[go: up one dir, main page]

CN114792007A - Code detection method, device, equipment, storage medium and computer program product - Google Patents

Code detection method, device, equipment, storage medium and computer program product Download PDF

Info

Publication number
CN114792007A
CN114792007A CN202210457160.3A CN202210457160A CN114792007A CN 114792007 A CN114792007 A CN 114792007A CN 202210457160 A CN202210457160 A CN 202210457160A CN 114792007 A CN114792007 A CN 114792007A
Authority
CN
China
Prior art keywords
code
transaction account
character string
detected
risk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210457160.3A
Other languages
Chinese (zh)
Inventor
黄艳虹
胡锐明
吴佳文
黄振华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202210457160.3A priority Critical patent/CN114792007A/en
Publication of CN114792007A publication Critical patent/CN114792007A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • G06F16/90344Query processing by using string matching techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Marketing (AREA)
  • Health & Medical Sciences (AREA)
  • Technology Law (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Economics (AREA)
  • Computational Linguistics (AREA)
  • Development Economics (AREA)
  • Data Mining & Analysis (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

本申请涉及信息安全技术领域,提供了一种代码检测方法、装置、计算机设备、存储介质和计算机程序产品,可具体应用于金融领域或其他相关领域。本申请能够实现提高代码检测的准确性和效率,减少代码检测的成本。该方法包括:获取待检测代码和交易账号组成规则,根据交易账号组成规则,获取交易账号的字符串长度目标信息,提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息,将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串,判断待判断字符串是否符合交易账号组成规则,根据判断结果,确定待检测代码是否包含非法交易账号。

Figure 202210457160

The present application relates to the technical field of information security, and provides a code detection method, device, computer equipment, storage medium and computer program product, which can be specifically applied to the financial field or other related fields. The present application can improve the accuracy and efficiency of code detection and reduce the cost of code detection. The method includes: acquiring a code to be detected and a transaction account composition rule, obtaining string length target information of the transaction account according to the transaction account composition rule, extracting each string in the code to be detected, and acquiring the string length corresponding to each string information, take the character string whose length information matches the target string length information as the character string to be judged, judge whether the character string to be judged conforms to the rules for forming transaction accounts, and determine whether the code to be detected contains an illegal transaction account according to the judgment result.

Figure 202210457160

Description

代码检测方法、装置、设备、存储介质和计算机程序产品Code detection method, apparatus, device, storage medium and computer program product

技术领域technical field

本申请涉及信息安全技术领域,特别是涉及一种代码检测方法、装置、计算机设备、存储介质和计算机程序产品。The present application relates to the technical field of information security, and in particular, to a code detection method, apparatus, computer equipment, storage medium and computer program product.

背景技术Background technique

随着信息安全技术的发展,代码检测是信息安全等级保护工作中的一个重要环节,同时也是整个软件生命周期中提高系统安全性的有效手段之一。例如,在涉及结算、支付的系统中,如果程序代码被程序员恶意写入了非法交易帐号(包括交易卡卡号、交易帐号等),当程序代码被执行时,即可能将资金转入对应的交易帐号,将造成资金的损失。With the development of information security technology, code detection is an important link in information security level protection work, and it is also one of the effective means to improve system security in the entire software life cycle. For example, in a system involving settlement and payment, if the program code is maliciously written into an illegal transaction account number (including transaction card number, transaction account number, etc.) by the programmer, when the program code is executed, the funds may be transferred to the corresponding account. The trading account will cause the loss of funds.

传统技术中,通常是通过人工检测代码的方式进行代码检测,但该技术进行代码检测的效率较低。In the traditional technology, code detection is usually performed by manually detecting codes, but the efficiency of code detection by this technology is low.

发明内容SUMMARY OF THE INVENTION

基于此,有必要针对上述技术问题,提供一种代码检测方法、装置、计算机设备、计算机可读存储介质和计算机程序产品。Based on this, it is necessary to provide a code detection method, an apparatus, a computer device, a computer-readable storage medium and a computer program product for the above technical problems.

第一方面,本申请提供了一种代码检测方法。所述方法包括:In a first aspect, the present application provides a code detection method. The method includes:

获取待检测代码和交易账号组成规则;Obtain the code to be detected and the rules for the composition of the transaction account;

根据交易账号组成规则,获取交易账号的字符串长度目标信息;Obtain the string length target information of the transaction account according to the composition rules of the transaction account;

提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息;Extract each character string in the code to be detected, and obtain the character string length information corresponding to each character string;

将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串;The string whose length information matches the target string length information is used as the string to be judged;

判断待判断字符串是否符合交易账号组成规则;Determine whether the string to be judged conforms to the rules for composition of the transaction account;

根据判断结果,确定待检测代码是否包含非法交易账号。According to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number.

在其中一个实施例中,提取待检测代码中的各字符串,包括:In one embodiment, each character string in the code to be detected is extracted, including:

对待检测代码进行语法分析和/或词法分析,提取待检测代码中包含的各赋值语句;Perform syntax analysis and/or lexical analysis on the code to be detected, and extract each assignment statement contained in the code to be detected;

提取各赋值语句中包含的各字符串。Extract each string contained in each assignment statement.

在其中一个实施例中,判断待判断字符串是否符合交易账号组成规则,包括:In one of the embodiments, judging whether the character string to be judged complies with the transaction account composition rules, including:

判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配;Judging whether each string to be judged matches the account information in the preset whitelist of trading accounts;

若非均匹配,则提取待判断字符串中的非匹配的各待判断字符串;If not all matches, extract each non-matching character string to be judged in the character string to be judged;

判断非匹配的各待判断字符串是否符合交易账号组成规则。It is judged whether each unmatched character string to be judged conforms to the transaction account composition rules.

在其中一个实施例中,方法还包括:In one embodiment, the method further includes:

若均匹配,则确定待检测代码不包含非法交易账号。If all match, it is determined that the code to be detected does not contain an illegal transaction account number.

在其中一个实施例中,根据判断结果,确定待检测代码是否包含非法交易账号,包括:In one embodiment, according to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number, including:

根据判断结果,计算待检测代码的风险值;According to the judgment result, calculate the risk value of the code to be tested;

确定风险值满足的风险阈值区间条件;Determine the risk threshold interval conditions that the value at risk meets;

若风险值满足的风险阈值区间条件为第一风险阈值区间条件,则确定待检测代码不包含非法交易账号;If the risk threshold interval condition satisfied by the risk value is the first risk threshold interval condition, it is determined that the code to be detected does not contain an illegal transaction account number;

若风险值满足的风险阈值区间条件为第二风险阈值区间条件,则确定待检测代码有包含非法交易账号的风险;If the risk threshold interval condition satisfied by the risk value is the second risk threshold interval condition, it is determined that the code to be detected has the risk of including an illegal transaction account;

若风险值满足的风险阈值区间条件为第三风险阈值区间条件,则确定待检测代码包含非法交易账号;If the risk threshold interval condition satisfied by the risk value is the third risk threshold interval condition, it is determined that the code to be detected contains an illegal transaction account number;

其中,第一风险阈值区间条件为小于或等于第一风险阈值的风险区间;第二风险阈值区间条件为大于第一风险阈值且小于或等于第二风险阈值的风险区间;第三风险阈值区间条件为大于第二风险阈值的风险区间。Wherein, the first risk threshold interval condition is a risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to the second risk threshold; the third risk threshold interval condition is the risk interval greater than the second risk threshold.

在其中一个实施例中,方法还包括:In one embodiment, the method further includes:

获取代码样本和代码样本是否包含非法交易账号的真实结果;Obtain the real results of code samples and whether the code samples contain illegal trading accounts;

利用代码样本和真实结果对待训练的风险阈值获取模型进行训练,得到经训练的风险阈值获取模型;Use code samples and real results to train the risk threshold acquisition model to be trained, and obtain the trained risk threshold acquisition model;

通过经训练的风险阈值获取模型获取第一风险阈值和第二风险阈值。The first risk threshold and the second risk threshold are obtained through the trained risk threshold obtaining model.

在其中一个实施例中,获取交易账号组成规则,包括:In one of the embodiments, acquiring transaction account composition rules, including:

按预设时间周期获取各交易账号类型对应的最新的交易账号组成规则。Obtain the latest transaction account composition rules corresponding to each transaction account type according to a preset time period.

第二方面,本申请还提供了一种代码检测装置。所述装置包括:In a second aspect, the present application also provides a code detection device. The device includes:

待检测代码获取模块,用于获取待检测代码和交易账号组成规则;The code acquisition module to be tested is used to obtain the composition rules of the code to be tested and the transaction account;

字符串长度目标信息获取模块,用于根据所述交易账号组成规则,获取交易账号的字符串长度目标信息;a string length target information acquisition module, configured to obtain the string length target information of the transaction account according to the transaction account composition rule;

字符串提取模块,用于提取所述待检测代码中的各字符串,并获取所述各字符串对应的字符串长度信息;a character string extraction module, used for extracting each character string in the code to be detected, and obtaining character string length information corresponding to each character string;

待判断字符串作为模块,用于将字符串长度信息与所述字符串长度目标信息匹配的字符串作为待判断字符串;The character string to be judged is used as a module for taking the character string whose length information of the character string matches with the target information of the character string length as the character string to be judged;

交易账号组成规则判断模块,用于判断所述待判断字符串是否符合所述交易账号组成规则;A transaction account composition rule judgment module, configured to judge whether the character string to be judged conforms to the transaction account composition rule;

非法交易账号确定模块,用于根据判断结果,确定所述待检测代码是否包含非法交易账号。The illegal transaction account number determination module is used for determining whether the code to be detected contains an illegal transaction account number according to the judgment result.

第三方面,本申请还提供了一种计算机设备。所述计算机设备包括存储器和处理器,所述存储器存储有计算机程序,所述处理器执行所述计算机程序时实现以下步骤:In a third aspect, the present application also provides a computer device. The computer device includes a memory and a processor, the memory stores a computer program, and the processor implements the following steps when executing the computer program:

获取待检测代码和交易账号组成规则;根据交易账号组成规则,获取交易账号的字符串长度目标信息;提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息;将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串;判断待判断字符串是否符合交易账号组成规则;根据判断结果,确定待检测代码是否包含非法交易账号。Obtain the composition rules of the code to be detected and the transaction account; obtain the string length target information of the transaction account according to the composition rules of the transaction account; extract each character string in the code to be detected, and obtain the string length information corresponding to each character string; The character string whose string length information matches the character string length target information is regarded as the character string to be judged; it is judged whether the character string to be judged conforms to the composition rule of the transaction account number; according to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number.

第四方面,本申请还提供了一种计算机可读存储介质。所述计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现以下步骤:In a fourth aspect, the present application also provides a computer-readable storage medium. The computer-readable storage medium has a computer program stored thereon, and when the computer program is executed by the processor, the following steps are implemented:

获取待检测代码和交易账号组成规则;根据交易账号组成规则,获取交易账号的字符串长度目标信息;提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息;将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串;判断待判断字符串是否符合交易账号组成规则;根据判断结果,确定待检测代码是否包含非法交易账号。Obtain the composition rules of the code to be detected and the transaction account; obtain the string length target information of the transaction account according to the composition rules of the transaction account; extract each character string in the code to be detected, and obtain the string length information corresponding to each character string; The character string whose string length information matches the character string length target information is regarded as the character string to be judged; it is judged whether the character string to be judged conforms to the composition rule of the transaction account number; according to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number.

第五方面,本申请还提供了一种计算机程序产品。所述计算机程序产品,包括计算机程序,该计算机程序被处理器执行时实现以下步骤:In a fifth aspect, the present application also provides a computer program product. The computer program product includes a computer program that, when executed by a processor, implements the following steps:

获取待检测代码和交易账号组成规则;根据交易账号组成规则,获取交易账号的字符串长度目标信息;提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息;将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串;判断待判断字符串是否符合交易账号组成规则;根据判断结果,确定待检测代码是否包含非法交易账号。Obtain the composition rules of the code to be detected and the transaction account; obtain the string length target information of the transaction account according to the composition rules of the transaction account; extract each character string in the code to be detected, and obtain the string length information corresponding to each character string; The character string whose string length information matches the character string length target information is regarded as the character string to be judged; it is judged whether the character string to be judged conforms to the composition rule of the transaction account number; according to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number.

上述代码检测方法、装置、计算机设备、存储介质和计算机程序产品,获取待检测代码和交易账号组成规则,根据交易账号组成规则,获取交易账号的字符串长度目标信息,提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息,将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串,判断待判断字符串是否符合交易账号组成规则,根据判断结果,确定待检测代码是否包含非法交易账号。该方案可提前获取各交易账号类型对应的最新的交易账号组成规则,获取待检测代码,根据交易账号组成规则,获取交易账号的字符串长度目标信息,提取待检测代码中的所有字符串,并获取所有字符串各自对应的字符串长度信息,判断字符串长度信息是否与字符串长度目标信息匹配,将匹配的字符串作为待判断字符串,判断待判断字符串是否符合交易账号组成规则,根据判断结果,确定待检测代码是否包含非法交易账号,从而提高代码检测的准确性和效率,减少代码检测的成本。The above-mentioned code detection method, device, computer equipment, storage medium and computer program product, obtain the code to be detected and the composition rule of the transaction account, obtain the string length target information of the transaction account according to the composition rule of the transaction account, and extract each code in the code to be detected. string, and obtain the string length information corresponding to each character string, take the string whose length information matches the target string length information as the string to be judged, and judge whether the character string to be judged complies with the rules for the composition of the transaction account, according to the judgment As a result, it is determined whether the code to be detected contains an illegal transaction account number. The solution can obtain the latest transaction account composition rules corresponding to each transaction account type in advance, obtain the code to be detected, obtain the string length target information of the transaction account according to the transaction account composition rules, extract all strings in the code to be detected, and Obtain the string length information corresponding to all the strings, determine whether the string length information matches the string length target information, take the matched string as the string to be judged, and judge whether the string to be judged conforms to the rules for the composition of the transaction account. According to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number, thereby improving the accuracy and efficiency of code detection and reducing the cost of code detection.

附图说明Description of drawings

图1为一个实施例中代码检测方法的流程示意图;1 is a schematic flowchart of a code detection method in one embodiment;

图2为一个实施例中代码检测方法的应用环境图;Fig. 2 is the application environment diagram of the code detection method in one embodiment;

图3为一个实施例中交易账号检测决策服务器的软件结构示意图;3 is a schematic diagram of a software structure of a transaction account detection decision server in one embodiment;

图4为另一个实施例中代码检测方法的流程示意图;4 is a schematic flowchart of a code detection method in another embodiment;

图5为一个实施例中代码检测装置的结构框图;Fig. 5 is the structural block diagram of the code detection apparatus in one embodiment;

图6为一个实施例中计算机设备的内部结构图。FIG. 6 is a diagram of the internal structure of a computer device in one embodiment.

具体实施方式Detailed ways

为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。In order to make the purpose, technical solutions and advantages of the present application more clearly understood, the present application will be described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present application, but not to limit the present application.

在一个实施例中,如图1所示,提供了一种代码检测方法,本实施例以该方法应用于服务器或终端进行举例说明,包括以下步骤:In one embodiment, as shown in FIG. 1, a code detection method is provided. This embodiment is illustrated by applying the method to a server or a terminal, including the following steps:

步骤S101,获取待检测代码和交易账号组成规则。In step S101, a code to be detected and a transaction account composition rule are obtained.

本步骤中,如图2所示,交易账号组成规则可以是各交易账号类型对应的最新的交易账号组成规则,交易账号组成规则包括但不限于卡BIN、卡号长度、账户中地区号位置、账号长度等规则,其中交易账号类型包括但不限于卡号、账号、二维码账户体系。In this step, as shown in Figure 2, the transaction account composition rules may be the latest transaction account composition rules corresponding to each transaction account type, and the transaction account composition rules include but are not limited to card BIN, card number length, area code location in the account, account number Length and other rules, in which transaction account types include but are not limited to card numbers, account numbers, and QR code account systems.

具体的,如图2、图3和图4所示,服务器(可称为交易账号检测决策服务器01)按预设时间周期获取各交易账号类型对应的最新的交易账号组成规则,如接收银行系统服务器02发送的卡及账号规则、卡组织系统服务器03发送的卡BIN规则和其他账户系统服务器04发送的交易账户组成规则,接收收单支付系统服务器05发送的调用检测服务(代码检测服务调用,包括待检测代码),交易账号检测决策服务器01完成代码检测后会返回检查结果至收单支付系统服务器05,其中,检查结果可以包括是否包含非法交易账号、是否有包含非法交易账号的风险或包含非法交易账号的风险值。Specifically, as shown in Figure 2, Figure 3 and Figure 4, the server (may be referred to as the transaction account detection and decision server 01) obtains the latest transaction account composition rules corresponding to each transaction account type according to a preset time period, such as the receiving bank system The card and account number rules sent by the server 02, the card BIN rules sent by the card organization system server 03, and the transaction account composition rules sent by other account system servers 04, receive the call detection service sent by the acquiring payment system server 05 (code detection service call, Including the code to be detected), the transaction account detection decision server 01 will return the inspection result to the acquiring payment system server 05 after completing the code detection, wherein, the inspection result may include whether to include an illegal transaction account number, whether there is a risk of including an illegal transaction account number or including The value at risk of illegal trading accounts.

示例性的,如图3所示,服务器(可称为交易账号检测决策服务器)的软件结构可包括配置管理中心01、交易帐号规则库02、源代码读取模块03,源代码语法分析模块04、白名单过滤模块05、代码变量值匹配模块06、风险阀值计算模块07、交互式决策模块08、组成规则获取模块09和数据分析处理模块10。其中,配置管理中心01可用于配置各参数,如交易账号组成规则的参数、白名单的参数、风险计算的参数、风险阈值(第一风险阈值、第二风险阈值)的参数;交易帐号规则库02用于存储交易账号组成规则;源代码读取模块03用于获取待检测代码后读取待检测代码并输入至源代码语法分析模块04中,同时计算每批次的差异(非法)代码段,提供给代码变量值匹配模块06和风险阀值计算模块07计算风险值;源代码语法分析模块04用于提取赋值语句后供白名单过滤模块05和代码变量值匹配模块06进行后续分析;白名单过滤模块05用于对认定为不需计算风险得分元素的过滤,例如特定文件、特定变量(或常量)的值、特定语句等,被认定为与白名单中元素一致的代码将被过滤,不作后续进一步的匹配,也不会影响后续的风险值判断;代码变量值匹配模块06用于根据源代码语法分析模块04和交易帐号规则库02的输入,对相关源代码特征进行规则判断,并向风险阈值计算模块07输出风险值;风险阀值计算模块07用于计算风险值,对代码变量值匹配模块06所输出的风险值进行算数加成,并总结风险提示信息,向交互式决策模块08输出检测结果;交互式决策模块08用于结合风险阀值计算模块07的计算结果,通过决策阈值配置参数确定代码检测结果,可以是“无风险-通过检测”、“低风险-需人工核实”、“高风险-拒绝提交”;组成规则获取模块09用于定期获取最新的交易帐号组成规则,并保存到本地数据库;数据分析处理模块10用于记录代码检测的正确率,对代码检测的识别算法中的参数进行调整和神经网络模型训练,调整算法中的参数值,提高非法交易账号识别的准确性,从而提高代码检测的准确性。Exemplarily, as shown in FIG. 3 , the software structure of the server (which may be referred to as a transaction account number detection and decision server) may include a configuration management center 01, a transaction account number rule library 02, a source code reading module 03, and a source code syntax analysis module 04. , whitelist filtering module 05, code variable value matching module 06, risk threshold calculation module 07, interactive decision module 08, composition rule acquisition module 09 and data analysis processing module 10. Among them, the configuration management center 01 can be used to configure various parameters, such as the parameters of the transaction account composition rules, the parameters of the white list, the parameters of the risk calculation, the parameters of the risk threshold (the first risk threshold, the second risk threshold); the transaction account rule library 02 is used to store the transaction account composition rules; the source code reading module 03 is used to obtain the code to be detected, read the code to be detected and input it into the source code syntax analysis module 04, and calculate the difference (illegal) code segment of each batch at the same time , provided to the code variable value matching module 06 and the risk threshold calculation module 07 to calculate the risk value; the source code syntax analysis module 04 is used to extract the assignment statement for subsequent analysis by the whitelist filtering module 05 and the code variable value matching module 06; The list filtering module 05 is used to filter the elements identified as not needing to calculate the risk score, such as a specific file, the value of a specific variable (or constant), a specific statement, etc., the code identified as consistent with the elements in the whitelist will be filtered, No subsequent further matching will be performed, and subsequent risk value judgment will not be affected; the code variable value matching module 06 is used to perform rule judgment on the relevant source code features according to the input of the source code syntax analysis module 04 and the transaction account rule base 02, and Output the risk value to the risk threshold calculation module 07; the risk threshold calculation module 07 is used to calculate the risk value, perform arithmetic addition on the risk value output by the code variable value matching module 06, and summarize the risk prompt information to the interactive decision module. 08 outputs the detection results; the interactive decision module 08 is used to combine the calculation results of the risk threshold calculation module 07, and determine the code detection results through the decision threshold configuration parameters, which can be "no risk-passing detection", "low risk-requires manual verification" ", "high risk - refuse to submit"; the composition rule acquisition module 09 is used to regularly obtain the latest transaction account composition rules, and save it to the local database; the data analysis processing module 10 is used to record the correct rate of code detection, The parameters in the identification algorithm are adjusted and the neural network model is trained, and the parameter values in the algorithm are adjusted to improve the accuracy of the identification of illegal transaction accounts, thereby improving the accuracy of code detection.

步骤S102,根据交易账号组成规则,获取交易账号的字符串长度目标信息。Step S102, according to the transaction account composition rule, obtain the string length target information of the transaction account.

本步骤中,交易账号的字符串长度目标信息可以是指在代码中表示交易账号的字符串对应的长度,交易账号的字符串长度目标信息可以是根据交易账号组成规则获取的,也可以是属于交易账号组成规则中的一条交易账号的字符串长度目标信息的规则。In this step, the string length target information of the transaction account may refer to the length corresponding to the string representing the transaction account in the code, and the string length target information of the transaction account may be obtained according to the composition rule of the transaction account, or may belong to A rule for the string length target information of a transaction account in the transaction account composition rule.

具体的,根据交易账号组成规则,获取交易账号的对应的字符串长度。Specifically, according to the composition rule of the transaction account, the corresponding string length of the transaction account is obtained.

步骤S103,提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息。In step S103, each character string in the code to be detected is extracted, and the character string length information corresponding to each character string is obtained.

本步骤中,各字符串对应的字符串长度信息可以是各字符串对应的长度。In this step, the character string length information corresponding to each character string may be the length corresponding to each character string.

具体的,从待检测代码中提取所有的字符串,并获取所有的字符串各自对应的长度。Specifically, all character strings are extracted from the code to be detected, and the respective lengths of all character strings are obtained.

步骤S104,将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串。Step S104, the character string whose character string length information matches the character string length target information is used as the character string to be judged.

具体的,判断字符串长度信息是否与字符串长度目标信息匹配,将匹配的字符串作为待判断字符串,如图4所示,即从待检测代码中筛选出符合交易账号组成规则中交易账号长度的字符串(筛选符合账号长度的字符串)。Specifically, it is determined whether the string length information matches the string length target information, and the matched string is used as the string to be determined, as shown in Figure 4, that is, the transaction account number that meets the transaction account composition rules is screened from the code to be detected. Length of string (filter strings that match the account length).

步骤S105,判断待判断字符串是否符合交易账号组成规则。Step S105, it is judged whether the character string to be judged complies with the rules for forming a transaction account.

具体的,如图3所示,通过代码变量值匹配模块06判断待判断字符串是否符合交易账号组成规则中的所有规则,也可以是判断待判断字符串是否符合交易账号组成规则中的除字符串长度目标信息规则以外的所有规则,例如判断是否匹配被定义值对应位中的值、是否匹配被定义值通过逻辑变形或运算后的值等,并向风险阈值计算模块07输出判定得分。Specifically, as shown in FIG. 3 , the code variable value matching module 06 judges whether the character string to be judged conforms to all the rules in the composition rules of the transaction account number, or it can be judged whether the character string to be judged conforms to the except characters in the composition rules of the transaction account number. All rules other than the string length target information rules, such as judging whether to match the value in the corresponding bit of the defined value, whether to match the value of the defined value through logical transformation or operation, etc., and output the judgment score to the risk threshold calculation module 07.

步骤S106,根据判断结果,确定待检测代码是否包含非法交易账号。Step S106, according to the judgment result, determine whether the code to be detected contains an illegal transaction account number.

本步骤中,非法交易账号可以是指不允许在待检测代码中出现的交易账号,可以是不合法的交易账号、恶意写入待检测代码中的交易账号。In this step, the illegal transaction account may refer to a transaction account that is not allowed to appear in the code to be detected, and may be an illegal transaction account or a transaction account maliciously written into the code to be detected.

具体的,根据判断结果,得到待检测代码是否包含非法交易账号的代码检测结果。Specifically, according to the judgment result, a code detection result of whether the code to be detected includes an illegal transaction account number is obtained.

上述代码检测方法中,获取待检测代码和交易账号组成规则,根据交易账号组成规则,获取交易账号的字符串长度目标信息,提取待检测代码中的各字符串,并获取各字符串对应的字符串长度信息,将字符串长度信息与字符串长度目标信息匹配的字符串作为待判断字符串,判断待判断字符串是否符合交易账号组成规则,根据判断结果,确定待检测代码是否包含非法交易账号。该方案可提前获取各交易账号类型对应的最新的交易账号组成规则,获取待检测代码,根据交易账号组成规则,获取交易账号的字符串长度目标信息,提取待检测代码中的所有字符串,并获取所有字符串各自对应的字符串长度信息,判断字符串长度信息是否与字符串长度目标信息匹配,将匹配的字符串作为待判断字符串,判断待判断字符串是否符合交易账号组成规则,根据判断结果,确定待检测代码是否包含非法交易账号,从而提高代码检测的准确性和效率,减少代码检测的成本。In the above code detection method, the composition rules of the code to be detected and the transaction account are obtained, according to the composition rules of the transaction account, the string length target information of the transaction account is obtained, each character string in the code to be detected is extracted, and the characters corresponding to each character string are obtained. String length information, take the string matching the string length information and the string length target information as the character string to be judged, judge whether the character string to be judged conforms to the rules for the composition of the transaction account, and determine whether the code to be detected contains an illegal transaction account according to the judgment result. . The solution can obtain the latest transaction account composition rules corresponding to each transaction account type in advance, obtain the code to be detected, obtain the string length target information of the transaction account according to the transaction account composition rules, extract all strings in the code to be detected, and Obtain the string length information corresponding to all the strings, determine whether the string length information matches the string length target information, take the matched string as the string to be judged, and judge whether the string to be judged conforms to the rules for the composition of the transaction account. According to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number, thereby improving the accuracy and efficiency of code detection and reducing the cost of code detection.

在一个实施例中,上述步骤S103的提取待检测代码中的各字符串具体包括:对待检测代码进行语法分析和/或词法分析,提取待检测代码中包含的各赋值语句;提取各赋值语句中包含的各字符串。In one embodiment, the extraction of each character string in the code to be detected in the above step S103 specifically includes: performing syntax analysis and/or lexical analysis on the code to be detected, extracting each assignment statement contained in the code to be detected; Each string contained.

本实施例中,语法分析和/或词法分析用于提取待检测代码中包含的各赋值语句,语法分析和/或词法分析可以是分析变量(或常量)的类型、所定义的值、程序代码上下文和/或运算中隐含的与账号有关的固定关系等;赋值语句可以包括变量定义语句、变量(或常量)赋值语句、逻辑运算语句、值运算语句等风险语句(或赋值语句)。In this embodiment, syntax analysis and/or lexical analysis are used to extract each assignment statement contained in the code to be detected, and syntax analysis and/or lexical analysis may analyze the types of variables (or constants), defined values, program codes The fixed relationship related to the account number implicit in the context and/or operation; the assignment statement may include variable definition statement, variable (or constant) assignment statement, logical operation statement, value operation statement and other risk statements (or assignment statements).

具体的,如图4所示,读取待检测代码(上送代码)后,先将待检测代码匹配白名单文件(无需检查/检测的代码文件),若待检测代码与白名单文件匹配,则直接得到待检测代码不包含非法交易账号(检查通过)的检测结果,若不匹配,则对待检测代码进行语法分析和/或词法分析,提取待检测代码中包含的所有赋值语句(筛选有效的语句行),从所有赋值语句中提取各赋值语句中包含的所有字符串。Specifically, as shown in Figure 4, after reading the code to be detected (uploaded code), the code to be detected is first matched to the whitelist file (code file that does not need to be checked/detected), if the code to be detected matches the whitelist file, Then directly obtain the detection result that the code to be detected does not contain an illegal transaction account number (check passed), if it does not match, then perform syntax analysis and/or lexical analysis on the code to be detected, and extract all assignment statements contained in the code to be detected (filter valid ones). statement line), extracts all strings contained in each assignment statement from all assignment statements.

本实施例的技术方案,通过提取待检测代码中的各赋值语句并提取各赋值语句中包含的各字符串,有利于提高字符串提取的准确性和效率,从而有利于后续提高代码检测的准确性和效率。In the technical solution of this embodiment, by extracting each assignment statement in the code to be detected and extracting each character string contained in each assignment statement, it is beneficial to improve the accuracy and efficiency of character string extraction, thereby helping to improve the accuracy of subsequent code detection. performance and efficiency.

在一个实施例中,上述步骤S105的判断待判断字符串是否符合交易账号组成规则具体包括:判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配;若非均匹配,则提取待判断字符串中的非匹配的各待判断字符串;判断非匹配的各待判断字符串是否符合交易账号组成规则。In one embodiment, the above step S105 judging whether the character string to be judged conforms to the composition rule of the transaction account number specifically includes: judging whether each character string to be judged matches the account information in the preset transaction account whitelist; if not all matches, extracting Each unmatched character string to be judged in the character string to be judged; judge whether each unmatched character string to be judged conforms to the transaction account composition rule.

本实施例中,预设交易账号白名单中的账号信息可以是预先设置的交易账号白名单中的账号值。In this embodiment, the account information in the preset transaction account whitelist may be the account value in the preset transaction account whitelist.

具体的,如图4所示,通过白名单过滤器判断各个待判断字符串是否与预先设置的交易账号白名单中的账号值匹配(匹配白名单账号),匹配即表示该字符串表示的交易账号属于白名单中的安全或合法的账号),若均不匹配或非均匹配,则从待判断字符串中筛选出非匹配的各待判断字符串,判断非匹配的各待判断字符串是否符合交易账号组成规则,若符合,则提取符合交易账号组成规则的字符串(即命中规则的语句行),用于进行是否存在风险评定判断。Specifically, as shown in FIG. 4 , it is judged by the whitelist filter whether each character string to be judged matches the account value in the preset transaction account whitelist (matching the whitelist account), and the match means the transaction represented by the character string. The account belongs to the safe or legal account in the whitelist). If there is no match or non-match, filter out the non-matching to-be-judged strings from the to-be-judged strings, and determine whether the non-matching to-be-judged strings are not matched. It conforms to the composition rules of the transaction account. If so, extract the character string that conforms to the composition rules of the transaction account (that is, the statement line that hits the rules), which is used to judge whether there is a risk.

本实施例的技术方案,通过判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配,有利于减少判断待判断字符串是否符合交易账号组成规则的时间,从而有利于提高代码检测的效率。In the technical solution of this embodiment, by judging whether each character string to be judged matches the account information in the preset whitelist of transaction accounts, it is beneficial to reduce the time for judging whether the character string to be judged conforms to the composition rules of the transaction account, thereby helping to improve the code detection efficiency.

在一个实施例中,上述方法还可以通过如下步骤确定待检测代码不包含非法交易账号,具体包括:若均匹配,则确定待检测代码不包含非法交易账号。In one embodiment, the above method may further determine that the code to be detected does not contain an illegal transaction account number through the following steps, which specifically includes: if all matches, determining that the code to be detected does not contain an illegal transaction account number.

具体的,如图4所示,通过白名单过滤器判断各个待判断字符串是否与预先设置的交易账号白名单中的账号值匹配,若均匹配,则确定待检测代码不包含非法交易账号,并得到待检测代码不包含非法交易账号(检查通过)的检测结果。Specifically, as shown in FIG. 4 , it is determined by the whitelist filter whether each character string to be determined matches the account value in the preset transaction account whitelist, and if both match, it is determined that the code to be detected does not contain an illegal transaction account number, And get the test result that the code to be tested does not contain an illegal transaction account number (check passed).

本实施例的技术方案,通过判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配,有利于防止白名单中的安全或合法的账号当作是非法交易账号,在均匹配时直接得出代码检测结果,从而有利于提高代码检测的准确性和效率。The technical solution of this embodiment, by judging whether each character string to be judged matches the account information in the preset transaction account whitelist, is beneficial to prevent safe or legal accounts in the whitelist from being regarded as illegal transaction accounts, and if both match When the code detection results are directly obtained, it is beneficial to improve the accuracy and efficiency of code detection.

在一个实施例中,上述步骤S106的根据判断结果,确定待检测代码是否包含非法交易账号具体包括:根据判断结果,计算待检测代码的风险值;确定风险值满足的风险阈值区间条件;若风险值满足的风险阈值区间条件为第一风险阈值区间条件,则确定待检测代码不包含非法交易账号;若风险值满足的风险阈值区间条件为第二风险阈值区间条件,则确定待检测代码有包含非法交易账号的风险;若风险值满足的风险阈值区间条件为第三风险阈值区间条件,则确定待检测代码包含非法交易账号。In one embodiment, determining whether the code to be detected includes an illegal transaction account number according to the judgment result in the above step S106 specifically includes: calculating the risk value of the code to be detected according to the judgment result; determining the risk threshold interval condition that the risk value satisfies; If the risk threshold interval condition satisfied by the value is the first risk threshold interval condition, it is determined that the code to be detected does not contain an illegal transaction account; if the risk threshold interval condition satisfied by the risk value is the second risk threshold interval condition, it is determined that the code to be detected contains The risk of an illegal transaction account; if the risk threshold interval condition satisfied by the risk value is the third risk threshold interval condition, it is determined that the code to be detected contains an illegal transaction account.

本实施例中,第一风险阈值区间条件为小于或等于第一风险阈值的风险区间;第二风险阈值区间条件为大于第一风险阈值且小于或等于第二风险阈值的风险区间;第三风险阈值区间条件为大于第二风险阈值的风险区间。其中,第一风险阈值可以是M%,第二风险阈值可以是N%,第一风险阈值小于第二风险阈值。In this embodiment, the first risk threshold interval condition is a risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to the second risk threshold; the third risk threshold The threshold interval condition is a risk interval greater than the second risk threshold. The first risk threshold may be M%, the second risk threshold may be N%, and the first risk threshold is smaller than the second risk threshold.

具体的,如图4所示,根据判断结果,计算待检测代码的风险值(是否存在风险评定),确定风险值满足的风险阈值区间条件,若风险值满足的风险阈值区间条件为第一风险阈值区间条件,则确定待检测代码不包含非法交易账号(无风险-通过检测,检查通过),若风险值满足的风险阈值区间条件为第二风险阈值区间条件,则确定待检测代码有包含非法交易账号的风险(低风险-需人工校验,待人工校验后确定是检查通过还是拒绝入库),若风险值满足的风险阈值区间条件为第三风险阈值区间条件,则确定待检测代码包含非法交易账号(高风险-拒绝提交,拒绝入库)。Specifically, as shown in FIG. 4 , according to the judgment result, the risk value of the code to be detected (whether there is a risk assessment) is calculated, and the risk threshold interval condition satisfied by the risk value is determined. If the risk threshold interval condition satisfied by the risk value is the first risk Threshold interval condition, it is determined that the code to be detected does not contain an illegal transaction account number (no risk - passed the detection, the inspection passed), if the risk threshold interval condition satisfied by the risk value is the second risk threshold interval condition, then it is determined that the code to be detected contains illegal transactions. The risk of the transaction account (low risk - manual verification is required, after manual verification, it is determined whether the inspection is passed or rejected), if the risk threshold interval condition satisfied by the risk value is the third risk threshold interval condition, then determine the code to be detected Contains illegal transaction accounts (high risk - refuse to submit, refuse to store).

本实施例的技术方案,通过确定待检测代码的风险值满足的风险阈值区间条件,从而有利于更准确获取待检测代码的代码检测结果,提高代码检测的准确性。In the technical solution of this embodiment, by determining the risk threshold interval condition satisfied by the risk value of the code to be detected, it is beneficial to more accurately obtain the code detection result of the code to be detected and improve the accuracy of code detection.

在一个实施例中,上述方法还可以通过如下步骤获取第一风险阈值和第二风险阈值,具体包括:获取代码样本和代码样本是否包含非法交易账号的真实结果;利用代码样本和真实结果对待训练的风险阈值获取模型进行训练,得到经训练的风险阈值获取模型;通过经训练的风险阈值获取模型获取第一风险阈值和第二风险阈值。In one embodiment, the above method may also obtain the first risk threshold and the second risk threshold through the following steps, which specifically includes: obtaining a code sample and a real result of whether the code sample includes an illegal transaction account; using the code sample and the real result to treat training The first risk threshold and the second risk threshold are obtained through the trained risk threshold acquisition model.

本实施例中,待训练的风险阈值获取模型可以是神经网络模型,例如BP神经网络模型。In this embodiment, the risk threshold acquisition model to be trained may be a neural network model, such as a BP neural network model.

具体的,获取代码样本和代码样本是否包含非法交易账号的真实结果,将代码样本和真实结果输入至包含BP算法的BP神经网络模型,利用梯度搜索技术,以期使网络的实际输出值和期望输出值的误差均方差为最小,BP算法包括信号的前向传播和误差的反向传播两个过程,即计算误差输出时按从输入到输出的方向进行,而调整权值和阈值则从输出到输入的方向进行,正向传播时,输入信号通过隐含层作用于输出节点,经过非线性变换,产生输出信号,若实际输出与期望输出不相符,则转入误差的反向传播过程,误差反传是将输出误差通过隐含层向输入层逐层反传,并将误差分摊给各层所有神经单元,以从各层获得的误差信号作为调整各单元权值的依据,通过调整神经单元中输入节点与隐层节点的联接强度和隐层节点与输出节点的联接强度以及阈值,使误差沿梯度方向下降,经过反复学习训练,得到经训练的风险阈值获取模型,从而确定与最小误差相对应的参数(包括第一风险阈值和第二风险阈值,也可以包括交易账号组成规则的参数、白名单的参数、风险计算的参数等)。Specifically, obtain the real results of the code samples and whether the code samples contain illegal transaction accounts, input the code samples and real results into the BP neural network model including the BP algorithm, and use the gradient search technology to make the actual output value and expected output of the network. The error mean square error of the value is the smallest. The BP algorithm includes two processes of forward propagation of the signal and back propagation of the error, that is, the error output is calculated in the direction from the input to the output, and the adjustment weights and thresholds are from the output to the output. The direction of the input is carried out. When forward propagation, the input signal acts on the output node through the hidden layer, and after nonlinear transformation, the output signal is generated. Backpropagation is to backpropagate the output error layer by layer to the input layer through the hidden layer, and distribute the error to all neural units in each layer, and use the error signal obtained from each layer as the basis for adjusting the weights of each unit. The connection strength between the input node and the hidden layer node, the connection strength between the hidden layer node and the output node, and the threshold value make the error decrease along the gradient direction. Corresponding parameters (including the first risk threshold and the second risk threshold, and may also include the parameters of the transaction account composition rules, the parameters of the whitelist, the parameters of the risk calculation, etc.).

本实施例的技术方案,通过经训练的风险阈值获取模型获取第一风险阈值和第二风险阈值,有利于得到更优的第一风险阈值和第二风险阈值,从而有利于提高代码检测的准确性。In the technical solution of this embodiment, the first risk threshold and the second risk threshold are obtained through the trained risk threshold obtaining model, which is beneficial to obtain better first risk threshold and second risk threshold, thereby helping to improve the accuracy of code detection. sex.

应该理解的是,虽然如上所述的各实施例所涉及的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,这些步骤可以以其它的顺序执行。而且,如上所述的各实施例所涉及的流程图中的至少一部分步骤可以包括多个步骤或者多个阶段,这些步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,这些步骤或者阶段的执行顺序也不必然是依次进行,而是可以与其它步骤或者其它步骤中的步骤或者阶段的至少一部分轮流或者交替地执行。It should be understood that, although the steps in the flowcharts involved in the above embodiments are sequentially displayed according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, the execution of these steps is not strictly limited to the order, and the steps may be executed in other orders. Moreover, at least a part of the steps in the flowcharts involved in the above embodiments may include multiple steps or multiple stages, and these steps or stages are not necessarily executed and completed at the same time, but may be performed at different times The execution order of these steps or phases is not necessarily sequential, but may be performed alternately or alternately with other steps or at least a portion of the steps or phases in the other steps.

基于同样的发明构思,本申请实施例还提供了一种用于实现上述所涉及的代码检测方法的代码检测装置。该装置所提供的解决问题的实现方案与上述方法中所记载的实现方案相似,故下面所提供的一个或多个代码检测装置实施例中的具体限定可以参见上文中对于代码检测方法的限定,在此不再赘述。Based on the same inventive concept, an embodiment of the present application further provides a code detection apparatus for implementing the above-mentioned code detection method. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme described in the above method, so the specific limitations in one or more code detection device embodiments provided below can refer to the above limitations on the code detection method, It is not repeated here.

在一个实施例中,如图5所示,提供了一种代码检测装置,该装置500可以包括:In one embodiment, as shown in FIG. 5, a code detection apparatus is provided, and the apparatus 500 may include:

待检测代码获取模块501,用于获取待检测代码和交易账号组成规则;The code to be detected acquisition module 501 is used to acquire the composition rule of the code to be detected and the transaction account;

字符串长度目标信息获取模块502,用于根据所述交易账号组成规则,获取交易账号的字符串长度目标信息;The string length target information acquisition module 502 is configured to obtain the string length target information of the transaction account according to the transaction account composition rule;

字符串提取模块503,用于提取所述待检测代码中的各字符串,并获取所述各字符串对应的字符串长度信息;A character string extraction module 503, configured to extract each character string in the code to be detected, and obtain character string length information corresponding to each character string;

待判断字符串作为模块504,用于将字符串长度信息与所述字符串长度目标信息匹配的字符串作为待判断字符串;The character string to be judged is used as a module 504, which is used to use the character string whose length information of the character string matches with the target information of the character string length as the character string to be judged;

交易账号组成规则判断模块505,用于判断所述待判断字符串是否符合所述交易账号组成规则;A transaction account composition rule judgment module 505, configured to judge whether the character string to be judged conforms to the transaction account composition rule;

非法交易账号确定模块506,用于根据判断结果,确定所述待检测代码是否包含非法交易账号。The illegal transaction account number determination module 506 is configured to determine whether the code to be detected contains an illegal transaction account number according to the judgment result.

在一个实施例中,字符串提取模块503,还用于对所述待检测代码进行语法分析和/或词法分析,提取所述待检测代码中包含的各赋值语句;提取所述各赋值语句中包含的各字符串。In one embodiment, the character string extraction module 503 is further configured to perform syntax analysis and/or lexical analysis on the code to be detected, and extract each assignment statement contained in the code to be detected; Each string contained.

在一个实施例中,交易账号组成规则判断模块505,还用于判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配;若非均匹配,则提取所述待判断字符串中的非匹配的各待判断字符串;判断所述非匹配的各待判断字符串是否符合所述交易账号组成规则。In one embodiment, the transaction account composition rule determination module 505 is further configured to determine whether each character string to be determined matches the account information in the preset transaction account whitelist; Each unmatched character string to be judged; judges whether each unmatched character string to be judged conforms to the transaction account composition rule.

在一个实施例中,该装置500还包括:不包含非法交易账号确定模块,用于若均匹配,则确定所述待检测代码不包含非法交易账号。In one embodiment, the apparatus 500 further includes: a module for determining no illegal transaction account number, configured to determine that the code to be detected does not contain an illegal transaction account number if they all match.

在一个实施例中,非法交易账号确定模块506,还用于根据判断结果,计算所述待检测代码的风险值;确定所述风险值满足的风险阈值区间条件;若所述风险值满足的风险阈值区间条件为第一风险阈值区间条件,则确定所述待检测代码不包含非法交易账号;若所述风险值满足的风险阈值区间条件为第二风险阈值区间条件,则确定所述待检测代码有包含非法交易账号的风险;若所述风险值满足的风险阈值区间条件为第三风险阈值区间条件,则确定所述待检测代码包含非法交易账号;其中,所述第一风险阈值区间条件为小于或等于第一风险阈值的风险区间;所述第二风险阈值区间条件为大于所述第一风险阈值且小于或等于第二风险阈值的风险区间;所述第三风险阈值区间条件为大于所述第二风险阈值的风险区间。In one embodiment, the illegal transaction account determination module 506 is further configured to calculate the risk value of the code to be detected according to the judgment result; determine the risk threshold interval condition that the risk value satisfies; if the risk value satisfies the risk If the threshold interval condition is the first risk threshold interval condition, it is determined that the code to be detected does not contain an illegal transaction account number; if the risk threshold interval condition satisfied by the risk value is the second risk threshold interval condition, then the code to be detected is determined to be There is a risk of including an illegal transaction account number; if the risk threshold interval condition satisfied by the risk value is the third risk threshold interval condition, then it is determined that the code to be detected contains an illegal transaction account number; wherein, the first risk threshold interval condition is A risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to the second risk threshold; the third risk threshold interval condition is greater than all the risk interval of the second risk threshold.

在一个实施例中,该装置500还包括:风险阈值获取模块,用于获取代码样本和所述代码样本是否包含非法交易账号的真实结果;利用所述代码样本和真实结果对待训练的风险阈值获取模型进行训练,得到经训练的风险阈值获取模型;通过所述经训练的风险阈值获取模型获取所述第一风险阈值和第二风险阈值。In one embodiment, the apparatus 500 further includes: a risk threshold acquisition module, configured to acquire a code sample and a real result of whether the code sample contains an illegal transaction account; and obtain a risk threshold to be trained by using the code sample and the real result The model is trained to obtain a trained risk threshold acquisition model; the first risk threshold and the second risk threshold are acquired through the trained risk threshold acquisition model.

上述代码检测装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。Each module in the above code detection apparatus can be implemented in whole or in part by software, hardware and combinations thereof. The above modules can be embedded in or independent of the processor in the computer device in the form of hardware, or stored in the memory in the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.

需要说明的是,本申请提供的代码检测的方法和装置可用于金融领域涉及代码检测的应用领域中,也可用于除金融领域之外的任意领域涉及代码检测的处理中,本申请提供的代码检测的方法和装置的应用领域不做限定。It should be noted that the method and device for code detection provided in this application can be used in application fields involving code detection in the financial field, and can also be used in processing involving code detection in any field other than the financial field. The application field of the detection method and device is not limited.

在一个实施例中,提供了一种计算机设备,该计算机设备可以是服务器,其内部结构图可以如图6所示。该计算机设备包括通过系统总线连接的处理器、存储器和网络接口。其中,该计算机设备的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质和内存储器。该非易失性存储介质存储有操作系统、计算机程序和数据库。该内存储器为非易失性存储介质中的操作系统和计算机程序的运行提供环境。该计算机设备的数据库用于存储待检测代码和交易账号组成规则数据。该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机设备还包括输入输出接口,输入输出接口是处理器与外部设备之间交换信息的连接电路,它们通过总线与处理器相连,简称I/O接口。该计算机程序被处理器执行时以实现一种代码检测方法。In one embodiment, a computer device is provided, the computer device may be a server, and its internal structure diagram may be as shown in FIG. 6 . The computer device includes a processor, memory, and a network interface connected by a system bus. Among them, the processor of the computer device is used to provide computing and control capabilities. The memory of the computer device includes non-volatile storage media and internal memory. The nonvolatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the execution of the operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used to store the code to be detected and the transaction account number composition rule data. The network interface of the computer device is used to communicate with an external terminal through a network connection. The computer equipment also includes an input and output interface. The input and output interface is a connection circuit for exchanging information between the processor and an external device. They are connected to the processor through a bus, which is referred to as an I/O interface. The computer program, when executed by a processor, implements a code detection method.

本领域技术人员可以理解,图6中示出的结构,仅仅是与本申请方案相关的部分结构的框图,并不构成对本申请方案所应用于其上的计算机设备的限定,具体的计算机设备可以包括比图中所示更多或更少的部件,或者组合某些部件,或者具有不同的部件布置。Those skilled in the art can understand that the structure shown in FIG. 6 is only a block diagram of a partial structure related to the solution of the present application, and does not constitute a limitation on the computer equipment to which the solution of the present application is applied. Include more or fewer components than shown in the figures, or combine certain components, or have a different arrangement of components.

在一个实施例中,还提供了一种计算机设备,包括存储器和处理器,存储器中存储有计算机程序,该处理器执行计算机程序时实现上述各方法实施例中的步骤。In one embodiment, a computer device is also provided, including a memory and a processor, where a computer program is stored in the memory, and the processor implements the steps in the foregoing method embodiments when the processor executes the computer program.

在一个实施例中,提供了一种计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现上述各方法实施例中的步骤。In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, and when the computer program is executed by a processor, implements the steps in the foregoing method embodiments.

在一个实施例中,提供了一种计算机程序产品,包括计算机程序,该计算机程序被处理器执行时实现上述各方法实施例中的步骤。In one embodiment, a computer program product is provided, including a computer program, which implements the steps in each of the foregoing method embodiments when the computer program is executed by a processor.

需要说明的是,本申请所涉及的用户信息(包括但不限于用户设备信息、用户个人信息等)和数据(包括但不限于用于分析的数据、存储的数据、展示的数据等),均为经用户授权或者经过各方充分授权的信息和数据。It should be noted that the user information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, displayed data, etc.) involved in this application are all Information and data authorized by the user or fully authorized by the parties.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一非易失性计算机可读取存储介质中,该计算机程序在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、数据库或其它介质的任何引用,均可包括非易失性和易失性存储器中的至少一种。非易失性存储器可包括只读存储器(Read-OnlyMemory,ROM)、磁带、软盘、闪存、光存储器、高密度嵌入式非易失性存储器、阻变存储器(ReRAM)、磁变存储器(Magnetoresistive Random Access Memory,MRAM)、铁电存储器(Ferroelectric Random Access Memory,FRAM)、相变存储器(Phase Change Memory,PCM)、石墨烯存储器等。易失性存储器可包括随机存取存储器(Random Access Memory,RAM)或外部高速缓冲存储器等。作为说明而非局限,RAM可以是多种形式,比如静态随机存取存储器(Static Random Access Memory,SRAM)或动态随机存取存储器(Dynamic RandomAccess Memory,DRAM)等。本申请所提供的各实施例中所涉及的数据库可包括关系型数据库和非关系型数据库中至少一种。非关系型数据库可包括基于区块链的分布式数据库等,不限于此。本申请所提供的各实施例中所涉及的处理器可为通用处理器、中央处理器、图形处理器、数字信号处理器、可编程逻辑器、基于量子计算的数据处理逻辑器等,不限于此。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing relevant hardware through a computer program, and the computer program can be stored in a non-volatile computer-readable storage In the medium, when the computer program is executed, it may include the processes of the above-mentioned method embodiments. Wherein, any reference to a memory, a database or other media used in the various embodiments provided in this application may include at least one of a non-volatile memory and a volatile memory. Non-volatile memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive memory (ReRAM), magnetic variable memory (Magnetoresistive Random Memory) Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), Phase Change Memory (PCM), graphene memory, etc. Volatile memory may include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration and not limitation, the RAM may be in various forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM). The database involved in the various embodiments provided in this application may include at least one of a relational database and a non-relational database. The non-relational database may include a blockchain-based distributed database, etc., but is not limited thereto. The processors involved in the various embodiments provided in this application may be general-purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, data processing logic devices based on quantum computing, etc., and are not limited to this.

以上实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above embodiments can be combined arbitrarily. In order to make the description simple, all possible combinations of the technical features in the above embodiments are not described. However, as long as there is no contradiction in the combination of these technical features It is considered to be the range described in this specification.

以上所述实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对本申请专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请的保护范围应以所附权利要求为准。The above-mentioned embodiments only represent several embodiments of the present application, and the descriptions thereof are relatively specific and detailed, but should not be construed as a limitation on the scope of the patent of the present application. It should be pointed out that for those skilled in the art, without departing from the concept of the present application, several modifications and improvements can be made, which all belong to the protection scope of the present application. Therefore, the scope of protection of the present application should be determined by the appended claims.

Claims (10)

1.一种代码检测方法,其特征在于,所述方法包括:1. a code detection method, is characterized in that, described method comprises: 获取待检测代码和交易账号组成规则;Obtain the code to be detected and the rules for the composition of the transaction account; 根据所述交易账号组成规则,获取交易账号的字符串长度目标信息;According to the transaction account composition rule, obtain the string length target information of the transaction account; 提取所述待检测代码中的各字符串,并获取所述各字符串对应的字符串长度信息;Extracting each character string in the code to be detected, and obtaining the string length information corresponding to each character string; 将字符串长度信息与所述字符串长度目标信息匹配的字符串作为待判断字符串;The character string matched with the character string length information and the character string length target information is regarded as the character string to be judged; 判断所述待判断字符串是否符合所述交易账号组成规则;Judging whether the character string to be judged complies with the transaction account composition rule; 根据判断结果,确定所述待检测代码是否包含非法交易账号。According to the judgment result, it is determined whether the code to be detected contains an illegal transaction account number. 2.根据权利要求1所述的方法,其特征在于,所述提取所述待检测代码中的各字符串,包括:2. The method according to claim 1, wherein the extracting each character string in the code to be detected comprises: 对所述待检测代码进行语法分析和/或词法分析,提取所述待检测代码中包含的各赋值语句;Syntax analysis and/or lexical analysis are performed on the code to be detected, and each assignment statement contained in the code to be detected is extracted; 提取所述各赋值语句中包含的各字符串。Each character string contained in each of the assignment statements is extracted. 3.根据权利要求1所述的方法,其特征在于,所述判断所述待判断字符串是否符合所述交易账号组成规则,包括:3. The method according to claim 1, wherein the judging whether the character string to be judged complies with the transaction account number composition rule comprises: 判断各待判断字符串是否与预设交易账号白名单中的账号信息匹配;Determine whether each string to be judged matches the account information in the preset transaction account whitelist; 若非均匹配,则提取所述待判断字符串中的非匹配的各待判断字符串;If not all matches, extract each unmatched character string to be judged in the character string to be judged; 判断所述非匹配的各待判断字符串是否符合所述交易账号组成规则。It is judged whether the non-matching character strings to be judged conform to the transaction account composition rule. 4.根据权利要求3所述的方法,其特征在于,所述方法还包括:4. The method according to claim 3, wherein the method further comprises: 若均匹配,则确定所述待检测代码不包含非法交易账号。If all match, it is determined that the code to be detected does not contain an illegal transaction account number. 5.根据权利要求1至4任一项所述的方法,其特征在于,所述根据判断结果,确定所述待检测代码是否包含非法交易账号,包括:5. The method according to any one of claims 1 to 4, wherein determining whether the code to be detected includes an illegal transaction account number according to the judgment result, comprising: 根据判断结果,计算所述待检测代码的风险值;According to the judgment result, calculate the risk value of the code to be detected; 确定所述风险值满足的风险阈值区间条件;determining the risk threshold interval condition that the risk value satisfies; 若所述风险值满足的风险阈值区间条件为第一风险阈值区间条件,则确定所述待检测代码不包含非法交易账号;If the risk threshold interval condition satisfied by the risk value is the first risk threshold interval condition, it is determined that the code to be detected does not contain an illegal transaction account number; 若所述风险值满足的风险阈值区间条件为第二风险阈值区间条件,则确定所述待检测代码有包含非法交易账号的风险;If the risk threshold interval condition satisfied by the risk value is the second risk threshold interval condition, it is determined that the code to be detected has a risk of including an illegal transaction account number; 若所述风险值满足的风险阈值区间条件为第三风险阈值区间条件,则确定所述待检测代码包含非法交易账号;If the risk threshold interval condition satisfied by the risk value is the third risk threshold interval condition, it is determined that the code to be detected contains an illegal transaction account number; 其中,所述第一风险阈值区间条件为小于或等于第一风险阈值的风险区间;所述第二风险阈值区间条件为大于所述第一风险阈值且小于或等于第二风险阈值的风险区间;所述第三风险阈值区间条件为大于所述第二风险阈值的风险区间。Wherein, the first risk threshold interval condition is a risk interval less than or equal to the first risk threshold; the second risk threshold interval condition is a risk interval greater than the first risk threshold and less than or equal to the second risk threshold; The third risk threshold interval condition is a risk interval greater than the second risk threshold. 6.根据权利要求5所述的方法,其特征在于,所述方法还包括:6. The method according to claim 5, wherein the method further comprises: 获取代码样本和所述代码样本是否包含非法交易账号的真实结果;Obtain a code sample and whether the code sample contains the real result of an illegal transaction account; 利用所述代码样本和真实结果对待训练的风险阈值获取模型进行训练,得到经训练的风险阈值获取模型;Use the code sample and the real result to train the risk threshold acquisition model to be trained to obtain the trained risk threshold acquisition model; 通过所述经训练的风险阈值获取模型获取所述第一风险阈值和第二风险阈值。The first risk threshold and the second risk threshold are obtained through the trained risk threshold obtaining model. 7.一种代码检测装置,其特征在于,所述装置包括:7. A code detection device, wherein the device comprises: 待检测代码获取模块,用于获取待检测代码和交易账号组成规则;The code acquisition module to be tested is used to obtain the composition rules of the code to be tested and the transaction account; 字符串长度目标信息获取模块,用于根据所述交易账号组成规则,获取交易账号的字符串长度目标信息;a string length target information acquisition module, configured to obtain the string length target information of the transaction account according to the transaction account composition rule; 字符串提取模块,用于提取所述待检测代码中的各字符串,并获取所述各字符串对应的字符串长度信息;a character string extraction module, used for extracting each character string in the code to be detected, and obtaining character string length information corresponding to each character string; 待判断字符串作为模块,用于将字符串长度信息与所述字符串长度目标信息匹配的字符串作为待判断字符串;The character string to be judged is used as a module for taking the character string whose length information of the character string matches with the target information of the length of the character string as the character string to be judged; 交易账号组成规则判断模块,用于判断所述待判断字符串是否符合所述交易账号组成规则;A transaction account composition rule judgment module, configured to judge whether the character string to be judged conforms to the transaction account composition rule; 非法交易账号确定模块,用于根据判断结果,确定所述待检测代码是否包含非法交易账号。The illegal transaction account number determination module is used for determining whether the code to be detected contains an illegal transaction account number according to the judgment result. 8.一种计算机设备,包括存储器和处理器,所述存储器存储有计算机程序,其特征在于,所述处理器执行所述计算机程序时实现权利要求1至6中任一项所述的方法的步骤。8. A computer device, comprising a memory and a processor, wherein the memory stores a computer program, wherein the processor implements the method according to any one of claims 1 to 6 when the processor executes the computer program. step. 9.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求1至6中任一项所述的方法的步骤。9. A computer-readable storage medium on which a computer program is stored, wherein the computer program implements the steps of the method according to any one of claims 1 to 6 when the computer program is executed by a processor. 10.一种计算机程序产品,包括计算机程序,其特征在于,该计算机程序被处理器执行时实现权利要求1至6中任一项所述的方法的步骤。10. A computer program product comprising a computer program, characterized in that the computer program implements the steps of the method according to any one of claims 1 to 6 when the computer program is executed by a processor.
CN202210457160.3A 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product Pending CN114792007A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210457160.3A CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210457160.3A CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Publications (1)

Publication Number Publication Date
CN114792007A true CN114792007A (en) 2022-07-26

Family

ID=82461216

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210457160.3A Pending CN114792007A (en) 2022-04-28 2022-04-28 Code detection method, device, equipment, storage medium and computer program product

Country Status (1)

Country Link
CN (1) CN114792007A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117973317A (en) * 2024-03-29 2024-05-03 恒生电子股份有限公司 Character string information processing method, device, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105306199A (en) * 2014-05-28 2016-02-03 腾讯科技(深圳)有限公司 Identity verification method, device and system
CN112100220A (en) * 2020-09-22 2020-12-18 福建天晴在线互动科技有限公司 System for realizing real-time monitoring of illegal account group
CN113420549A (en) * 2021-07-02 2021-09-21 珠海金山网络游戏科技有限公司 Abnormal character string recognition method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105306199A (en) * 2014-05-28 2016-02-03 腾讯科技(深圳)有限公司 Identity verification method, device and system
CN112100220A (en) * 2020-09-22 2020-12-18 福建天晴在线互动科技有限公司 System for realizing real-time monitoring of illegal account group
CN113420549A (en) * 2021-07-02 2021-09-21 珠海金山网络游戏科技有限公司 Abnormal character string recognition method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117973317A (en) * 2024-03-29 2024-05-03 恒生电子股份有限公司 Character string information processing method, device, electronic equipment and storage medium
CN117973317B (en) * 2024-03-29 2024-06-07 恒生电子股份有限公司 Character string information processing method, device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN109829776B (en) Merchant risk assessment method, device, computer equipment and storage medium
CN106709800B (en) Community division method and device based on feature matching network
AU2009302657B2 (en) Detection of confidential information
CN113657896A (en) A method and device for analyzing topological graph of blockchain transactions based on graph neural network
CN112990989B (en) Value prediction model input data generation method, device, equipment and medium
CN111242793A (en) Method and device for detecting medical insurance data abnormity
CN109583682A (en) Recognition methods, device and the computer equipment of business finance fraud risk
CN113360416B (en) Test data batch generation method and device
CN114036531A (en) Multi-scale code measurement-based software security vulnerability detection method
CN109242165A (en) A kind of model training and prediction technique and device based on model training
CN117522403A (en) GCN abnormal customer early warning method and device based on subgraph fusion
CN114140246A (en) Model training method, fraud transaction identification method, device and computer equipment
Ranjan et al. Fraud detection on bank payments using machine learning
CN109583731A (en) A kind of Risk Identification Method, device and equipment
CN114792007A (en) Code detection method, device, equipment, storage medium and computer program product
Jose et al. Detection of credit card fraud using resampling and boosting technique
CN114912139A (en) Method, apparatus, storage medium, and processor for determining model training data
CN117951002A (en) Incremental code unit test method, device, computer equipment and storage medium
CN117370160A (en) Code auditing method, apparatus, computer device, storage medium and program product
CN117196064A (en) Model training method, object attribute value determining method, device, equipment and medium
CN113177784B (en) Address type identification method and device
CN116108449A (en) Software fuzz testing method, device, equipment and storage medium
CN116611923A (en) Risk data acquisition method, system, device and storage medium based on knowledge graph
CN118941294B (en) A smart contract risk detection method and system based on deep learning big model
US20250037122A1 (en) Computer systems and methods for generation of check processing test data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination