CN117688502B - Safe outsourcing calculation method and system for detecting local abnormal factors - Google Patents
Safe outsourcing calculation method and system for detecting local abnormal factors Download PDFInfo
- Publication number
- CN117688502B CN117688502B CN202410152966.0A CN202410152966A CN117688502B CN 117688502 B CN117688502 B CN 117688502B CN 202410152966 A CN202410152966 A CN 202410152966A CN 117688502 B CN117688502 B CN 117688502B
- Authority
- CN
- China
- Prior art keywords
- point
- data
- encrypted
- measured
- calculation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000002159 abnormal effect Effects 0.000 title claims abstract description 72
- 238000004364 calculation method Methods 0.000 title claims abstract description 51
- 238000012946 outsourcing Methods 0.000 title claims abstract description 35
- 238000012423 maintenance Methods 0.000 claims abstract description 50
- 238000000034 method Methods 0.000 claims abstract description 46
- 238000001514 detection method Methods 0.000 claims description 24
- 230000008569 process Effects 0.000 claims description 17
- 230000005856 abnormality Effects 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 6
- 230000006870 function Effects 0.000 description 6
- 238000007689 inspection Methods 0.000 description 5
- 238000010801 machine learning Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000003064 k means clustering Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000035772 mutation Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a safe outsourcing calculation method and a system for detecting local abnormal factors, comprising the following steps: and executing homomorphic encryption operation according to the encrypted operation and maintenance data of the points to be detected and the historical clustering central points, sending homomorphic encryption operation results to the server so that the server decrypts the homomorphic encryption operation results, calculating the abnormal value of the points to be detected relative to each historical clustering central point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the operation and maintenance data of the points to be detected are abnormal or not. The method has the advantages of realizing the efficient safe outsourcing calculation of the Euclidean distance, accelerating the judgment speed of CBLOF algorithm prediction stages and ensuring the data safety.
Description
Technical Field
The invention relates to the technical field of data security of artificial intelligence, in particular to a secure outsourcing calculation method and system for detecting local abnormal factors.
Background
The intelligent inspection is realized by learning and modeling from massive equipment operation and maintenance data through an artificial intelligent algorithm such as machine learning and the like, and according to the established machine learning model, fault detection and classification are carried out on newly generated operation and maintenance data, so that the equipment inspection efficiency can be improved, the labor cost is saved, and meanwhile, the problems of manual false inspection, missing inspection and the like are avoided through comprehensive analysis on multiple types of data. In practical application, when detecting a single fault factor, a clustering-based fault detection algorithm in machine learning is often used, and a clustering model is constructed according to massive historical data to judge whether the data to be detected is abnormal.
The local abnormal factor detection (Cluster-Based Local Outlier Factor, CBLOF) algorithm based on clustering is a detection method for judging whether the data to be detected is an abnormal factor or not by distinguishing large clusters from small clusters through data clustering and then calculating the abnormal score of the data to be detected, is suitable for a data set with a clustered structure, namely a model with normal data clustered aggregation and abnormal data isolated existence, has wide application in the aspect of intelligent inspection, and particularly has good effect in the abnormal detection in the fields of network security and finance. In the traditional calculation process, after an algorithm model is obtained through clustering and clustering, in order to evaluate whether a new point to be measured is abnormal, the Euclidean distance between the point to be measured and each center point in the model needs to be calculated, the minimum Euclidean distance is the abnormal score of the point to be measured, and then the abnormal score is compared with a threshold value to obtain a conclusion.
In an actual application scene, considering the complexity of operation and maintenance data, a user may need to detect data with large quantity and high dimension, and needs to spend a large amount of time to execute multiplication operation to calculate Euclidean distance, and an algorithm model also occupies a certain storage space, so that the local calculation load is high, and the evaluation efficiency is low.
