Abstract: Various railway passenger ticket grabbing services launched by the third-party platform have brought great pressure to the China railway 12306 Internet ticketing and reservation system (12306 for short). In order to ensure the stability of 12306 and the fairness of passenger ticket purchase, it is urgent to identify risk users. This paper aimed to address the risk of data aggregation caused by the deployment of 12306 in different physical locations and centers, studied a risk user identification method based on horizontal federated learning under the condition of dispersed user data. Based on user access behavior, the paper constructed and extracted user features, constructed a horizontal federated learning model using algorithms such as XGboost, logistic regression, and neural networks, and validated the model. The experimental results show that the horizontal federated learning model based on XGboost algorithm has good risk user recognition performance, provides technical support for the safe use of railway data.