CN113127881A - Data security processing method based on big data - Google Patents

Data security processing method based on big data Download PDF

Info

Publication number
CN113127881A
CN113127881A CN202110421989.3A CN202110421989A CN113127881A CN 113127881 A CN113127881 A CN 113127881A CN 202110421989 A CN202110421989 A CN 202110421989A CN 113127881 A CN113127881 A CN 113127881A
Authority
CN
China
Prior art keywords
data
security
encryption
original
processing method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110421989.3A
Other languages
Chinese (zh)
Inventor
刘忠利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing College of Electronic Engineering
Original Assignee
Chongqing College of Electronic Engineering
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing College of Electronic Engineering filed Critical Chongqing College of Electronic Engineering
Priority to CN202110421989.3A priority Critical patent/CN113127881A/en
Publication of CN113127881A publication Critical patent/CN113127881A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/243Classification techniques relating to the number of classes
    • G06F18/24323Tree-organised classifiers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a data security processing method based on big data, which comprises the following steps: step one, generating a secret key; step two, constructing a model; step three, optimizing the model; step four, data acquisition; step five, data encryption; step six, data decryption; according to the invention, the acquired data is processed by using a public key encryption method, so that the risk of malicious stealing and tampering of the data in the transmission process is reduced, the usability, integrity and confidentiality of the data are ensured, the circulation safety of the data is ensured, a security vulnerability analysis model is constructed by using big data, the data is comprehensively analyzed for security vulnerabilities, and a proper encryption method is matched, so that the security vulnerability range aimed by the encryption method is expanded, the encryption effect of the encryption method is improved, the data is prevented from being damaged, changed and leaked due to unknown security vulnerabilities, the application range is wide, the reliability is strong, the confidentiality grade is high, and the security risk of the data is reduced.

Description

Data security processing method based on big data
Technical Field
The invention relates to the technical field of big data processing, in particular to a data security processing method based on big data.
Background
The data security processing is realized by adopting various security protection technologies as the name implies, so that the problems of increase, modification, loss, leakage and the like of data in the processes of acquisition, storage, retrieval, processing, transformation and transmission can be avoided, the usability, integrity and confidentiality of the data are ensured, and the circulation security of the data is ensured.
However, most of the traditional data security processing methods do not encrypt the acquired data, the data is easily stolen and tampered maliciously in the transmission process, the usability, integrity and confidentiality of the data are damaged, the circulation security of the data is influenced, a few of the traditional data security processing methods are encrypted, the encryption method can be selected only according to the locally known data security vulnerability, the targeted security vulnerability range is limited, the encryption effect is insufficient, when the locally unknown data security vulnerability is met, the data is easily damaged, changed and leaked in the processing process, the application range is small, the reliability is poor, the confidentiality level is low, and certain potential safety hazards exist.
Therefore, it is necessary to design a data security processing method based on big data.
Disclosure of Invention
The present invention is directed to a data security processing method based on big data, so as to solve the problems mentioned in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: a data security processing method based on big data comprises the following steps: step one, generating a secret key; step two, constructing a model; step three, optimizing the model; step four, data acquisition; step five, data encryption; step six, data decryption;
in the first step, the data cloud end screens out a large amount of original data with corresponding characteristics, security holes of the original data and available encryption methods of the security holes from the big data according to the characteristics of the data to be processed, and generates corresponding key pairs according to different encryption methods;
in the second step, the original data obtained in the first step is divided into training set data and test set data, and the training set data and the security loophole and encryption method obtained in the first step are subjected to logic calculation by using a decision tree algorithm to construct an original analysis model;
in the third step, the test set data obtained in the second step is substituted into the original analysis model obtained in the second step, the quality of the judgment result of the original analysis model is evaluated through the evaluation index, and the security vulnerability analysis model is obtained through a cost complexity pruning method;
in the fourth step, the data terminal closes the conventional input program, starts the safe input program, guides the user to perform data input operation, and obtains input data after the data terminal finishes the acquisition;
in the fifth step, the data terminal calls a security vulnerability analysis model obtained by the data cloud from the third step, performs security vulnerability analysis on the input data obtained in the fourth step, judges a key pair matched with the input data according to the key pair obtained in the first step, and encrypts the input data through a public key in the key pair to obtain encrypted data;
in the sixth step, the data terminal uploads the encrypted data obtained in the fifth step to the data cloud end through the encryption network, and the data cloud end decrypts the encrypted data through the private key in the key pair to obtain decrypted data.
According to the technical scheme, in the first step, the key pair consists of an encryption public key and a decryption private key, and the encryption public key and the decryption private key are respectively stored in the data terminal and the data cloud.
According to the above technical solution, in the second step, the training set data and the test set data respectively account for 70% and 30% of the original data.
According to the technical scheme, in the second step, the decision tree algorithm is a classification regression decision tree algorithm.
According to the technical scheme, in the third step, the evaluation indexes are four items of accuracy, recall ratio, precision ratio and AUC value.
According to the technical scheme, in the third step, the branch with bad judgment result in the decision tree of the original analysis model is cut by the cost complexity pruning method, and then the trunk with good judgment result in the decision tree of the original analysis model is reserved.
According to the technical scheme, in the fifth step, the security vulnerability analysis firstly obtains a plurality of encryption methods which are available for all security vulnerabilities of the input data, an optimal encryption method which is a mapping collection is preferably selected, and then key pair matching is carried out on the optimal encryption method.
Compared with the prior art, the invention has the following beneficial effects: according to the data security processing method based on the big data, the collected data is processed by using a public key encryption method, so that the risks of malicious stealing and tampering of the data in the transmission process are reduced, the usability, integrity and confidentiality of the data are ensured, and the circulation security of the data is ensured; the security vulnerability analysis model is constructed by utilizing big data, scientific support is provided for the encryption method, the security vulnerability range aimed by the encryption method is expanded, the encryption effect of the encryption method is improved, the data is prevented from being damaged, changed and leaked due to unknown security vulnerabilities, the application range is wide, the reliability is high, the confidentiality level is high, and the security risk of the data is reduced; the security vulnerability analysis model is optimized through a cost complexity pruning method, so that the quality of the security vulnerability analysis model is improved, the accuracy, the recall ratio, the precision ratio and the AUC value of the security vulnerability analysis model are improved, the security of the encryption method is enhanced, and the circulation security of data is ensured.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a data security processing method based on big data comprises the following steps: step one, generating a secret key; step two, constructing a model; step three, optimizing the model; step four, data acquisition; step five, data encryption; step six, data decryption;
in the first step, the data cloud end screens out a large amount of original data with corresponding characteristics, security holes of the original data and available encryption methods of the security holes from the big data according to the characteristics of the data to be processed, and generates corresponding key pairs according to different encryption methods, wherein the key pairs consist of an encryption public key and a decryption private key, and the encryption public key and the decryption private key are respectively stored in the data terminal and the data cloud end;
in the second step, the original data obtained in the first step is divided into training set data and test set data, the training set data and the test set data respectively account for 70% and 30% of the original data, logic calculation is carried out on the training set data and the security loophole and encryption method obtained in the first step by using a decision tree algorithm, and a classification regression decision tree algorithm is selected for the decision tree algorithm to construct an original analysis model;
in the third step, the test set data obtained in the second step is substituted into the original analysis model obtained in the second step, the quality of the judgment result of the original analysis model is evaluated through evaluation indexes, the evaluation indexes are four items of accuracy, recall ratio, precision ratio and AUC value, a security vulnerability analysis model is obtained through a cost complexity pruning method, branches with bad judgment result in a decision tree of the original analysis model are firstly pruned through the cost complexity pruning method, and then the branches with good judgment result in the decision tree of the original analysis model are reserved;
in the fourth step, the data terminal closes the conventional input program, starts the safe input program, guides the user to perform data input operation, and obtains input data after the data terminal finishes the acquisition;
in the fifth step, the data terminal calls a security vulnerability analysis model obtained by the data cloud from the third step, security vulnerability analysis is carried out on the input data obtained in the fourth step, a plurality of encryption methods available for all security vulnerabilities of the input data are obtained firstly through the security vulnerability analysis, an optimal encryption method which is a mapping collection is selected, then key pair matching is carried out on the optimal encryption method, a key pair matched with the input data is judged according to the key pair obtained in the first step, and the input data are encrypted through a public key in the key pair to obtain encrypted data;
in the sixth step, the data terminal uploads the encrypted data obtained in the fifth step to the data cloud end through the encryption network, and the data cloud end decrypts the encrypted data through the private key in the key pair to obtain decrypted data.
Based on the above, the invention has the advantages that the invention uses the public key encryption method to process the acquired data, thereby reducing the risk of malicious stealing and tampering of the data in the transmission process, ensuring the usability, integrity and confidentiality of the data, ensuring the circulation safety of the data, and using big data to construct a security vulnerability analysis model, providing scientific support for the encryption method, thereby expanding the security vulnerability range aimed by the encryption method, improving the encryption effect of the encryption method, preventing the data from being damaged, changed and leaked due to unknown security vulnerabilities, having wide application range, strong reliability, high confidentiality grade and reducing the security risk of the data.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (7)

1. A data security processing method based on big data comprises the following steps: step one, generating a secret key; step two, constructing a model; step three, optimizing the model; step four, data acquisition; step five, data encryption; step six, data decryption; the method is characterized in that:
in the first step, the data cloud end screens out a large amount of original data with corresponding characteristics, security holes of the original data and available encryption methods of the security holes from the big data according to the characteristics of the data to be processed, and generates corresponding key pairs according to different encryption methods;
in the second step, the original data obtained in the first step is divided into training set data and test set data, and the training set data and the security loophole and encryption method obtained in the first step are subjected to logic calculation by using a decision tree algorithm to construct an original analysis model;
in the third step, the test set data obtained in the second step is substituted into the original analysis model obtained in the second step, the quality of the judgment result of the original analysis model is evaluated through the evaluation index, and the security vulnerability analysis model is obtained through a cost complexity pruning method;
in the fourth step, the data terminal closes the conventional input program, starts the safe input program, guides the user to perform data input operation, and obtains input data after the data terminal finishes the acquisition;
in the fifth step, the data terminal calls a security vulnerability analysis model obtained by the data cloud from the third step, performs security vulnerability analysis on the input data obtained in the fourth step, judges a key pair matched with the input data according to the key pair obtained in the first step, and encrypts the input data through a public key in the key pair to obtain encrypted data;
in the sixth step, the data terminal uploads the encrypted data obtained in the fifth step to the data cloud end through the encryption network, and the data cloud end decrypts the encrypted data through the private key in the key pair to obtain decrypted data.
2. The big data based data security processing method according to claim 1, wherein: in the first step, the key pair consists of an encryption public key and a decryption private key, and the encryption public key and the decryption private key are respectively stored in the data terminal and the data cloud.
3. The big data based data security processing method according to claim 1, wherein: in the second step, the training set data and the test set data respectively account for 70% and 30% of the original data.
4. The big data based data security processing method according to claim 1, wherein: in the second step, the decision tree algorithm is a classification regression decision tree algorithm.
5. The big data based data security processing method according to claim 1, wherein: in the third step, the evaluation indexes are four items of correct rate, recall ratio, precision ratio and AUC value.
6. The big data based data security processing method according to claim 1, wherein: in the third step, the cost complexity pruning method firstly prunes the branches with bad judgment results in the decision tree of the original analysis model, and then reserves the trunks with good judgment results in the decision tree of the original analysis model.
7. The big data based data security processing method according to claim 1, wherein: in the fifth step, the security vulnerability analysis firstly obtains a plurality of encryption methods which are available for all security vulnerabilities of the input data, an optimal encryption method which is a mapping collection is preferably selected, and then key pair matching is carried out on the optimal encryption method.
CN202110421989.3A 2021-04-20 2021-04-20 Data security processing method based on big data Pending CN113127881A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110421989.3A CN113127881A (en) 2021-04-20 2021-04-20 Data security processing method based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110421989.3A CN113127881A (en) 2021-04-20 2021-04-20 Data security processing method based on big data

Publications (1)

Publication Number Publication Date
CN113127881A true CN113127881A (en) 2021-07-16

Family

ID=76777837

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110421989.3A Pending CN113127881A (en) 2021-04-20 2021-04-20 Data security processing method based on big data

Country Status (1)

Country Link
CN (1) CN113127881A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114636801A (en) * 2022-03-02 2022-06-17 宁波诺丁汉新材料研究院有限公司 Novel steel slag waste typical sample data information analysis equipment and analysis method thereof

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025019A (en) * 2015-07-07 2015-11-04 深圳奥联信息安全技术有限公司 Data safety sharing method
CN106096406A (en) * 2016-05-30 2016-11-09 北京启明星辰信息安全技术有限公司 Method and device is analyzed in a kind of security breaches backtracking
CN106548074A (en) * 2016-12-09 2017-03-29 江苏通付盾科技有限公司 Application program analyzing monitoring method and system
CN108076032A (en) * 2016-11-15 2018-05-25 中国移动通信集团广东有限公司 A kind of abnormal behaviour user identification method and device
CN108226395A (en) * 2017-12-28 2018-06-29 广东中联兴环保科技有限公司 Atmospheric environment sudden threshold value of warning in industrial park determines method and device
CN110855671A (en) * 2019-11-15 2020-02-28 三星电子(中国)研发中心 Trusted computing method and system
CN111814154A (en) * 2020-07-13 2020-10-23 南京暴走团电子商务有限公司 High-compatibility safety protection system for network software development
CN112003869A (en) * 2020-08-28 2020-11-27 国网重庆市电力公司电力科学研究院 Vulnerability identification method based on flow

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025019A (en) * 2015-07-07 2015-11-04 深圳奥联信息安全技术有限公司 Data safety sharing method
CN106096406A (en) * 2016-05-30 2016-11-09 北京启明星辰信息安全技术有限公司 Method and device is analyzed in a kind of security breaches backtracking
CN108076032A (en) * 2016-11-15 2018-05-25 中国移动通信集团广东有限公司 A kind of abnormal behaviour user identification method and device
CN106548074A (en) * 2016-12-09 2017-03-29 江苏通付盾科技有限公司 Application program analyzing monitoring method and system
CN108226395A (en) * 2017-12-28 2018-06-29 广东中联兴环保科技有限公司 Atmospheric environment sudden threshold value of warning in industrial park determines method and device
CN110855671A (en) * 2019-11-15 2020-02-28 三星电子(中国)研发中心 Trusted computing method and system
CN111814154A (en) * 2020-07-13 2020-10-23 南京暴走团电子商务有限公司 High-compatibility safety protection system for network software development
CN112003869A (en) * 2020-08-28 2020-11-27 国网重庆市电力公司电力科学研究院 Vulnerability identification method based on flow

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114636801A (en) * 2022-03-02 2022-06-17 宁波诺丁汉新材料研究院有限公司 Novel steel slag waste typical sample data information analysis equipment and analysis method thereof

Similar Documents

Publication Publication Date Title
EP3342090A1 (en) Method for providing encrypted data in a database and method for searching on encrypted data
CN104750784B (en) A kind of space querying integrity verification method based on Merkle tree constructions
CN110069946B (en) Safe indexing system based on SGX
CN108768990A (en) It is a kind of that encryption method can search for based on block chain
CN110717197A (en) Credit investigation data sharing method based on block chain
CN111858519A (en) System and method for sharing confidential data on block chain
CN113127881A (en) Data security processing method based on big data
CN104639528A (en) DBA (database administrator) mobile client counterattack method and DBA mobile client counterattack device
CN117235796A (en) Electronic commerce data processing method
CN109740378A (en) A kind of safety of anti-keyword privacy leakage is to index construction and its search method
Li Research on e-commerce user information encryption technology based on Merkle hash tree
US8862893B2 (en) Techniques for performing symmetric cryptography
CN110427906B (en) Hybrid encryption identification method combining fingerprint and finger vein biological characteristics
CN111092723B (en) Quantum computing method for protecting data privacy
CN117454408A (en) Data sharing security verification method and system based on differential privacy
Yang et al. An efficient update algorithm for mutable order-preserving encryption
CN109495455A (en) A kind of data processing system, method and apparatus
CN117540434B (en) Database management and security analysis method
Chaum et al. WOTSwana: A Generalized S leeve Construction for Multiple Proofs of Ownership
CN107968706A (en) Whitepack cryptographic methods and system with flow defencive function
CN113765879B (en) Symmetric encryption tunnel cracking method, system and storage medium
Rao et al. A cryptographic privacy preserving approach over classification
Hao Database Mining Information System Based on Artificial Intelligence Algorithm
Shu et al. Innovative research on encryption and protection of e-commerce with big data analysis
CN117216752A (en) Account password security system based on artificial intelligence

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210716

RJ01 Rejection of invention patent application after publication