CN115842682B - Authority risk analysis method and system for network protection - Google Patents
Authority risk analysis method and system for network protection Download PDFInfo
- Publication number
- CN115842682B CN115842682B CN202310128819.5A CN202310128819A CN115842682B CN 115842682 B CN115842682 B CN 115842682B CN 202310128819 A CN202310128819 A CN 202310128819A CN 115842682 B CN115842682 B CN 115842682B
- Authority
- CN
- China
- Prior art keywords
- prediction
- embeddable
- image
- pixels
- bit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Editing Of Facsimile Originals (AREA)
- Image Processing (AREA)
Abstract
The invention relates to the field of user identity inspection, in particular to a permission risk analysis method and a permission risk analysis system for network protection, comprising the following steps: acquiring a gray level co-occurrence matrix of the verification image, and acquiring an optimal prediction mask of the verification image according to the direction error degree; calculating a prediction error of a predicted pixel point according to the optimal prediction mask, and marking embeddable pixel points and non-embeddable pixel points; embedding the secret information sequence into an embedded bit capable of being embedded into the pixel point; and taking the encrypted image scrambled by the embedded image as user identity authentication request information, decrypting the received encrypted image by the authentication server, extracting a verification information sequence, and carrying out security verification on the identity authentication request information according to the verification information sequence and the secret information sequence. According to the invention, the prediction error of the verification image is reduced through the optimal prediction mask, the embedding amount of secret information in the verification image is improved, the safety of user authentication data in the transmission process is ensured, and the user identity is authenticated.
Description
Technical Field
The invention relates to the field of user identity inspection, in particular to a permission risk analysis method and system for network protection.
Background
The user terminal sends user identity authentication request information to the authentication server, and an analysis module of the authentication server analyzes the network environment data of the user to obtain the network security degree of the user and realize user identity authentication. In order to ensure that the user identity can be accurately authenticated, the security of user authentication data in the transmission process needs to be ensured, and network protection is a technical means for ensuring the security of user authentication data transmission, and the ciphertext domain image reversible information hiding technology is combined with the encryption technology and the information hiding technology, so that the dual functions of data privacy protection and secret information transmission can be realized, and therefore, the ciphertext domain image reversible information hiding technology is often used for network protection.
In the reversible information hiding technology of the ciphertext domain image, the more the secret information embedding amount in the ciphertext image is, the more sensitive the ciphertext image is to the ciphertext image change caused by attack, and the more the ciphertext image can be analyzed and detected whether the ciphertext image is attacked or not, so that the secret information embedding amount in the ciphertext image determines the safety of the ciphertext image, the safety of user authentication data in the transmission process is required to be ensured, the user identity can be accurately authenticated, and the secret information embedding amount in the ciphertext image is required to be improved.
Disclosure of Invention
In order to solve the above problems, the present invention provides a rights risk analysis method for network protection, the method comprising:
acquiring a verification image; obtaining gray level co-occurrence matrixes of the verification image in four directions, calculating the direction error degree according to the gray level co-occurrence matrixes, and obtaining an optimal prediction mask of the verification image according to the direction error degree;
dividing pixels in the verification image into reference pixels and prediction pixels, calculating prediction errors of the prediction pixels according to an optimal prediction mask of the verification image, marking the prediction pixels with the prediction errors within an error range as embeddable pixels, and marking the prediction pixels with the prediction errors not within the error range as embeddable pixels;
encoding the prediction error of the non-embeddable pixel point into a corresponding binary number, and marking the embeddable pixel point and the non-embeddable pixel point; embedding the secret information sequence into an embedded bit capable of being embedded into the pixel point; taking the combination of the embedded bit and the mark bit of the embeddable pixel point as the binary number of the embeddable pixel point;
converting binary numbers of all the predicted pixel points into decimal numbers, and embedding image record positions formed by all the reference pixel points and the predicted pixel points into an image;
scrambling the embedded image to obtain a ciphertext image; and sending the ciphertext image to an authentication server as user identity authentication request information, decrypting the received ciphertext image from the user terminal by the authentication server, extracting a verification information sequence, and carrying out security verification on the identity authentication request information according to the verification information sequence and the secret information sequence.
Further, the calculating the direction error degree according to the gray level co-occurrence matrix comprises the following specific steps:
according to the direction
Gray level co-occurrence matrix->
Calculate direction->
Direction error degree, direction->
The calculation formula of the direction error degree is as follows: />
In the method, in the process of the invention,
indicate direction +.>
Direction error degree,/->
Representing the verification image in the direction +.>
Gray level co-occurrence matrix->
Midpoint pair->
Frequency of->
Respectively is the constitution point pair value->
Gray values of two pixels, of +.>
The representation takes absolute value.
Further, the method for obtaining the optimal prediction mask of the verification image according to the direction error degree comprises the following specific steps:
according to the direction
Calculating the weighting coefficient of the predictive mask for the degree of directional error of (2)>
The calculation formula of (2) is as follows:
in the method, in the process of the invention,
weighting coefficients representing the prediction mask, +.>
Represents an exponential function based on natural constants, < ->
Indicate direction +.>
Is a degree of directional error;
the weighting coefficients of all the positions are obtained and the finally obtained prediction mask is recorded as the optimal prediction mask for verifying the image.
Further, the marking of the embeddable pixel point and the non-embeddable pixel point includes the following specific steps:
the 7 th bit and the 8 th bit of the 8 bit binary number which can not be embedded into the pixel point are used as marking bits
Marking non-embeddable pixel points, 8-bit binary numbers of non-embeddable pixel pointsSubstitution of 7 th and 8 th bits with +.>
;
The 6 th bit to the 8 th bit of the 8 bit binary numbers capable of being embedded into the pixel points are marking bits, and the 3 bit binary numbers are used for marking the embeddable pixel points, specifically: using 3-bit binary numbers
Coding error range +.>
Prediction error +.>
Coding results of prediction errors of the embeddable pixels are recorded as prediction codes of the embeddable pixels, and the prediction codes of the embeddable pixels are respectively used as 8 th bit to 6 th bit of 8 th bit binary numbers of the embeddable pixels.
Further, the calculating the prediction error of the predicted pixel point according to the optimal prediction mask of the verification image includes the following specific steps:
coordinates are
The calculation formula of the predicted value of the predicted pixel point is as follows:
in the method, in the process of the invention,
representing coordinates of +.>
Predicted value of a predicted pixel of +.>
Weighting coefficients respectively representing corresponding positions in the best prediction mask,/-, and>
respectively represent the coordinates as
A gray value of a pixel point in a neighborhood around the pixel point;
let the coordinates be
The difference between the gray value and the predicted value of the predicted pixel is used as the prediction error of the predicted pixel.
Further, the coding the prediction error of the non-embeddable pixel point into the corresponding binary number includes the following specific steps:
taking the 1 st bit of the non-embeddable pixel point as a sign bit, if the prediction error of the non-embeddable pixel point is negative, the sign bit is 1, otherwise, the sign bit is 0; taking 7-bit binary numbers corresponding to the absolute value of the prediction error of the non-embeddable pixel point as the prediction coding of the non-embeddable pixel point, and taking the prediction coding of the non-embeddable pixel point as the 2 nd bit to the 8 th bit of the 8-bit binary numbers of the non-embeddable pixel point to obtain the 8-bit binary numbers of the non-embeddable pixel point.
Further, the step of performing security verification on the identity authentication request information according to the verification information sequence and the secret information sequence includes the following specific steps:
dividing the authentication information sequence into a plurality of lengths
Calculating the hamming distance of each sub-sequence from the secret information sequence if there is a hamming distance less than +.>
If the sub-sequence of (2) indicates that the network is not secure and the user's authentication request is not passed, wherein ∈>
Representing the length of the secret information sequence.
Further, the dividing the pixels in the verification image into reference pixels and prediction pixels includes the following specific steps:
dividing all pixel points of a first row, a first column and a last column in the verification image into a first class, and marking each pixel point in the first class as a reference pixel point; all pixels in the verification image except the reference pixel are marked as predicted pixels.
Further, the method for obtaining the gray level co-occurrence matrix of the verification image in four directions comprises the following specific steps:
for verifying coordinates in an image as
Respectively taking the target pixel point and the coordinates as
The point pairs formed by the pixel points of the (a) are marked as the point pairs of the target pixel point in the directions 1, 2, 3 and 4; the gray value of two pixel points corresponding to the point pair is recorded as the point pair value +.>
;
For verifying orientation in an image
All pairs of points on the table, count each pair of points value +.>
The square matrix composed of the probabilities of all the seed point pair values is recorded as the gray level co-occurrence matrix of the verification image in the direction.
The embodiment of the invention provides a permission risk analysis system for network protection, which comprises a user terminal and an authentication server, wherein the user terminal comprises an acquisition module and an encryption module, the authentication server comprises a receiving module and a decryption verification module, the acquisition module is used for acquiring a verification image, the receiving module is used for receiving a ciphertext image from the user terminal, and the encryption module and the decryption verification module realize the steps of the method and realize the safety verification of user identity authentication request information.
The method of the invention has at least the following beneficial effects:
according to the invention, the optimal prediction mask of the verification image is obtained by combining the distribution characteristics of the pixels in the verification image, the accuracy of the prediction value of the pixels in the verification image obtained according to the optimal prediction mask is high, the prediction error of the pixels in the verification image is smaller, the embeddable pixels of the prediction error in the verification image within the error range are more, the embedding amount of secret information in the final ciphertext image is more, the safety of the ciphertext image, namely user authentication data in the transmission process is ensured, and further the user identity can be accurately authenticated.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart illustrating steps of a method and a system for authority risk analysis for network protection according to an embodiment of the present invention;
FIG. 2 shows 4 directions of a target pixel according to an embodiment of the present invention;
FIG. 3 illustrates weighting coefficients in an optimal prediction mask according to one embodiment of the present invention;
FIG. 4 is a verification image including reference pixels and predicted pixels according to one embodiment of the present invention;
FIG. 5 is a verification image of a prediction error provided by one embodiment of the present invention;
FIG. 6 is a verification image including embeddable pixels and non-embeddable pixels provided in accordance with one embodiment of the present invention;
FIG. 7 is a verification image of marking and encoding prediction errors provided by one embodiment of the present invention;
FIG. 8 is a verification image of embedded secret information provided by one embodiment of the present invention;
fig. 9 is an embedded image provided in one embodiment of the present invention.
Detailed Description
In order to further describe the technical means and effects adopted by the present invention to achieve the preset purposes, the following detailed description refers to the specific implementation, structure, characteristics and effects of a rights risk analysis method and system for network protection according to the present invention with reference to the accompanying drawings and preferred embodiments. In the following description, different "one embodiment" or "another embodiment" means that the embodiments are not necessarily the same. Furthermore, the particular features, structures, or characteristics of one or more embodiments may be combined in any suitable manner.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
The following specifically describes a specific scheme of a rights risk analysis method and a system for network protection provided by the invention with reference to the accompanying drawings.
Referring to fig. 1, a flowchart of steps of a method and a system for analyzing authority risk for network protection according to an embodiment of the present invention is shown, where the method includes the following steps:
s001, acquiring a verification image.
When a user sends user identity authentication request information to an authentication server through a user terminal, the user identity authentication request information is usually authenticated through a face, and the face image is recorded as an authentication image.
S002, acquiring a verification image, acquiring gray level co-occurrence matrixes of the verification image in four directions, calculating the direction error degree according to the gray level co-occurrence matrixes, and acquiring an optimal prediction mask of the verification image according to the direction error degree.
It should be noted that, the present invention combines the local correlation of the verification image, predicts the verification image to obtain a prediction error image, and uses
The predictive error of each pixel is marked and coded by a binary number of bits, so that 8 of each pixel is the binary number with +.>
The bits are used to embed secret information.
The more accurate the prediction result, the smaller the prediction error, the number of bits of binary digits when encoding the prediction error
The smaller the number of bits per pixel for embedding secret information +.>
The larger the secret information embedding amount in the ciphertext image is, the more safe the user authentication data in the transmission process can be ensured, and further the user identity can be accurately authenticated. />
Therefore, the accuracy of the prediction result of the verification image needs to be ensured, and the local correlation of the verification image is considered, so that the prediction value of the target pixel point obtained through the neighborhood pixel points around the target pixel point is more accurate.
The accuracy of the prediction result of the verification image depends on the construction of a prediction mask, the prediction mask is constructed according to 4 adjacent pixel points of the pixel points, each position in the prediction mask is provided with a corresponding weighting coefficient, and the larger the weighting coefficient is, the larger the contribution of the pixel point corresponding to the position to the prediction value of the target pixel point is, namely the larger the influence of the pixel point corresponding to the position to the accuracy of the prediction value of the target pixel point is. In order to ensure the accuracy of the predicted value of the verification image, the invention combines the distribution characteristics of the pixels in the verification image to obtain the optimal prediction mask.
In this embodiment, the step of obtaining the optimal predictive mask for the verification image is:
1. and obtaining the gray level co-occurrence matrix of the verification image in four directions.
For verifying coordinates in an image as
The target pixel point and the coordinates are +.>
The point pair formed by the pixel points of (2) is marked as the point pair of the target pixel point in the direction 1, and the target pixel point and the coordinate are in the same way +.>
The point pair formed by the pixel points of (2) is marked as the point pair of the target pixel point in the direction of 2, and the target pixel point and the coordinate are +.>
The point pair formed by the pixel points of (2) is marked as the point pair of the target pixel point in the direction 3, and the target pixel point and the coordinate are +.>
The point pair formed by the pixel points of (a) is marked as the point pair of the target pixel point in the direction 4, and the 4 directions of the target pixel point are shown in fig. 2. The gray value of two pixel points corresponding to the point pair is recorded as the point pair value +.>
。
For verifying orientation in an image
All pairs of points on the table, count each pair of points value +.>
The square matrix composed of the probabilities of all the seed point pair values is recorded as the gray level co-occurrence matrix of the verification image in the direction.
2. And calculating the direction error degree according to the gray level co-occurrence matrix.
The larger the weighting coefficient of the corresponding position of the prediction mask is, the larger the influence of the pixel point corresponding to the position on the accuracy of the predicted value of the target pixel point is, in order to ensure the accuracy of the predicted value of the verification image, the difference between the gray value of each position in the prediction mask and the gray value of the target pixel point is calculated, the difference is the prediction error of predicting the target pixel point according to the pixel point corresponding to the position, the difference between the gray value of each position in the prediction mask and the gray value of the target pixel point can be represented by the gray level co-occurrence matrix corresponding to the direction, in the gray level co-occurrence matrix corresponding to the direction, the smaller the difference between the gray values of two pixel points in the point pair corresponding to the element near the diagonal line is, and therefore, the larger the probability of the element near the diagonal line in the gray level co-occurrence matrix is, the smaller the prediction error of predicting the target pixel point according to the pixel point corresponding to the position is.
In the present embodiment, according to the direction
Gray level co-occurrence matrix->
Calculate direction->
Direction error degree, direction->
The calculation formula of the direction error degree is as follows:
in the method, in the process of the invention,
indicate direction +.>
Direction error degree,/->
Representing the verification image in the direction +.>
Gray level co-occurrence matrix->
Midpoint pair->
Frequency of->
Respectively is the constitution point pair value->
Gray values of two pixels, of +.>
The representation takes absolute value. />
In the direction of
Gray level co-occurrence matrix->
In (I)>
The corresponding range is near the diagonal line in the gray level co-occurrence matrix, and the average error near the diagonal line in the gray level co-occurrence matrix is calculated according to the probability and used for representing the direction +.>
Is a degree of directional error of (a).
3. The best predictive mask for the verification image is obtained based on the degree of directional error.
The larger the degree of the directional error of the verification image in any one direction, the larger the difference between the gray values of two adjacent pixels in the direction, so that when the target pixel is predicted according to the prediction mask, the larger the prediction error of the target pixel is predicted according to the pixel at the position corresponding to the direction, in order to ensure the accuracy of the predicted value of the target pixel, the smaller the influence of the pixel at the position on the predicted value of the target pixel, that is, the smaller the weighting coefficient of the prediction mask at the position is required.
In the present embodiment, according to the direction
Obtain the weighting coefficient of the predictive mask for the degree of directional error of (2)>
The specific calculation formula is as follows:
in the method, in the process of the invention,
weighting coefficients representing the prediction mask, +.>
Represents an exponential function based on natural constants, < ->
Indicate direction +.>
Is a degree of directional error of (a).
In order to ensure the accuracy of the predicted value of the target pixel point, the direction
Direction error degree +.>
The larger the weighting coefficient of the direction at the corresponding position of the predictive mask +.>
The smaller.
The weighting coefficients for all positions are obtained and the finally obtained prediction mask is noted as the best prediction mask for the verification image, the weighting coefficients in the best prediction mask being shown in fig. 3.
It should be noted that, the present invention combines the distribution characteristics of the pixels in the verification image to obtain the optimal prediction mask of the verification image, and the prediction value of the pixels in the verification image obtained according to the optimal prediction mask has high accuracy, and the prediction error of the pixels in the verification image is smaller.
S003, dividing the pixel points in the verification image into reference pixel points and prediction pixel points, calculating prediction errors of the prediction pixel points according to an optimal prediction mask of the verification image, classifying all the prediction pixel points according to the prediction errors, marking and encoding the prediction errors of all the prediction pixel points in the second class and the third class, and embedding the secret information sequence into embedding positions capable of being embedded into the pixel points to obtain an embedded image.
1. And dividing the pixel points in the verification image into reference pixel points and prediction pixel points.
In order to ensure that the verification image is restored later, gray values of all pixels in a first row, a first column and a last column in the verification image need to be recorded, so that all pixels in the first row, the first column and the last column in the verification image are divided into a first class, and each pixel in the first class is recorded as a reference pixel.
All pixels in the verification image except the reference pixel are marked as predicted pixels.
For example, fig. 4 is a verification image, in which white is a reference pixel and light is a predicted pixel.
2. And calculating the prediction error of the predicted pixel point according to the optimal prediction mask of the verification image.
Calculating coordinates as
The calculation formula of the predicted value of the predicted pixel point is as follows: />
In the method, in the process of the invention,
representing coordinates of +.>
Predicted value of a predicted pixel of +.>
Weighting coefficients respectively representing corresponding positions in the best prediction mask,/-, and>
respectively represent the coordinates as
Is used for predicting the gray value of the pixel point of the neighborhood around the pixel point.
Let the coordinates be
The difference between the gray value and the predicted value of the predicted pixel is used as the prediction error of the predicted pixel.
For example, the predicted values of all the predicted pixels in the verification image of fig. 4 are obtained according to the calculation formula of the predicted values, and fig. 5 is the prediction error of the predicted pixels in fig. 4.
3. And classifying all the predicted pixel points according to the prediction errors.
(1) All the prediction pixels with the prediction errors within the error range are divided into a second class, and each prediction pixel in the second class is marked as an embeddable pixel.
In this embodiment, pixel points can be embedded with a 3-bit binary number mark, encoded
The non-embeddable pixel is marked, so that in order to distinguish the non-embeddable pixel, only 6 binary numbers of 3 bits can be used for marking the embeddable pixel, which are respectively: />
Therefore, the error range of this embodiment is +.>
The 6 prediction errors within the error range are marked with the above 6 3-bit binary numbers, respectively.
In the present embodiment, the number of bits of binary digits of the prediction error is encoded
Therefore, the error range is +.>
In other embodiments, the practitioner can set the number of bits of the binary number encoding the prediction error +.>
And error range.
(2) All the prediction pixels with prediction errors not within the error range are divided into a third class, and each prediction pixel in the third class is marked as an uninjectable pixel.
For example, all the prediction pixels in the verification image are divided into embeddable pixels and non-embeddable pixels according to the prediction error, as in fig. 6, light color is embeddable pixels, and dark color is non-embeddable pixels.
4. And marking and encoding the prediction errors of all the prediction pixels in the second class and the third class.
For the predicted pixel points in the second class and the third class, each predicted pixel point is represented by an 8-bit binary number, and the 8-bit binary number of each predicted pixel point is sequentially recorded as 1 st bit to 8 th bit from left to right.
(1) Taking the 1 st bit of the non-embeddable pixel point as a sign bit, if the prediction error of the non-embeddable pixel point is negative, the sign bit is 1, otherwise, the sign bit is 0; taking 7-bit binary numbers corresponding to the absolute value of the prediction error of the non-embeddable pixel point as the prediction coding of the non-embeddable pixel point, and taking the prediction coding of the non-embeddable pixel point as the 2 nd bit to the 8 th bit of the 8-bit binary numbers of the non-embeddable pixel point to obtain the 8-bit binary numbers of the non-embeddable pixel point.
(2) The 7 th bit and the 8 th bit of the 8 bit binary number which can not be embedded into the pixel point are used as marking bits
Marking non-embeddable pixel, and replacing 7 th bit and 8 th bit of 8-bit binary number of the non-embeddable pixel with +.>
。
(3) The 6 th bit to the 8 th bit of the 8 bit binary numbers capable of being embedded into the pixel points are marking bits, and the 3 bit binary numbers are used for marking the embeddable pixel points, specifically: using 3-bit binary numbers
Coding error range +.>
Prediction error +.>
Coding results of prediction errors of the embeddable pixels are recorded as prediction codes of the embeddable pixels, and the prediction codes of the embeddable pixels are respectively used as 8 th bit to 6 th bit of 8 th bit binary numbers of the embeddable pixels. />
For example, fig. 7 is a coding result of prediction errors of all the prediction pixels in fig. 6.
5. The secret information sequence is embedded into the embedded bits of the embeddable pixel point.
The 1 st bit to the 5 th bit of the 8 bit binary number capable of being embedded into the pixel point are embedded bits for embedding secret information; arranging all embeddable pixel points in the verification image according to the sequence from top to bottom and from left to right, for the first
Can be embedded into pixel points, and the +.>
To->
The personal secret information is embedded into +.>
An embedding bit capable of being embedded into the pixel, wherein +.>
Representing the length of the secret information sequence, < >>
Representing the division remainder.
It should be noted that, the secret information sequence is agreed by the user terminal and the authentication server, and is used for the authentication server to perform security verification on the user identity authentication request information sent by the user terminal, so that transmission between the user terminal and the authentication server is not required.
The invention has the advantages that the accuracy of the predicted value of the pixel point in the verification image obtained according to the optimal prediction mask is high, the prediction error of the pixel point in the verification image is smaller, the embeddable pixel point of the prediction error in the verification image within the error range is more, the embedding amount of secret information in the final ciphertext image is more, the safety of the ciphertext image, namely the user authentication data in the transmission process is ensured, and the user identity can be accurately authenticated.
For example: in this embodiment, the secret information sequence is 1000101100001101011101011, and the secret information sequence is embedded in the embedding bit of the sound embeddable pixel point of the verification image, and the result is shown in fig. 8.
6. And converting 8-bit binary numbers of the embeddable pixel points and the non-embeddable pixel points into decimal numbers, and recording an image formed by all the pixel points in the verification image as an embedded image. And sending the ciphertext image to an authentication server as user identity authentication request information.
For example, an embedded image corresponding to the verification image of fig. 4 is shown in fig. 9.
S004, scrambling the embedded image to obtain a ciphertext image.
All pixel points in the embedded image are arranged according to the sequence from top to bottom and from left to right to obtain a pixel sequence, and the size of the embedded image is as follows
Thus, the length of the pixel sequence is +.>
。
According to the secret key
Generating length +.>
The chaotic sequence is used as a step sequence of the variable step Joseph traversal of the pixel sequence, the image is scrambled by the variable step Joseph traversal of the pixel sequence, and the scrambled pixel sequence is converted into +_>
Ciphertext image of (a).
S005, decrypting the ciphertext image, extracting a verification information sequence, and carrying out security verification on the identity authentication request information according to the verification information sequence and the secret information sequence.
When a user logs in and authenticates the user terminal, the user terminal sends the ciphertext image as user identity authentication request information to an authentication server, and the authentication server decrypts the ciphertext image and extracts an authentication information sequence, and performs security authentication on the identity authentication request information according to the authentication information sequence and the secret information sequence, wherein the authentication server comprises the following specific steps of:
1. according to the secret key
And decrypting the ciphertext image to obtain the embedded image.
2. To be embedded in the first row, first column of the imageAll pixels of the last column are marked as reference pixels, and all pixels of the embedded image except the reference pixels are marked as predicted pixels. Dividing the predicted pixel points into embeddable pixel points and non-embeddable similarity according to the marks, wherein the method specifically comprises the following steps: converting the gray values of all the predicted pixel points into corresponding 8-bit binary numbers, and judging whether the last two bits of the 8-bit binary numbers are
If so, the predicted pixel point is an unintelligible pixel point, otherwise, the predicted pixel point is an embeddable pixel point. />
3. And (3) arranging the 1 st bit to the 5 th bit of all the 8-bit binary numbers capable of being embedded into the pixel points according to the sequence from top to bottom and from left to right, and marking the obtained sequence as a verification information sequence of the embedded image.
4. Dividing the authentication information sequence into a plurality of lengths
Calculating the hamming distance of each sub-sequence from the secret information sequence if there is a hamming distance less than +.>
If the sub-sequence of (2) indicates that the network is unsafe, the user's authentication request is not passed,/->
Representing the length of the secret information sequence.
In summary, the optimal prediction mask of the verification image is obtained by combining the distribution characteristics of the pixels in the verification image, the prediction value of the pixels in the verification image obtained according to the optimal prediction mask is high in accuracy, the prediction error of the pixels in the verification image is smaller, the embeddable pixels of the prediction error in the verification image within the error range are more, the embedding amount of secret information in the final ciphertext image is more, the safety of the ciphertext image, namely the user authentication data in the transmission process is ensured, and further the user identity can be accurately authenticated.
The embodiment of the invention provides a permission risk analysis system for network protection, which comprises a user terminal and an authentication server, wherein the user terminal comprises an acquisition module and an encryption module, the authentication server comprises a receiving module and a decryption verification module, the acquisition module is used for acquiring a verification image, the receiving module is used for receiving a ciphertext image from the user terminal, and the encryption module and the decryption verification module realize all steps in the embodiment of the invention and realize the safety verification of user identity authentication request information.
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. And the foregoing description has been directed to specific embodiments of this specification. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting thereof; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the scope of the embodiments of the present application, and are intended to be included within the scope of the present application.
Claims (8)
1. A rights risk analysis method for network protection, the method comprising:
acquiring a verification image; obtaining gray level co-occurrence matrixes of the verification image in four directions, calculating the direction error degree according to the gray level co-occurrence matrixes, and obtaining an optimal prediction mask of the verification image according to the direction error degree;
dividing pixels in the verification image into reference pixels and prediction pixels, calculating prediction errors of the prediction pixels according to an optimal prediction mask of the verification image, marking the prediction pixels with the prediction errors within an error range as embeddable pixels, and marking the prediction pixels with the prediction errors not within the error range as non-embeddable pixels;
encoding the prediction error of the non-embeddable pixel point into a corresponding binary number, and marking the embeddable pixel point and the non-embeddable pixel point; embedding the secret information sequence into an embedded bit capable of being embedded into the pixel point; taking the combination of the embedded bit and the mark bit of the embeddable pixel point as the binary number of the embeddable pixel point;
converting binary numbers of all the predicted pixel points into decimal numbers, and recording an image formed by all the reference pixel points and the predicted pixel points as an embedded image;
scrambling the embedded image to obtain a ciphertext image; the ciphertext image is sent to an authentication server as user identity authentication request information, the authentication server decrypts the received ciphertext image from the user terminal, extracts a verification information sequence, and performs security verification on the identity authentication request information according to the verification information sequence and the secret information sequence;
the method for obtaining the optimal prediction mask of the verification image according to the direction error degree comprises the following specific steps:
according to the direction
Calculating the weighting coefficient of the predictive mask for the degree of directional error of (2)>
The calculation formula of (2) is as follows:
in the method, in the process of the invention,
weighting coefficients representing the prediction mask, +.>
Represents an exponential function based on natural constants, < ->
Indicate direction +.>
Is a degree of directional error;
obtaining weighting coefficients of all positions, and marking the finally obtained prediction mask as the optimal prediction mask of the verification image;
the method for calculating the direction error degree according to the gray level co-occurrence matrix comprises the following specific steps:
according to the direction
Gray level co-occurrence matrix->
Calculate direction->
Direction error degree, direction->
The calculation formula of the direction error degree is as follows:
in the method, in the process of the invention,
indicate direction +.>
Direction error degree,/->
Representing the verification image in the direction +.>
Gray level co-occurrence matrix->
Midpoint pair->
Frequency of->
Respectively is the constitution point pair value->
Gray values of two pixels, of +.>
The representation takes absolute value.
2. The authority risk analysis method for network protection according to claim 1, wherein the marking of embeddable pixels and non-embeddable pixels comprises the following specific steps:
the 7 th bit and the 8 th bit of the 8 bit binary number which can not be embedded into the pixel point are used as marking bits
Marking non-embeddable pixel, and replacing 7 th bit and 8 th bit of 8-bit binary number of the non-embeddable pixel with +.>
;
The 6 th bit to the 8 th bit of the 8 bit binary numbers capable of being embedded into the pixel points are marking bits, and the 3 bit binary numbers are used for marking the embeddable pixel points, specifically: using 3-bit binary numbers
Coding error range +.>
Prediction error +.>
Coding results of prediction errors of the embeddable pixels are recorded as prediction codes of the embeddable pixels, and the prediction codes of the embeddable pixels are respectively used as 8 th bit to 6 th bit of 8 th bit binary numbers of the embeddable pixels.
3. The authority risk analysis method for network protection according to claim 1, wherein the calculating the prediction error of the predicted pixel point according to the optimal prediction mask of the verification image comprises the following specific steps:
coordinates are
The calculation formula of the predicted value of the predicted pixel point is as follows:
in the method, in the process of the invention,
representing coordinates of +.>
Predicted value of a predicted pixel of +.>
Weighting coefficients respectively representing corresponding positions in the best prediction mask,/-, and>
respectively represent the coordinates +.>
A gray value of a pixel point in a neighborhood around the pixel point;
let the coordinates be
The difference between the gray value and the predicted value of the predicted pixel is used as the prediction error of the predicted pixel.
4. The authority risk analysis method for network protection according to claim 1, wherein the encoding the prediction error of the non-embeddable pixel point into the corresponding binary number comprises the following specific steps:
taking the 1 st bit of the non-embeddable pixel point as a sign bit, if the prediction error of the non-embeddable pixel point is negative, the sign bit is 1, otherwise, the sign bit is 0; taking 7-bit binary numbers corresponding to the absolute value of the prediction error of the non-embeddable pixel point as the prediction coding of the non-embeddable pixel point, and taking the prediction coding of the non-embeddable pixel point as the 2 nd bit to the 8 th bit of the 8-bit binary numbers of the non-embeddable pixel point to obtain the 8-bit binary numbers of the non-embeddable pixel point.
5. The rights risk analysis method for network protection according to claim 1, wherein the security verification of the identity authentication request information according to the verification information sequence and the secret information sequence comprises the following specific steps:
dividing the authentication information sequence into a plurality of lengths
Calculating the hamming distance of each sub-sequence from the secret information sequence,if there is a hamming distance less than +.>
If the sub-sequence of (2) indicates that the network is not secure and the user's authentication request is not passed, wherein ∈>
Representing the length of the secret information sequence.
6. The rights risk analysis method for network protection according to claim 1, wherein the dividing the pixels in the verification image into the reference pixels and the prediction pixels comprises the following specific steps:
dividing all pixel points of a first row, a first column and a last column in the verification image into a first class, and marking each pixel point in the first class as a reference pixel point; all pixels in the verification image except the reference pixel are marked as predicted pixels.
7. The rights risk analysis method for network protection according to claim 1, wherein the obtaining the gray level co-occurrence matrix of the verification image in four directions comprises the following specific steps:
for verifying coordinates in an image as
Respectively taking the target pixel point and the coordinates as
The point pairs formed by the pixel points of the (a) are marked as the point pairs of the target pixel point in the directions 1, 2, 3 and 4; the gray value of two pixel points corresponding to the point pair is recorded as the point pair value
;/>
For verifying orientation in an image
All pairs of points on the table, count each pair of points value +.>
The square matrix composed of the probabilities of all the seed point pair values is recorded as the gray level co-occurrence matrix of the verification image in the direction.
8. The authority risk analysis system for network protection comprises a user terminal and an authentication service end, and is characterized in that the user terminal comprises an acquisition module and an encryption module, the authentication service end comprises a receiving module and a decryption verification module, the acquisition module is used for acquiring a verification image, the receiving module is used for receiving a ciphertext image from the user terminal, and the encryption module and the decryption verification module realize the steps of the method according to any one of claims 1 to 7 and realize the safety verification of user identity authentication request information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310128819.5A CN115842682B (en) | 2023-02-17 | 2023-02-17 | Authority risk analysis method and system for network protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310128819.5A CN115842682B (en) | 2023-02-17 | 2023-02-17 | Authority risk analysis method and system for network protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115842682A CN115842682A (en) | 2023-03-24 |
| CN115842682B true CN115842682B (en) | 2023-05-05 |
Family
ID=85579826
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310128819.5A Active CN115842682B (en) | 2023-02-17 | 2023-02-17 | Authority risk analysis method and system for network protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115842682B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109348228A (en) * | 2018-09-14 | 2019-02-15 | 东南大学 | A kind of hiding System and method for of the image encryption domain reversible information based on image segmentation and image space correlation |
| CN115190216A (en) * | 2022-07-13 | 2022-10-14 | 西安理工大学 | Encryption image reversible data hiding and decrypting method based on prediction error map |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006074338A (en) * | 2004-09-01 | 2006-03-16 | Fuji Xerox Co Ltd | Data concealing device, concealed data extraction device, data concealing method, concealed data extraction method, and program for them |
| CN111311474B (en) * | 2020-02-04 | 2023-06-16 | 太原科技大学 | High-capacity image encryption domain information hiding method |
| CN112070647B (en) * | 2020-07-16 | 2023-07-07 | 浙江万里学院 | Reversible high dynamic range image information hiding method |
| CN112333348B (en) * | 2020-10-26 | 2021-08-24 | 吉林大学 | Reversible data hiding method and system based on prediction error |
| CN112634120A (en) * | 2020-12-30 | 2021-04-09 | 暨南大学 | Image reversible watermarking method based on CNN prediction |
| CN114567711A (en) * | 2022-01-20 | 2022-05-31 | 宁波工程学院 | Large-capacity encrypted image information hiding method based on block capacity label |
| CN114565500A (en) * | 2022-03-02 | 2022-05-31 | 中山大学 | Reversible image authentication method and system based on prediction error expansion |
| CN115664858B (en) * | 2022-12-26 | 2023-03-28 | 厘壮信息科技(苏州)有限公司 | Authentication data encryption and decryption system for network security |
-
2023
- 2023-02-17 CN CN202310128819.5A patent/CN115842682B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109348228A (en) * | 2018-09-14 | 2019-02-15 | 东南大学 | A kind of hiding System and method for of the image encryption domain reversible information based on image segmentation and image space correlation |
| CN115190216A (en) * | 2022-07-13 | 2022-10-14 | 西安理工大学 | Encryption image reversible data hiding and decrypting method based on prediction error map |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115842682A (en) | 2023-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Saha et al. | Steganographic techniques of data hiding using digital images | |
| Chang et al. | Privacy-preserving reversible information hiding based on arithmetic of quadratic residues | |
| US7017182B2 (en) | Method of securely transmitting information | |
| CN115664858B (en) | Authentication data encryption and decryption system for network security | |
| CN101057448A (en) | Securely computing a similarity measure | |
| JP2016131335A (en) | Information processing method, information processing program and information processing device | |
| JP2008502071A (en) | Biometric template protection and characterization | |
| Yi et al. | Parametric reversible data hiding in encrypted images using adaptive bit-level data embedding and checkerboard based prediction | |
| Bartlow et al. | Protecting iris images through asymmetric digital watermarking | |
| Horng et al. | Blockchain‐based reversible data hiding for securing medical images | |
| CN114170658A (en) | Face recognition encryption authentication method and system combining watermark and deep learning | |
| CN114785483A (en) | Medical image safe transmission method based on half tensor product compressed sensing and mixed cloud | |
| CN113114869A (en) | Ciphertext domain high-capacity image reversible data hiding method based on MSB prediction | |
| Asaker et al. | A novel cancellable Iris template generation based on salting approach | |
| CN115865431A (en) | Network security sharing method for private data | |
| Hoang et al. | Remote multimodal biometric authentication using bit priority-based fragile watermarking | |
| CN116611082A (en) | File electronic signature algorithm capable of improving electronic signature security | |
| WO2023133907A1 (en) | Privacy protection biometric authentication method and apparatus, and electronic device | |
| Tsai et al. | Integrating coordinate transformation and random sampling into high-capacity reversible data hiding in encrypted polygonal models | |
| CN115842682B (en) | Authority risk analysis method and system for network protection | |
| CN116341582B (en) | Electronic traffic data management method and system based on two-dimension code | |
| CN117834186A (en) | Data encryption transmission method and system | |
| CN115865527B (en) | Anti-attack method and system for POS machine | |
| US20020017781A1 (en) | Seat belt guide | |
| CN116527278A (en) | Block chain hidden communication method based on generation type hidden network and image double hidden |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |