CN116720203A - Data security control system and method based on block chain - Google Patents

Data security control system and method based on block chain Download PDF

Info

Publication number
CN116720203A
CN116720203A CN202310621189.5A CN202310621189A CN116720203A CN 116720203 A CN116720203 A CN 116720203A CN 202310621189 A CN202310621189 A CN 202310621189A CN 116720203 A CN116720203 A CN 116720203A
Authority
CN
China
Prior art keywords
type
information
data
block
data type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310621189.5A
Other languages
Chinese (zh)
Other versions
CN116720203B (en
Inventor
赵凤霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Soulu Guangzhou Technology Co ltd
Original Assignee
Harbin Daojian Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harbin Daojian Technology Development Co ltd filed Critical Harbin Daojian Technology Development Co ltd
Priority to CN202310621189.5A priority Critical patent/CN116720203B/en
Priority claimed from CN202310621189.5A external-priority patent/CN116720203B/en
Publication of CN116720203A publication Critical patent/CN116720203A/en
Application granted granted Critical
Publication of CN116720203B publication Critical patent/CN116720203B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data security management, in particular to a data security control system and method based on a block chain, comprising the steps of obtaining the duration of the distance between the time when each information content is attacked and a starting time stamp; selecting a characteristic attribute word from information content with the same data type, and calculating the prior probability of the corresponding characteristic attribute word in each information type based on the characteristic attribute word; recording the time of inputting information by a user on a platform as the current time period; calculating a safety value corresponding to a current time period of the block based on prior probability of the characteristic attribute words corresponding to the user data information and the information type, selecting the block with the safety value larger than a safety value threshold as a safety block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.

Description

Data security control system and method based on block chain
Technical Field
The invention relates to the technical field of data security management, in particular to a data security control system and method based on a block chain.
Background
The blockchain is to form a chain by one block, a certain amount of information is stored between each block, the blocks are connected into a chain, the chain existing between the blocks is stored in the whole server, so long as one server can work in the whole system, the whole blockchain is safe, the hash value of each block in one blockchain is related to the hash value of the previous case, namely the hash value of the previous block is the leading hash value of the current block, and the mode ensures the order, the safety and the integrity of each block in all regional chains.
When a user stores and transmits data, the platform needs to guarantee the safety of the data, but the data types of different data are different, if only a higher safety strategy is uniformly adopted for the safety, the expenditure cost of the platform in safety is greatly increased, and if a lower safety strategy is uniformly used for the safety protection for the data for saving cost, the problem of the safety of the data is caused.
Disclosure of Invention
The present invention is directed to a data security control system and method based on blockchain to solve the above-mentioned problems in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: a data security control method based on a block chain comprises the following steps:
step S100: acquiring the attacked historical data information in the block chain, and extracting the information type and the information content corresponding to the historical data information; randomly selecting a plurality of words from each information content as characteristic attribute words; selecting a characteristic attribute word from information content with the same data type, and calculating the prior probability of the corresponding characteristic attribute word in each information type based on the characteristic attribute word;
step S200: calculating a type occupation ratio corresponding to the data types based on the information content quantity corresponding to each data type, and recording the corresponding data type as a vulnerable data type when the type occupation ratio is larger than a type occupation ratio threshold; acquiring user data information input by a user on a platform; recording the time of inputting information by a user on a platform as the current time period; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
step S300: acquiring historical node data of each block in a block chain; extracting node data corresponding to each history period from the history node data; the node data comprises the number of nodes and node response time; based on the number of nodes and the node response time corresponding to each historical period block, respectively calculating the number of predicted nodes and the predicted node response time corresponding to the current period of the block;
step S400: calculating a safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting a block with the safety value larger than a safety value threshold as a safety block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
Further, step S100 includes:
step S101: recording and collecting the feature attribute words randomly selected from each information content to obtain a feature attribute word set V= { d 1 、d 2 、...、d r}; wherein ,d1 、d 2 、...、d r The method comprises the steps of randomly selecting 1 st, 2 nd, r's characteristic attribute words from each information content;
step S102: recording and collecting data types corresponding to each information content to obtain a data type set D= { x 1 、x 2 、...、x n}; wherein ,x1 、x 2 、...、x n Class 1, 2, & n data types; selecting a random moment before the block chain is attacked as a starting time stamp, and acquiring the time length of the distance between the time when each information content is attacked and the starting time stamp; acquiring the distance duration between the time when each information content is attacked and the starting time stamp; calculating arbitrary data type x of information content u Any feature attribute word d u Corresponding prior probability
wherein ,xu ∈D;For any data type x u Any feature attribute word d in the ith information content of (a) u The total number of corresponding characteristic attribute words, d u ∈V;/>Data type x u The duration of the distance between the time the ith information content is attacked and the start time stamp; gamma is a time influence coefficient; r is the total number of feature attribute words in the feature attribute word set V; />For any data type x u C-th feature attribute word d in i-th information content of (a) c The total number of the characteristic attribute words; j is of data type x u The total number of information contents;
step S103: when the calculated molecule with the prior probability of the characteristic attribute word in a certain data type is zero, a Laplacian smoothing algorithm is used for the prior probability of the molecule being zero, and a value of the molecule is added with 1; will be of arbitrary data type x u Record collection is carried out on prior probability of each characteristic attribute word of the information content of (a) to obtain any data type x u Is set of prior probabilities of (c) wherein ,/>The prior probabilities corresponding to the 1 st, 2 nd and r th characteristic attribute words are respectively represented; logarithmic numberAccording to each data type in the type set D, the prior probability of the corresponding characteristic attribute words is calculated respectively, record collection is carried out, and a set ++is obtained> wherein ,respectively denoted as data type x 1 、x 2 、...、x n Prior probability sets of each feature attribute word;
the step of randomly selecting the feature attribute words from each information content is to ensure that each selected feature attribute word has no relevance, if more feature attribute words are selected from a certain data type, the prior probability of the subsequent feature attribute words is biased towards the data type; and then, when the data type of the user data information is judged subsequently, the data type judgment is caused to be incorrect, the time length of the distance between the time when each information content is attacked and the starting time stamp is acquired, and the prior probability corresponding to the characteristic attribute word of a certain data type of the information content is calculated. Because attack time corresponding to information content can influence the characteristic attribute words in the calculation process, if the time corresponding to the information content is very close to the distance time of the current period, the timeliness of the information content is higher, and the influence on the prior probability of the characteristic attribute words is larger.
Further, step S200 includes:
step S201: acquiring arbitrary data type x in information content u Corresponding amount of information content of (a)Acquiring total number C of information contents extracted from historical data information a The method comprises the steps of carrying out a first treatment on the surface of the Calculating arbitrary data type x u The type ratio of the corresponding information content quantity to the total information content quantity>Calculating the type duty ratio of each data type in the data type set D, and recording and collecting to obtain a type duty ratio set T= { p (x) 1 )、p(x 2 )、...、p(x n ) -a }; wherein p (x) 1 )、p(x 2 )、...、p(x n ) Respectively the data types are x 1 、x 2 、...、x n The corresponding type duty cycle; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
step S202: acquiring user data information input by a user on a platform; extracting characteristic attribute words in the characteristic attribute word set V from the user data information, and recording and gathering to obtain a user characteristic attribute word set of the user data information wherein ,/>Respectively, feature attribute words d in user data information 1 、d 2 、...、d r A corresponding number;
step S203: calculating arbitrary data type x in information content u Type attribute word probability of (a)
wherein ,for the c-th feature attribute word d in the feature attribute word set V in the user data information c A corresponding number; r is the special in the characteristic attribute word set VTotal number of feature words; />For any data type x u Corresponding feature attribute word d c Is a priori probability of (2);
step S204: calculating arbitrary data type x corresponding to user data information u The information type probability p (x) u |V):
wherein ,p(xu ) For any data type x u The type ratio of (2); sigma (sigma) n p(x u ) The sum value of the duty ratio of each data type in the data type set D is 1;
step S205: data type determination conditions are used for the information type of the user data information:judging; the data type judging condition is used for obtaining the information type corresponding to the maximum value of the information type probability, and the information type corresponding to the user data information is recorded;
the above steps use the ratio of the number of information contents corresponding to each data type to the number of overall information contents as a criterion for determining whether the data type is a vulnerable data type, because if a certain item of data corresponds to data which is attacked in its entirety, the more the data is indicated to be vulnerable, so that as soon as the feature attribute word appears in the user data information, the more the feature attribute word is indicated to be the data type with a greater degree of association with the feature attribute word.
Further, step S300 includes:
step S301: recording and collecting the number of nodes corresponding to the obtained block history period to obtain a node number set B= { C corresponding to the history period 1 、C 2 、...、C z}; wherein ,C1 、C 2 、...、C z The number of internal nodes corresponding to the z history period blocks; acquiring a time length T of each time period from a starting time stamp B The method comprises the steps of carrying out a first treatment on the surface of the Acquiring the distance duration T of two adjacent time periods c The method comprises the steps of carrying out a first treatment on the surface of the Selecting a time length T with the smallest value from the time lengths of the distances between the time periods and the start time stamps Bo The method comprises the steps of carrying out a first treatment on the surface of the Calculating node time influence coefficient T corresponding to the node number of the L-th historical period of the block BaL
Wherein m is a positive integer; t (T) BL A duration that is a distance between the L-th history period and the start time stamp;
calculating the number C of the predicted nodes of the current period of the block:
z is the number of historical time periods recorded in the node number set; c (C) L The number of the nodes corresponding to the L historical period block is the L historical period block;
step S302: recording and collecting the nodes corresponding to the acquired block history period to obtain a node response time set E= { E corresponding to the history period 1 、e 2 、...、e z}; wherein ,e1 、e 2 、...、e z For the 1 st, 2 nd, z history period blocksCorresponding internal node response time; calculating the predicted node response time e corresponding to the current time period of the block:
wherein ,eL The node response time corresponding to the L historical period of the block; z is the number of historical time periods recorded in the node number set.
Further, step S400 includes:
step S401: calculating a safety value H corresponding to the current period of the block:
c is the number of predicted nodes in the current period of the block; e is the response time of the predicted node corresponding to the current period of the block;
step S402: the block with the safety value larger than the safety value threshold is marked as a safety block; when the user data information is judged to be the vulnerable data type, adjusting the security policy of the user data information; the adjustment includes transmitting user data information to the secure block for storage; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
In order to better realize the method, a data security control system is also provided, and the data security control system comprises a priori probability module, a data type judging module, a prediction node module and a transmission module;
the prior probability module is used for extracting information types and information contents corresponding to the historical data information from the historical data information which is attacked in the blockchain, and calculating prior probability of the corresponding characteristic attribute words in each information type based on the characteristic attribute words;
the data judging module is used for marking the data type with the type occupation ratio larger than the type occupation ratio threshold as the vulnerable data type; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
the prediction node module is used for calculating the number of the prediction nodes and the response time of the prediction nodes corresponding to the current time period of the block based on the number of the nodes and the response time of the nodes corresponding to each historical time period of the block;
and the transmission module is used for calculating the safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting the block with the safety value larger than the safety value threshold as the safety block, determining the data type corresponding to the user data information based on the data type determination condition, adjusting the strategy of the safety position of the user data information, and transmitting the user data information to the corresponding block for storage.
Further, the prior probability module comprises a characteristic attribute word unit and a prior probability unit;
the characteristic attribute word unit is used for randomly selecting words in the information content and recording and collecting the selected words as characteristic attribute words;
the prior probability unit is used for obtaining the duration of the distance between the time of each information content being attacked and the starting time stamp; and calculating the prior probability corresponding to the characteristic attribute words of each data type.
Further, the data type judging module comprises a data type unit and a priori probability unit;
the data type unit is used for acquiring the quantity of the same information content of the data types, calculating the type proportion of each data type in the data type set, and recording and gathering to obtain the type proportion set of each data type; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
the prior probability unit is used for calculating the user data information based on the type attribute word probability and the number corresponding to the characteristic attribute words in the user data informationThe data type corresponding to the message is x n Is a probability of information type of (a).
Further, the prediction node module comprises a prediction node quantity unit and a prediction node response time unit;
a predicted node number unit for selecting a time length with the smallest value from the time lengths of the distances between the time periods and the start time stamps; calculating node time influence coefficients corresponding to the number of nodes in the block history period; calculating the predicted node number of the current period of the block based on the node time influence coefficient corresponding to the node number of the block history period and the node number corresponding to the block history period;
and the predicted node response time unit is used for recording and collecting the nodes corresponding to the acquired block historical time periods to obtain a node response time set corresponding to the historical time periods, and calculating the predicted node response time corresponding to the current time period of the block.
Further, the transmission module comprises a transmission unit;
the transmission unit is used for selecting a block with the safety value larger than the safety value threshold value as a safety block for calculating the safety value corresponding to the current time period of the block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
Compared with the prior art, the invention has the following beneficial effects: the invention realizes the automatic judgment of the data type of the user data information input by the user in the platform based on the attack historical data information received in the blockchain, thereby automatically adjusting the security policy of the user data information, realizing the intelligent security control of the user data information, judging the security condition of each block in the blockchain by using the node quantity and the node response time, because if the number of the nodes is larger for the block, the more the node quantity means that more people participate in the consensus process, the malicious behavior is more difficult to happen, and because a plurality of nodes need to be controlled simultaneously to attack, in addition, the more nodes also means more scattered rights, so that any single entity cannot control the whole network, the increase of the node quantity can improve the security of the blockchain, the node response time is very important for guaranteeing the security of the blockchain network in the block, the reliability of the network can be improved, and the malicious nodes are prevented from trying to tamper the blockchain.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a flow chart of a method of the present invention for a blockchain-based data security control system and method;
FIG. 2 is a block diagram of a system and method for controlling data security based on blockchain in accordance with the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-2, the present invention provides the following technical solutions: a data security control method based on a block chain comprises the following steps:
step S100: acquiring the attacked historical data information in the block chain, and extracting the information type and the information content corresponding to the historical data information; randomly selecting a plurality of words from each information content as characteristic attribute words; selecting a characteristic attribute word from information content with the same data type, and calculating the prior probability of the corresponding characteristic attribute word in each information type based on the characteristic attribute word;
wherein, step S100 includes:
step S101: recording and collecting feature attribute words randomly selected from each information content to obtain feature genusSexual word set v= { d 1 、d 2 、...、d r}; wherein ,d1 、d 2 、...、d r The method comprises the steps of randomly selecting 1 st, 2 nd, r's characteristic attribute words from each information content;
step S102: recording and collecting data types corresponding to each information content to obtain a data type set D= { x 1 、x 2 、...、x n}; wherein ,x1 、x 2 、...、x n Class 1, 2, & n data types; selecting a random moment before the block chain is attacked as a starting time stamp, and acquiring the time length of the distance between the time when each information content is attacked and the starting time stamp; acquiring the distance duration between the time when each information content is attacked and the starting time stamp; calculating arbitrary data type x of information content u Any feature attribute word d u Corresponding prior probability
wherein ,xu ∈D;For any data type x u Any feature attribute word d in the ith information content of (a) u The total number of corresponding characteristic attribute words, d u ∈V;/>Data type x u The duration of the distance between the time the ith information content is attacked and the start time stamp; gamma is a time influence coefficient; r is the total number of feature attribute words in the feature attribute word set V; />For any data type x u Is the first of (2)C-th characteristic attribute word d in i information contents c The total number of the characteristic attribute words; j is of data type x u The total number of information contents;
step S103: when the calculated molecule with the prior probability of the characteristic attribute word in a certain data type is zero, a Laplacian smoothing algorithm is used for the prior probability of the molecule being zero, and a value of the molecule is added with 1; will be of arbitrary data type x u Record collection is carried out on prior probability of each characteristic attribute word of the information content of (a) to obtain any data type x u Is set of prior probabilities of (c) wherein ,/>The prior probabilities corresponding to the 1 st, 2 nd and r th characteristic attribute words are respectively represented; the prior probability of the corresponding characteristic attribute words is calculated for each data type in the data type set D, record collection is carried out, and a set +.> wherein ,respectively denoted as data type x 1 、x 2 、...、x n Prior probability sets of each feature attribute word;
step S200: calculating a type occupation ratio corresponding to the data types based on the information content quantity corresponding to each data type, and recording the corresponding data type as a vulnerable data type when the type occupation ratio is larger than a type occupation ratio threshold; acquiring user data information input by a user on a platform; recording the time of inputting information by a user on a platform as the current time period; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
wherein, step S200 includes:
step S201: acquiring arbitrary data type x in information content u Corresponding amount of information content of (a)Acquiring total number C of information contents extracted from historical data information a The method comprises the steps of carrying out a first treatment on the surface of the Calculating arbitrary data type x u The type ratio of the corresponding information content quantity to the total information content quantity>Calculating the type duty ratio of each data type in the data type set D, and recording and collecting to obtain a type duty ratio set T= { p (x) 1 )、p(x 2 )、...、p(x n ) -a }; wherein p (x) 1 )、p(x 2 )、...、p(x n ) Respectively the data types are x 1 、x 2 、...、x n The corresponding type duty cycle; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
step S202: acquiring user data information input by a user on a platform; extracting characteristic attribute words in the characteristic attribute word set V from the user data information, and recording and gathering to obtain a user characteristic attribute word set of the user data information wherein ,/>Respectively, feature attribute words d in user data information 1 、d 2 、...、d r A corresponding number;
step S203: calculating arbitrary data type x in information content u Type attribute word probability of (a)
wherein ,for the c-th feature attribute word d in the feature attribute word set V in the user data information c A corresponding number; r is the total number of feature attribute words in the feature attribute word set V; />For any data type x u Corresponding feature attribute word d c Is a priori probability of (2);
step S204: calculating arbitrary data type x corresponding to user data information u The information type probability p (x) u |V):
wherein ,p(xu ) For any data type x u The type ratio of (2); sigma (sigma) n p(x u ) The sum value of the duty ratio of each data type in the data type set D is 1;
step S205: data type determination conditions are used for the information type of the user data information:judging; the data type judging condition is used for obtaining the information type corresponding to the maximum value of the information type probability, and the information type corresponding to the user data information is recorded;
step S300: acquiring historical node data of each block in a block chain; extracting node data corresponding to each history period from the history node data; the node data comprises the number of nodes and node response time; based on the number of nodes and the node response time corresponding to each historical period block, respectively calculating the number of predicted nodes and the predicted node response time corresponding to the current period of the block;
wherein, step S300 includes:
step S301: recording and collecting the number of nodes corresponding to the obtained block history period to obtain a node number set B= { C corresponding to the history period 1 、C 2 、...、C z}; wherein ,C1 、C 2 、...、C z The number of internal nodes corresponding to the z history period blocks; acquiring a time length T of each time period from a starting time stamp B The method comprises the steps of carrying out a first treatment on the surface of the Acquiring the distance duration T of two adjacent time periods c The method comprises the steps of carrying out a first treatment on the surface of the Selecting a time length T with the smallest value from the time lengths of the distances between the time periods and the start time stamps Bo The method comprises the steps of carrying out a first treatment on the surface of the Calculating node time influence coefficient T corresponding to the node number of the L-th historical period of the block BaL
Wherein m is a positive integer; t (T) BL A duration that is a distance between the L-th history period and the start time stamp;
for example, a duration T when the distance between the 2 nd history period and the start time stamp B2 8h, m is 2; duration T Bo For 2h, duration T c 2h; calculating node time influence coefficients corresponding to the number of nodes in the 2 nd historical period of the block
Calculating the number C of the predicted nodes of the current period of the block:
z is the number of historical time periods recorded in the node number set; c (C) L The number of the nodes corresponding to the L historical period block is the L historical period block;
step S302: recording and collecting the nodes corresponding to the acquired block history period to obtain a node response time set E= { E corresponding to the history period 1 、e 2 、...、e z}; wherein ,e1 、e 2 、...、e z Interior node response times for the 1 st, 2 nd, z history period blocks; calculating the predicted node response time e corresponding to the current time period of the block:
wherein ,eL The node response time corresponding to the L historical period of the block; z is the number of historical time periods recorded in the node number set;
step S400: calculating a safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting a block with the safety value larger than a safety value threshold as a safety block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; transmitting the user data information to any block for storage when the user data information is not of the type of the attacked data;
wherein, step S400 includes:
step S401: calculating a safety value H corresponding to the current period of the block:
c is the number of predicted nodes in the current period of the block; e is the response time of the predicted node corresponding to the current period of the block;
step S402: the block with the safety value larger than the safety value threshold is marked as a safety block; when the user data information is judged to be the vulnerable data type, adjusting the security policy of the user data information; the adjustment includes transmitting user data information to the secure block for storage; transmitting the user data information to any block for storage when the user data information is not of the type of the attacked data;
in order to better realize the method, a data security control system is also provided, and the data security control system comprises a priori probability module, a data type judging module, a prediction node module and a transmission module;
the prior probability module is used for extracting information types and information contents corresponding to the historical data information from the historical data information which is attacked in the blockchain, and calculating prior probability of the corresponding characteristic attribute words in each information type based on the characteristic attribute words;
the data judging module is used for marking the data type with the type occupation ratio larger than the type occupation ratio threshold as the vulnerable data type; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
the prediction node module is used for calculating the number of the prediction nodes and the response time of the prediction nodes corresponding to the current time period of the block based on the number of the nodes and the response time of the nodes corresponding to each historical time period of the block;
the transmission module is used for calculating the safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting the block with the safety value larger than the safety value threshold as the safety block, adjusting the strategy of the safety position of the user data information based on the data type corresponding to the user data information obtained by the data type judgment condition, and transmitting the user data information to the corresponding block for storage;
the prior probability module comprises a characteristic attribute word unit and a prior probability unit;
the characteristic attribute word unit is used for randomly selecting words in the information content and recording and collecting the selected words as characteristic attribute words;
the prior probability unit is used for obtaining the duration of the distance between the time of each information content being attacked and the starting time stamp; calculating the prior probability corresponding to the characteristic attribute words of each data type;
the data type judging module comprises a data type unit and a priori probability unit;
the data type unit is used for acquiring the quantity of the same information content of the data types, calculating the type proportion of each data type in the data type set, and recording and gathering to obtain the type proportion set of each data type; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
the prior probability unit is used for calculating the data type x corresponding to the user data information based on the type attribute word probability and the number corresponding to the characteristic attribute words in the user data information n Is a probability of information type;
the prediction node module comprises a prediction node quantity unit and a prediction node response time unit;
a predicted node number unit for selecting a time length with the smallest value from the time lengths of the distances between the time periods and the start time stamps; calculating node time influence coefficients corresponding to the number of nodes in the block history period; calculating the predicted node number of the current period of the block based on the node time influence coefficient corresponding to the node number of the block history period and the node number corresponding to the block history period;
the prediction node response time unit is used for recording and collecting the nodes corresponding to the obtained block historical time periods to obtain a node response time set corresponding to the historical time periods, and calculating the prediction node response time corresponding to the current time period of the block;
the transmission module comprises a transmission unit;
the transmission unit is used for selecting a block with the safety value larger than the safety value threshold value as a safety block for calculating the safety value corresponding to the current time period of the block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: the foregoing description is only a preferred embodiment of the present invention, and the present invention is not limited thereto, but it is to be understood that modifications and equivalents of some of the technical features described in the foregoing embodiments may be made by those skilled in the art, although the present invention has been described in detail with reference to the foregoing embodiments. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A blockchain-based data security control method, the method comprising:
step S100: acquiring historical data information under attack in a block chain, and extracting information types and information contents corresponding to the historical data information; randomly selecting a plurality of words from each information content as characteristic attribute words; selecting a characteristic attribute word from information content with the same data type, and calculating the prior probability of the corresponding characteristic attribute word in each information type based on the characteristic attribute word;
step S200: calculating a type occupation ratio corresponding to the data types based on the information content quantity corresponding to each data type, and recording the corresponding data type as a vulnerable data type when the type occupation ratio is larger than a type occupation ratio threshold; acquiring user data information input by a user on a platform; recording the time of inputting information by a user on a platform as the current time period; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
step S300: acquiring historical node data of each block in a block chain; extracting node data corresponding to each history period from the history node data; the node data comprises the number of nodes and node response time; based on the number of nodes and the node response time corresponding to each historical period block, respectively calculating the number of predicted nodes and the predicted node response time corresponding to the current period of the block;
step S400: calculating a safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting a block with the safety value larger than a safety value threshold as a safety block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
2. The blockchain-based data security control method of claim 1, wherein the step S100 includes:
step S101: recording and collecting the feature attribute words randomly selected from each information content to obtain a feature attribute word set V= { d 1 、d 2 、...、d r}; wherein ,d1 、d 2 、...、d r From each letterRandomly selecting 1 st, 2 nd, r. characteristic attribute words in the information content;
step S102: recording and collecting data types corresponding to each information content to obtain a data type set D= { x 1 、x 2 、...、x n}; wherein ,x1 、x 2 、...、x n Class 1, 2, & n data types; selecting a random moment before the block chain is attacked as a starting time stamp, and acquiring the time length of the distance between the time when each information content is attacked and the starting time stamp; acquiring the distance duration between the time when each information content is attacked and the starting time stamp; calculating arbitrary data type x of information content u Any feature attribute word d u Corresponding prior probability
wherein ,xu ∈D;For any data type x u Any feature attribute word d in the ith information content of (a) u The total number of corresponding characteristic attribute words, d u ∈V;/>Data type x u The duration of the distance between the time the ith information content is attacked and the start time stamp; gamma is a time influence coefficient; r is the total number of feature attribute words in the feature attribute word set V; />For any data type x u C-th feature attribute word d in i-th information content of (a) c The total number of the characteristic attribute words; j isThe data type is x u The total number of information contents;
step S103: when the calculated molecule with the prior probability of the characteristic attribute word in a certain data type is zero, a Laplacian smoothing algorithm is used for the prior probability of the molecule being zero, and a value of the molecule is added with 1; will be of arbitrary data type x u Record collection is carried out on prior probability of each characteristic attribute word of the information content of (a) to obtain any data type x u Is set of prior probabilities of (c) wherein ,/>The prior probabilities corresponding to the 1 st, 2 nd and r th characteristic attribute words are respectively represented; the prior probability of the corresponding characteristic attribute words is calculated for each data type in the data type set D, record collection is carried out, and a set +.> wherein ,/> Respectively denoted as data type x 1 、x 2 、...、x n Is a priori probability set for each feature attribute word.
3. The blockchain-based data security control method of claim 2, wherein the step S200 includes:
step S201: acquiring arbitrary data type x in information content u Corresponding amount of information content of (a)Obtaining information from historical dataTotal number C of extracted information contents a The method comprises the steps of carrying out a first treatment on the surface of the Calculating arbitrary data type x u The type ratio of the corresponding information content quantity to the total information content quantity>Calculating the type duty ratio of each data type in the data type set D, and recording and collecting to obtain a type duty ratio set T= { p (x) 1 )、p(x 2 )、...、p(x n ) -a }; wherein p (x) 1 )、p(x 2 )、...、p(x n ) Respectively the data types are x 1 、x 2 、...、x n The corresponding type duty cycle; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
step S202: acquiring user data information input by a user on a platform; extracting characteristic attribute words in the characteristic attribute word set V from the user data information, and recording and collecting to obtain a user characteristic attribute word set of the user data information wherein ,/>Respectively, feature attribute words d in user data information 1 、d 2 、...、d r A corresponding number;
step S203: calculating arbitrary data type x in information content u Type attribute word probability of (a)
wherein ,for the c-th feature attribute word d in the feature attribute word set V in the user data information c A corresponding number; r is the total number of feature attribute words in the feature attribute word set V; />For any data type x u Corresponding feature attribute word d c Is a priori probability of (2);
step S204: calculating arbitrary data type x corresponding to user data information u The information type probability p (x) u |V):
wherein ,p(xu ) For any data type x u The type ratio of (2); sigma (sigma) n p(x u ) The sum value of the duty ratio of each data type in the data type set D is 1;
step S205: data type determination conditions are used for the information type of the user data information:judging; and (3) the data type judging condition is used for obtaining the information type corresponding to the maximum value of the information type probability, and the information type corresponding to the user data information is recorded.
4. The blockchain-based data security control method of claim 1, wherein the step S300 includes:
step S301: recording and collecting the number of nodes corresponding to the obtained block history period to obtain a node number set B= { C corresponding to the history period 1 、C 2 、...、C z}; wherein ,C1 、C 2 、...、C z The number of internal nodes corresponding to the z history period blocks; acquiring eachDuration T of each period from the start timestamp B The method comprises the steps of carrying out a first treatment on the surface of the Acquiring the distance duration T of two adjacent time periods c The method comprises the steps of carrying out a first treatment on the surface of the Selecting a time length T with the smallest value from the time lengths of the distances between the time periods and the start time stamps Bo The method comprises the steps of carrying out a first treatment on the surface of the Calculating node time influence coefficient T corresponding to the node number of the L-th historical period of the block BaL
Wherein m is a positive integer; t (T) BL A duration that is a distance between the L-th history period and the start time stamp;
calculating the number C of the predicted nodes of the current period of the block:
z is the number of historical time periods recorded in the node number set; c (C) L The number of the nodes corresponding to the L historical period block is the L historical period block;
step S302: recording and collecting the nodes corresponding to the acquired block history period to obtain a node response time set E= { E corresponding to the history period 1 、e 2 、...、e z}; wherein ,e1 、e 2 、...、e z Interior node response times for the 1 st, 2 nd, z history period blocks; calculating the predicted node response time e corresponding to the current time period of the block:
wherein ,eL The node response time corresponding to the L historical period of the block; z is the number of historical time periods recorded in the node number set.
5. The blockchain-based data security control method of claim 4, wherein the step S400 includes:
step S401: calculating a safety value H corresponding to the current period of the block:
c is the number of predicted nodes in the current period of the block; e is the response time of the predicted node corresponding to the current period of the block;
step S402: the block with the safety value larger than the safety value threshold is marked as a safety block; when the user data information is judged to be the vulnerable data type, adjusting the security policy of the user data information; the adjusting includes transmitting user data information to a secure block for storage; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
6. A data security control system applied to the data security control method based on the blockchain as in any of claims 1-5, wherein the data security control system comprises a priori probability module, a data type judgment module, a prediction node module and a transmission module;
the prior probability module is used for extracting information types and information contents corresponding to historical data information which are attacked from the blockchain, and calculating prior probability of corresponding characteristic attribute words in each information type based on the characteristic attribute words;
the data judging module is used for marking the data type with the type occupation ratio larger than the type occupation ratio threshold as the vulnerable data type; calculating the probability of the information type between each information type and the user data information based on the prior probability of the characteristic attribute words corresponding to the user data information and the information type; selecting an information type corresponding to the information type probability with the largest value as a data type to which the user data information belongs;
the prediction node module is used for calculating the number of the prediction nodes and the response time of the prediction nodes corresponding to the current time period of the block based on the number of the nodes and the response time of the nodes corresponding to each historical time period of the block;
the transmission module is used for calculating the safety value corresponding to the current time period of the block based on the number of the predicted nodes and the response time of the predicted nodes corresponding to the current time period of the block, selecting the block with the safety value larger than the safety value threshold as the safety block, determining the data type corresponding to the user data information based on the data type determination condition, adjusting the strategy of the safety position of the user data information, and transmitting the user data information to the corresponding block for storage.
7. The data security control system of claim 6, wherein the prior probability module comprises a feature attribute word unit, a prior probability unit;
the characteristic attribute word unit is used for randomly selecting words in the information content and recording and collecting the selected words as characteristic attribute words;
the prior probability unit is used for obtaining the duration of the distance between the time of each information content attacked and the starting time stamp; and calculating the prior probability corresponding to the characteristic attribute words of each data type.
8. The data security control system of claim 6, wherein the data type determination module comprises a data type unit, a priori probability unit;
the data type unit is used for acquiring the quantity of the same information content of the data types, calculating the type duty ratio of each data type in the data type set, and recording and gathering to obtain the type duty ratio set of each data type; when the type duty ratio corresponding to the data type is larger than the type duty ratio threshold, the corresponding data type is marked as the vulnerable data type;
the prior probability unit is used for calculating the data type corresponding to the user data information as based on the type attribute word probability and the number corresponding to the characteristic attribute words in the user data informationx n Is a probability of information type of (a).
9. The data security control system of claim 6, wherein the predicted node module comprises a predicted node number unit, a predicted node response time unit;
the predicting node number unit is used for selecting the duration with the smallest value from the durations of the distances between each time period and the starting time stamp; calculating node time influence coefficients corresponding to the number of nodes in the block history period; calculating the predicted node number of the current period of the block based on the node time influence coefficient corresponding to the node number of the block history period and the node number corresponding to the block history period;
the predicted node response time unit is used for recording and collecting the nodes corresponding to the obtained block historical time periods to obtain a node response time set corresponding to the historical time periods, and calculating the predicted node response time corresponding to the current time period of the block.
10. The data security control system of claim 6, wherein the transmission module comprises a transmission unit;
the transmission unit is used for selecting a block with the safety value larger than the safety value threshold value as a safety block for calculating the safety value corresponding to the current time period of the block, and transmitting the user data information to the safety block for storage when the user data information is of a vulnerable data type; and when the user data information is not of the type of the attacked data, transmitting the user data information to any block for storage.
CN202310621189.5A 2023-05-30 Data security control system and method based on block chain Active CN116720203B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310621189.5A CN116720203B (en) 2023-05-30 Data security control system and method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310621189.5A CN116720203B (en) 2023-05-30 Data security control system and method based on block chain

Publications (2)

Publication Number Publication Date
CN116720203A true CN116720203A (en) 2023-09-08
CN116720203B CN116720203B (en) 2024-06-04

Family

ID=

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190289031A1 (en) * 2017-03-03 2019-09-19 International Business Machines Corporation Blockchain web browser interface
CN110535687A (en) * 2019-07-30 2019-12-03 大连理工大学 The collaboration caching method of lightweight block chain under a kind of environment based on car networking
CN111127016A (en) * 2019-12-26 2020-05-08 卓尔智联(武汉)研究院有限公司 Offline evidence distribution method and device, computer equipment and storage medium
CN112565307A (en) * 2021-02-25 2021-03-26 清华大学 Method and device for performing entrance management and control on DDoS attack
CN114003731A (en) * 2021-10-29 2022-02-01 国网河北省电力有限公司电力科学研究院 Heterogeneous data processing method, device, server and storage medium
CN114124486A (en) * 2021-11-09 2022-03-01 弥达斯科技(深圳)有限公司 Method for improving node security in Byzantine consensus mechanism
CN115082055A (en) * 2022-04-28 2022-09-20 广州城市理工学院 Data secure transaction method and system based on block chain and attribute encryption
CN115277021A (en) * 2022-07-29 2022-11-01 蚂蚁区块链科技(上海)有限公司 Method and device for preventing network attack

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190289031A1 (en) * 2017-03-03 2019-09-19 International Business Machines Corporation Blockchain web browser interface
CN110535687A (en) * 2019-07-30 2019-12-03 大连理工大学 The collaboration caching method of lightweight block chain under a kind of environment based on car networking
CN111127016A (en) * 2019-12-26 2020-05-08 卓尔智联(武汉)研究院有限公司 Offline evidence distribution method and device, computer equipment and storage medium
CN112565307A (en) * 2021-02-25 2021-03-26 清华大学 Method and device for performing entrance management and control on DDoS attack
CN114003731A (en) * 2021-10-29 2022-02-01 国网河北省电力有限公司电力科学研究院 Heterogeneous data processing method, device, server and storage medium
CN114124486A (en) * 2021-11-09 2022-03-01 弥达斯科技(深圳)有限公司 Method for improving node security in Byzantine consensus mechanism
CN115082055A (en) * 2022-04-28 2022-09-20 广州城市理工学院 Data secure transaction method and system based on block chain and attribute encryption
CN115277021A (en) * 2022-07-29 2022-11-01 蚂蚁区块链科技(上海)有限公司 Method and device for preventing network attack

Non-Patent Citations (7)

* Cited by examiner, † Cited by third party
Title
DUC ANH LUONG等: "Privacy-Preserving Identity Management System on Blockchain Using Zk-SNARK", 《 IEEE ACCESS 》, vol. 11, 3 January 2023 (2023-01-03), pages 1840 - 1853 *
巴比特资讯: "区块链的"历史证明机制":时间与共识", Retrieved from the Internet <URL:https://blog.csdn.net/weixin_44383880/article/details/103573049> *
房卫东等: "区块链的网络安全:威胁与对策", 《信息安全学报》, vol. 3, no. 02, 30 April 2018 (2018-04-30), pages 87 - 104 *
武钰瑾: "图像清晰度的小波变换抗噪评价算法", 《机械设计与制造》, no. 04, 30 April 2022 (2022-04-30), pages 46 - 49 *
王成: "基于区块链的保险行业信息系统架构及关键技术研究", 《中国博士学位论文全文数据库》, no. 12, 31 December 2018 (2018-12-31), pages 161 - 3 *
谭晶磊: "基于博弈理论的移动目标防御决策方法研究", 《中国博士学位论文全文数据库》, no. 02, 28 February 2023 (2023-02-28), pages 002 - 240 *
陈硕等: "基于RS-BN的电力信息通信系统故障诊断方法", 《控制工程》, vol. 22, no. 06, 30 June 2015 (2015-06-30), pages 1212 - 1217 *

Similar Documents

Publication Publication Date Title
US7353214B2 (en) Outlier determination rule generation device and outlier detection device, and outlier determination rule generation method and outlier detection method thereof
CN103297435B (en) A kind of abnormal access behavioral value method and system based on WEB daily record
CN111278014A (en) Fraud prevention system, method, server and storage medium
CN114612235B (en) Block chain abnormal behavior detection method based on graph embedding
CN108881250A (en) Powerline network security postures prediction technique, device, equipment and storage medium
CN116070249B (en) Asset data intelligent monitoring management system and method
CN111741002A (en) Method and device for training network intrusion detection model
CN113704830B (en) Intelligent website data tamper-proof system and method
CN112559593A (en) Localized differential privacy protection method based on label clustering
CN111339141A (en) Data transmission method, block link node equipment and medium
US11528288B2 (en) Service infrastructure and methods of predicting and detecting potential anomalies at the service infrastructure
CN112733170B (en) Active trust evaluation method based on evidence sequence extraction
CN116720203B (en) Data security control system and method based on block chain
CN116720203A (en) Data security control system and method based on block chain
CN109150819B (en) A kind of attack recognition method and its identifying system
CN112653680A (en) Model training method, network situation prediction method, device, equipment and medium
CN116401639A (en) Big data-based computer network security supervision system and method
CN116546025A (en) Cloud computing-based edge data management system
CN113239407B (en) Block chain decision point selection method and device, electronic equipment and storage medium
CN115085948B (en) Network security situation assessment method based on improved D-S evidence theory
WO2022062777A1 (en) Data management method, data management apparatus, and storage medium
CN110769454A (en) Flow prediction method and device
CN113545020B (en) Data processing method and device
CN111915210A (en) Trust management method in distributed Internet of things based on block chain
CN112532459A (en) Bandwidth resource adjusting method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20240508

Address after: Room 101, Building A, No. 80 Shengtang Industrial Zone, Cencun, Tianhe District, Guangzhou City, Guangdong Province, 510630

Applicant after: Soulu (Guangzhou) Technology Co.,Ltd.

Country or region after: China

Address before: Room 1-1403, Building D3, Miaopu Community, Nangang District, Harbin City, Heilongjiang Province, 150080

Applicant before: Harbin Daojian Technology Development Co.,Ltd.

Country or region before: China

GR01 Patent grant