Disclosure of Invention
In order to solve the problems, the invention provides a safe outsourcing calculation method and a system for detecting local abnormal factors, which realize efficient safe outsourcing calculation on Euclidean distance, accelerate the judgment speed of CBLOF algorithm prediction stage and ensure data safety.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
In a first aspect, the present invention provides a secure outsourcing calculation method for detecting local abnormal factors, which is applied to a third party computing center, and includes:
Receiving encrypted operation and maintenance data of the points to be detected and historical clustering center points, and executing homomorphic encryption operation according to the encrypted operation and maintenance data;
And sending the homomorphic encryption operation result to a server so that the server decrypts the homomorphic encryption operation result, calculates an abnormal value of the to-be-measured point relative to each historical clustering center point, and compares the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has an abnormality or not.
In a second aspect, the present invention provides a method for computing a secure outsourcing for detecting a local abnormal factor, which is applied to a server, and includes:
receiving homomorphic encryption operation results sent by a third-party computing center; the third party computing center receives the encrypted operation and maintenance data of the points to be detected and the historical clustering center point, and accordingly homomorphic encryption operation is carried out;
Decrypting the homomorphic encryption operation result, calculating an abnormal value of the to-be-measured point relative to each historical clustering central point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has an abnormality or not.
In a third aspect, the present invention provides a method for safely outsourcing calculation for local anomaly factor detection, including:
The client sends encrypted operation and maintenance data of the point to be detected to a third-party computing center;
The edge calculator sends the encrypted history clustering center point to a third party computing center;
the third party computing center executes homomorphic encryption operation according to the encrypted operation and maintenance data of the to-be-measured points and the historical clustering center point, and sends homomorphic encryption operation results to the server;
The server decrypts the homomorphic encryption operation result, calculates an abnormal value of the to-be-measured point relative to each historical clustering central point, and compares the minimum abnormal value with a set threshold value, so that whether the to-be-measured point operation data has an abnormality or not is judged.
As an alternative implementation manner, the operation and maintenance data of the to-be-measured point is encrypted by the client and then sent to the third-party computing center, the history clustering center point is stored and encrypted by the edge calculator and then sent to the third-party computing center, and both the public key adopted when the client and the edge calculator encrypt and the private key adopted when the homomorphic encryption operation result are decrypted are generated by the server.
As an alternative embodiment, the process of encrypting the operation and maintenance data of the points to be measured and the historical clustering center point comprises the following steps ofWherein/>Is a public key parameter,/>Is a random number, m is the data to be encrypted,/>Is an encryption function.
As an alternative embodiment, the process of executing the multiplication homomorphic operation by the third-party computing center according to the encrypted operation and maintenance data of the to-be-measured points and the historical clustering center point includes: for the encrypted point operation and data to be testedCalculation/>; For the encrypted history clustering center pointCalculation/>; Calculation/>Wherein/>For the ith data,/>For the i-th center point,/>Is encryption/>After ciphertext,/>Is encryption/>After ciphertext,/>Is an encryption function.
Alternatively, the process of the server for the homomorphic encryption operation result includes: ; where m is the data to be encrypted,/> Is ciphertext after encrypting m, c is a private key parameter,/>Is a decryption function.
As an alternative implementation mode, the server correspondingly performs encryption and processing on the decrypted data and calculates、/>And/>; N is the total data amount; the outlier of the point to be measured relative to each historical clustering central point is the square of the Euclidean distance between the point to be measured and each historical clustering central point:;/> for the operation and maintenance data of the point to be measured,/> Is a historical clustering central point.
As an alternative implementation manner, the minimum abnormal value is taken as the abnormal score of the point to be measured, the abnormal score is compared with the set threshold, if the abnormal score is higher than the set threshold, the operation data of the point to be measured is abnormal, otherwise, the operation data of the point to be measured is normal.
In a fourth aspect, the present invention provides a secure outsourcing computing system for local anomaly factor detection, comprising:
the client is used for sending encrypted operation and maintenance data of the point to be detected to the third-party computing center;
The edge calculator is used for sending the encrypted history clustering center point to a third-party computing center;
the third party computing center is used for executing homomorphic encryption operation according to the encrypted operation and maintenance data of the points to be detected and the historical clustering center point and sending homomorphic encryption operation results to the server;
and the server is used for decrypting the homomorphic encryption operation result, calculating the abnormal value of the to-be-measured point relative to each historical clustering center point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has abnormality.
Compared with the prior art, the invention has the beneficial effects that:
The invention designs an outsourcing type safe computing method aiming at the prediction stage of a local abnormal factor detection algorithm based on clustering, wherein a client is in charge of collecting operation and maintenance data, an edge calculator stores a clustering model, vector multiplication operation with larger calculation amount is completed in a third party computing center, the client and the edge calculator send encrypted operation and maintenance data of points to be detected and historical clustering center points to the third party computing center, so that the third party computing center cannot obtain original data, homomorphic encryption operation is only carried out on the encrypted data, safe outsourcing computation on Euclidean distance is realized, time and space consumption of the client are reduced, and computing efficiency is improved on the premise of guaranteeing data privacy safety.
According to the invention, the algorithm model is stored in the edge calculator with lower delay with the client, complex calculation is outsourced to the third-party calculation center to finish, the calculation load of the client and the monitoring center is obviously reduced, the client only performs data acquisition, and the monitoring center performs summation and comparison after decrypting the data returned by other participants, so that the correctness of an abnormal factor detection algorithm is not influenced, the safety and reliability of the data are ensured, the evaluation efficiency is improved, abnormal points are more rapidly positioned, and the damage caused by the abnormal data is avoided.
Additional aspects of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
Fig. 1 is a schematic overall flow chart of a secure outsourcing calculation method for local anomaly factor detection according to embodiment 1 of the present invention.
Detailed Description
The invention is further described below with reference to the drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, unless the context clearly indicates otherwise, the singular forms also are intended to include the plural forms, and furthermore, it is to be understood that the terms "comprises" and "comprising" and any variations thereof are intended to cover non-exclusive inclusions, e.g., processes, methods, systems, products or devices that comprise a series of steps or units, are not necessarily limited to those steps or units that are expressly listed, but may include other steps or units that are not expressly listed or inherent to such processes, methods, products or devices.
Embodiments of the invention and features of the embodiments may be combined with each other without conflict.
Example 1
The embodiment provides a safe outsourcing calculation method for detecting local abnormal factors, which is applied to a third party calculation center and comprises the following steps:
Receiving encrypted operation and maintenance data of the points to be detected and historical clustering center points, and executing homomorphic encryption operation according to the encrypted operation and maintenance data;
And sending the homomorphic encryption operation result to a server so that the server decrypts the homomorphic encryption operation result, calculates an abnormal value of the to-be-measured point relative to each historical clustering center point, and compares the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has an abnormality or not.
In this embodiment, the secure outsourcing calculation method for detecting the local abnormal factor jointly implements a secure calculation process by a client, an edge calculator, a third party calculation center and a server (i.e., a monitoring center).
Wherein, the client sideAnd acquiring operation and maintenance data of the to-be-measured points according to the preset frequency, uploading the acquired operation and maintenance data of the to-be-measured points to a third-party computing center for improving the computing efficiency, and then judging whether the operation and maintenance data of the to-be-measured points are abnormal or not by a monitoring center.
Edge calculatorAnd (3) saving an algorithm model obtained by executing CBLOF algorithm on the historical operation and maintenance data, namely a clustering center point vector list.
Third party computing centerThe system is a third party platform which has elastic computing resources and can efficiently process data, and the encrypted operation and maintenance data of the points to be detected and the historical clustering center point are received, so that the data privacy of customers is prevented from being damaged.
Monitoring centerThe method does not directly calculate, but receives the encrypted data calculated by other participants, obtains an abnormal value after decryption, and judges whether the operation data of the point to be measured is abnormal or not according to the abnormal value.
The method of this embodiment is described in detail below with reference to fig. 1.
(1) User-specified algorithm parametersAn unsupervised clustering algorithm (usually a K-Means algorithm, namely a K-Means clustering algorithm) in CBLOF algorithm is performed on the historical operation and data to obtain/>Personal center point/>Spherical clusters.
(2) User-specified algorithm parametersAnd/>For distinguishing size clusters in CBLOF algorithm, wherein/>,; The specific method comprises the following steps: after clustering is complete, all clusters/>Ordering according to the number of data points contained in the data points to obtain; Record the total number of data points as/>Based on parameters/>(Absolute majority distinction): from big to small, will/>Sequentially add up to/>For the first time greater than/>Then cluster/>, at that timeJudging that the cluster is large; based on parameters/>(Mutation differentiation): for each cluster after sequencing, calculating/>, in turnUntil the first time meet/>Then cluster/>, at that timeAnd judging that the cluster is large. In general, preference is given to the parameters/>Size clusters are distinguished.
(3) The edge calculator saves the clustering model, i.e. the central point vector of all large clustersWherein/>Is the number of large clusters.
(4) In the prediction stage, the monitoring center generates a public keyAnd private key/>Wherein/>Is a public key parameter,/>,/>Is a private key parameter, which is the public key/>Distributed to other parties.
(5) The client acquires the operation and data of the point to be measuredN is the total data quantity, according to the ElGamal encryption algorithm, public key/>Encrypting to obtain encrypted point operation data to be testedWill/>Transmitting to a third party computing center; wherein,,/>Is a random number, m is the data to be encrypted,/>Is an encryption function.
(6) The edge calculator uses the ElGamal encryption algorithm to store the historical clustering center points of the edge calculatorEncrypting to obtain an encrypted history clustering central pointWill/>To a third party computing center.
(7) The third party computing center receives the encrypted data sent by the client and the edge calculator and executes multiplication homomorphic operation on the encrypted data; specifically: for the followingCalculation/>Wherein, the method comprises the steps of, wherein,Is encryption/>The ciphertext after; for/>Calculation/>Wherein, the method comprises the steps of, wherein,Is encryption/>The ciphertext after; calculation/>Wherein/>For the ith data,/>Is the i-th center point.
(8) The third party computing center will、/>And/>And sending the data to a monitoring center.
(9) Monitoring center using private keyDecrypting the homomorphic encryption operation result to obtain/>、/>And/>; I.e. for/>Wherein/>Is ciphertext after encryption m, and calculates to obtain/>; Wherein/>Is a private key parameter,/>As encryption function,/>Is a decryption function.
(10) The monitoring center correspondingly sums the decrypted data and calculates、/>And/>。
(11) The monitoring center calculates abnormal values according to CBLOF algorithmI.e. the square of the euclidean distance between the point to be measured and the center point: /(I)。
(12) Steps (4) to (11) are performed for each center point stored in the edge calculator, and only the recalculation and transmission are required、/>The data of the to-be-measured point can be obtained without repeated transmission, and the abnormal value/>, of the to-be-measured point, of each central point is obtainedWherein the smallest outlier/>The abnormal score of the to-be-measured point is obtained.
(13) The monitoring center compares the anomaly score with a preset anomaly threshold value, and if the anomaly score is higher than the threshold value, the point to be detected is considered to be abnormal and needs to be notified for further processing; otherwise, the point to be measured is considered to be normal.
Example 2
The embodiment provides a secure outsourcing calculation method for detecting local abnormal factors, which is applied to a server side and comprises the following steps:
receiving homomorphic encryption operation results sent by a third-party computing center; the third party computing center receives the encrypted operation and maintenance data of the points to be detected and the historical clustering center point, and accordingly homomorphic encryption operation is carried out;
Decrypting the homomorphic encryption operation result, calculating an abnormal value of the to-be-measured point relative to each historical clustering central point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has an abnormality or not.
Example 3
The embodiment provides a safe outsourcing calculation method for detecting local abnormal factors, which comprises the following steps:
The client sends encrypted operation and maintenance data of the point to be detected to a third-party computing center;
The edge calculator sends the encrypted history clustering center point to a third party computing center;
the third party computing center executes homomorphic encryption operation according to the encrypted operation and maintenance data of the to-be-measured points and the historical clustering center point, and sends homomorphic encryption operation results to the server;
The server decrypts the homomorphic encryption operation result, calculates an abnormal value of the to-be-measured point relative to each historical clustering central point, and compares the minimum abnormal value with a set threshold value, so that whether the to-be-measured point operation data has an abnormality or not is judged.
Example 4
The embodiment provides a secure outsourcing computing system for detecting local abnormal factors, which comprises:
the client is used for sending encrypted operation and maintenance data of the point to be detected to the third-party computing center;
The edge calculator is used for sending the encrypted history clustering center point to a third-party computing center;
the third party computing center is used for executing homomorphic encryption operation according to the encrypted operation and maintenance data of the points to be detected and the historical clustering center point and sending homomorphic encryption operation results to the server;
and the server is used for decrypting the homomorphic encryption operation result, calculating the abnormal value of the to-be-measured point relative to each historical clustering center point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has abnormality.
It should be noted that the above modules correspond to the steps described in embodiment 1, and the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in embodiment 1. It should be noted that the modules described above may be implemented as part of a system in a computer system, such as a set of computer-executable instructions.
In further embodiments, there is also provided:
An electronic device comprising a memory and a processor and computer instructions stored on the memory and running on the processor, which when executed by the processor, perform the method described in embodiment 1 or embodiment 2 or embodiment 3. For brevity, the description is omitted here.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processors, digital signal processors DSP, application specific integrated circuits ASIC, off-the-shelf programmable gate array FPGA or other programmable logic device, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include read only memory and random access memory and provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store information of the device type.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method described in embodiment 1 or embodiment 2 or embodiment 3.
The method in the above embodiment may be directly implemented as a hardware processor executing or implemented by a combination of hardware and software modules in the processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method. To avoid repetition, a detailed description is not provided herein.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.
Claims (19)
1. The safe outsourcing calculation method for detecting the local abnormal factors is characterized by being applied to a third party calculation center and comprising the following steps of:
Receiving encrypted operation and maintenance data of the points to be detected and historical clustering center points, and executing homomorphic encryption operation according to the encrypted operation and maintenance data;
The homomorphic encryption operation result is sent to a server, so that the server decrypts the homomorphic encryption operation result, calculates an abnormal value of a to-be-measured point relative to each historical clustering center point, compares the minimum abnormal value with a set threshold value, and judges whether the to-be-measured point operation data are abnormal or not;
the operation and maintenance data of the to-be-measured points are encrypted by the client and then sent to the third-party computing center, the history clustering center point is stored and encrypted by the edge calculator and then sent to the third-party computing center, and both the public key adopted when the client and the edge calculator encrypt and the private key adopted when the homomorphic encryption operation result is decrypted are generated by the server.
2. The method for safely outsourcing calculation for local anomaly factor detection of claim 1, wherein the process of encrypting the operation and maintenance data of the points to be measured and the historical cluster center point comprises the steps ofWherein/>Is a public key parameter,/>Is a random number, m is the data to be encrypted,/>Is an encryption function.
3. The method for safely outsourcing calculation for detecting local anomaly factors according to claim 1, wherein the process of performing multiplication homomorphic operation by the third party calculation center according to the encrypted operation and maintenance data of the to-be-detected points and the historical clustering center point comprises the following steps: for the encrypted point operation and data to be testedCalculation/>; For the encrypted history clustering center point/>Calculation/>; Calculation ofWherein/>For the ith data,/>For the i-th center point,/>Is encryption/>After ciphertext,/>Is encryption/>After ciphertext,/>Is an encryption function.
4. The method for safely outsourcing calculation of local anomaly factor detection according to claim 3, wherein the process of server-to-homomorphic encryption operation results comprises: ; where m is the data to be encrypted,/> Is ciphertext after encrypting m,/>Is a private key parameter,/>Is a decryption function.
5. The method for computing local anomaly factor detection according to claim 4, wherein the server performs addition processing on the decrypted data, and calculates the local anomaly factor、/>And/>; N is the total data amount; the outlier of the point to be measured relative to each historical clustering central point is the square of the Euclidean distance between the point to be measured and each historical clustering central point: /(I);/>For the operation and maintenance data of the point to be measured,/>Is a historical clustering central point.
6. The method for safely outsourcing calculation for detecting local anomaly factors according to claim 1, wherein the minimum anomaly value is used as an anomaly score of a point to be detected, the anomaly score is compared with a set threshold, if the anomaly score is higher than the set threshold, the operation data of the point to be detected is abnormal, otherwise, the operation data of the point to be detected is normal.
7. The safe outsourcing calculation method for detecting the local abnormal factors is characterized by being applied to a server side and comprising the following steps:
receiving homomorphic encryption operation results sent by a third-party computing center; the third party computing center receives the encrypted operation and maintenance data of the points to be detected and the historical clustering center point, and accordingly homomorphic encryption operation is carried out;
Decrypting the homomorphic encryption operation result, calculating an abnormal value of the to-be-measured point relative to each historical clustering central point, and comparing the minimum abnormal value with a set threshold value, thereby judging whether the to-be-measured point operation data has an abnormality or not;
the operation and maintenance data of the to-be-measured points are encrypted by the client and then sent to the third-party computing center, the history clustering center point is stored and encrypted by the edge calculator and then sent to the third-party computing center, and both the public key adopted when the client and the edge calculator encrypt and the private key adopted when the homomorphic encryption operation result is decrypted are generated by the server.
8. The method for safely outsourcing calculation of local anomaly factor detection of claim 7, wherein the process of encrypting the point-to-be-measured operation and maintenance data and the historical cluster center point comprisesWherein/>Is a public key parameter,/>Is a random number, m is the data to be encrypted,/>Is an encryption function.
9. The method for safely outsourcing calculation of local anomaly factor detection according to claim 7, wherein the process of performing multiplication homomorphic operation by the third party calculation center according to the encrypted operation and maintenance data of the points to be detected and the historical clustering center point comprises the following steps: for the encrypted point operation and data to be testedCalculation/>; For the encrypted history clustering center point/>Calculation/>; Calculation ofWherein/>For the ith data,/>For the i-th center point,/>Is encryption/>After ciphertext,/>Is encryption/>After ciphertext,/>Is an encryption function.
10. The method for safely outsourcing calculation of local anomaly factor detection of claim 9, wherein the process of server-to-homomorphic encryption operation results comprises: ; where m is the data to be encrypted,/> Is ciphertext after encrypting m,/>Is a private key parameter,/>Is a decryption function.
11. The method for computing local anomaly factor detection according to claim 10, wherein the server performs addition processing on the decrypted data, and calculates the local anomaly factor、/>And/>; N is the total data amount; the outlier of the point to be measured relative to each historical clustering central point is the square of the Euclidean distance between the point to be measured and each historical clustering central point: /(I);/>For the operation and maintenance data of the point to be measured,/>Is a historical clustering central point.
12. The method for safely outsourcing calculation of local anomaly factor detection according to claim 7, wherein the minimum anomaly value is used as an anomaly score of the point to be detected, the anomaly score is compared with a set threshold, if the anomaly score is higher than the set threshold, the operation data of the point to be detected is abnormal, otherwise, the operation data of the point to be detected is normal.
13. The safe outsourcing calculation method for detecting the local abnormal factors is characterized by comprising the following steps of:
The client sends encrypted operation and maintenance data of the point to be detected to a third-party computing center;
The edge calculator sends the encrypted history clustering center point to a third party computing center;
the third party computing center executes homomorphic encryption operation according to the encrypted operation and maintenance data of the to-be-measured points and the historical clustering center point, and sends homomorphic encryption operation results to the server;
The server decrypts the homomorphic encryption operation result, calculates an abnormal value of the to-be-measured point relative to each historical clustering center point, and compares the minimum abnormal value with a set threshold value, so as to judge whether the to-be-measured point operation data has an abnormality or not;
the operation and maintenance data of the to-be-measured points are encrypted by the client and then sent to the third-party computing center, the history clustering center point is stored and encrypted by the edge calculator and then sent to the third-party computing center, and both the public key adopted when the client and the edge calculator encrypt and the private key adopted when the homomorphic encryption operation result is decrypted are generated by the server.
14. The method for safely outsourcing calculation of local anomaly factor detection of claim 13, wherein the process of encrypting the point-to-be-measured operation and maintenance data and the historical cluster center point comprisesWherein/>Is a public key parameter,/>Is a random number, m is the data to be encrypted,/>Is an encryption function.
15. The method for safely outsourcing calculation of local anomaly factor detection according to claim 13, wherein the process of performing multiplication homomorphic operation by the third party calculation center according to the encrypted operation and maintenance data of the points to be detected and the historical clustering center point comprises: for the encrypted point operation and data to be testedCalculation/>; For the encrypted history clustering center point/>Calculation/>; Calculation ofWherein/>For the ith data,/>For the i-th center point,/>Is encryption/>After ciphertext,/>Is encryption/>After ciphertext,/>Is an encryption function.
16. The method for safely outsourcing calculation of local anomaly factor detection of claim 15, wherein the process of server-to-homomorphic encryption operation results comprises: ; where m is the data to be encrypted,/> Is ciphertext after encrypting m,/>Is a private key parameter,/>Is a decryption function.
17. The method for computing local anomaly factor detection according to claim 16, wherein the server performs addition processing on the decrypted data, and calculates the local anomaly factor、/>And/>; N is the total data amount; the outlier of the point to be measured relative to each historical clustering central point is the square of the Euclidean distance between the point to be measured and each historical clustering central point: /(I);/>For the operation and maintenance data of the point to be measured,/>Is a historical clustering central point.
18. The method for safely outsourcing calculation of local anomaly factor detection according to claim 13, wherein the minimum anomaly value is used as an anomaly score of the point to be detected, the anomaly score is compared with a set threshold, if the anomaly score is higher than the set threshold, the operation data of the point to be detected is abnormal, otherwise, the operation data of the point to be detected is normal.
19. A secure outsourcing computing system for local anomaly factor detection, comprising:
the client is used for sending encrypted operation and maintenance data of the point to be detected to the third-party computing center;
The edge calculator is used for sending the encrypted history clustering center point to a third-party computing center;
the third party computing center is used for executing homomorphic encryption operation according to the encrypted operation and maintenance data of the points to be detected and the historical clustering center point and sending homomorphic encryption operation results to the server;
The server is used for decrypting the homomorphic encryption operation result, calculating the abnormal value of the to-be-measured point relative to each historical clustering center point, and comparing the minimum abnormal value with a set threshold value, so as to judge whether the to-be-measured point operation data has abnormality or not;
the operation and maintenance data of the to-be-measured points are encrypted by the client and then sent to the third-party computing center, the history clustering center point is stored and encrypted by the edge calculator and then sent to the third-party computing center, and both the public key adopted when the client and the edge calculator encrypt and the private key adopted when the homomorphic encryption operation result is decrypted are generated by the server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410152966.0A CN117688502B (en) | 2024-02-04 | 2024-02-04 | Safe outsourcing calculation method and system for detecting local abnormal factors |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410152966.0A CN117688502B (en) | 2024-02-04 | 2024-02-04 | Safe outsourcing calculation method and system for detecting local abnormal factors |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117688502A CN117688502A (en) | 2024-03-12 |
| CN117688502B true CN117688502B (en) | 2024-04-30 |
Family
ID=90126908
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410152966.0A Active CN117688502B (en) | 2024-02-04 | 2024-02-04 | Safe outsourcing calculation method and system for detecting local abnormal factors |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117688502B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018184407A1 (en) * | 2017-04-07 | 2018-10-11 | 哈尔滨工业大学深圳研究生院 | K-means clustering method and system having privacy protection |
| CN110852374A (en) * | 2019-11-08 | 2020-02-28 | 腾讯云计算(北京)有限责任公司 | Data detection method and device, electronic equipment and storage medium |
| CN112052466A (en) * | 2020-08-28 | 2020-12-08 | 西安电子科技大学 | Support vector machine user data prediction method based on multi-party secure computing protocol |
| CN113114451A (en) * | 2021-03-04 | 2021-07-13 | 西安交通大学 | Data statistical analysis method and system for enterprise cloud ERP system based on homomorphic encryption |
| CN114462683A (en) * | 2022-01-11 | 2022-05-10 | 浙江大学 | Cloud edge collaborative multi-residential area load prediction method based on federal learning |
| EP4016328A1 (en) * | 2020-12-18 | 2022-06-22 | Telefonica Digital España, S.L.U. | Method, system and computer programs for outlier detection of data provided by iot devices |
| CN117349685A (en) * | 2023-09-25 | 2024-01-05 | 国网河北省电力有限公司 | Clustering method, system, terminal and medium for communication data |
-
2024
- 2024-02-04 CN CN202410152966.0A patent/CN117688502B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018184407A1 (en) * | 2017-04-07 | 2018-10-11 | 哈尔滨工业大学深圳研究生院 | K-means clustering method and system having privacy protection |
| CN110852374A (en) * | 2019-11-08 | 2020-02-28 | 腾讯云计算(北京)有限责任公司 | Data detection method and device, electronic equipment and storage medium |
| CN112052466A (en) * | 2020-08-28 | 2020-12-08 | 西安电子科技大学 | Support vector machine user data prediction method based on multi-party secure computing protocol |
| EP4016328A1 (en) * | 2020-12-18 | 2022-06-22 | Telefonica Digital España, S.L.U. | Method, system and computer programs for outlier detection of data provided by iot devices |
| CN113114451A (en) * | 2021-03-04 | 2021-07-13 | 西安交通大学 | Data statistical analysis method and system for enterprise cloud ERP system based on homomorphic encryption |
| CN114462683A (en) * | 2022-01-11 | 2022-05-10 | 浙江大学 | Cloud edge collaborative multi-residential area load prediction method based on federal learning |
| CN117349685A (en) * | 2023-09-25 | 2024-01-05 | 国网河北省电力有限公司 | Clustering method, system, terminal and medium for communication data |
Non-Patent Citations (2)
| Title |
|---|
| "Secure Outsourcing for Normalized Cuts of Large-Scale Dense Graph in Internet of Things";Hongjun Li等;《IEEE Internet of Things Journal》;20220715;第9卷(第14期);第12711-12722页 * |
| 安全的常数轮多用户k-均值聚类计算协议;秦红;王皓;魏晓超;郑志华;;计算机研究与发展;20201009(第10期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117688502A (en) | 2024-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10601852B2 (en) | Information processing device, information processing method, and recording medium storing program | |
| US10452845B2 (en) | Generic framework to detect cyber threats in electric power grid | |
| CN110852374B (en) | Data detection method, device, electronic equipment and storage medium | |
| EP3373552A1 (en) | Multi-modal, multi-disciplinary feature discovery to detect cyber threats in electric power grid | |
| Zhang et al. | Time series anomaly detection for smart grids: A survey | |
| CN110995761A (en) | Method and device for detecting false data injection attack and readable storage medium | |
| CN107708173B (en) | Selection method and device of fusion node | |
| Cheng et al. | A novel probabilistic matching algorithm for multi-stage attack forecasts | |
| US20200012549A1 (en) | Method and system for fault localization in a cloud environment | |
| CN109086291B (en) | Parallel anomaly detection method and system based on MapReduce | |
| WO2023084279A1 (en) | Modeling of adversarial artificial intelligence in blind false data injection against ac state estimation in smart grid security, safety and reliability | |
| CN111626360B (en) | Method, apparatus, device and storage medium for detecting boiler fault type | |
| Lore et al. | Detecting data integrity attacks on correlated solar farms using multi-layer data driven algorithm | |
| Amin et al. | Smart grid security enhancement by using belief propagation | |
| CN112949714A (en) | Fault possibility estimation method based on random forest | |
| Pinceti et al. | Detection and localization of load redistribution attacks on large-scale systems | |
| CN113285441A (en) | Smart grid LR attack detection method, system, device and readable storage medium | |
| Jahromi et al. | Deep federated learning-based cyber-attack detection in industrial control systems | |
| CN117688502B (en) | Safe outsourcing calculation method and system for detecting local abnormal factors | |
| Yin et al. | Non-intrusive load monitoring by load trajectory and multi feature based on DCNN | |
| CN111623905B (en) | Wind turbine generator bearing temperature early warning method and device | |
| CN112464209A (en) | Fingerprint authentication method and device for power terminal | |
| Lu et al. | One intrusion detection method based on uniformed conditional dynamic mutual information | |
| Wong et al. | Data Reduction with Real-Time Critical Data Forwarding for Internet-of-Things | |
| Shiqi et al. | Detection of Bad Data and False Data Injection Based on Back-Propagation Neural Network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |