Disclosure of Invention
In order to overcome the above drawbacks of the prior art, the present invention provides a threshold management method and system based on financial risk, so as to solve the above problems in the prior art.
In order to achieve the above purpose, the present invention provides the following technical solutions:
A threshold management method based on financial risk comprises the following steps of 1, collecting system fluctuation data in real time, wherein the fluctuation data comprise resource utilization rate, performance indexes and transaction data, and obtaining a data fluctuation coefficient according to fluctuation data assessment, 2, setting an initial safety threshold, carrying out first risk judgment according to the data fluctuation coefficient and the initial safety threshold, 3, continuing business processing and carrying out fluctuation data monitoring in real time if the first risk judgment system is normal, collecting threshold adjustment requirement influence data if the first risk judgment system is abnormal, assessing threshold adjustment requirement influence data to obtain a threshold adjustment requirement index, and carrying out judgment according to the threshold adjustment requirement index, 5, carrying out actual safety threshold after the current system is abnormal if the safety threshold is not required to be regulated, 6, carrying out second risk judgment according to the data fluctuation index and the actual safety threshold if the first risk judgment system is abnormal, carrying out early warning if the second risk judgment system is abnormal, and carrying out second risk judgment if the second risk judgment system is abnormal, and carrying out early warning on the business processing if the second risk judgment system is abnormal, and carrying out early warning on the second risk judgment system is abnormal.
Preferably, the step of obtaining the data fluctuation coefficient according to the fluctuation data evaluation includes the steps of collecting the resource utilization rate in a detection window in real time, wherein the resource utilization rate comprises the CPU utilization rate, the memory utilization rate and the network bandwidth utilization rate, respectively calculating the mean value and standard deviation of the CPU utilization rate, the memory utilization rate and the network bandwidth utilization rate in the detection window according to the resource utilization rate data of each sampling point, and calculating to obtain the resource utilization fluctuation degree, collecting the performance index of a system in the detection window in real time, wherein the performance index comprises the response time, the throughput and the error rate, obtaining the performance fluctuation degree according to the performance index evaluation, collecting the real-time transaction success number in the detection window, obtaining the historical transaction success number in the detection window, obtaining the transaction fluctuation degree according to the real-time transaction success number and the historical transaction success number, and obtaining the data fluctuation coefficient according to the resource utilization fluctuation degree, the performance fluctuation degree and the transaction fluctuation degree, and the specific obtaining mode is as follows: In the formula (I), in the formula (II),Represented as a coefficient of fluctuation of the data,Expressed as the degree of fluctuation in the utilization of the resource,Expressed as the degree of fluctuation in the performance,Expressed as the degree of fluctuation of the transaction.
Preferably, the performance fluctuation degree obtaining step includes screening out the maximum value and the minimum value of response time in a detection window, calculating average response time in the detection window, obtaining response time fluctuation according to the maximum value, the minimum value and the average response time of the response time, calculating the standard deviation and the average value of throughput in the detection window, obtaining throughput fluctuation according to the standard deviation and the average value of throughput, obtaining error rate in the current detection window and error rate in the last detection window, calculating error rate fluctuation, and obtaining performance fluctuation degree according to response time fluctuation, throughput fluctuation and error rate fluctuation assessment.
Preferably, the first risk judging step is performed according to the data fluctuation coefficient and the initial safety threshold, wherein the data fluctuation coefficient is compared with the initial safety threshold, if the data fluctuation coefficient is smaller than the initial safety threshold, the current data fluctuation is judged to be small, the system state is judged to be normal, and if the data fluctuation coefficient is larger than or equal to the initial safety threshold, the current data fluctuation is judged to be large, and the system state is judged to be abnormal.
The threshold adjustment demand index obtaining step includes dividing data in a system into sensitive data and insensitive data by using a random forest method, counting total data quantity and sensitive data quantity in the system, calculating to obtain a data sensitivity coefficient, obtaining other system quantity directly depended on the current system, recording as a dependent system quantity, obtaining the jump times from the current system to the deepest system, namely the maximum level of a dependent chain, recording as a dependent relation depth, obtaining the total number of interfaces of the current system and the dependent system, recording as an interactive interface quantity, and evaluating to obtain system dependent complexity according to the dependent system quantity, the dependent relation depth and the interactive interface quantity, wherein the specific obtaining mode is as follows: In the formula (I), in the formula (II),Represented as a system-dependent complexity,Represented as being dependent on the number of systems,Represented as a depth of the dependency relationship,The method comprises the steps of obtaining the migration quantity and the migration data total quantity of a database, evaluating and obtaining a risk coefficient according to the migration quantity and the migration data total quantity of the database and the system dependence complexity, carrying out normalization processing on a data fluctuation coefficient, a data sensitivity coefficient and the risk coefficient, and obtaining a threshold adjustment requirement index according to the normalized data fluctuation coefficient, the normalized data sensitivity coefficient and the normalized risk coefficient, wherein the specific obtaining mode is as follows: In the formula (I), in the formula (II),Represented as a threshold adjustment demand index,Represented as a coefficient of fluctuation of the data,Represented as a coefficient of sensitivity of the data,Expressed as a risk factor of the person,、、Expressed as a weight coefficient for a data fluctuation coefficient, a data sensitivity coefficient, and a risk coefficient.
The method comprises the steps of collecting historical data samples of a system, extracting characteristics of each sample, marking the samples as sensitive data or insensitive data manually, taking the marked samples as a data set, carrying out numerical treatment on the characteristics of the samples, using independent heat codes for classifying the characteristics, converting the classified characteristics into numerical vectors, carrying out normalization treatment on the numerical characteristics, constructing a random forest classifier to obtain a plurality of decision trees, dividing the marked data set into a training set and a test set, training the random forest model by using the training set, evaluating the performance of the model by using the test set after training, deploying the trained random forest model into an actual environment, and classifying new data samples in real time.
Preferably, the step of determining the safety threshold adjustment according to the threshold adjustment requirement index includes comparing the threshold adjustment requirement index with an adjustment threshold, if the threshold adjustment requirement index is smaller than the adjustment threshold, determining that the current safety threshold does not need to be adjusted, and if the threshold adjustment requirement index is greater than or equal to the adjustment threshold, determining that the current safety threshold needs to be adjusted.
Preferably, the step of adjusting the safety threshold according to the threshold adjustment demand index to obtain the actual safety threshold comprises the steps of calculating the ratio of the threshold adjustment demand index to the adjustment threshold to obtain an adjustment factor, and calculating the actual safety threshold according to the adjustment factor and the initial safety threshold.
Preferably, the step of performing the second risk judgment according to the data fluctuation index and the actual safety threshold includes comparing the data fluctuation index with the actual safety threshold, judging that the current data fluctuation is within a safety range if the data fluctuation index is smaller than the actual safety threshold, and judging that the current data fluctuation is large, exceeding the safety range and the system state is abnormal if the data fluctuation index is larger than the initial safety threshold.
The system comprises a fluctuation data analysis module, a first risk judgment module, a threshold adjustment demand module, an early warning module and a maintenance system, wherein the fluctuation data analysis module is used for acquiring system fluctuation data in real time, analyzing the fluctuation data to obtain a data fluctuation coefficient, transmitting the data fluctuation coefficient to the first risk judgment module, the first risk judgment module is used for setting an initial safety threshold, carrying out first risk judgment according to the initial safety threshold and the data fluctuation coefficient, transmitting a judgment result to the fluctuation data acquisition module or the threshold adjustment demand module, the threshold adjustment demand module is used for acquiring threshold adjustment demand influence data, analyzing the threshold adjustment demand influence data to obtain a threshold adjustment demand index, transmitting the threshold adjustment demand index to the early warning module or the threshold adjustment module, the threshold adjustment module is used for carrying out safety threshold adjustment according to the threshold adjustment demand index to obtain an actual safety threshold, transmitting the actual safety threshold to the second risk judgment module, carrying out second risk judgment according to the actual safety threshold and the data fluctuation coefficient, transmitting the judgment result to the fluctuation data acquisition module or the early warning module, and the early warning module is used for warning the situation of large fluctuation of data in time and reminding relevant staff to maintain the system.
One or more technical solutions provided in the embodiments of the present application at least have the following technical effects or advantages:
1. an initial safety threshold is set, first risk judgment is carried out according to the data fluctuation coefficient and the initial safety threshold, an explicit reference is provided, and potential abnormal conditions are rapidly identified. The initial safety threshold reflects the expected range of the system under normal conditions, and the data fluctuation coefficient synthesizes the dynamic change of the current state of the system. By comparing the risk signal with the false alarm signal, the risk signal can be found in time at the initial stage of system operation, the possibility of misjudgment or missed judgment is reduced, meanwhile, a reference basis is provided for subsequent dynamic adjustment, and the efficiency and accuracy of risk assessment are ensured.
2. If the first risk judges that the system state is abnormal, threshold adjustment requirement influence data are collected, the threshold adjustment requirement influence data comprise fluctuation data, data sensitivity and financial risk in the system, the threshold adjustment requirement data are evaluated to obtain a threshold adjustment requirement index, and the method can provide accurate adjustment basis for abnormal conditions. The adjustment requirement of the current environment on the safety threshold can be dynamically determined by comprehensively analyzing the fluctuation, the data sensitivity and the financial risk of the system, and the misjudgment risk caused by excessive adjustment or insufficient adjustment is avoided. The method not only improves the flexibility of threshold setting, but also enhances the adaptability of the system to dynamically changing environments, and simultaneously ensures the safety of sensitive data and financial services.
3. If the safety threshold is judged to be required to be adjusted, the safety threshold is adjusted according to the threshold adjustment requirement index to obtain an actual safety threshold, and an optimal point can be found between the sensitivity of the balance system and the false alarm rate by adjusting the safety threshold, so that normal operation is prevented from being misjudged to be abnormal due to too wide threshold, and real risk of missed judgment due to too wide threshold is prevented. The dynamic adjustment mechanism improves the flexibility and the robustness of the system operation, and particularly can more effectively ensure the safety and the stability of the system when facing complex financial business scenes and sensitive data protection requirements.
4. And the second risk judgment is carried out according to the data fluctuation index and the actual safety threshold value, so that more accurate risk assessment can be provided based on the latest system state and environmental conditions. After the threshold value is adjusted, the actual safety threshold value is more fit with the current dynamic demand, and is combined with the data fluctuation index, so that misjudgment or missed judgment caused by the unfit initial threshold value can be obviously reduced, and the accuracy of risk judgment is improved. The process ensures that the system can be flexibly adjusted in a real-time changing environment, enhances the sensitivity to potential anomalies, and is beneficial to timely finding and coping with actual risks.
Detailed Description
The embodiments of the present invention will be clearly and completely described below with reference to the drawings in the present invention, and the configurations of the structures described in the following embodiments are merely examples, and the threshold management method and system based on financial risk according to the present invention are not limited to the structures described in the following embodiments, and all other embodiments obtained by a person skilled in the art without making any creative effort are within the scope of protection of the present invention.
The invention provides a threshold management method based on financial risk, as shown in fig. 1, comprising the following steps:
Step 1, collecting system fluctuation data in real time, wherein the fluctuation data comprise resource utilization rate, performance indexes, transaction data and the like, and evaluating according to the fluctuation data to obtain a data fluctuation coefficient;
In this embodiment, it should be specifically described that the step of obtaining the data fluctuation coefficient according to the fluctuation data evaluation is:
The method comprises the steps of collecting the resource utilization rate in a detection window in real time, wherein the resource utilization rate comprises a CPU utilization rate, a memory utilization rate and a network bandwidth utilization rate, respectively calculating the average value and the standard deviation of the CPU utilization rate, the memory utilization rate and the network bandwidth utilization rate in the detection window according to the resource utilization rate data of each sampling point, and calculating to obtain the resource utilization fluctuation degree, wherein the specific acquisition mode is as follows:
;
in the formula,Expressed as the degree of fluctuation in the utilization of the resource,Expressed as the standard deviation of CPU utilization within a detection window,Represented as the average of CPU utilization within a detection window,Expressed as standard deviation of memory usage within a detection window,Represented as the average of memory usage within a detection window,Expressed as the standard deviation of the network bandwidth usage within a detection window,Represented as the average of network bandwidth usage within a detection window;
Acquiring performance indexes of a system in a detection window in real time, wherein the performance indexes comprise response time, throughput and error rate, the performance fluctuation degree is obtained according to performance index evaluation, the response time is the time interval from the start of receiving a request to the completion of returning a result, the throughput is the number of requests successfully processed by the system in unit time, the error rate is the ratio of the number of failed requests in unit time to the total number of requests, for example, the system has 5 sampling points in one detection window, and the performance indexes are recorded, as shown in table 1;
TABLE 1 Performance index
As shown in table 1, in one particular embodiment, the numerical variation of the performance index is demonstrated by different dimensions. By analyzing the fluctuations of these indices, abnormal components that do not coincide with the normal performance mode, such as response delays or error rate changes of the abnormality, can be identified. The fluctuation degrees can also be used for evaluating the stability and reliability of the system under different load conditions, and in a real-time monitoring scheme of a financial transaction system, the fluctuation of the indexes can be analyzed to effectively capture the performance abnormality caused by the system pressure or potential faults, so that the system operation parameters are optimized in time, and the stability and the continuity of the system are ensured.
The method comprises the steps of collecting the successful quantity of real-time transaction in a detection window, obtaining the successful quantity of historical transaction in the last detection window, and obtaining the fluctuation degree of the transaction according to the successful quantity of the real-time transaction and the successful quantity of the historical transaction, wherein the specific obtaining mode is as follows:
;
in the formula,Expressed as the degree of fluctuation of the transaction,Expressed as the number of successful transactions in real time,Expressed as a historical transaction success number;
obtaining a data fluctuation coefficient according to the fluctuation degree of resource utilization, the fluctuation degree of performance and the fluctuation degree of transaction, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a coefficient of fluctuation of the data,Expressed as the degree of fluctuation in the utilization of the resource,Expressed as the degree of fluctuation in the performance,Expressed as the degree of fluctuation of the transaction.
In this embodiment, it should be specifically described that the performance fluctuation degree obtaining step includes:
screening out the maximum value and the minimum value of the response time in a detection window, calculating the average response time in the detection window, and obtaining response time fluctuation according to the maximum value, the minimum value and the average response time of the response time, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a fluctuation in the response time,Represented as the maximum value of the response time,Expressed as the minimum value of the response time,Expressed as average response time, the relative fluctuation range of the response time is measured by dividing the range by the average value;
calculating the standard deviation of throughput and the average value of throughput in a detection window, and obtaining throughput fluctuation according to the standard deviation of throughput and the average value of throughput, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a fluctuation in the throughput rate,Expressed as the standard deviation of the throughput,The method is expressed as an average value of throughput, the relative intensity of throughput fluctuation is measured by dividing the standard deviation by the average value, and the method is more suitable for a dynamic flow fluctuation scene;
the error rate in the current detection window and the error rate in the last detection window are obtained, and error rate fluctuation is obtained through calculation, wherein the specific obtaining mode is as follows:
;
in the formula,Represented as a fluctuation in the error rate,Represented as the error rate within the current detection window,Represented as the error rate within the last detection window;
And evaluating the performance fluctuation degree according to response time fluctuation, throughput fluctuation and error rate fluctuation, wherein the specific acquisition mode is as follows:
;
in the formula,Expressed as the degree of fluctuation in the performance,Expressed as response time fluctuations, taking the logarithm of the response time fluctuations, limiting the effect of extreme values on the result, avoiding overstattering extreme conditions,Represented as a fluctuation in the throughput rate,Expressed as error rate fluctuations, the use of square root smoothes the error rate fluctuation range, reducing the effects of small fluctuations.
Step 2, setting an initial safety threshold value, and carrying out first risk judgment according to the data fluctuation coefficient and the initial safety threshold value;
in this embodiment, it should be specifically described that the first risk determination step is performed according to the data fluctuation coefficient and the initial safety threshold value:
And comparing the data fluctuation coefficient with an initial safety threshold, if the data fluctuation coefficient is smaller than the initial safety threshold, judging that the current data fluctuation is smaller and the system state is normal, and if the data fluctuation coefficient is larger than or equal to the initial safety threshold, judging that the current data fluctuation is larger and the system state is abnormal.
If the first risk judging system state is abnormal, collecting threshold adjustment requirement influence data, wherein the threshold adjustment requirement influence data comprises fluctuation data, data sensitivity and financial risk in the system, and evaluating the threshold adjustment requirement data to obtain a threshold adjustment requirement index;
In this embodiment, it should be specifically described that the threshold adjustment requirement index obtaining step includes:
dividing data in the system into sensitive data and insensitive data by using a random forest method, counting the total data quantity and the sensitive data quantity in the system, and calculating to obtain a data sensitivity coefficient, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a coefficient of sensitivity of the data,In order to be sensitive to the amount of data,Is the total data quantity;
The number of other systems directly depending on the current system is obtained and is recorded as the number of dependent systems, and the number of the dependent systems represents the total number of the other systems directly depending on the current system, which reflects the coupling degree of the system and the external environment. The number of the dependent systems is larger, the number of external systems which are required to be coordinated in the running process of the system is larger, potential fault points and complexity are increased, the number of hops from the current system to the deepest system, namely the maximum level of the dependent chain, is obtained and is recorded as the depth of the dependent relationship, and the depth of the dependent relationship represents the number of hops from the current system to the deepest system in the dependent chain and reflects the dependent level structure of the system. The greater the dependency depth, the longer the dependency path of the system, and the higher the likelihood of data flow or function call failure propagation during delivery. In addition, the deep dependency chain can cause the problems of difficult quick positioning and repairing, the difficulty of system maintenance and updating is increased, the total number of interfaces of the current system and the dependent system is obtained and is recorded as the number of interactive interfaces, and the number of the interactive interfaces represents the total number of all interfaces existing between the current system and the dependent system, so that the method is a direct embodiment of the complexity of inter-system communication and cooperation. The greater the number of interfaces, the more complex the communication, data exchange and protocol compatibility issues the system needs to handle, potentially adding to errors or performance bottlenecks. In addition, when updating or maintaining a system with a large number of interfaces, more interfaces can be required to be coordinated, so that the complexity is further increased;
And evaluating the dependence complexity of the system according to the number of the dependence systems, the dependence relation depth and the number of the interaction interfaces, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a system-dependent complexity,Represented as being dependent on the number of systems,Represented as a depth of the dependency relationship,The number of the interaction interfaces is expressed, and the specific explanation is that the number of the dependence system, the dependence relation depth and the number of the interaction interfaces are normalized so as to eliminate the influence of different parameter magnitudes;
the method for obtaining the risk coefficient by evaluating the migration quantity and the migration data total quantity of the database according to the migration quantity and the migration data total quantity of the database and the system dependence complexity comprises the following steps:
;
in the formula,Expressed as a risk factor of the person,Represented as the number of database migration steps,Represented as the total amount of migrated data,The system dependence complexity is expressed, and the specific explanation is that the database migration quantity, the migration data total quantity and the system dependence complexity are normalized to eliminate the influence of different parameter magnitudes;
Carrying out normalization processing on the data fluctuation coefficient, the data sensitivity coefficient and the risk coefficient, and obtaining a threshold adjustment demand index according to the normalized data fluctuation coefficient, the normalized data sensitivity coefficient and the normalized risk coefficient, wherein the specific acquisition mode is as follows:
;
in the formula,Represented as a threshold adjustment demand index,Expressed as a data fluctuation coefficient, during a system update, when a significant increase in the system operation data fluctuation amplitude is detected, a corresponding widening of the safety threshold range is required to accommodate the system dynamics and reduce false positives. This relationship reflects that short term performance fluctuations that may occur during system updates are normal phenomena within expectations, while strict thresholds may lead to excessive false positives, increasing the burden on the operation and maintenance team. By relaxing the threshold, invalid alarms triggered by normal fluctuation can be avoided, and the monitoring system is ensured to concentrate resources on identifying real abnormality or fault, so that the operation efficiency is improved, and a larger fault-tolerant space is provided for smooth transition of the system. Such adjustments are particularly useful in a system low sensitivity data processing or controlled risk environment, can effectively reduce unnecessary interventions and interruptions,Expressed as a data sensitivity coefficient, the higher the data sensitivity involved in the system, the tighter the safety threshold range is needed to enhance the ability to detect potential anomalies and the protection of sensitive data. Data sensitivity reflects the importance and potential risk level of data, which can have serious consequences once revealed, tampered with or lost. Therefore, when processing high sensitivity data, even if normal fluctuation occurs in the running process of the system, the safety threshold needs to be controlled more strictly, the tolerance range is reduced, the quick capture and response of any abnormal behavior which may threaten the data safety are ensured,Expressed as a risk factor, a stricter safety threshold is required to enhance the monitoring of potential risks and the detection of abnormal events as the risk factor is higher in the system. The risk factors reflect the potential impact that system operation may have on business and markets. Under the scene of higher risk, the sensitivity of monitoring can be improved by properly tightening the safety threshold range, the possibility of misjudgment or missed judgment is reduced, and the hidden danger affecting the service safety can be rapidly identified and responded. In particular when dealing with core business processes (e.g., payment, transaction, clearing) or high risk market operations, strict threshold management helps to reduce risk spread probabilities, and provides decision makers with more accurate risk early warning information,、、A weight coefficient expressed as a data fluctuation coefficient, a data sensitivity coefficient, and a risk coefficient, and,、、The specific values are dependent on the actual situation, and are determined by the expert, for example,、、May be 0.1, 0.4, 0.5.
In this embodiment, it should be specifically described that the step of dividing the data in the system into sensitive data and insensitive data by using the random forest method includes:
A historical data sample of the system is collected, the sample containing a plurality of records, each of which may be in the form of a field, file, record or the like. For each sample, features are extracted, including field type (numeric, text, etc.), field length (e.g., string length), whether it is in a particular format (e.g., identification card or credit card format), storage location (local or cloud), and access rights level (e.g., administrator rights or public rights), etc. Then, manually marking the samples as sensitive data or non-sensitive data, wherein the sensitive data (marked as 1) comprises privacy or financial information such as an identity card number, transaction amount, account balance and the like, the non-sensitive data (marked as 0) comprises information which does not comprise privacy such as logs, cache data and the like, and the marked samples are used as a data set;
In order to adapt the data to the random forest model, the sample features are numerically processed. The method comprises the steps of converting the classified features (such as field types and storage positions) into numerical vectors by using single-hot coding, normalizing the numerical features (such as field lengths), scaling the values to the range of [0, 1], and eliminating magnitude differences. This process ensures that the model is able to understand the contribution of each feature correctly while reducing the impact of high-magnitude features on model decisions;
The digitizing process is a process of converting the original features of the sample into a numerical form acceptable for the random forest model. For classified features (such as field types and storage positions), the classified features are often converted into binary vectors by single-hot coding to avoid misleading models of the size sequence of classified information, for numerical features (such as field lengths), normalization processing is usually carried out to scale values into the range of [0, 1] so as to eliminate differences of different feature orders, and for Boolean features (such as whether the specific format is met or not), the values are directly represented by 0 and 1. This process ensures that the model can correctly process all features, improving classification accuracy and efficiency.
And constructing a random forest classifier to obtain a plurality of decision trees, and realizing classification based on integration of the plurality of decision trees. Random forests determine the final classification by voting on the results of each tree. Each decision tree is constructed through feature random selection and sample random sampling, and optimal features are selected according to the principle of information gain maximization during splitting;
The labeled dataset is divided into a training set and a test set (e.g., 80% training set and 20% test set). And training a random forest model by using a training set, so that the model learns classification rules of sensitive data and non-sensitive data. After training, the performance of the model is evaluated by using a test set, and indexes such as accuracy, precision, recall rate, F1 score and the like are calculated. The accuracy reflects the overall classification capability, the accuracy and the recall rate respectively measure the accuracy and the coverage rate of the model on the classification of sensitive data, and the F1 score comprehensively evaluates the performance of the model;
And deploying the trained random forest model into an actual environment, and classifying the new data sample in real time. And extracting the characteristics of each new data sample, inputting the characteristics into a model, and outputting data as sensitive data or non-sensitive data through the model. In practical application, the sensitive data can be marked, encrypted or limited with access rights according to the classification result, so that the data security of the system is improved, and meanwhile, a more flexible processing strategy is adopted for the non-sensitive data, so that the use of system resources is optimized.
Step 4, judging safety threshold adjustment according to the threshold adjustment requirement index;
In this embodiment, it should be specifically described that the step of determining the safety threshold adjustment according to the threshold adjustment requirement index is:
And comparing the threshold value adjustment demand index with an adjustment threshold value, if the threshold value adjustment demand index is smaller than the adjustment threshold value, judging that the current safety threshold value does not need to be adjusted, and if the threshold value adjustment demand index is larger than or equal to the adjustment threshold value, judging that the current safety threshold value needs to be adjusted.
Step 5, if the safety threshold is judged to be required to be adjusted, the current system state is abnormal, and safety early warning is sent out;
In this embodiment, it needs to be specifically described that the step of adjusting the safety threshold according to the threshold adjustment requirement index to obtain the actual safety threshold is:
the threshold value adjustment demand index and the adjustment threshold value are subjected to ratio calculation to obtain an adjustment factor, and the specific acquisition mode is as follows:
;
in the formula,Represented as an adjustment factor(s),Represented as a threshold adjustment demand index,Represented as an adjustment threshold;
The actual safety threshold is obtained by calculation according to the adjustment factors and the initial safety threshold, and the specific acquisition mode is as follows:
;
in the formula,Represented as an actual safety threshold value,Represented as an initial safety threshold value,Expressed as a regulatory factor.
And 6, carrying out second risk judgment according to the data fluctuation index and the actual safety threshold, if the second risk judgment system is normal, continuing to carry out service processing and carrying out fluctuation data monitoring in real time, and if the second risk judgment system is abnormal, sending out safety early warning.
In this embodiment, it should be specifically described that the second risk determination step is performed according to the data fluctuation index and the actual safety threshold, where the second risk determination step is:
And comparing the data fluctuation index with an actual safety threshold, if the data fluctuation index is smaller than the actual safety threshold, judging that the current data fluctuation is in a safety range and the system state is normal, and if the data fluctuation index is larger than the initial safety threshold, judging that the current data fluctuation is larger and exceeds the safety range and the system state is abnormal.
In this embodiment, it should be specifically described that, as shown in fig. 2, a threshold management system based on financial risk includes:
The fluctuation data analysis module is used for acquiring system fluctuation data in real time, analyzing the fluctuation data to obtain a data fluctuation coefficient, and transmitting the data fluctuation coefficient to the first risk judgment module;
The first risk judging module is used for setting an initial safety threshold, carrying out first risk judgment according to the initial safety threshold and the data fluctuation coefficient, and transmitting a judgment result to the fluctuation data acquisition module or the threshold adjustment demand module;
The threshold adjustment demand module is used for collecting threshold adjustment demand influence data, analyzing the threshold adjustment demand influence data to obtain a threshold adjustment demand index, and transmitting the threshold adjustment demand index to the early warning module or the threshold adjustment module;
the threshold adjustment module is used for adjusting the safety threshold according to the threshold adjustment requirement index to obtain an actual safety threshold and transmitting the actual safety threshold to the second risk judgment module;
the second risk judging module is used for carrying out second risk judgment according to the actual safety threshold and the data fluctuation coefficient and transmitting a judgment result to the fluctuation data acquisition module or the early warning module;
And the early warning module is used for early warning the condition of large data fluctuation and reminding related staff to timely carry out system maintenance.
Finally, the foregoing description of the preferred embodiment of the invention is provided for the purpose of illustration only, and is not intended to limit the invention to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will be able to easily think about variations or substitutions within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.