by comprising the following steps:
acquiring basic characteristic data and behavior characteristic data of a historical user, and constructing a two-party network relation diagram, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing the user, and the information nodes are nodes which are related with different users;
extracting global graph characteristic data of the historical user from the network relation graph of the two parties;
establishing a fraud prediction model, and training the fraud prediction model by using global graph feature data and fraud expression data of the historical user;
basic feature data and behavior feature data of a target user are obtained, the target user is added into the network relation diagram of the two parties to extract global diagram feature data of the target user, the fraud prediction model is input, and a fraud prediction value of the target user is calculated to conduct risk prediction;
the global graph characteristic data comprise general characteristics, clustering coefficients and/or connectivity of the whole graph;
the clustering coefficient is a coefficient for evaluating the aggregation degree of the nodes in the relation graph, and comprises a local clustering coefficient and a global clustering coefficient; the local clustering coefficient is a coefficient representing the aggregation degree between nodes in the local characteristic data, and the global clustering coefficient is a coefficient representing the overall aggregation degree in the whole network relation graph;
The extracting the global graph characteristic data of the historical user from the network relation graph of the two parties comprises the following steps: calculating the association degree of all the user nodes and the information nodes in the network relation diagram of the two parties according to the importance of the access degree so as to determine the global diagram feature data of the historical users;
the extracting global graph characteristic data of the target user comprises the following steps: and calculating the association degree of all user nodes and information nodes in the network relation diagram of the two parties added into the target user according to the importance of the access degree, so as to determine global diagram feature data with the maximum association degree with the target user.
2. The method as recited in claim 1, further comprising:
and (3) presetting a threshold value, comparing the calculated association degree with the preset threshold value, and extracting feature data of the user nodes or the information nodes corresponding to the association degree larger than the preset threshold value as feature data of the global feature map.
3. The method according to claim 1 or 2, characterized in that local map feature data and/or unmatched feature data of a history user can be extracted from the two-party network relation graph, wherein the local map feature data comprises at least one of degree sequence feature data, polygonal feature data and local cluster coefficients; the non-matching feature data comprises first non-matching feature data and/or second non-matching feature data.
4. The method of claim 1, wherein the user nodes include user personal profile data and network profile data.
5. The method of claim 1, wherein the information node comprises at least one of APP information, location information, address book information, call record information, device information, and operator information.
6. The method of claim 1, wherein the predictive method further comprises:
setting a risk threshold value, and comparing the calculated risk prediction value of the target user with the risk threshold value to perform risk classification on the target user.
7. A risk prediction device based on two-party network map data, wherein the risk prediction device comprises:
the data acquisition module acquires basic characteristic data and behavior characteristic data of a historical user, and constructs a two-party network relation diagram, wherein the two-party network relation diagram comprises two types of nodes, namely user nodes and information nodes, the user nodes are nodes representing users, and the information nodes are nodes which are related with different users;
the data processing module is used for extracting global graph characteristic data of the historical user from the network relation graph of the two parties;
The model building module is used for building a fraud prediction model and training the fraud prediction model by using the global graph characteristic data and the fraud expression data of the historical user;
the computing module is used for acquiring basic characteristic data and behavior characteristic data of a target user, adding the target user into the network relation diagram of the two parties to extract global diagram characteristic data of the target user, inputting the fraud prediction model, and computing fraud prediction values of the target user to conduct risk prediction; the global graph characteristic data comprise general characteristics, clustering coefficients and/or connectivity of the whole graph; the clustering coefficient is a coefficient for evaluating the aggregation degree of the nodes in the relation graph, and comprises a local clustering coefficient and a global clustering coefficient; the local clustering coefficient is a coefficient representing the aggregation degree between nodes in the local characteristic data, and the global clustering coefficient is a coefficient representing the overall aggregation degree in the whole network relation graph;
the first determining module is used for calculating the association degree of all user nodes and information nodes in the network relation diagram of the two parties according to the importance of the access degree so as to determine the global diagram feature data of the historical user;
And the second determining module is used for calculating the association degree of all user nodes and information nodes in the network relation diagram of the two parties added into the target user according to the importance of the access degree so as to determine the global diagram feature data with the maximum association degree with the target user.
8. The apparatus of claim 7, further comprising a comparison module configured to compare the calculated degree of association with a preset threshold, and extract feature data of user nodes or information nodes corresponding to the degree of association greater than the preset threshold as global feature map feature data.
9. The apparatus according to any one of claims 7 to 8, wherein the data processing module further comprises: extracting local map feature data and/or unmatched feature data of a historical user from the two-party network relation graph, wherein the local map feature data comprises at least one of degree sequence feature data, polygon feature data and local cluster coefficients; the non-matching feature data comprises first non-matching feature data and/or second non-matching feature data.
10. The apparatus of claim 7, wherein the user node comprises user personal characteristic data and network characteristic data.
11. The apparatus of claim 7, wherein the information node comprises at least one of APP information, location information, address book information, call record information, device information, and operator information.
12. The risk prediction apparatus of claim 7, further comprising a setting module configured to set a risk threshold value, compare the calculated risk prediction value of the target user with the risk threshold value, and perform risk classification on the target user.
13. An electronic device, wherein the electronic device comprises:
a processor; the method comprises the steps of,
a memory storing computer executable instructions that, when executed, cause the processor to perform the method of any of claims 1-6.
14. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911290972.8A CN111199474B (en) | 2019-12-16 | 2019-12-16 | Risk prediction method and device based on network map data of two parties and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911290972.8A CN111199474B (en) | 2019-12-16 | 2019-12-16 | Risk prediction method and device based on network map data of two parties and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111199474A CN111199474A (en) | 2020-05-26 |
| CN111199474B true CN111199474B (en) | 2024-03-12 |
Family
ID=70746547
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911290972.8A Active CN111199474B (en) | 2019-12-16 | 2019-12-16 | Risk prediction method and device based on network map data of two parties and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111199474B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111738558B (en) * | 2020-05-27 | 2024-03-08 | 平安科技(深圳)有限公司 | Visualization method, device, equipment and storage medium for behavior risk identification |
| CN112330329A (en) * | 2020-10-12 | 2021-02-05 | 支付宝(杭州)信息技术有限公司 | Risk transaction data processing method, device, equipment and storage medium |
| CN112257959A (en) * | 2020-11-12 | 2021-01-22 | 上海优扬新媒信息技术有限公司 | User risk prediction method and device, electronic equipment and storage medium |
| CN112464042B (en) * | 2020-11-25 | 2023-07-28 | 平安科技(深圳)有限公司 | Task label generating method and related device for convolution network according to relationship graph |
| CN113094506B (en) * | 2021-04-14 | 2023-08-18 | 每日互动股份有限公司 | Early warning method based on relational graph, computer equipment and storage medium |
| CN113689285B (en) * | 2021-08-18 | 2024-04-26 | 深圳前海微众银行股份有限公司 | Method, device, equipment and storage medium for detecting user characteristics |
| CN113807723B (en) * | 2021-09-24 | 2023-11-03 | 重庆富民银行股份有限公司 | Risk identification method for knowledge graph |
| CN115018280B (en) * | 2022-05-24 | 2024-06-18 | 支付宝(杭州)信息技术有限公司 | Mining method of risk map mode, risk identification method and corresponding devices |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106447066A (en) * | 2016-06-01 | 2017-02-22 | 上海坤士合生信息科技有限公司 | Big data feature extraction method and device |
| CN108492173A (en) * | 2018-03-23 | 2018-09-04 | 上海氪信信息技术有限公司 | A kind of anti-Fraud Prediction method of credit card based on dual-mode network figure mining algorithm |
| CN110349004A (en) * | 2019-07-02 | 2019-10-18 | 北京淇瑀信息科技有限公司 | Risk of fraud method for detecting and device based on user node relational network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10572501B2 (en) * | 2015-12-28 | 2020-02-25 | International Business Machines Corporation | Steering graph mining algorithms applied to complex networks |
-
2019
- 2019-12-16 CN CN201911290972.8A patent/CN111199474B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106447066A (en) * | 2016-06-01 | 2017-02-22 | 上海坤士合生信息科技有限公司 | Big data feature extraction method and device |
| CN108492173A (en) * | 2018-03-23 | 2018-09-04 | 上海氪信信息技术有限公司 | A kind of anti-Fraud Prediction method of credit card based on dual-mode network figure mining algorithm |
| CN110349004A (en) * | 2019-07-02 | 2019-10-18 | 北京淇瑀信息科技有限公司 | Risk of fraud method for detecting and device based on user node relational network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111199474A (en) | 2020-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111199474B (en) | Risk prediction method and device based on network map data of two parties and electronic equipment | |
| CN111222976B (en) | Risk prediction method and device based on network map data of two parties and electronic equipment | |
| CN110363449B (en) | Risk identification method, device and system | |
| CN112148987B (en) | Message pushing method based on target object activity and related equipment | |
| WO2022095352A1 (en) | Abnormal user identification method and apparatus based on intelligent decision, and computer device | |
| CN113344700B (en) | Multi-objective optimization-based wind control model construction method and device and electronic equipment | |
| CN108388559A (en) | Name entity recognition method and system, computer program of the geographical space under | |
| CN110135978B (en) | User financial risk assessment method and device, electronic equipment and readable medium | |
| CN110148053B (en) | User credit line evaluation method and device, electronic equipment and readable medium | |
| CN112989059A (en) | Method and device for identifying potential customer, equipment and readable computer storage medium | |
| CN114187112A (en) | Training method of account risk model and determination method of risk user group | |
| CN112016855B (en) | User industry identification method and device based on relational network matching and electronic equipment | |
| CN110909540A (en) | Method and device for identifying new words of short message spam and electronic equipment | |
| CN112818162A (en) | Image retrieval method, image retrieval device, storage medium and electronic equipment | |
| CN111966730A (en) | Risk prediction method and device based on permanent premises and electronic equipment | |
| CN115545886A (en) | Overdue risk identification method, overdue risk identification device, overdue risk identification equipment and storage medium | |
| Liu et al. | Extracting, ranking, and evaluating quality features of web services through user review sentiment analysis | |
| CN114693409A (en) | Product matching method, device, computer equipment, storage medium and program product | |
| CN110992194A (en) | User reference index algorithm based on attribute-containing multi-process sampling graph representation learning model | |
| US20230230081A1 (en) | Account identification method, apparatus, electronic device and computer readable medium | |
| CN113408627A (en) | Target object determination method and device and server | |
| CN112446777B (en) | Credit evaluation method, device, equipment and storage medium | |
| CN112508690A (en) | Risk assessment method and device based on joint distribution adaptation and electronic equipment | |
| CN111143533A (en) | Customer service method and system based on user behavior data | |
| CN114547257B (en) | Class matching method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |