Security business processing method based on large language model

CN122240651APending Publication Date: 2026-06-19BEIJING TELESOUND ELECTRONICS

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING TELESOUND ELECTRONICS
Filing Date
2026-01-20
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

When processing business indicator data in the security field, large language models suffer from factual errors and knowledge gaps, resulting in insufficient accuracy of the output answers.

Method used

By acquiring security business query information input by users, the system uses a large language model to extract target keyword entities and query intent, combines a knowledge base and a business database to determine the query type, and retrieves target data from the corresponding database based on the type to generate the answer.

Benefits of technology

It improves the accuracy of large language models in processing business indicator data in the security field, overcomes the defects of static knowledge, and ensures the real-time performance and accuracy of data.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122240651A_ABST
    Figure CN122240651A_ABST
Patent Text Reader

Abstract

This invention provides a security business processing method based on a large language model. The method includes: acquiring security business query information input by a user; inputting the security business query information into a large language model, and extracting target keyword entities and query intent from the security business query information using the large language model; determining the query type corresponding to the security business query information based on the target keyword entities and query intent; if the query type includes a knowledge-based question-and-answer type, retrieving the target data corresponding to the security business query information from a knowledge base; if the query type includes a data query type, retrieving the target data corresponding to the security business query information from a business database; the business database includes relevant data related to security business; generating a target answer based on the target data, and outputting the target answer. This invention can improve the accuracy of processing results when using a large language model to process business indicator data in the security field.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of security business processing technology, and in particular to a security business processing method based on a large language model. Background Technology

[0002] With the development of large language models, artificial intelligence technology, especially generative artificial intelligence (AIGC), has entered a new stage of large-scale application. How to efficiently integrate massive, multi-source data with powerful generative model capabilities to build vertical, professional, and intelligent application systems has become a core focus.

[0003] Currently, when users perform knowledge queries using a large language model, they can input their desired query into the pre-trained large language model. Based on the massive parameters and knowledge associations learned during its training phase, the large language model generates the corresponding answer and returns it to the user.

[0004] However, in specific scenarios, such as processing business indicators like the on-duty rate of certified personnel and statistics on the seizure of contraband in the security field, large language models may have factual errors and knowledge blind spots, resulting in insufficient accuracy of the output answers. Summary of the Invention

[0005] This invention provides a security business processing method based on a large language model, which addresses the shortcomings of existing technologies where large language models have low accuracy in processing business indicator data in the security field, thereby improving the accuracy of processing results when large language models process business indicator data in the security field.

[0006] This invention provides a security business processing method based on a large language model, comprising: Obtain security service query information input by the user; The security business query information is input into a large language model, and the target keyword entities and query intent in the security business query information are extracted through the large language model. Based on the target keyword entity and the query intent, determine the query type corresponding to the security business query information; When the query type includes a knowledge-based question-and-answer type, the target data corresponding to the security business query information is retrieved from the knowledge base. When the query type includes a data query type, the target data corresponding to the security business query information is retrieved from the business database; the business database includes relevant data on security business. Generate a target answer based on the target data, and output the target answer.

[0007] According to a security business processing method based on a large language model provided by the present invention, the step of extracting target keyword entities and query intent from the security business query information through the large language model includes: Using the large language model, entity content related to security business is extracted from the security business query information to obtain the target keyword entity; Based on the security business query information, determine the operation type and query target; The query intent is generated based on the operation type and the query target.

[0008] According to a security business processing method based on a large language model provided by the present invention, the step of determining the query type corresponding to the security business query information based on the target keyword entity and the query intent includes: If the query intent includes at least one of concept explanation, clause query, and handling basis, and the target keyword entity includes at least one of rule / regulation name, clause, or processing procedure, then the query type is determined to be the knowledge question and answer type. If the query intent includes data processing, and the target keyword entity includes at least one of a business indicator entity, a time dimension entity, and an organizational dimension entity, then the query type is determined to be the data query type.

[0009] According to a security business processing method based on a large language model provided by the present invention, the step of determining the query type corresponding to the security business query information based on the target keyword entity and the query intent includes: The target keyword entity and the query intent are input into the classification model to obtain the probability of the knowledge question-answering type and the probability of the data query type output by the classification model. The classification model is obtained by training an initial classification model based on the sample target keyword entity and the sample query intent. If the probability of the knowledge question-and-answer type is greater than the first probability, the query type is determined to be a knowledge question-and-answer type. If the probability of the data query type is greater than the second probability, then the query type is determined to be the data query type.

[0010] According to a security business processing method based on a large language model provided by the present invention, the step of retrieving the target data corresponding to the security business query information through a business database includes: Search the business database for the target file corresponding to the target keyword entity; Based on the query intent, the target data is retrieved from the target file.

[0011] According to a security business processing method based on a large language model provided by the present invention, the method further includes: Periodically collect statistics on the on-duty rate of security inspectors holding certificates, security inspection results, seizure of prohibited items, performance of duties, and on-duty rate of train crew holding certificates to obtain statistical results corresponding to each keyword entity; For each keyword entity, a report file is generated based on the security business reporting template and the statistical results corresponding to the keyword entity; Based on the statistical results corresponding to the keyword entities and the reporting file, generate the file corresponding to the keyword entities; Upload the files corresponding to each of the aforementioned keyword entities to the business database.

[0012] According to a security business processing method based on a large language model provided by the present invention, the step of retrieving the target data corresponding to the security business query information through a business database includes: Based on the target keyword entity and the query intent, a target API is determined from the application programming interface (API) library; the API library includes APIs for different types of entities and query intents. Extract query parameters that match the input parameters of the target API from the target keyword entity; Generate an API call request based on the query parameters; By calling the target API configured with the API call request, the target data is retrieved from the business database on the cloud server.

[0013] According to a security business processing method based on a large language model provided by the present invention, the step of determining the target API from the application programming interface (API) library based on the target keyword entity and the query intent includes: Based on the target keyword entity and the query intent, determine the query content; Determine the semantic similarity between the query content and the functional descriptions of each API in the API library; The API with the highest semantic similarity is identified as the target API.

[0014] According to the present invention, a security business processing method based on a large language model is provided, wherein generating a target answer based on the target data includes: Obtain at least one data source identifier from which the target data was retrieved; Based on the target data and the data source identifier, the target answer is generated, which includes data conclusions and source explanations.

[0015] According to the security business processing method based on a large language model provided by the present invention, the target keyword entity includes at least one of the following: business indicator entity, time period entity, organizational hierarchy entity, document type entity, and rules and regulations entity.

[0016] The present invention also provides a security business processing device based on a large language model, comprising: The acquisition module is used to acquire security service query information input by the user; The extraction module is used to input the security business query information into the large language model, and extract the target keyword entities and query intent from the security business query information through the large language model; The determination module is used to determine the query type corresponding to the security business query information based on the target keyword entity and the query intent; The retrieval module is used to retrieve the target data corresponding to the security business query information through a knowledge base when the query type includes a knowledge question and answer type. The retrieval module is further configured to retrieve target data corresponding to the security business query information through a business database when the query type includes a data query type; the business database includes relevant data on security business. The output module is used to generate a target answer based on the target data and output the target answer.

[0017] The present invention also provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the security business processing method based on the large language model as described above.

[0018] The present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the security business processing method based on a large language model as described above.

[0019] The present invention also provides a computer program product, including a computer program that, when executed by a processor, implements the security business processing method based on a large language model as described above.

[0020] The security business processing method based on a large language model provided by this invention obtains security business query information input by the user, inputs the query information into a large language model, extracts target keyword entities and query intent from the security business query information through the large language model, and determines the corresponding query type based on the target keyword entities and query intent. When the query type includes a knowledge-based question-and-answer type, the target data corresponding to the security business query information is retrieved through a knowledge base; when the query type includes a data query type, the target data corresponding to the security business query information is retrieved through a business database containing relevant security business data. Based on the target data, a target answer is generated and output. Because the natural language understanding capability of the large language model can be combined with a domain-specific knowledge base and business database, the most suitable data source can be accurately matched for security business query information of different query types. Therefore, it can effectively overcome the deficiency of static knowledge in specific vertical domains of general-purpose large language models, thereby improving the accuracy of the processing results when the large language model processes business indicator data in the security field. Attached Figure Description

[0021] To more clearly illustrate the technical solutions in this invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.

[0022] Figure 1 This is a flowchart illustrating the security business processing method based on a large language model provided in an embodiment of the present invention.

[0023] Figure 2 This is a schematic diagram illustrating the input of security service query information provided in an embodiment of the present invention.

[0024] Figure 3 This is a schematic diagram illustrating the output of the target answer provided in an embodiment of the present invention.

[0025] Figure 4 This is a schematic diagram of the security business processing device based on a large language model provided in an embodiment of the present invention.

[0026] Figure 5 This is a schematic diagram of the physical structure of an electronic device provided in an embodiment of the present invention. Detailed Implementation

[0027] To make the objectives, technical solutions, and advantages of this invention clearer, the technical solutions of this invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of this invention. All other embodiments obtained by those skilled in the art based on the embodiments of this invention without creative effort are within the scope of protection of this invention.

[0028] Currently, intelligent question answering for complex questions mainly relies on large language models pre-trained on massive amounts of data. The response capability of such large language models is largely limited by the breadth, depth, and quality of their pre-training corpora. Furthermore, after training, the internal knowledge of these large language models is relatively fixed, forming a static knowledge base. Therefore, for specific technical fields, such as using large language models to process security operations in the security field, these models struggle to output accurate and reliable answers, resulting in low accuracy of the processing results.

[0029] To address the aforementioned issues, this invention proposes a security business processing method based on a large language model. In this method, upon receiving a security business query from a user, the method first determines the query type of the query information before using the large language model to determine the target answer. Based on different query types, different databases are selected to retrieve the corresponding target answer. This avoids retrieving data from a general knowledge base, instead retrieving from a business database, thus directly obtaining real-time and accurate business data. This avoids factual errors caused by outdated or missing knowledge within the large language model, improving the accuracy of the processing results when the large language model processes business indicator data in the security field.

[0030] The following is combined with Figures 1 to 3 This invention describes a security business processing method based on a large language model, as provided in an embodiment of the present invention. This invention is applicable to scenarios where a large language model is used to process business data in the security field, such as intelligent monitoring and decision support for subway security operations. In this scenario, through the technical solution of the present invention, staff can quickly query static regulations, such as specific clauses in the "Contraband Disposal Manual," and also monitor dynamic business indicators in real time, such as the real-time on-duty rate of certified personnel at each station, and the analysis of the quantity and type of contraband seized on a given day.

[0031] The execution subject of this method can be a terminal device, computer, server, server cluster, or specially designed security business processing equipment based on a large language model, or a security business processing device based on a large language model installed in the electronic device. The security business processing device based on a large language model can be implemented by software, hardware, or a combination of both.

[0032] Figure 1 A flowchart illustrating the security business processing method based on a large language model provided in this embodiment of the invention is shown below. Figure 1 As shown, the method includes: Step 101: Obtain the security service query information entered by the user.

[0033] In this step, users can input security service query information in natural language form through the human-computer interaction interface. This security service query information can be text, voice, or images, etc.

[0034] Figure 2 This is a schematic diagram illustrating the input of security service query information provided in an embodiment of the present invention, such as... Figure 2 As shown, users can enter the questions they want to query through the human-machine interface of the security management system, such as "Please analyze the on-duty rate of security checkpoint staff from 2026-01-05 to 2026-01-11".

[0035] In addition, such as Figure 2 As shown, the human-machine interface of the security management system can also include multiple recommended questions, such as "security checkpoint staff on duty rate", "train crew staff on duty rate", and "contraband detection and handling status". Users can also select one question from the recommended questions as security business query information.

[0036] Step 102: Input the security business query information into the large language model, and extract the target keyword entities and query intent from the security business query information through the large language model.

[0037] In this step, security business query information is input into a large language model. Based on its deep understanding of natural language, the large language model performs semantic parsing and structural analysis on the input security business query information, thereby identifying and extracting core elements closely related to security business as target keyword entities. For example, target keyword entities include at least one of the following: business indicator entities, time period entities, organizational hierarchy entities, document type entities, and regulatory clause entities. For instance, business indicator entities include on-duty certificate rate, quantity of contraband seized, security check pass rate, and equipment failure rate; time period entities include 2026-01-05 to 2026-01-11, last week, or this week; organizational hierarchy entities include Branch 1, Branch 2, Metro Line 1, and XX Central Station; document type entities include daily reports, weekly reports, monthly reports, statistical analysis documents, and regulatory documents; and regulatory clause entities include the "Urban Rail Transit Security Regulations," "Contraband List," and "Security Inspector Operating Procedures."

[0038] In addition, the large language model can also abstract and classify the query purpose in security business query information to determine the query intent, such as data statistics, trend comparison, or conceptual explanation or clause query.

[0039] By extracting target keyword entities and query intent from security business query information, unstructured natural language queries can be transformed into structured semantic elements that can be further processed, thereby improving the information processing speed of large language models.

[0040] Step 103: Based on the target keyword entity and query intent, determine the query type corresponding to the security business query information.

[0041] In this step, after identifying the target keyword entity and query intent, they can be matched with preset classification rules. For example, if the query intent is to explain a concept or find the basis for a clause, and the target keyword entity contains static knowledge objects such as rules and regulations, then the query type is determined to be a knowledge question and answer type. If the query intent involves data statistics, comparison, or trend analysis, and the target keyword entity contains dynamic data objects such as business indicators, time ranges, and organizational units, then the query type is determined to be a data query type.

[0042] By analyzing target keyword entities and query intent, the essence of security business query information can be accurately identified, improving the accuracy of subsequent database determination.

[0043] Step 104: If the query type includes knowledge question and answer, retrieve the target data corresponding to the security business query information through the knowledge base.

[0044] In this step, after determining that the query type is a knowledge-based question-and-answer question, the extracted target keyword entities and query intent are used as retrieval inputs. Semantic matching and similarity calculation are then performed on a pre-constructed and quantified security domain knowledge base. This knowledge base stores unstructured text materials, such as policy documents, regulations, security manuals, legal provisions, and standard operating procedures.

[0045] After similarity calculation, multiple text fragments most relevant to security business query information can be identified and returned from the knowledge base, and these text fragments can be used as target data.

[0046] For example, if the security service query is "Are security personnel allowed to wear jewelry during work hours?", the system extracts multiple text fragments related to the query from the knowledge base, integrates these fragments into a single text as the target answer, and outputs it. Optionally, the system can also output the names of the original files to which these text fragments belong.

[0047] Step 105: If the query type includes a data query type, retrieve the target data corresponding to the security business query information from the business database; the business database includes relevant data on security business.

[0048] In this step, after determining that the query type is a data query, the extracted query intent and target keyword entities are converted into executable, parameterized data query instructions, such as SQL statements. These data query instructions then retrieve numerical values, lists, or aggregated results that match the query conditions from the business database, and these results are used as the target data.

[0049] The business database includes data related to security operations, such as security personnel attendance records, contraband seizure information, and equipment operation logs.

[0050] Step 106: Generate the target answer based on the target data and output the target answer.

[0051] In this step, after identifying the target data, the large language model, based on the target data and the query intent of the security business query information, performs content integration and language generation tasks. The large language model organizes scattered data or text information into a target answer that meets the query requirements, is logically coherent, and is easy to understand. The final generated target answer may directly present the search results, or it may include a brief analysis or summary based on the data.

[0052] Finally, the generated text-based target answer is output to the user through the human-computer interface of the security management system, thus completing this question-and-answer interaction and realizing the processing of security business.

[0053] Figure 3 This is a schematic diagram of the output of the target answer provided in an embodiment of the present invention, such as... Figure 3 As shown, for the security business query information "Please analyze the on-duty rate of security check personnel with valid certificates from January 5, 2026 to January 11, 2026", the large language model retrieves the on-duty rate of security check personnel with valid certificates for Company 1 in each route section for the previous and current periods from the business database. Additionally, it can retrieve the percentage of female personnel. These retrieved data can be used as the target data. Of course, the same data can be retrieved for Companies 2 and 3.

[0054] Furthermore, based on this target data, the large language model can analyze the comparison between the current period's on-duty security check personnel rate and the previous period's, such as the overall on-duty personnel rate and its month-on-month trend. Additionally, it can extract key information points from the target data, such as describing the overall performance of which operating units (e.g., "Yun-1," "Yun-2," and "Yun-3"), and identifying individual route segments with the most significant changes or requiring attention, for example, pointing out a significant increase or decrease in the on-duty rate of a particular route "this period." Moreover, the large language model can also compile a list of routes with on-duty rates below a specific threshold (e.g., 99%) as a risk warning or point of concern.

[0055] The large language model integrates the above content to obtain, as follows: Figure 3 The text analysis report shown is the target answer.

[0056] The security business processing method based on a large language model provided in this invention obtains security business query information input by the user, inputs the query information into a large language model, extracts target keyword entities and query intent from the security business query information through the large language model, and determines the query type corresponding to the security business query information based on the target keyword entities and query intent. When the query type includes a knowledge-based question-and-answer type, the target data corresponding to the security business query information is retrieved through a knowledge base; when the query type includes a data query type, the target data corresponding to the security business query information is retrieved through a business database containing relevant security business data. Based on the target data, a target answer is generated and output. Because the natural language understanding capability of the large language model can be combined with a domain-specific knowledge base and business database, the most suitable data source can be accurately matched for security business query information of different query types. Therefore, it can effectively overcome the deficiency of static knowledge in specific vertical domains of general-purpose large language models, thereby improving the accuracy of the processing results when the large language model processes business indicator data in the security field.

[0057] For example, based on the above embodiments, when extracting target keyword entities and query intents from security business query information through a large language model, the large language model can be used to extract entity content related to security business from the security business query information to obtain target keyword entities. Based on the security business query information, the operation type and query target are determined, and then the query intent is generated based on the operation type and query target.

[0058] Specifically, the large language model performs deep analysis on security business query information in natural language form, identifying and extracting specific objects directly related to security business as target keyword entities. For example, from the security business query information "Please compare the on-duty certificate rate of Company 1 and Company 2 last week", the business indicator entity "on-duty certificate rate", the organizational entities "Company 1" and "Company 2", and the time entity "last week" can be extracted.

[0059] In addition, the large language model can also analyze the user's request purpose based on security business query information, thereby abstracting the operation type and query target. For example, from the security business query information "Please compare the on-duty certificate rate of Company 1 and Company 2 last week", the operation type can be determined to be comparison, and the query target is the on-duty certificate rate of the two companies last week.

[0060] For example, from the security business query information "What are the methods for handling prohibited items?", the target keyword entity can be extracted as "prohibited items", the operation type is query or explanation, and the query target includes all handling procedures and clauses related to prohibited items.

[0061] Furthermore, the large language model can also structurally integrate the obtained operation types with the query targets to generate query intentions that can be clearly executed by the machine, thereby transforming ambiguous security business query information into precise, machine-executable semantic instructions, providing a foundation for subsequent query type judgment and data retrieval.

[0062] In the above embodiments, by extracting target keyword entities, operation types, and query targets from security business query information, it is possible to accurately distinguish whether the security business query information is for static knowledge or dynamic data, thus providing a basis for matching different data sources in the future and improving the accuracy of information retrieval and the relevance of answer generation.

[0063] For example, based on the above embodiments, when determining the query type corresponding to security business query information based on the target keyword entity and query intent, it can be done in the following ways: In one possible implementation, if the query intent includes at least one of conceptual explanation, clause query, and basis for handling, and the target keyword entity includes at least one of rule / regulation name, clause, or processing procedure, the query type is determined to be a knowledge question and answer type; if the query intent includes data processing, and the target keyword entity includes at least one of business indicator entity, time dimension entity, and organizational dimension entity, the query type is determined to be a data query type.

[0064] Specifically, when it is determined that the user's query intent is to understand existing knowledge or rules—for example, if the query intent includes operations such as concept explanation, clause inquiry, or handling basis—and the target keyword entity points to established normative content, such as specific rule names, clause numbers, or standardized processing procedures, then the query type will be determined to be a knowledge-based question-and-answer type. For example, for the security business query information: "How does the Security Manual stipulate the handling procedure for flammable materials?", since the identified query intent is "clause inquiry," and the target keyword entities are the rule name "Security Manual" and the handling procedure "flammable materials handling procedure," the query type for this security business query information can be determined to be a knowledge-based question-and-answer type.

[0065] When it's determined that a user's query intent involves dynamic processing such as data calculation, comparison, or trend mining—for example, if the query intent includes operations like "statistics," "comparison," or "trend analysis," and the extracted target keyword entities include business indicator entities that need to be calculated, such as "certified on-duty rate," time-dimensional entities limiting the calculation scope, such as last week or this week, or a given time period, and organizational-dimensional entities, such as Company One or Department A—then it can be determined that the core requirement of this query is to obtain a set of numerical results generated through calculation, and the query type can be identified as a data query type. For example, in the security business query "Compare the number of security inspection equipment failures at Station A and Station B this month," since the identified query intent is "comparison of failure counts," the target keyword entities are the organizational-dimensional entity "Station A and Station B," the time-dimensional entity "this month," and the business indicator entity "number of security inspection equipment failures," the query type for this security business query can be determined as a data query type.

[0066] In this embodiment, by analyzing the content contained in the query intent and the target keyword entity, the query type corresponding to the security business query information is determined as either a knowledge question and answer type or a data query type, thereby achieving an accurate understanding of the user's real needs and the classification of query intent, and improving the accuracy of query type determination.

[0067] In another possible implementation, the target keyword entity and query intent are input into the classification model to obtain the probability of knowledge question answer type and data query type output by the classification model. The classification model is obtained by training an initial classification model based on the sample target keyword entity and sample query intent. If the probability of knowledge question answer type is greater than the first probability, the query type is determined to be knowledge question answer type; if the probability of data query type is greater than the second probability, the query type is determined to be data query type.

[0068] Specifically, the classification model can be a text classifier based on the Transformer architecture or a deep neural network. By pre-acquiring sample target keyword entities and sample query intents from multiple sample query information and labeling these sample query information, the sample query type corresponding to the sample query information is obtained. This sample query information is determined based on real security business query history.

[0069] Input the target keyword entity and query intent of each sample query into the initial classification model to obtain the predicted query type output by the initial classification model. Based on the predicted query type and the labeled sample query type, determine the loss information. Based on the loss information, adjust the model parameters of the initial classification model. Repeat the above process until the number of iterations meets the preset number or the model converges. The final model is then determined as the classification model.

[0070] The target keyword entities and query intent extracted from security business query information are input into a pre-trained classification model to obtain the probabilities of the knowledge question answer type and the data query type output by the classification model. For example, the probability of the knowledge question answer type is 0.12, and the probability of the data query type is 0.88.

[0071] In addition, the first and second probabilities can be different or the same, for example, both can be set to 0.8.

[0072] The probability of the knowledge question and answer type is compared with the first probability. If the probability of the knowledge question and answer type is greater than the first probability, the query type is determined to be the knowledge question and answer type. The probability of the data query type is compared with the second probability. If the probability of the data query type is greater than the second probability, the query type is determined to be the data query type. For example, if 0.88 is greater than 0.8, the security business query information is determined to be the data query type.

[0073] It should be noted that if the probability of the knowledge question answer type is less than or equal to the first probability, and the probability of the data query type is less than or equal to the second probability, a prompt message will be output to remind the user to enter more specific information, thereby improving robustness in cases where the type boundaries are ambiguous.

[0074] In this embodiment, the query type can be determined more quickly by using a pre-trained classification model, thus improving the efficiency of query type determination.

[0075] For example, based on the above embodiments, when retrieving target data corresponding to security business query information through the business database, one possible implementation is to search for the target file corresponding to the target keyword entity in the business database, and retrieve the target data from the target file based on the query intent.

[0076] Specifically, the business database stores multiple files, such as Excel spreadsheets, Word reports, and PDF documents. These files are categorized according to keyword entities; for example, the details of contraband seizures by Branch 1 are stored in one file, while the details of contraband seizures by Branch 2 are stored in another file. Additionally, the aforementioned files can also be a collection of structured business report files generated at fixed intervals (e.g., daily, weekly, monthly).

[0077] After identifying the target keyword entity, compare it with the corresponding keyword entities in each file of the business database, and determine the file corresponding to the keyword entity with the highest similarity as the target file corresponding to the target keyword entity.

[0078] For example, if the target keyword entity contains the time dimension "October 2025" and the business indicator "statistics on the seizure of contraband", the target file can be determined to be "October 2025 statistics on the seizure of contraband.xlsx" by matching these target keyword entities with the metadata (such as file name, generation date, and report type) of each file in the business database.

[0079] Furthermore, target data can be retrieved from the target file based on the query intent. For example, when the query intent is "list of daily contraband seizures," the target file is parsed to locate the detailed data area for daily statistics and the corresponding data is extracted. If the query intent is "analyze trends," data from a specific time series will be extracted and calculated to determine whether the trend is rising or falling, and this data will be used as the target data.

[0080] In this embodiment, by searching for the target file corresponding to the target keyword entity in the business database and retrieving the target data from the target file based on the query intent, the retrieval complexity of the target data can be reduced and the retrieval efficiency of the target data can be improved.

[0081] For example, based on the above embodiments, each file in the business database can be pre-stored in the following manner: Periodically compile statistics on the on-duty rate of security inspectors holding certificates, security inspection results, seizure of prohibited items, performance of duties, and on-duty rate of train crew holding certificates to obtain statistical results corresponding to each keyword entity. For each keyword entity, based on the security business reporting template and the statistical results corresponding to the keyword entity, generate a report document. Based on the statistical results and report document corresponding to the keyword entity, generate a file corresponding to the keyword entity and upload the file corresponding to each keyword entity to the business database.

[0082] Specifically, statistics can be compiled on the on-duty rate of security inspectors holding certificates, security inspection results, seizure of prohibited items, performance of duties, and on-duty rate of train crew members holding certificates, according to a preset period. The statistical results are then categorized according to keyword entities. The preset period can be, for example, daily, weekly, or monthly.

[0083] For each statistical result categorized based on keyword entities, the corresponding security business reporting template can be invoked. These templates can be, for example, daily, weekly, or monthly Word reports for subway security, and include pre-defined standardized formats, chart placements, and text description frameworks. Therefore, data from the statistical results can be populated into the corresponding positions in the reporting template to generate the report file corresponding to the keyword entity.

[0084] Furthermore, the statistical results and the resulting report documents corresponding to the keyword entities can be combined into a set of target files for each keyword entity, and these target files can be uploaded to the business database. The business database could be, for example, the Dify knowledge base.

[0085] In this embodiment, by uploading the files corresponding to each keyword entity to the business database, and using the keyword entity as the index for the corresponding file in the business database, efficient file retrieval can be achieved, improving the accuracy and efficiency of information retrieval.

[0086] In another possible implementation, when retrieving target data corresponding to security business query information through the business database, the target API can be determined from the application programming interface (API) library based on the target keyword entity and query intent. The API library includes APIs for different types of entities and query intents. Query parameters that match the input parameters of the target API are extracted from the target keyword entity. An API call request is generated based on the query parameters. By calling the target API configured with the API call request, the target data is retrieved from the business database on the cloud server.

[0087] Specifically, when real-time, accurate business data is needed, an application programming interface (API) can be used to access a business database deployed in the cloud that stores real-time business data. This business database can include, for example, a relational database such as MySQL or PostgreSQL.

[0088] The API library includes APIs for different types of entities and query intents. These are pre-developed and registered collections of APIs with clearly defined functions and encapsulated data access logic. Each API corresponds to a specific data query capability, with its functional description, required input parameters, and returned data format explicitly defined. A single API can correspond to a type of entity and query intent. For example, the business indicator entity of "certified on-the-job rate," along with related query intents such as comparative analysis, trend queries, and data statistics, could correspond to a single API.

[0089] When determining the target API from the API library, one possible implementation is to determine the query content based on the target keyword entity and query intent, and then determine the semantic similarity between the query content and the functional descriptions of each API in the API library, thereby identifying the API with the highest semantic similarity as the target API.

[0090] Specifically, the query intent and target keyword entities can be integrated into a complete and understandable query content. For example, if the query intent is "comparison", and the target keyword entities include "certified on-duty rate", "Yunyi Company", and "last week", the query content can be "comparing the certified on-duty rates of Yunyi Company and Yuner Company last week".

[0091] After obtaining the query content, its semantic similarity can be compared with the functional description text of each pre-registered API in the API library. For example, a text embedding model (such as Sentence-BERT) can be used to convert the query content and all API functional description texts into vector representations in a high-dimensional semantic space, and the cosine similarity between the query content vector and each API functional description vector can be calculated. This yields a quantified matching score, which accurately measures the semantic relevance between the query content and each API capability.

[0092] All APIs are sorted in descending order of their calculated semantic similarity scores, and the API with the highest score is selected as the target API for this call. For example, if the query is "compare the on-duty rate of certified personnel at Company 1 and Company 2 last week", the API whose function description is "compare indicator data of different entities" will be selected as the target API.

[0093] In the above approach, semantic similarity matching can accurately identify the target API from multiple APIs, improving the accuracy of the target API. Furthermore, when adding a new API, only its functional description needs to be registered in the API library; there's no need to modify complex decision-making logic, significantly reducing maintenance costs.

[0094] Furthermore, after identifying the target API, specific values ​​matching the input parameters (such as metric_name, entity_list, start_date, end_date) of the selected target API can be extracted from the target keyword entity and used as query parameters. For example, "certified on-duty rate" can be mapped to metric_name, the company list can be mapped to entity_list, and the specific start and end dates corresponding to "last week" can be calculated.

[0095] The mapped parameters are encapsulated into a request format that conforms to the requirements of the target API, such as an HTTP POST request in JSON format, thereby generating an API call request. By calling the target API configured in the API call request, the system accesses the business database on the cloud server, retrieves accurate and real-time target data from the business database, and returns the retrieved target data to the electronic device.

[0096] In this embodiment, the business database in the cloud server is accessed through the target API. Since the business database stores real-time and accurate data, the real-time nature and accuracy of the queried target data can be ensured.

[0097] For example, based on the above embodiments, when generating a target answer based on target data, at least one data source identifier of the queried target data can be obtained, and a target answer can be generated based on the target data and the data source identifier. The target answer includes data conclusions and source descriptions.

[0098] Specifically, after retrieving the target data, the data source identifier can be recorded synchronously. This identifier can represent the origin or source of the target data. For target data retrieved from a knowledge base, the data source identifier might be the document name to which the target data belongs, such as Article 5.2 of the "Security Management Manual." For target data retrieved from a business database, the data source identifier might be the report name to which the target data belongs, such as "Survey Statistics of Contraband Seized in October 2025.xlsx," etc.

[0099] Furthermore, when generating the target answer, the large language model can use the target data and data source identifiers as context to generate a structured target answer. The target answer includes two parts: the first part is the data conclusion, which is the data conclusion after analyzing and summarizing the target data; the second part is the source description, which can clearly list one or more data sources on which the data conclusion is based.

[0100] In the above context, adding source information to the target answer can enhance its traceability and credibility.

[0101] The security business processing device based on a large language model provided by the present invention will be described below. The security business processing device based on a large language model described below and the security business processing method based on a large language model described above can be referred to in correspondence.

[0102] Figure 4 This is a schematic diagram of the security business processing device based on a large language model provided in an embodiment of the present invention, as shown below. Figure 4 As shown, the security business processing device 400 based on a large language model includes: Module 11 is used to obtain security service query information input by the user; Extraction module 12 is used to input the security business query information into the large language model, and extract the target keyword entities and query intent in the security business query information through the large language model; The determination module 13 is used to determine the query type corresponding to the security business query information based on the target keyword entity and the query intent; The retrieval module 14 is used to retrieve the target data corresponding to the security business query information through a knowledge base when the query type includes a knowledge question and answer type. The retrieval module 14 is further configured to retrieve target data corresponding to the security business query information through a business database when the query type includes a data query type; the business database includes relevant data on security business. Output module 15 is used to generate a target answer based on the target data and output the target answer.

[0103] In one example embodiment, the extraction module 12 is specifically used for: Using the large language model, entity content related to security business is extracted from the security business query information to obtain the target keyword entity; Based on the security business query information, determine the operation type and query target; The query intent is generated based on the operation type and the query target.

[0104] In one example embodiment, the determining module 13 is specifically used for: If the query intent includes at least one of concept explanation, clause query, and handling basis, and the target keyword entity includes at least one of rule / regulation name, clause, or processing procedure, then the query type is determined to be the knowledge question and answer type. If the query intent includes data processing, and the target keyword entity includes at least one of a business indicator entity, a time dimension entity, and an organizational dimension entity, then the query type is determined to be the data query type.

[0105] In one example embodiment, the determining module 13 is specifically used for: The target keyword entity and the query intent are input into the classification model to obtain the probability of the knowledge question-answering type and the probability of the data query type output by the classification model. The classification model is obtained by training an initial classification model based on the sample target keyword entity and the sample query intent. If the probability of the knowledge question-and-answer type is greater than the first probability, the query type is determined to be a knowledge question-and-answer type. If the probability of the data query type is greater than the second probability, then the query type is determined to be the data query type.

[0106] In one example embodiment, the retrieval module 14 is specifically used for: Search the business database for the target file corresponding to the target keyword entity; Based on the query intent, the target data is retrieved from the target file.

[0107] In one example embodiment, the device further includes: The statistics module is used to periodically collect statistics on the on-duty rate of security inspectors holding certificates, security inspection results, seizure of prohibited items, performance of duties, and on-duty rate of train crew holding certificates, and to obtain statistical results corresponding to each keyword entity; The generation module is used to generate a report file for each keyword entity based on the security business reporting template and the statistical results corresponding to the keyword entity; The generation module is further configured to generate a file corresponding to the keyword entity based on the statistical results corresponding to the keyword entity and the report file; The upload module is used to upload the files corresponding to each of the keyword entities to the business database.

[0108] In one example embodiment, the retrieval module 14 is specifically used for: Based on the target keyword entity and the query intent, a target API is determined from the application programming interface (API) library; the API library includes APIs for different types of entities and query intents. Extract query parameters that match the input parameters of the target API from the target keyword entity; Generate an API call request based on the query parameters; By calling the target API configured with the API call request, the target data is retrieved from the business database on the cloud server.

[0109] In one example embodiment, the determining module 13 is specifically used for: Based on the target keyword entity and the query intent, determine the query content; Determine the semantic similarity between the query content and the functional descriptions of each API in the API library; The API with the highest semantic similarity is identified as the target API.

[0110] In one example embodiment, the generation module is further configured to: Obtain at least one data source identifier from which the target data was retrieved; Based on the target data and the data source identifier, the target answer is generated, which includes data conclusions and source explanations.

[0111] In one example embodiment, the target keyword entity includes at least one of the following: business indicator entity, time period entity, organizational hierarchy entity, document type entity, and rules and regulations entity.

[0112] The apparatus of this embodiment can be used in any embodiment of the security business processing method based on a large language model. Its specific implementation process and technical effects are similar to those in the security business processing method based on a large language model. For details, please refer to the detailed description in the security business processing method based on a large language model, which will not be repeated here.

[0113] Figure 5 This is a schematic diagram of the physical structure of an electronic device provided in an embodiment of the present invention, such as... Figure 5As shown, the electronic device may include: a processor 510, a communications interface 520, a memory 530, and a communication bus 540, wherein the processor 510, communications interface 520, and memory 530 communicate with each other via the communication bus 540. The processor 510 can call logical instructions in the memory 530 to execute a security business processing method based on a large language model. This method includes: acquiring security business query information input by a user; inputting the security business query information into a large language model, and extracting target keyword entities and query intent from the security business query information through the large language model; determining the query type corresponding to the security business query information based on the target keyword entities and the query intent; if the query type includes a knowledge question-and-answer type, retrieving target data corresponding to the security business query information through a knowledge base; if the query type includes a data query type, retrieving target data corresponding to the security business query information through a business database; the business database includes relevant data on security business; generating a target answer based on the target data, and outputting the target answer.

[0114] Furthermore, the logical instructions in the aforementioned memory 530 can be implemented as software functional units and, when sold or used as independent products, can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0115] On the other hand, the present invention also provides a computer program product, which includes a computer program that can be stored on a non-transitory computer-readable storage medium. When the computer program is executed by a processor, the computer can execute the security business processing method based on a large language model provided by the above methods. The method includes: acquiring security business query information input by a user; inputting the security business query information into a large language model and extracting target keyword entities and query intent from the security business query information through the large language model; determining the query type corresponding to the security business query information based on the target keyword entities and the query intent; if the query type includes a knowledge question-and-answer type, retrieving target data corresponding to the security business query information through a knowledge base; if the query type includes a data query type, retrieving target data corresponding to the security business query information through a business database; the business database includes relevant data on security business; generating a target answer based on the target data, and outputting the target answer.

[0116] In another aspect, the present invention also provides a non-transitory computer-readable storage medium storing a computer program thereon. When executed by a processor, the computer program implements the security business processing method based on a large language model provided by the above methods. This method includes: acquiring security business query information input by a user; inputting the security business query information into a large language model, and extracting target keyword entities and query intent from the security business query information through the large language model; determining the query type corresponding to the security business query information based on the target keyword entities and the query intent; if the query type includes a knowledge question-and-answer type, retrieving target data corresponding to the security business query information through a knowledge base; if the query type includes a data query type, retrieving target data corresponding to the security business query information through a business database; the business database includes relevant data on security business; generating a target answer based on the target data, and outputting the target answer.

[0117] The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs. Those skilled in the art can understand and implement this without any creative effort.

[0118] Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus necessary general-purpose hardware platforms, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solutions, in essence or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as ROM / RAM, magnetic disk, optical disk, etc., and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in the various embodiments or some parts of the embodiments.

[0119] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

1. A security business processing method based on a large language model, characterized in that, include: Obtain security service query information input by the user; The security business query information is input into a large language model, and the target keyword entities and query intent in the security business query information are extracted through the large language model. Based on the target keyword entity and the query intent, determine the query type corresponding to the security business query information; When the query type includes a knowledge-based question-and-answer type, the target data corresponding to the security business query information is retrieved from the knowledge base. When the query type includes a data query type, the target data corresponding to the security business query information is retrieved from the business database; the business database includes relevant data on security business. Generate a target answer based on the target data, and output the target answer.

2. The security business processing method based on a large language model according to claim 1, characterized in that, The step of extracting target keyword entities and query intents from the security business query information using the large language model includes: Using the large language model, entity content related to security business is extracted from the security business query information to obtain the target keyword entity; Based on the security business query information, determine the operation type and query target; The query intent is generated based on the operation type and the query target.

3. The security business processing method based on a large language model according to claim 1, characterized in that, The step of determining the query type corresponding to the security business query information based on the target keyword entity and the query intent includes: If the query intent includes at least one of concept explanation, clause query, and handling basis, and the target keyword entity includes at least one of rule / regulation name, clause, or processing procedure, then the query type is determined to be the knowledge question and answer type. If the query intent includes data processing, and the target keyword entity includes at least one of a business indicator entity, a time dimension entity, and an organizational dimension entity, then the query type is determined to be the data query type.

4. The security business processing method based on a large language model according to claim 1, characterized in that, The step of determining the query type corresponding to the security business query information based on the target keyword entity and the query intent includes: The target keyword entity and the query intent are input into the classification model to obtain the probability of the knowledge question-answering type and the probability of the data query type output by the classification model. The classification model is obtained by training an initial classification model based on the sample target keyword entity and the sample query intent. If the probability of the knowledge question-and-answer type is greater than the first probability, the query type is determined to be a knowledge question-and-answer type. If the probability of the data query type is greater than the second probability, then the query type is determined to be the data query type.

5. The security business processing method based on a large language model according to any one of claims 1-4, characterized in that, The step of retrieving the target data corresponding to the security business query information from the business database includes: Search the business database for the target file corresponding to the target keyword entity; Based on the query intent, the target data is retrieved from the target file.

6. The security business processing method based on a large language model according to claim 5, characterized in that, The method further includes: Periodically collect statistics on the on-duty rate of security inspectors holding certificates, security inspection results, seizure of prohibited items, performance of duties, and on-duty rate of train crew holding certificates to obtain statistical results corresponding to each keyword entity; For each keyword entity, a report file is generated based on the security business reporting template and the statistical results corresponding to the keyword entity; Based on the statistical results corresponding to the keyword entities and the reporting file, generate the file corresponding to the keyword entities; Upload the files corresponding to each of the aforementioned keyword entities to the business database.

7. The security business processing method based on a large language model according to any one of claims 1-4, characterized in that, The step of retrieving the target data corresponding to the security business query information from the business database includes: Based on the target keyword entity and the query intent, a target API is determined from the application programming interface (API) library; the API library includes APIs for different types of entities and query intents. Extract query parameters that match the input parameters of the target API from the target keyword entity; Generate an API call request based on the query parameters; By calling the target API configured with the API call request, the target data is retrieved from the business database on the cloud server.

8. The security business processing method based on a large language model according to claim 7, characterized in that, The step of determining the target API from the application programming interface (API) library based on the target keyword entity and the query intent includes: Based on the target keyword entity and the query intent, determine the query content; Determine the semantic similarity between the query content and the functional descriptions of each API in the API library; The API with the highest semantic similarity is identified as the target API.

9. The security business processing method based on a large language model according to any one of claims 1-4, characterized in that, The process of generating the target answer based on the target data includes: Obtain at least one data source identifier from which the target data was retrieved; Based on the target data and the data source identifier, the target answer is generated, which includes data conclusions and source explanations.

10. The security business processing method based on a large language model according to any one of claims 1-4, characterized in that, The target keyword entity includes at least one of the following: business indicator entity, time period entity, organizational hierarchy entity, document type entity, and rules and regulations entity.