CN115442157B - Network security transmission method and system - Google Patents

Network security transmission method and system Download PDF

Info

Publication number
CN115442157B
CN115442157B CN202211368516.2A CN202211368516A CN115442157B CN 115442157 B CN115442157 B CN 115442157B CN 202211368516 A CN202211368516 A CN 202211368516A CN 115442157 B CN115442157 B CN 115442157B
Authority
CN
China
Prior art keywords
user
file
information
preset
transmission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211368516.2A
Other languages
Chinese (zh)
Other versions
CN115442157A (en
Inventor
董超
陈宇耀
龚友涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qianguan Digital Iot Technology Co ltd
Original Assignee
Hangzhou Qianguan Digital Iot Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qianguan Digital Iot Technology Co ltd filed Critical Hangzhou Qianguan Digital Iot Technology Co ltd
Priority to CN202211368516.2A priority Critical patent/CN115442157B/en
Publication of CN115442157A publication Critical patent/CN115442157A/en
Application granted granted Critical
Publication of CN115442157B publication Critical patent/CN115442157B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of network security, in particular to a network security transmission method and a system, wherein the method comprises the following steps: identifying whether a user has a use intention of file safe transmission; if yes, loading a pre-installed information security transmission platform in a non-inductive manner; after loading is finished, an input window of the information security transmission platform is obtained and displayed; acquiring a file and a receiver which are input and confirmed by a user based on an input window; and transmitting the file to a receiver based on the information security transmission platform. According to the network security transmission method and system, when the user is identified to have the using intention of file security transmission, the pre-installed information security transmission platform is loaded, the information security transmission platform is made to enter preparation in advance, the waiting time for the user to use the information security transmission platform when the user has a demand each time is reduced, the user does not need to start the information security transmission platform by himself, the user experience is improved, the network security transmission method and system are more humanized, and the network security transmission method and system are particularly suitable for the special situation that the demand for the user to use information security transmission is intermittent.

Description

Network security transmission method and system
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a network security transmission method and system.
Background
At present, with the rapid development of business offices and government offices towards the direction of electronization, most of users involved in offices have transmission requirements (for example, sending contracts, client materials, government internal files and the like) for sending sensitive information, and the sensitive information needs to be kept secret except for a receiving party. Generally, such a user uses an information security transmission platform to deliver sensitive information to the information security transmission platform for secure transmission to a receiving party, and the information security transmission platform is a platform for providing information security transmission service for the user based on electronic authentication, key management and the like.
However, since the requirement of the user for using the information security transmission is intermittent (for example, a design file needs to be designed and then transmitted, or for example, a colleague needs to receive a requirement of a certain file and then calls the corresponding file for transmission), the information security transmission platform is restarted every time the user needs to avoid occupying used terminal equipment resources, and the like, however, the information security transmission platform needs to load a platform configuration file when being started, and also needs to perform a series of steps such as network state detection, encrypted communication link selection, link debugging and the like, which causes long waiting time for the user, and is poor in user experience and not humanized enough.
Therefore, a solution is needed.
Disclosure of Invention
One of the objectives of the present invention is to provide a network security transmission method, wherein a pre-installed information security transmission platform is loaded when a user has an intention to use the file security transmission, so that the information security transmission platform is prepared in advance, the waiting time for the user to use the information security transmission platform when the user has a demand is reduced, the user does not need to start the information security transmission platform by himself, the user experience is increased, the method is more humanized, and the method is particularly suitable for a special situation that the demand for the user to use the information security transmission is intermittent.
The network security transmission method provided by the embodiment of the invention comprises the following steps:
identifying whether a user has a use intention of file safe transmission;
if yes, loading a pre-installed information security transmission platform in a non-inductive manner;
after loading is finished, an input window of the information security transmission platform is obtained and displayed;
acquiring a file and a receiver which are input and confirmed by a user based on an input window;
and transmitting the file to a receiver based on the information security transmission platform.
Preferably, the identifying whether the user has the use intention of the safe file transmission comprises the following steps:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses file safe transmission;
identifying whether a type file of a habitual file type is opened in a user window range;
if yes, acquiring a first operation sequence for operating the type file within first time recently preset by a user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
Preferably, the identifying whether the user has the use intention of the safe file transmission comprises the following steps:
obtaining a dialog sequence in a dialog box within a user window range within a second time which is preset recently;
extracting semantics of each dialog in the dialog sequence one by one, matching the extracted semantics with the relevant semantics in a preset file security transmission relevant semantic library, and if the extracted semantics are matched with the relevant semantics, acquiring a preset intention confirmation template corresponding to the matched relevant semantics;
if the intention confirmation template is empty, determining that the user has the use intention of safe file transmission;
if the intention confirmation template is not empty, performing intention confirmation according to the extracted semantics of the dialog after the corresponding dialog with the extracted semantics matched and matched in the dialog sequence based on the intention confirmation template;
and if the intention is confirmed successfully, determining that the user has the use intention of the safe transmission of the file.
Preferably, the input window for displaying the information security transmission platform comprises:
acquiring the minimum size and the size proportion of an input window;
determining whether there is a free area within the user window that can separately display the input window based on the minimum size;
if so, determining the maximum display size of the input window in the idle area based on the size proportion, and displaying the input window in the corresponding idle area in the maximum display size;
otherwise, randomly selecting a target area capable of displaying the input window in a top setting mode in the minimum size for multiple times in the user window range;
extracting the characteristic values of the shielding area of the shielded file after the input window is displayed in the target area and a second operation sequence for operating the shielded file within the third time recently preset by the user according to a preset characteristic value extraction template to obtain a plurality of information characteristic values;
determining display suitability of the target area based on the plurality of information characteristic values;
and displaying the input window in the target area corresponding to the maximum display suitability degree in a minimum size.
Preferably, the determining the display suitability of the target region based on the plurality of information feature values includes:
inputting a plurality of information characteristic values into a preset display suitability determination model, and determining the display suitability of a target area;
or the like, or a combination thereof,
constructing a first expression factor based on a plurality of information characteristic values;
and matching the first expression factor with any second expression factor in a preset display suitability determination library, if the first expression factor is matched with any second expression factor in the preset display suitability determination library, acquiring a preset suitability value corresponding to the matched second expression factor, and taking the preset suitability value as the display suitability of the target area.
Preferably, the transmitting the file to the receiving party based on the information security transmission platform includes:
verifying the safety degree of the use environment for the safe transmission of the file used by the user;
and when the verification is passed, transmitting the file to a receiver based on the information security transmission platform.
Preferably, the verifying the security of the use environment in which the user uses the secure transmission of the file includes:
acquiring environmental information of a use environment by contrasting a preset information acquisition template;
performing feature extraction on the environmental information by contrasting a preset feature extraction template to obtain a plurality of information features;
matching the information characteristics with risk characteristics in a preset transmission risk characteristic library, if the matching is in accordance with the risk characteristics, acquiring a preset first risk value corresponding to the matched and conformed risk characteristics, meanwhile, uploading the environment information corresponding to the matched and conformed information characteristics to an information safety transmission platform, and acquiring a second risk value returned by the information safety transmission platform;
determining a target risk value according to the first risk value and the second risk value based on a target risk value determination rule;
accumulating and calculating each target risk value and taking the reciprocal to obtain the safety degree of the use environment;
if the safety degree is larger than or equal to a preset safety degree threshold value, the verification is passed;
wherein the target risk value determination rule comprises:
calculating an absolute value of a difference between the first risk value and the second risk value;
if the absolute value is less than or equal to a preset absolute value threshold, taking the average value of the absolute value and the preset absolute value threshold as a target risk value;
otherwise, the second risk value is taken as the target risk value.
Preferably, the obtaining of the plurality of habitual file types and the corresponding habitual operation sequences that the user uses habits to operate before the file is safely transmitted includes:
acquiring user information of a user;
extracting necessary user information which can determine the operation habit of a user before using the file for safe transmission from the user information by contrasting a preset information extraction template;
generating a template by contrasting preset user conditions, and generating user conditions according to necessary user information;
determining other operation habits of other users according with the user conditions before the other users use the files for safe transmission from a preset operation habit shared library;
and determining a plurality of habit file types and corresponding habit operation sequences which are used by a user to operate before the user uses the safe transmission of the files based on other operation habits.
The embodiment of the invention provides a network security transmission system, which comprises:
the identification module is used for identifying whether a user has the use intention of safe file transmission;
the loading module is used for loading the pre-installed information security transmission platform in a non-inductive manner if the information security transmission platform exists;
the display module is used for acquiring and displaying an input window of the information security transmission platform after the loading is finished;
the acquisition module is used for acquiring files and receivers input and confirmed by a user based on the input window;
and the transmission module is used for transmitting the file to a receiver based on the information security transmission platform.
Preferably, the identification module identifies whether the user has the use intention of the safe file transmission, and comprises the following steps:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses the safe transmission of the files;
identifying whether a type file of a habitual file type is opened within a window range of a user;
if yes, acquiring a first operation sequence for operating the type file within first time recently preset by a user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic diagram of a network security transmission method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a network security transmission system according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
An embodiment of the present invention provides a network security transmission method, as shown in fig. 1, including:
step 1: identifying whether a user has a use intention of file safe transmission;
step 2: if yes, loading a pre-installed information security transmission platform in a non-inductive manner;
and 3, step 3: after loading is finished, an input window of the information security transmission platform is obtained and displayed;
and 4, step 4: acquiring a file and a receiver which are input and confirmed by a user based on an input window;
and 5: and transmitting the file to a receiver based on the information security transmission platform.
The working principle and the beneficial effects of the technical scheme are as follows:
and when the user is identified to have the using intention of the file secure transmission, loading the pre-installed information secure transmission platform in a non-sensitive manner. The non-inductive loading is a scheme that does not let the user know that the platform is loaded, for example: not displaying a platform loading interface, etc. And after the loading is finished, acquiring and displaying an input window of the information security transmission platform. The input window is a window, a user can drag a file needing to be transmitted safely into the input window, a receiver to which the file needs to be transmitted can be input in the input window, and the input window is also provided with a confirmation button and the like for the user to confirm the input content. And transmitting the file to a receiver based on the information security transmission platform. During transmission, the platform will return the encryption key of the user file, etc., depending on the operation modes of different information security transmission platforms, which will not be described in detail.
According to the method and the device, when the user is identified to have the use intention of file safe transmission, the pre-installed information safe transmission platform is loaded, the information safe transmission platform is made to enter preparation in advance, the waiting time of the user for using the information safe transmission platform when the user has the requirement at each time is reduced, the user does not need to start the information safe transmission platform by himself, the user experience is increased, the device is more humanized, and the device and the method are particularly suitable for the special condition that the user needs to use the information safe transmission in an intermittent manner.
In one embodiment, identifying whether the user has an intention to use the secure transmission of the file comprises:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses the safe transmission of the files;
identifying whether a type file of a habitual file type is opened in a user window range;
if yes, acquiring a first operation sequence for operating the type file within a first time preset recently by the user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
The working principle and the beneficial effects of the technical scheme are as follows:
whether the user has the use intention of the file secure transmission can be determined according to the current operation of the user and the operation historically performed by the user before the user uses the file secure transmission. For example, a document writer is accustomed to performing a last check before submitting a draft for review, the file type that is accustomed to operating before submitting the draft for review should be word/< xxxx initial draft >, and the accustomed operation sequence that is accustomed to operating before submitting the draft for review should be save (first completed), page-turned from top to bottom (check whether there is an error), and save again (modification due to the error). Therefore, when the user opens the type files of word/< xxxx first draft > and the like again, a first operation sequence for operating the type files within the latest preset first time (for example, 10 minutes) is obtained and is matched with the habitual operation sequence, and if the sequence matching degree is greater than or equal to the preset sequence matching degree threshold value, the user has the use intention of safe file transmission. For example: the first operation sequence is saving and turning the page from top to bottom to 2/3, which indicates that the user is checking, and the encrypted transmission is required to submit the draft for verification after the checking is finished. Whether the user has the use intention of safe file transmission or not is determined based on the combination of the use habit of the user and the current operation, and the accuracy of determining the use intention is improved.
In one embodiment, identifying whether the user has an intention to use the secure transmission of the file comprises:
obtaining a dialog sequence in a dialog box within a user window range within a second time which is preset recently;
performing semantic extraction on each dialog in the dialog sequence one by one, matching the extracted semantics with the related semantics in a preset file security transmission related semantic library, and if the extracted semantics are matched with the related semantics, acquiring a preset intention confirming template corresponding to the matched related semantics;
if the intention confirmation template is empty, determining that the user has the use intention of safe file transmission;
if the intention confirmation template is not empty, performing intention confirmation according to the extracted semantics of the dialog after the corresponding dialog with the extracted semantics matched and matched in the dialog sequence based on the intention confirmation template;
and if the intention is confirmed successfully, determining that the user has the use intention of the safe transmission of the file.
The working principle and the beneficial effects of the technical scheme are as follows:
whether the user has the usage intention of the secure transmission of the file can also be determined based on the dialog of the user with others. For example, leadership transmits a certain file encrypted to him, and makes a dialog sequence with the user as "send xx to me" and "good". Therefore, the dialog sequences within the latest preset second time (for example: 5 minutes) are obtained, semantic extraction is carried out one by one, and the extracted semantics are matched with the relevant semantics, wherein the relevant semantics are the semantics reflecting that the user may need to use the file secure transmission, for example: the 'encrypted sending' and 'encrypted channel' are taken, the 'need to keep secret' and the like, if the matching is matched, the user possibly needs to use the file for safe transmission. However, since the randomness of the dialog is high, for example: the dialog sequence is "send xx to me", "send you before" and "good", which indicates that no retransmission is required, and therefore, a preset intention confirmation template corresponding to the matching relevant semantics is introduced, and the intention confirmation template is a template for performing secondary confirmation on the situation that a user reflected by the matching relevant semantics may need to use file secure transmission, for example: if the matching is matched, the relevant semantic is ' xx is sent to me ', the template is ' sent to you before ' and ' xx is not completed yet ' before ' whether the conversation appears after verification, and if yes, the intention is failed to confirm. And confirming the intention based on the intention confirmation template according to the extracted semantics of the dialog after the matched extracted semantics in the dialog sequence corresponds to the dialog, and if the intention is successful, determining that the user has the use intention of the safe transmission of the file. The intention is to confirm that the template is empty, indicating that no secondary confirmation is necessary. Whether the user has the use intention of the safe file transmission is determined based on the conversation between the user and other people, so that the accuracy of the determination of the use intention is improved.
In one embodiment, an input window of an information security transmission platform is displayed, comprising:
acquiring the minimum size and the size proportion of an input window;
determining whether there is a free area within the user window that can separately display the input window based on the minimum size;
if so, determining the maximum display size of the input window in the idle area based on the size proportion, and displaying the input window in the corresponding idle area in the maximum display size;
otherwise, randomly selecting a target area capable of displaying the input window at the top with the minimum size for multiple times within the range of the user window;
extracting the characteristic values of the shielding area of the shielded file after the input window is displayed in the target area and a second operation sequence for operating the shielded file within the third time recently preset by the user according to a preset characteristic value extraction template to obtain a plurality of information characteristic values;
determining display suitability of the target area based on the plurality of information characteristic values;
and displaying the input window in the target area corresponding to the maximum display suitability degree in a minimum size.
The working principle and the beneficial effects of the technical scheme are as follows:
the input window is a rectangular window, the minimum size is the size which can ensure that text information and the like in the input window can be clearly seen by a user, and the size proportion is the ratio of the length to the width of the rectangle. Firstly, whether an idle area capable of independently displaying the input window exists is determined, if yes, the idle area capable of displaying the input window to the maximum is selected for displaying, and therefore a user can conveniently perform operations such as file dragging. If no free area exists, in order to avoid excessive shielding of the existing display file interface, the input window needs to be displayed in the minimum size, and the top display is displayed at the forefront of the interface. Extracting an occlusion area of the occluded file after the input window is displayed in the target area and information characteristic values of a second operation sequence for operating the occluded file within a third time (for example, 10 minutes) preset recently by a user, wherein the information characteristic values comprise: the area of the shielded area, the operation times, the continuous operation times, the minimum operation interval time and the like. Based on the information characteristic value, the display suitability is determined. In general, the smaller the area of the occlusion region, the smaller the number of operations, the smaller the number of consecutive operations, and the longer the minimum interval time between operations, the more appropriate the display will be if the input window is displayed in the target region so as to occlude the file, and the less the user will not affect the file that has been most frequently operated by the user. And displaying the input window in the target area corresponding to the maximum display suitability. The display area is reasonably selected for the input window, the conditions such as user office influence during random display are avoided, and the display device is more humanized and more intelligent. Generally, there are many documents opened on a desktop by an office worker, and therefore, it is necessary to appropriately select an appropriate display area.
In one embodiment, determining the display suitability of the target area based on the plurality of information characteristic values comprises:
inputting a plurality of information characteristic values into a preset display suitability determination model, and determining the display suitability of a target area;
or the like, or, alternatively,
constructing a first expression factor based on a plurality of information characteristic values;
and matching the first expression factor with any second expression factor in a preset display suitability determination library, if the first expression factor is matched with any second expression factor in the preset display suitability determination library, acquiring a preset suitability value corresponding to the matched second expression factor, and taking the preset suitability value as the display suitability of the target area.
The working principle and the beneficial effects of the technical scheme are as follows:
there are two ways to determine the display suitability of the target area: firstly, directly inputting a preset display suitability determination model; the preset display suitability determination model is an artificial intelligence model which trains the neural network model to be converged by utilizing a large number of logic records (for example, the smaller the area of the shielded region, the smaller the operation frequency, the smaller the continuous operation frequency and the longer the minimum operation interval time, the smaller the shielded file displayed in the target region, the less the input window is, the more frequently operated files of the user are not influenced, and the larger the display suitability is), which are used for manually determining the region display suitability based on the information characteristic value. Secondly, constructing a first expression factor based on the information characteristic value in a vector form, matching the first expression factor with a second expression factor, and if the first expression factor is matched with the second expression factor, taking a preset appropriate value corresponding to the matched second expression factor as the display suitability of the target area; when the second expression factor is used for manually determining the region display suitability according to the information characteristic value in advance, the information characteristic value is constructed in a vector form, and the determined display suitability is used as a suitability value. Two modes are introduced to determine the display suitability of the target area, and the applicability of the determination of the display suitability is improved.
In one embodiment, the transmitting the file to the receiving party based on the information security transmission platform comprises:
verifying the safety degree of the use environment for the safe transmission of the file used by the user;
and when the verification is passed, transmitting the file to a receiver based on the information security transmission platform.
The working principle and the beneficial effects of the technical scheme are as follows:
some uncertain factors affecting transmission security may exist on the terminal equipment of the user, for example: the user opens unknown source plug-ins, software, etc. Therefore, when the information security transmission platform is used for information transmission, the safety degree of the use environment of the user for using the file security transmission is verified, the information security transmission platform is used for information transmission after the verification is passed, and the safety of the information transmission is further improved.
In one embodiment, verifying the security of the use environment of the user using the secure transfer of the file comprises:
acquiring environmental information of a use environment by contrasting a preset information acquisition template;
performing feature extraction on the environmental information by contrasting a preset feature extraction template to obtain a plurality of information features;
matching the information characteristics with risk characteristics in a preset transmission risk characteristic library, if the matching is in accordance with the risk characteristics, acquiring a preset first risk value corresponding to the matched and conformed risk characteristics, meanwhile, uploading the environment information corresponding to the matched and conformed information characteristics to an information safety transmission platform, and acquiring a second risk value returned by the information safety transmission platform;
determining a target risk value according to the first risk value and the second risk value based on a target risk value determination rule;
accumulating and calculating each target risk value and taking the reciprocal to obtain the safety degree of the use environment;
if the safety degree is larger than or equal to a preset safety degree threshold value, the verification is passed;
wherein the target risk value determination rule comprises:
calculating an absolute value of a difference between the first risk value and the second risk value;
if the absolute value is less than or equal to a preset absolute value threshold, taking the average value of the absolute value and the preset absolute value threshold as a target risk value;
otherwise, the second risk value is taken as the target risk value.
The working principle and the beneficial effects of the technical scheme are as follows:
the environment information of the usage environment includes: the software source and the plug-in source which are being opened by the terminal equipment of the user, the setting level of a firewall, the name of antivirus and protection software which is being opened and the like. Extracting information characteristics of the environment information, wherein the information characteristics comprise: whether the software source is unknown, the firewall setting level, the number of antivirus software opened, the number of protection software opened and the like. Risk features are features that reflect the possible risk of information transmission, such as: unknown software source, low firewall setting level, no snake venom software or protection software turned on, etc. And matching the information characteristics with the risk characteristics, and if the matching is in accordance with the risk characteristics, acquiring a preset first risk value corresponding to the risk characteristics in accordance with the matching, wherein the first risk value is a numerical value locally endowed for the risk characteristics in accordance with the matching and representing the risk degree. And in addition, uploading the matched environment information corresponding to the information characteristics to an information security transmission platform, carrying out risk judgment by the information security transmission platform, and replying to return a second risk value. And determining a target risk value from the two risk values, accumulating the target risk values, and taking the reciprocal of the accumulated sum as the safety degree. And if the safety degree is greater than or equal to the preset safety degree threshold value, the verification is passed. And a transmission risk characteristic library is introduced, so that the accuracy and the efficiency of determining the risk degree are improved.
And when the target risk value is determined, calculating an absolute value of a difference value of the two risk values, if the absolute value is too large, indicating that the risk judgment is too large, and taking the second risk value as the target risk value on the basis of the information security transmission platform due to the fact that the information security transmission platform has higher speciality and timeliness to the risk judgment, otherwise, taking the average value of the two risk values to neutralize the target risk value.
In one embodiment, obtaining a plurality of habit file types and corresponding habit operation sequences that a user is accustomed to operating before using file secure transmission includes:
acquiring user information of a user;
extracting necessary user information which can determine the operation habit of a user before using the file for safe transmission from the user information by contrasting a preset information extraction template;
generating a template by contrasting preset user conditions, and generating user conditions according to necessary user information;
determining other operation habits of other users according with the user conditions before the other users use the files for safe transmission from a preset operation habit shared library;
and determining a plurality of habit file types and corresponding habit operation sequences which are operated by the user before the user uses the safe transmission of the file based on other operation habits.
The working principle and the beneficial effects of the technical scheme are as follows:
the habitual operations of users before using the file for safe transmission may be the same, for example, two users who are document writers will have one-by-one page-turning review before submitting the document for review. Thus, user information of the user is acquired, the user information including: occupational and frequent use of software, etc. Necessary user information that can determine the operation habit of the user before using the file for safe transmission is extracted from the user information, for example: the habit operation before using the file to safely transmit is mostly determined by profession, and the profession information is extracted to be used as necessary user information. Generating user conditions based on the necessary user information, for example: the other users need to meet the occupation xx. The preset operation habit shared library has user information of different users and other operation habits before the safe transmission of the used files, and other operation habits, which meet the user conditions, of other users before the safe transmission of the used files are determined. And determining a plurality of habit file types and corresponding habit operation sequences which are operated by the user before the user uses the safe transmission of the file based on other operation habits. By utilizing the characteristic that the habitual operations before the safe transmission of the used files among the users are possibly the same, a plurality of habitual file types and corresponding habitual operation sequences are obtained for the users, the comprehensiveness of obtaining the habitual file types and the corresponding habitual operation sequences is improved, and the method is particularly suitable for the situation that the users do not capture the operation habits when the users just start to use the system.
In addition, when determining a plurality of habit file types and corresponding habit operation sequences that a user is used to operate before using file secure transmission based on other operation habits, it may be verified whether the obtained other operation habits are the user habits, for example: and when the user operation is consistent with the acquired other operation habits, popping up the input window, and verifying whether the user closes the input window immediately, wherein if so, the acquired other operation habits are not the user habits.
An embodiment of the present invention provides a network security transmission system, as shown in fig. 2, including:
the identification module 1 is used for identifying whether a user has the use intention of safe file transmission;
the loading module 2 is used for loading the pre-installed information security transmission platform in a non-inductive manner if the information security transmission platform exists;
the display module 3 is used for acquiring and displaying an input window of the information security transmission platform after the loading is finished;
the acquisition module 4 is used for acquiring files and receivers input and confirmed by a user based on the input window;
and the transmission module 5 is used for transmitting the file to a receiver based on the information security transmission platform.
The embodiment of the invention provides a network security transmission system, wherein an identification module 1 identifies whether a user has a use intention of file security transmission, and comprises the following steps:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses the safe transmission of the files;
identifying whether a type file of a habitual file type is opened within a window range of a user;
if yes, acquiring a first operation sequence for operating the type file within a first time preset recently by the user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (7)

1. A network security transmission method is characterized by comprising the following steps:
identifying whether a user has a use intention of file safe transmission;
if yes, loading a pre-installed information security transmission platform in a non-inductive manner;
after the loading is finished, an input window of the information security transmission platform is obtained and displayed;
acquiring a file and a receiver which are input and confirmed by a user based on the input window;
transmitting the file to the receiver based on the information security transmission platform, including:
verifying the safety degree of the use environment for the safe transmission of the file used by the user;
when the verification is passed, transmitting the file to the receiving party based on the information security transmission platform;
the method for verifying the safety degree of the use environment of the safe transmission of the file used by the user comprises the following steps:
acquiring environmental information of the use environment by contrasting a preset information acquisition template;
performing feature extraction on the environmental information by contrasting a preset feature extraction template to obtain a plurality of information features;
matching the information characteristics with risk characteristics in a preset transmission risk characteristic library, if the matching is in accordance with the risk characteristics, acquiring a preset first risk value corresponding to the risk characteristics matched with the risk characteristics, uploading the environment information corresponding to the information characteristics matched with the risk characteristics to the information safety transmission platform, and acquiring a second risk value returned by the information safety transmission platform;
determining a target risk value according to the first risk value and the second risk value based on a target risk value determination rule;
accumulating and calculating each target risk value and taking the reciprocal to obtain the safety degree of the use environment;
if the safety degree is larger than or equal to a preset safety degree threshold value, the verification is passed;
wherein the target risk value determination rule comprises:
calculating an absolute value of a difference between the first risk value and the second risk value;
if the absolute value is less than or equal to a preset absolute value threshold, taking the average value of the absolute value and the preset absolute value threshold as a target risk value;
otherwise, the second risk value is taken as a target risk value.
2. The network security transmission method of claim 1, wherein the identifying whether the user has the usage intention of the file security transmission comprises:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses the safe transmission of the files;
identifying whether a type file of the habitual file type is opened in a user window range;
if yes, acquiring a first operation sequence for operating the type file within first time preset recently by a user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
3. The network security transmission method of claim 1, wherein the identifying whether the user has the usage intention of the file security transmission comprises:
obtaining a dialog sequence in a dialog box within a user window range within a second time which is preset recently;
extracting semantics of each dialog in the dialog sequence one by one, matching the extracted semantics with relevant semantics in a preset file security transmission relevant semantic library, and if the extracted semantics are matched with the relevant semantics, acquiring a preset intention confirmation template corresponding to the relevant semantics matched with the relevant semantics;
if the intention confirming template is empty, determining that the user has the use intention of the safe file transmission;
if the intention confirmation template is not empty, performing intention confirmation according to the extraction semantics of the dialog after the dialog corresponding to the extraction semantics matched and matched in the dialog sequence based on the intention confirmation template;
and if the intention is confirmed successfully, determining that the user has the use intention of the safe transmission of the file.
4. The network security transmission method of claim 1, wherein displaying the input window of the information security transmission platform comprises:
acquiring the minimum size and the size proportion of the input window;
determining whether a free area capable of independently displaying the input window exists in the range of the user window or not based on the minimum size;
if so, determining the maximum display size of the input window in the idle area based on the size proportion, and displaying the input window in the corresponding idle area in the maximum display size;
otherwise, randomly selecting a target area capable of displaying the input window in the minimum size at the top within the range of the user window for multiple times;
comparing a preset characteristic value extraction template, and extracting characteristic values of an occlusion area of the occluded file after the input window is displayed in the target area and a second operation sequence for operating the occluded file within a third time recently preset by a user to obtain a plurality of information characteristic values;
determining display suitability of the target area based on the plurality of information characteristic values;
and displaying the input window in the target area corresponding to the maximum display suitability degree in the minimum size.
5. The method for network security transmission according to claim 4, wherein determining the display suitability of the target area based on the plurality of information characteristic values comprises:
inputting the plurality of information characteristic values into a preset display suitability determination model, and determining the display suitability of the target area;
or the like, or, alternatively,
constructing a first expression factor based on the plurality of information characteristic values;
and matching the first expression factor with any second expression factor in a preset display suitability determination library, if the first expression factor is matched with any second expression factor in the preset display suitability determination library, acquiring a preset suitability value corresponding to the matched second expression factor, and taking the preset suitability value as the display suitability of the target area.
6. The network security transmission method of claim 2, wherein obtaining a plurality of habitual file types and corresponding habitual operation sequences that a user operates before using file security transmission comprises:
acquiring user information of a user;
extracting necessary user information which can determine the operation habit of a user before using the file for safe transmission from the user information by contrasting a preset information extraction template;
generating a template according to a preset user condition, and generating a user condition according to the necessary user information;
determining other operation habits of other users according with the user conditions before the other users use the files for safe transmission from a preset operation habit shared library;
and determining a plurality of habit file types and corresponding habit operation sequences which are operated by the user before the user uses the safe file transmission based on the other operation habits.
7. A network security transmission system, comprising:
the identification module is used for identifying whether a user has the use intention of safe file transmission;
the loading module is used for loading the pre-installed information security transmission platform in a non-inductive manner if the information security transmission platform exists;
the display module is used for acquiring and displaying the input window of the information security transmission platform after the loading is finished;
the acquisition module is used for acquiring the file and the receiver which are input and confirmed by the user based on the input window;
the transmission module is used for transmitting the file to the receiver based on the information security transmission platform; the identification module identifies whether the user has the use intention of the safe transmission of the file, and comprises the following steps:
acquiring a plurality of habit file types and corresponding habit operation sequences which are operated by a user before the user uses the safe transmission of the files;
identifying whether a type file of the habitual file type is opened in a user window range;
if yes, acquiring a first operation sequence for operating the type file within first time preset recently by a user;
performing sequence matching on the first operation sequence and the corresponding habit operation sequence to obtain a sequence matching degree;
and if the sequence matching degree is greater than or equal to a preset sequence matching degree threshold value, determining that the user has the use intention of safe file transmission.
CN202211368516.2A 2022-11-03 2022-11-03 Network security transmission method and system Active CN115442157B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211368516.2A CN115442157B (en) 2022-11-03 2022-11-03 Network security transmission method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211368516.2A CN115442157B (en) 2022-11-03 2022-11-03 Network security transmission method and system

Publications (2)

Publication Number Publication Date
CN115442157A CN115442157A (en) 2022-12-06
CN115442157B true CN115442157B (en) 2023-03-24

Family

ID=84252233

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211368516.2A Active CN115442157B (en) 2022-11-03 2022-11-03 Network security transmission method and system

Country Status (1)

Country Link
CN (1) CN115442157B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106464488A (en) * 2015-08-28 2017-02-22 华为技术有限公司 Information transmission method and mobile device
CN113434467A (en) * 2021-05-31 2021-09-24 浪潮电子信息产业股份有限公司 Network file transmission method and device and computer readable storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102012107306A1 (en) * 2011-08-11 2013-02-14 brainchild GmbH Method and device for the secure handling of e-mail communication
CN105101056A (en) * 2015-07-08 2015-11-25 广东欧珀移动通信有限公司 File transmission method and mobile terminal
CN108647052B (en) * 2018-04-28 2020-12-01 Oppo广东移动通信有限公司 Application program preloading method and device, storage medium and terminal
WO2021155480A1 (en) * 2020-02-07 2021-08-12 Royal Bank Of Canada System and method for conversational middleware platform
CN113722457A (en) * 2021-08-11 2021-11-30 北京零秒科技有限公司 Intention recognition method and device, storage medium, and electronic device
CN114666627A (en) * 2022-03-01 2022-06-24 深圳市博安智控科技有限公司 Method and device for preloading streaming media video, electronic equipment and storage medium
CN114900570B (en) * 2022-07-13 2022-10-18 江西联创精密机电有限公司 Standardized data acquisition and transmission method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106464488A (en) * 2015-08-28 2017-02-22 华为技术有限公司 Information transmission method and mobile device
CN113434467A (en) * 2021-05-31 2021-09-24 浪潮电子信息产业股份有限公司 Network file transmission method and device and computer readable storage medium

Also Published As

Publication number Publication date
CN115442157A (en) 2022-12-06

Similar Documents

Publication Publication Date Title
US6549957B1 (en) Apparatus for preventing automatic generation of a chain reaction of messages if a prior extracted message is similar to current processed message
AU2012216564B2 (en) Methods and Systems for Increasing the Security of Electronic Messages
US6701348B2 (en) Method and system for automatically updating contact information within a contact database
US9215197B2 (en) System, method, and computer program product for preventing image-related data loss
US7299035B2 (en) Server device, mobile communications terminal, information transmitting system and information transmitting method
US6388772B1 (en) Electronic facsimile calendaring method and apparatus
CN102082589B (en) Method, device and system for storing contact information
US7890588B2 (en) Unwanted mail discriminating apparatus and unwanted mail discriminating method
CN107438054B (en) Method and system for realizing menu information control based on public platform
CN104702760A (en) Communication number updating method and device
CN110519154A (en) Data transmission method for uplink, device, equipment and computer readable storage medium
CN101641721A (en) Biometric matching method and apparatus
CN100527153C (en) Image processing system, scanner and terminal device
CN110458507B (en) Authorization method and device for public number business hosting
EP2513806A2 (en) Electronic mail server and method for automatically generating address lists
CN105141753A (en) Method and device for processing verification code short-message expiration
US20090178117A1 (en) System and method of retrieving a service contact identifier
CN115442157B (en) Network security transmission method and system
CN102833248A (en) Method and system for eliminating terminal password
US7778660B2 (en) Mobile communications terminal, information transmitting system and information receiving method
CN109831569A (en) A kind of communication means, device and intelligent terminal
CN108156071A (en) To method, terminal device and the computer readable storage medium of community&#39;s addition member
CN106446717A (en) Information processing method, device and terminal
KR20040071105A (en) The Method of Relaying multi Short Message Service
KR100528590B1 (en) Method and apparatus for performing the process such as re-transmittance of the saved spam mail and modification of the spam rule, and computer readable medium on which program for executing the method is recorded

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant