58同城風控平臺演進

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"導讀:","attrs":{}},{"type":"text","text":"58同城的風控業務從2010年開始搭建平臺,到2012年正式成立信息質量部,經歷過了10年的發展,三代系統變革,目前已經是全集團最重要的中臺之一,肩負了每天百億級別數據的風險控制。本次分享將主要解析在不同業態、不同年代下,風控治理的不同思路,進而打造出不同平臺的過程。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"58做風控的起因","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"一個分類信息平臺,其主要是以內容和流量爲核心,包括上下游兩大類用戶:B端用戶(供應端)——生產內容以及C端(消費端)用戶——使用內容。在信息的產生和消費兩端,都會面臨許多問題,諸如詐騙、羊毛黨、刷單、刻章、辦證、發票、微信吸粉、廣告、水貼等一系列非正常流量行爲。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"面臨的問題:","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"詐騙是最爲嚴重的一種行爲,是紅線以下,對個體傷害巨大。從2014-2019年中國網絡詐騙舉報數量以及中國網絡詐騙人均損失趨勢兩個統計表可以看到,隨着國家的管控力度逐步增大,詐騙數量也呈現逐年下降的趨勢,但對於個體傷害而言,卻是逐年增加的。我們能從中看出,一方面人們的收入水平逐年上升,另一方面,詐騙的手段逐漸更新迭代,隱蔽性增強,更多高知分子也逐步被捲入騙局。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"羊毛黨主要指的是藉助各類營銷活動薅羊毛,諸如之前的某多多被曝出現重大Bug,用戶可領100元無門檻券,吸引了衆多羊毛黨“薅羊毛”,網傳“一夜損失了200億”;更有甚者,羊毛黨自發組織形成團體,可以搜到很多以“羊毛”爲關鍵詞的QQ羣,僅在2019年,58利用技術手段挽回的各類羊毛黨損失就超過千萬級別。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/66/66585288c8863ef1add72dc715a5b971.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"刷單是電商平臺面臨的頭疼難題,這裏會分爲兩類情況,一種是爲各電商平臺商家刷量,賺取收益,另一類則迴歸到詐騙渠道,詐騙貪小便宜的各種“兼職”人員。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/e2/e2421a11129cdf710645a981919c4981.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"刻章、辦證、發票爲平臺的灰色地帶,這其中良莠不齊,正規的諸如招聘類目下的財務人員會有開具發票的情形,但類似代開發票這種行爲已經觸碰紅線了。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"微信吸粉是各類惡意行爲中套路最豐富的,諸如房產類目會存在假冒房東發假房源信息,吸引房客諮詢,實際爲了吸粉的營銷活動。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"廣告水貼是各類UGC平臺面臨的普遍問題,行爲上也和正常用戶趨緊,治理難度較高。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"58風控發展歷程","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"58風控發展歷程主要包括4個階段:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/8e/8e9027e685a88974cf9d6bbb516fe4c6.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第1階段:雛形階段——微量業務,封閉系統","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第2階段:發展階段——少量業務,增強運營","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第3階段:中臺轉變——能力複用,業務自治","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第4階段:生態建設——服務思維","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"第一階段:微量機審+人工審覈","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/75/75a207298081a018c3194de3a573cc88.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第一階段平臺業務較少,主要爲58信息、企業發佈以及簡歷發佈,採用人工審覈配合部分機器審覈的手段。此階段主要規範了系統的邊際,包括UGC產生後的一系列流程操作。經過在線檢測後,分成了兩個分支,其一經過離線檢測,其二經過人工審覈,並行操作,兩者的結果最終通過判斷執行模塊進行審覈執行操作。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"爲了加強對外部情勢的感知,主要主動採用“臥底”黑產羣,通過購買各類黑產軟件,探索平臺漏洞,對系統進行更新迭代。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"暴露問題:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"該階段對於系統中的“變”和“不變”部分缺乏抽象,主要是採用硬編碼的方式,這使得開發頻次及成本較高,策略上線週期上,開發速度遠遠無法跟上黑產破解的速度。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"第二階段:配置化機審+人工審覈","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/8d/8d486f3b52b679c9e46d3f625a67191d.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第二階段主要是在前一階段的基礎上,明確了策略層的運營能力,以特徵爲基礎,規則和條例爲抓手,同時也增加了部分算法的能力,諸如圖像算法、文本算法以及行爲聚類等。在此基礎上形成了三大模塊,包括簡化特徵開發的平臺用於風險發現、可運營的策略管理用於風險評估以及集中化的風險處理。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"暴露問題:","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"併購:58和趕集風控系統同時存在,人員重疊,維護代價高;","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"業務增長:風控場景快速增加,技術和運營成本的不斷增加;","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"新思想:友商風控平臺的快速崛起,學習借鑑友商思路;","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"中臺:部門定位的變化,逐步考慮中臺化。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"第三階段:機審人審融合、分場景治理","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/68/687b4e5e5f181b788af7e380ae9a4473.jpeg","alt":"圖片","title":null,"style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第三階段目前運行至今,主要包括三方面,包括","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"自助式開發:改變原有僅風控部門獨立開發的模式,提供業務側參與風控工具開發的能力,同時能夠進行整個開發後的測試、部署、上線工作。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"一站式運營:提供了一整套的運營方案,運營人員可以快速完成業務註冊。同時積極提供自助接入場景的能力,在新場景接入時提供基礎的通用能力,助力業務快速落地構建防禦體系;同時,也能夠提供一些專家經驗,輸出前期總結經驗,避免反覆造輪子。","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"業務隔離:改變了前期多個業務共用一套風控模型的方案,第三階段實現了業務間進程級別的隔離以及微服務的拆分,避免業務間問題的相互影響;同時增加了熔斷降級等各類服務治理能力,避免上下游數據服務造成的影響。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第三階段整體實現了毫秒級的響應速度、目前已支撐千級別業務場景、全場景內容服務覆蓋、上萬節點集羣規模、百億量級離線分析能力以及全自助平臺管理。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"第四階段:專家指揮、智能審覈","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"第四階段爲正在實現中以及對未來的規劃方面,包括:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"隔離方面,目前業務間的隔離還沒有做到極致,後期會對數據庫、人工審覈、配置中心等進行隔離;","attrs":{}}]}],"attrs":{}},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以算法爲中心,逐步提升系統自動運營水平。","attrs":{}}]}],"attrs":{}}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"整體而言,風控的能力提升有很大的空間,這對技術儲備要求很高,需要多職能跨部門、跨組織合作,從而實現高併發、高可用需求下的快速風控能力。當然,風控其實是一個不斷對抗的過程,版本的迭代需要足夠快,以交付爲目標,避免過度設計導致長時間的對抗真空期。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"後續答疑","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"① 能否舉一個58同城黑產攻防案例?","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"答:常見的攻防案例一般是敵方攻擊、我方防守,對抗的過程。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"當時有遇到一個案例,房產業務因爲流量大,關注度很高,有利用工具批量發佈信息的行爲。開始階段能夠從中發現,其發佈內容行爲與正常人發佈有一定的偏差,常見的手段就是通過模擬批量Post請求提交數據,但這種情況下上報的數據中缺乏正常用戶的行爲數據,很容易可以識別到爲非真人發佈而進行攔截。後續,對方也會逐漸升級手段,尋找可突破點,諸如採用按鍵精靈,通過瀏覽器進行提交,用模擬點擊的方式。我們解決方案則是通過尋找相似點以及用戶行爲時間序列來發現非真人操作,之後採用動作隨機化,這時從單一用戶的角度已經很難着手,我們開始從單一用戶轉向羣體用戶行爲的分析,挖掘某時間段內存在大量異常行爲的賬戶,通過諸如驗證碼、認證等手段增加對抗的成本,黑產也在升級過程中採用包括打碼平臺等方式提高刷帖成功率,我們則增加驗證的方式,用更復雜的人機交互等,可以看出這過程是不斷對抗,提升作惡成本的過程。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"② 詳細介紹下當前風控架構?","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"答:最上層爲業務層,包括58信息、企業發佈、簡歷發佈、同鎮信息、交友直播、微聊信息、房產三網、部落視頻等上千級別業務;針對每個業務集合,我們會提供一站式運營平臺,包括完整的工具集、處理集、人工審覈佈局以及運營能力服務;在此基礎上,針對多業務間並存的服務能力進行抽象,整合出包括基礎工具、風險處理集合、數據增廣、行爲聚類、文本算法、圖像算法等通用化服務能力。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"③ 風控團隊如何對接業務側,如何說服業務側接入,投入產出比如何計算等?","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"答:早期所有的風控均處於風控部門,既承擔裁判員的職責,又做運動員的工作,即做風控並評判風控收益,會存在與業務側產生衝突矛盾的地方。這其中包括業務側不認可風控的輸出能力,認爲引入後爲帶來大量的誤殺,影響業務發展等各類問題。後期通過中臺能力的搭建以及與業務部門責任共擔,實現了雙方合作共贏。投入產出比可以通過對線上數據的巡查,以及數據部門的分析,因其中包含了部分業務因素,我們也會採用三方數據、申訴反饋等綜合收集信息客觀反映風控能力。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"嘉賓介紹:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"張月,58同城信息安全部架構師,2010年加入58同城。主要負責集團的風控設計以及實時引擎的實現。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"原文鏈接:","attrs":{}},{"type":"link","attrs":{"href":"https://mp.weixin.qq.com/s/x2JjbIc8Br7qlHTZxLn4sQ","title":""},"content":[{"type":"text","text":"58同城風控平臺演進","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章