CN114820198A - Abnormal transaction identification method, system and equipment based on block chain - Google Patents

Abnormal transaction identification method, system and equipment based on block chain Download PDF

Info

Publication number
CN114820198A
CN114820198A CN202210744807.0A CN202210744807A CN114820198A CN 114820198 A CN114820198 A CN 114820198A CN 202210744807 A CN202210744807 A CN 202210744807A CN 114820198 A CN114820198 A CN 114820198A
Authority
CN
China
Prior art keywords
transaction
risk
service provider
level
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210744807.0A
Other languages
Chinese (zh)
Inventor
易文龙
赵小敏
赵应丁
郭熙
李求德
殷华
徐亦璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangxi Agricultural University
Original Assignee
Jiangxi Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangxi Agricultural University filed Critical Jiangxi Agricultural University
Priority to CN202210744807.0A priority Critical patent/CN114820198A/en
Publication of CN114820198A publication Critical patent/CN114820198A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a method, a system and equipment for identifying abnormal transaction transactions based on a block chain, wherein the method comprises the following steps: acquiring common attributes of the transaction, and performing behavior analysis on the transaction according to the common attributes to obtain a transaction risk value; acquiring a user risk level of a transaction initiator and a transaction service provider risk level, and respectively calculating to obtain a transaction risk factor, a user risk factor and a service provider risk factor according to respective membership functions by combining transaction risk values to form a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor; and acquiring a weight fuzzy matrix, and acquiring a fuzzy comprehensive evaluation matrix by combining the relation fuzzy matrix to determine the risk level of the transaction so as to identify the abnormal transaction. According to the method and the device, the transaction affairs before chain connection are subjected to abnormal identification, so that the prior prediction is achieved, and the technical problem that the loss caused by the abnormal transaction affairs can not be avoided due to the fact that the abnormal transaction affairs which are subjected to chain connection are generally subjected to abnormal identification in the prior art is solved.

Description

Abnormal transaction identification method, system and equipment based on block chain
Technical Field
The invention relates to the technical field of data processing, in particular to a method, a system and equipment for identifying abnormal transaction transactions based on a block chain.
Background
In a blockchain network, transaction security is always a topic of great concern, most of the existing blockchain platforms check the validity or validity of the transaction by using a cryptographic technique, but the validity check of the transaction is established on the security of a transaction account. If the transaction account is stolen, no effective mechanism intervenes in the illegal transaction in the transaction process. Afterwards, the source analysis can be performed only by the linked transaction for tracing or repairing, but the loss caused by the linkage can not be avoided.
In the Hyperleder Fabric platform, transactions have a broader meaning, which is a general meaning for all existing data interactive operation transactions. In the platform, a user can check the validity of the transaction inquiry function to obtain relevant information of the transaction, but the function is also established under the condition that the transaction is linked, and a blockchain has the characteristic of being incapable of being tampered, so that if the illegal transaction is linked, an immeasurable result is caused.
Therefore, in the prior art, the abnormal identification of the linked transaction is generally performed, which belongs to the post identification, and the loss caused by the abnormal identification cannot be avoided.
Disclosure of Invention
Based on this, the present invention provides a method, a system and a device for identifying abnormal transaction transactions based on a block chain, which are used to solve the technical problem that the loss caused by the abnormal identification of the linked transaction transactions in the prior art cannot be avoided.
One aspect of the present invention provides a method for identifying an abnormal transaction based on a block chain, where the method includes:
acquiring common attributes of the blockchain transaction, and performing behavior analysis on the transaction according to the common attributes to obtain a transaction risk value, wherein the common attributes comprise transaction creation time, calling chain code ID, initiator service provider ID, initiator name and input parameters;
acquiring a user risk level and a service provider risk level, respectively calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor;
acquiring a weight fuzzy matrix, cross-multiplying the weight fuzzy matrix with the relation fuzzy matrix to obtain a fuzzy comprehensive evaluation matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
According to the abnormal transaction identification method based on the block chain, the transaction before chain linking is subjected to abnormal identification, so that the prior prediction is achieved, the technical problem that the loss caused by the abnormal identification of the chain linked transaction in the prior art is unavoidable is solved, and higher profit is realized; furthermore, common attributes of transaction transactions are extracted from a chain code layer and analyzed to obtain transaction risk values, identification of abnormal transaction transactions is carried out by extracting the common attributes of the transaction transactions, so that the abnormal transaction identification method in the application is suitable for all transaction scenes and has universality, transaction risk factors, user risk factors and service provider risk factors are respectively obtained by calculation according to user risk levels and service provider risk levels and combining respective membership functions to form a relation fuzzy matrix, risk level evaluation is carried out from three dimensions of the transaction risk values, the user risk levels and the service provider risk levels, so that the evaluation method is more accurate and has real-time performance, and a fuzzy comprehensive evaluation matrix is obtained by cross-multiplying the relation fuzzy matrix by the weight fuzzy matrix to determine the transaction risk levels, abnormal transactions are identified according to the transaction risk level, advance prediction is achieved, loss can be stopped in time, the technical problem that loss caused by the fact that abnormal identification is conducted on the linked transaction in the prior art generally is solved, and the safety and reliability of the block chain transaction are improved.
In addition, according to the above abnormal transaction identification method based on the block chain of the present invention, the following additional technical features may also be provided:
further, the step of performing behavior analysis on the transaction according to the common attributes to obtain a transaction risk value includes:
judging whether abnormal behaviors exist in the transaction according to the analysis result, wherein the abnormal behaviors comprise that the transaction time does not accord with the daily habit, calling an unusual chain code and using an unusual function;
and if the abnormal behavior exists, calculating a transaction risk value according to the abnormal behavior.
Further, in the step of obtaining the user risk level and the service provider risk level, the step of obtaining the user risk level includes:
the current user risk level is equal to the risk level of the last transaction;
wherein, if no last transaction record exists, the initial user risk level defaults to 1.
Further, if the user risk level isNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
Further, in the step of obtaining the user risk level and the service provider risk level, the step of obtaining the service provider risk level includes:
acquiring user risk levels of all users under the same service provider;
and averaging the user risk levels of all the users and rounding up to obtain the service provider risk level of the service provider.
Further, if the service provider risk level isNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
Further, in the step of calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain the transaction risk factor, the user risk factor and the service provider risk factor, the step of calculating the transaction risk value according to the transaction risk factor membership functions to obtain the transaction risk factor includes:
determining transaction risk evaluation grades according to the transaction risk values, wherein the grades comprise safety, low risk, medium risk and high risk, and the transaction risk factor membership functions are different due to different transaction risk evaluation grades;
when the transaction risk value is 0, belonging to the security level;
when the transaction risk value is not 0, the transaction does not belong to the security level;
the transaction risk factor membership functions corresponding to all levels are as follows:
Figure 273033DEST_PATH_IMAGE001
wherein the content of the first and second substances,xin order to be able to trade a risk value,A(x)a membership function representing a security level,B(x)a low-risk membership function is represented,C (x)representing a risk membership function of the group,D(x)representing high risk membership functions, R + Is a positive real number, and the number of the real numbers,αtaking 5 as the median in the risk value, it means that when the risk value is 5, the risk decision probability is 100%,
Figure 439703DEST_PATH_IMAGE002
and 1 is taken, the standard deviation is 1, the calculation is convenient, and the specific value can be determined according to the actual condition.
In another aspect, the present invention provides a system for identifying an abnormal transaction based on a block chain, where the system includes:
the system comprises an acquisition module, a block chain transaction processing module and a block chain transaction processing module, wherein the acquisition module is used for acquiring the common attribute of the block chain transaction, and performing behavior analysis on the transaction according to the common attribute to obtain a transaction risk value, and the common attribute comprises transaction creation time, calling chain code ID, initiator service provider ID, initiator name and input parameters;
the relation fuzzy matrix composition module is used for acquiring a user risk level and a service provider risk level, respectively calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor;
and the abnormal transaction identification module is used for acquiring a weight fuzzy matrix, cross-multiplying the weight fuzzy matrix by the relation fuzzy matrix to acquire a fuzzy comprehensive evaluation matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
Another aspect of the present invention provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the method for identifying abnormal transaction transactions based on blockchains as described above.
The present invention also provides a data processing device, including a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor executes the program to implement the above-mentioned block chain-based abnormal transaction identification method.
Drawings
FIG. 1 is a flow chart of a method for identifying abnormal transaction based on block chain according to a first embodiment of the present invention;
FIG. 2 is a schematic view of a transaction processing flow in the present application;
FIG. 3 is a method diagram of the abnormal transaction identification method of the present invention;
FIG. 4 is a membership function of transaction risk factors in the present application;
FIG. 5 illustrates risk levels and coping strategies in the present application;
FIG. 6 is a flowchart of a method for identifying abnormal transaction based on block chains according to a second embodiment of the present invention;
fig. 7 is a system block diagram of an abnormal transaction identification system based on a block chain in a third embodiment of the present invention.
The following detailed description will further illustrate the invention in conjunction with the above-described figures.
Detailed Description
To facilitate an understanding of the invention, the invention will now be described more fully with reference to the accompanying drawings. Several embodiments of the invention are presented in the drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
Currently, there is no effective means to identify illegal transactions where the account is not secure. Based on the above, the method for identifying the abnormal transaction transactions of the block chain based on the fuzzy comprehensive evaluation is designed, common attributes of the transaction transactions are extracted for analysis, undifferentiated analysis can be performed on all types of transactions, and the method has universality while effectively identifying illegal transactions.
Example one
Referring to fig. 1, a method for identifying abnormal transaction transactions based on a block chain according to a first embodiment of the present invention is shown, where the method includes steps S101 to S103:
s101, acquiring common attributes of the block chain transaction transactions, and performing behavior analysis on the transaction transactions according to the common attributes to obtain transaction risk values.
Specifically, whether the transaction has abnormal behavior is judged according to the analysis result; and if the abnormal behavior exists, calculating a transaction risk value according to the abnormal behavior.
Fig. 2 shows a flow chart of transaction processing. In HyperLegendr Fabric, transactions generally need to pass through an application layer, a service layer and a link code layer, and are written into a block. The user inputs data or instructions in an application layer, the layer is used for interacting with the user and can be compiled by GoWeb, then the input data or instructions enter a service layer, the layer is compiled by sdk-go, the transaction is packaged, data required by the correct execution of the transaction is provided, finally, the transaction enters a chain code layer, the layer executes the transaction, and meanwhile, the layer identifies abnormal transaction transactions, and the method is specifically divided into four steps: and extracting common attributes of the transaction, performing fuzzy comprehensive evaluation, judging the risk level and implementing a risk coping strategy. The research object of the application is single user and single transaction, and has better fine granularity. The common attributes of the transaction in HyperLegend Fabric include: transaction creation time, call chain ID, initiator service provider ID, initiator name, and input parameters.
Extracting the common attributes, and performing behavior analysis, wherein the related abnormal behaviors comprise: the transaction time does not conform to daily habits, the non-common chain code is called, and the non-common function is used. And calculating a risk value according to the existence of the behaviors, wherein the risk value is 0 to 9, the risk value is 1 to 3 according to the deviation degree of the transaction time and the daily habit, the risk value is 1 to 3 according to the importance degree of calling the non-common chain code, and the risk value is 1 to 3 according to the importance degree of using the non-common function. The risk values may be accumulated. It should be further explained that the value of the risk value is 0 to 9, which represents the value range of the overall risk value, i.e. the value obtained by calculating the three abnormal behaviors; the risk value of each abnormal behavior is 1-3, and the behaviors are sequentially judged as low risk, medium risk and high risk. And if the behavior is judged to be safe, the risk value is 0.
S102, obtaining a user risk level and a service provider risk level, respectively calculating a transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor.
The user risk level is determined by the risk level of the last transaction, namely if the risk level of the last transaction isNIf the risk level of the user is the same asNAnd if no last transaction record exists, the initial user risk level defaults to 1.
In the method, the transaction risk level is an output value, and a corresponding behavior strategy is implemented according to the evaluated transaction risk level. The user risk level is an input value determined by an initialization setting or a last transaction risk level.
The service provider risk level is obtained according to the user risk level of each user under the same service provider (averaging the user risk levels of all the users and rounding up), and the calculation mode is as follows:
Figure 441157DEST_PATH_IMAGE003
wherein the content of the first and second substances,
Figure 374478DEST_PATH_IMAGE004
representing the rounding of the function in the z-direction,Vin order to provide a service provider risk level,V i a risk level for each user under the service provider;iis the serial number of the user,v i represents the firstiA user;nis the number of users.
The risk level table is:
Figure 636832DEST_PATH_IMAGE005
as shown in FIG. 3, transaction risk factors are respectively calculated according to respective membership functions by the transaction risk value, the user risk level and the service provider risk levelα 1 User risk factorα 2 Service provider risk factorα 3 Each risk factor is a 1 x 4 matrix. The three risk factors described above may constitute a 3 x 4 relationship ambiguity matrix.
Further, as shown in fig. 4, a membership function of the transaction risk factor is shown. In the application, two risk classes are involved: the risk assessment level is the first, and the risk level of the transaction is the second. In the risk assessment level judgment of the transaction risk value, it is known that the determination probability of the risk increases first and then decreases as the risk value increases, and the increasing trend and the decreasing trend are symmetrical when the determination probability reaches the maximum. Therefore, the probability of risk determination is in accordance with a gaussian distribution (normal distribution), and the membership function is selected as a gaussian membership function. And the boundary of the low risk and the boundary of the medium risk are crossed, the boundary of the medium risk and the boundary of the high risk are also crossed, but when the transaction risk value takes any value, the probability sum of the three values is 1. When the transaction risk value is 0, the transaction risk value belongs to the security level, and if the transaction risk value is not 0, the transaction risk value is not necessarily the security level. Thus, the hierarchical membership functions of the transaction risk factors are as follows:
Figure 364617DEST_PATH_IMAGE006
wherein the content of the first and second substances,xin order to be able to trade a risk value,A(x)a membership function representing a security level,B(x)a low-risk membership function is represented,C (x)representing a risk membership function of the group,D(x)representing high risk membership functions, R + Is a positive real number, and the number of the real numbers,αtaking 5 as the median in the risk value, it means that when the risk value is 5, the risk decision probability is 100%,
Figure 853367DEST_PATH_IMAGE007
and 1 is taken, the standard deviation is 1, the calculation is convenient, and the specific value can be determined according to the actual condition.
Determining membership functions of the user risk factors: the domain of the user risk factor is a discrete domain, and the membership degree can be directly given by adopting a subjective experience method according to subjective knowledge and combining personal experience through analysis and reasoning. In this patentIn (1), provision is made for: if the user risk level isNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
Determination of membership functions of service provider risk factors: and the membership degree of the risk factors of the service providers adopts a subjective experience method. In this patent, it is specified that: if the service provider risk level isNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
S103, obtaining a weight fuzzy matrix, obtaining a fuzzy comprehensive evaluation matrix from the weight fuzzy matrix cross-product relation fuzzy matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transaction according to the transaction risk level.
Determining a weight fuzzy matrix: in the transaction risk assessment, the influence degree on the transaction risk level is as follows from large to small: transaction risk value, user risk level, service provider risk level. Combining with the rule 28, if there are 3 indexes, the weight of each index is generally above 20%. The finally determined weight fuzzy matrix is (0.5, 0.3, 0.2), that is, the transaction risk factor weight is 0.5, the user risk factor is 0.3, and the service provider risk factor is 0.2.
The cross multiplication relation fuzzy matrix of the weight fuzzy matrix is used for obtaining a 1 multiplied by 4 fuzzy comprehensive evaluation matrix which isY={y 1y 2y 3y 4 Therein ofy i Represents that the final comprehensive evaluation result is subordinate toiThe degree of individual risk classes. And finally taking the risk grade with the highest probability as the final transaction risk grade. The risk level is taken to be greater when the probabilities are the same.
In the fuzzy comprehensive evaluation method, a transaction risk value, a user risk level and a service provider risk level are taken as the basis of risk evaluation, and the influences of three dimensions, namely the security of the current transaction behavior, the security of a transaction account and the security of a service provider (which can be regarded as a network), are respectively considered, so that the risk evaluation in the application has real-time performance and integrity.
Fig. 5 shows the risk level and the coping strategy. This patent divides into four grades with transaction affairs risk, and from low to high does in proper order: security level, low risk level, medium risk level, high risk level. Meanwhile, a corresponding coping strategy is formulated according to the risk level, and the coping strategy specifically comprises the following steps: security level transactions are normally used, low risk level transactions limit certain input functions, medium risk level transactions limit all input functions, high risk level transactions limit all functions. Because the interaction between the data and the inside of the block is performed based on the function in the chain code layer, the influence of the transaction on the system can be effectively controlled by limiting the use of the function.
It should be further noted that the "risk level" and the "risk assessment level" in the "risk level and coping strategy" are different from each other in scope. The risk level is a transaction risk level, is obtained by comprehensively evaluating factors such as a transaction risk value, a user risk level, a service provider risk level and the like, and is a risk level of transaction on a block chain. And "risk assessment rating" is an intermediate variable for calculating the risk factor for each dimension. In this application, transactions include both macroscopic and microscopic meaning, macroscopically, that is, transactions on a blockchain; microscopically, it refers to transaction behavior in the chaining level.
In summary, in the method for identifying abnormal transaction transactions based on a block chain in the above embodiment of the present invention, the transaction before chain linking is subjected to abnormal identification, so that a priori prediction is achieved, the technical problem that the loss caused by the abnormal identification of the chain linked transaction in the prior art is unavoidable is avoided, and a higher profit is realized; furthermore, common attributes of transaction transactions are extracted from a chain code layer and analyzed to obtain transaction risk values, identification of abnormal transaction transactions is carried out by extracting the common attributes of the transaction transactions, so that the abnormal transaction identification method in the application is suitable for all transaction scenes and has universality, transaction risk factors, user risk factors and service provider risk factors are respectively obtained by calculation according to user risk levels and service provider risk levels and combining respective membership functions to form a relation fuzzy matrix, risk level evaluation is carried out from three dimensions of the transaction risk values, the user risk levels and the service provider risk levels, so that the evaluation method is more accurate and has real-time performance, and a fuzzy comprehensive evaluation matrix is obtained by cross-multiplying the relation fuzzy matrix by the weight fuzzy matrix to determine the transaction risk levels, the abnormal transaction is identified according to the transaction risk level, the prior prediction is realized, so that the loss can be stopped in time, the technical problem that the loss caused by the fact that the abnormal identification is generally carried out on the chained transaction in the prior art is solved, and the safety and reliability of the block chain transaction are improved.
Example two
Referring to fig. 6, a method for identifying abnormal transaction transactions based on block chains according to a second embodiment of the present invention is shown, where the method includes steps S201 to S203:
s201, acquiring common attributes of the blockchain transaction transactions, and performing behavior analysis on the transaction transactions according to the common attributes to obtain transaction risk values.
Specifically, the common attributes include transaction creation time, call chain ID, initiator service provider ID, initiator name, and input parameters.
S202, obtaining a user risk level and a service provider risk level, respectively calculating a transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor.
In the abnormal transaction identification process, the transaction risk value, the user risk level and the service provider risk level need to be known. It is assumed that the three parameters mentioned above, 5, 3, 2 respectively, have been known from the transaction common attributes through correlation processing.
Then, according to the membership function, a transaction risk factor, a user risk factor, and a service provider risk factor may be obtained as follows:
Figure 324799DEST_PATH_IMAGE008
the obtained relation fuzzy matrix is:
Figure 690927DEST_PATH_IMAGE009
s203, obtaining a weight fuzzy matrix, obtaining a fuzzy comprehensive evaluation matrix from the weight fuzzy matrix cross-product relation fuzzy matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
In one specific example in the embodiment of the present application, according to rule 28, the weight fuzzy matrix can be finally calculated and determined as: [ 0.50.30.2 ], so the fuzzy comprehensive evaluation matrix is:
Figure 855193DEST_PATH_IMAGE010
the probability that the resulting assessment is attached to each risk level is:
Figure 831239DEST_PATH_IMAGE011
and if the final transaction risk level is medium risk, the calling of the function is frozen at the chain code layer, and the input function is a function containing data writing operation.
It should be noted that, the method provided by the second embodiment of the present invention, which implements the same principle and produces some technical effects as the first embodiment, can refer to the corresponding contents in the first embodiment for the sake of brief description, where this embodiment is not mentioned.
In summary, in the method for identifying abnormal transaction transactions based on a block chain in the above embodiment of the present invention, the transaction before chain linking is subjected to abnormal identification, so that a priori prediction is achieved, the technical problem that the loss caused by the abnormal identification of the chain linked transaction in the prior art is unavoidable is avoided, and a higher profit is realized; furthermore, common attributes of transaction transactions are extracted from a chain code layer and analyzed to obtain transaction risk values, identification of abnormal transaction transactions is carried out by extracting the common attributes of the transaction transactions, so that the abnormal transaction identification method in the application is suitable for all transaction scenes and has universality, transaction risk factors, user risk factors and service provider risk factors are respectively obtained by calculation according to user risk levels and service provider risk levels and combining respective membership functions to form a relation fuzzy matrix, risk level evaluation is carried out from three dimensions of the transaction risk values, the user risk levels and the service provider risk levels, so that the evaluation method is more accurate and has real-time performance, and a fuzzy comprehensive evaluation matrix is obtained by cross-multiplying the relation fuzzy matrix by the weight fuzzy matrix to determine the transaction risk levels, abnormal transactions are identified according to the transaction risk level, advance prediction is achieved, loss can be stopped in time, the technical problem that loss caused by the fact that abnormal identification is conducted on the linked transaction in the prior art generally is solved, and the safety and reliability of the block chain transaction are improved.
EXAMPLE III
Referring to fig. 7, a block chain based abnormal transaction identification system according to a third embodiment of the present invention is shown, the system includes:
the system comprises an acquisition module, a block chain transaction processing module and a block chain transaction processing module, wherein the acquisition module is used for acquiring the common attribute of the block chain transaction, and performing behavior analysis on the transaction according to the common attribute to obtain a transaction risk value, and the common attribute comprises transaction creation time, calling chain code ID, initiator service provider ID, initiator name and input parameters;
the relation fuzzy matrix composition module is used for acquiring a user risk level and a service provider risk level, respectively calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor;
and the abnormal transaction identification module is used for acquiring a weight fuzzy matrix, cross-multiplying the weight fuzzy matrix by the relation fuzzy matrix to acquire a fuzzy comprehensive evaluation matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
In some optional embodiments, the obtaining module comprises:
the judging unit is used for judging whether abnormal behaviors exist in the transaction according to the analysis result, wherein the abnormal behaviors comprise that the transaction time does not accord with the daily habit, an unusual chain code is called, and an unusual function is used;
and the first execution unit is used for calculating the transaction risk value according to the abnormal behavior when the abnormal behavior exists.
In some optional embodiments, in the relationship fuzzy matrix composition module, the step of obtaining the user risk level includes:
the current user risk level is equal to the risk level of the last transaction;
wherein, if no last transaction record exists, the initial user risk level defaults to 1.
In some optional embodiments, in the relationship ambiguity matrix composition module, the step of obtaining the risk level of the service provider comprises:
acquiring user risk levels of all users under the same service provider;
and averaging the user risk levels of all the users and rounding up to obtain the service provider risk level of the service provider.
In some optional embodiments, in the relationship fuzzy matrix composition module, the step of calculating the transaction risk value according to the transaction risk factor membership function to obtain the transaction risk factor includes:
determining transaction risk evaluation grades according to the transaction risk values, wherein the grades comprise safety, low risk, medium risk and high risk, and the transaction risk factor membership functions are different due to different transaction risk evaluation grades;
when the transaction risk value is 0, belonging to the security level;
when the transaction risk value is not 0, the transaction does not belong to the security level;
the transaction risk factor membership functions corresponding to all levels are as follows:
Figure 699838DEST_PATH_IMAGE006
wherein the content of the first and second substances,A(x)a membership function representing a security level,B(x)a low-risk membership function is represented,C(x)representing a risk membership function of the group,D(x)representing high risk membership functions, R + Is a positive real number, and the number of the real numbers,αtaking 5 as the median in the risk value, it means that when the risk value is 5, the risk decision probability is 100%,
Figure 77729DEST_PATH_IMAGE007
and 1 is taken, the standard deviation is 1, the calculation is convenient, and the specific value can be determined according to the actual condition.
In summary, in the block chain-based abnormal transaction identification system in the above embodiment of the present invention, the transaction before chaining is subjected to abnormal identification, so that a priori prediction is achieved, the technical problem that the loss caused by the abnormal identification of the chained transaction in the prior art is unavoidable is avoided, and a higher profit is realized; furthermore, common attributes of transaction transactions are extracted from a chain code layer and analyzed to obtain transaction risk values, identification of abnormal transaction transactions is carried out by extracting the common attributes of the transaction transactions, so that the abnormal transaction identification method in the application is suitable for all transaction scenes and has universality, transaction risk factors, user risk factors and service provider risk factors are respectively obtained by calculation according to user risk levels and service provider risk levels and combining respective membership functions to form a relation fuzzy matrix, risk level evaluation is carried out from three dimensions of the transaction risk values, the user risk levels and the service provider risk levels, so that the evaluation method is more accurate and has real-time performance, and a fuzzy comprehensive evaluation matrix is obtained by cross-multiplying the relation fuzzy matrix by the weight fuzzy matrix to determine the transaction risk levels, the abnormal transaction is identified according to the transaction risk level, the prior prediction is realized, so that the loss can be stopped in time, and the technical problem that the loss caused by the fact that the abnormal identification is generally carried out on the chained transaction in the prior art is unavoidable is solved.
Furthermore, an embodiment of the present invention also proposes a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the method in the above-described embodiment.
Furthermore, an embodiment of the present invention also provides a data processing apparatus, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor executes the computer program to implement the steps of the method in the above-mentioned embodiment.
The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.

Claims (10)

1. A method for identifying abnormal transaction transactions based on a block chain is characterized by comprising the following steps:
acquiring common attributes of the blockchain transaction, and performing behavior analysis on the transaction according to the common attributes to obtain a transaction risk value, wherein the common attributes comprise transaction creation time, calling chain code ID, initiator service provider ID, initiator name and input parameters;
acquiring a user risk level and a service provider risk level, respectively calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor;
acquiring a weight fuzzy matrix, cross-multiplying the weight fuzzy matrix with the relation fuzzy matrix to obtain a fuzzy comprehensive evaluation matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
2. The method for identifying abnormal transaction transactions based on blockchain according to claim 1, wherein the step of performing behavior analysis on the transaction transactions according to the common attributes to obtain the transaction risk value comprises:
judging whether abnormal behaviors exist in the transaction according to the analysis result, wherein the abnormal behaviors comprise that the transaction time does not accord with the daily habit, calling an unusual chain code and using an unusual function;
and if the abnormal behavior exists, calculating a transaction risk value according to the abnormal behavior.
3. The method for identifying abnormal transaction transactions according to claim 1, wherein in the step of obtaining the user risk level and the service provider risk level, the step of obtaining the user risk level comprises:
the current user risk level is equal to the risk level of the last transaction;
wherein, if no last transaction record exists, the initial user risk level defaults to 1.
4. The method of claim 3, wherein if the user risk level is user risk levelNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
5. The method for identifying abnormal transaction transactions according to claim 1, wherein in the step of obtaining the user risk level and the service provider risk level, the step of obtaining the service provider risk level comprises:
acquiring user risk levels of all users under the same service provider;
and averaging the user risk levels of all the users and rounding up to obtain the service provider risk level of the service provider.
6. The method of claim 5, wherein the risk level of the service provider is set asNThen the corresponding risk assessment rating isNIs 1, and the membership of the remaining risk assessment levels is 0.
7. The method for identifying abnormal transaction transactions according to claim 1, wherein in the step of calculating the transaction risk value, the user risk level and the service provider risk level respectively according to respective membership functions to obtain the transaction risk factor, the user risk factor and the service provider risk factor, the step of calculating the transaction risk value according to the transaction risk factor membership functions to obtain the transaction risk factor comprises:
determining transaction risk evaluation grades according to the transaction risk values, wherein the grades comprise safety, low risk, medium risk and high risk, and the transaction risk factor membership functions are different due to different transaction risk evaluation grades;
when the transaction risk value is 0, belonging to the security level;
when the transaction risk value is not 0, the transaction does not belong to the security level;
the transaction risk factor membership functions corresponding to all levels are as follows:
Figure 890035DEST_PATH_IMAGE001
wherein the content of the first and second substances,xin order to be able to trade a risk value,A(x)a membership function representing a security level,B(x)a low-risk membership function is represented,C(x)representing a risk membership function of the group,D(x)representing high risk membership functions, R + Is a positive real number, and the number of the real numbers,αtaking 5 as the median in the risk value, it means that when the risk value is 5, the risk decision probability is 100%,
Figure 127987DEST_PATH_IMAGE002
and 1 is taken, the standard deviation is 1, the calculation is convenient, and the specific value can be determined according to the actual condition.
8. A blockchain-based anomalous transaction identification system, said system comprising:
the system comprises an acquisition module, a block chain transaction processing module and a block chain transaction processing module, wherein the acquisition module is used for acquiring the common attribute of the block chain transaction, and performing behavior analysis on the transaction according to the common attribute to obtain a transaction risk value, and the common attribute comprises transaction creation time, calling chain code ID, initiator service provider ID, initiator name and input parameters;
the relation fuzzy matrix composition module is used for acquiring a user risk level and a service provider risk level, respectively calculating the transaction risk value, the user risk level and the service provider risk level according to respective membership functions to obtain a transaction risk factor, a user risk factor and a service provider risk factor, and forming a relation fuzzy matrix of the transaction risk factor, the user risk factor and the service provider risk factor;
and the abnormal transaction identification module is used for acquiring a weight fuzzy matrix, cross-multiplying the weight fuzzy matrix by the relation fuzzy matrix to acquire a fuzzy comprehensive evaluation matrix, determining a transaction risk level according to the fuzzy comprehensive evaluation matrix, and identifying abnormal transactions according to the transaction risk level.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the method for block-chain based anomalous transaction identification according to any one of claims 1 to 7.
10. A data processing apparatus comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the method of block chain based anomalous transaction identification in any one of claims 1 to 7.
CN202210744807.0A 2022-06-29 2022-06-29 Abnormal transaction identification method, system and equipment based on block chain Pending CN114820198A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210744807.0A CN114820198A (en) 2022-06-29 2022-06-29 Abnormal transaction identification method, system and equipment based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210744807.0A CN114820198A (en) 2022-06-29 2022-06-29 Abnormal transaction identification method, system and equipment based on block chain

Publications (1)

Publication Number Publication Date
CN114820198A true CN114820198A (en) 2022-07-29

Family

ID=82522675

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210744807.0A Pending CN114820198A (en) 2022-06-29 2022-06-29 Abnormal transaction identification method, system and equipment based on block chain

Country Status (1)

Country Link
CN (1) CN114820198A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117151882A (en) * 2023-10-30 2023-12-01 国网天津市电力公司经济技术研究院 Risk assessment method and system based on multi-variety power transaction

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160099963A1 (en) * 2008-10-21 2016-04-07 Lookout, Inc. Methods and systems for sharing risk responses between collections of mobile communications devices
CN111667267A (en) * 2020-05-29 2020-09-15 中国工商银行股份有限公司 Block chain transaction risk identification method and device
CN112529575A (en) * 2020-12-14 2021-03-19 深圳市快付通金融网络科技服务有限公司 Risk early warning method, equipment, storage medium and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160099963A1 (en) * 2008-10-21 2016-04-07 Lookout, Inc. Methods and systems for sharing risk responses between collections of mobile communications devices
CN111667267A (en) * 2020-05-29 2020-09-15 中国工商银行股份有限公司 Block chain transaction risk identification method and device
CN112529575A (en) * 2020-12-14 2021-03-19 深圳市快付通金融网络科技服务有限公司 Risk early warning method, equipment, storage medium and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
向鹏成等: "项目风险的多维描述与度量", 《重庆大学学报(自然科学版)》 *
李敏: "基于模糊综合评价模型的第三方支付信用风险评价", 《中国信息界》 *
蔡新: "《堤防工程安全风险评价》", 31 December 2019 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117151882A (en) * 2023-10-30 2023-12-01 国网天津市电力公司经济技术研究院 Risk assessment method and system based on multi-variety power transaction
CN117151882B (en) * 2023-10-30 2024-05-07 国网天津市电力公司经济技术研究院 Risk assessment method and system based on multi-variety power transaction

Similar Documents

Publication Publication Date Title
CN116342259A (en) Automatic user credit rating method and device, electronic equipment and medium
US6311166B1 (en) Method for analyzing effectiveness of internal controls in a model of an accounting system
CN110689438A (en) Enterprise financial risk scoring method and device, computer equipment and storage medium
CN111915155A (en) Small and micro enterprise risk level identification method and device and computer equipment
US20130282556A1 (en) Systems and Methods for Analyzing Disparate Treatment in Financial Transactions
Možina et al. Argument based machine learning applied to law
CN105354210A (en) Mobile game payment account behavior data processing method and apparatus
CN109949154B (en) Customer information classification method, apparatus, computer device and storage medium
CN112561685B (en) Customer classification method and device
CN109583731B (en) Risk identification method, device and equipment
EP3613003A1 (en) System and method for managing fraud detection in a financial transaction system
CN114820198A (en) Abnormal transaction identification method, system and equipment based on block chain
CN114638688A (en) Interception strategy derivation method and system for credit anti-fraud
CN113554228A (en) Repayment rate prediction model training method and repayment rate prediction method
CN114519519A (en) Method, device and medium for assessing enterprise default risk based on GBDT algorithm and logistic regression model
CN112508684B (en) Collecting-accelerating risk rating method and system based on joint convolutional neural network
CN111625720B (en) Method, device, equipment and medium for determining execution strategy of data decision item
AU2012334801A1 (en) A method of analysing data
CN117495544A (en) Sandbox-based wind control evaluation method, sandbox-based wind control evaluation system, sandbox-based wind control evaluation terminal and storage medium
Gupta et al. Implementation of a predictive model for fraud detection in motor insurance using gradient boosting method and validation with actuarial models
CN113918435A (en) Application program risk level determination method and device and storage medium
CN114926261A (en) Method and medium for predicting fraud probability of automobile financial user application
Morris Some Challenges for Legal Pragmatism: A Closer Look at Pragmatic Legal Reasoning
CN112862594A (en) Financial risk control method, system, device and computer readable medium
KR100686466B1 (en) System and method for valuing loan portfolios using fuzzy clustering

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220729