CN115879075A - Information security management system and method based on big data - Google Patents

Information security management system and method based on big data Download PDF

Info

Publication number
CN115879075A
CN115879075A CN202211307245.XA CN202211307245A CN115879075A CN 115879075 A CN115879075 A CN 115879075A CN 202211307245 A CN202211307245 A CN 202211307245A CN 115879075 A CN115879075 A CN 115879075A
Authority
CN
China
Prior art keywords
data
information
code
module
face
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211307245.XA
Other languages
Chinese (zh)
Inventor
董鸿肖
刘唐红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Harbin Shenqian Technology Co ltd
Original Assignee
Harbin Shenqian Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harbin Shenqian Technology Co ltd filed Critical Harbin Shenqian Technology Co ltd
Priority to CN202211307245.XA priority Critical patent/CN115879075A/en
Publication of CN115879075A publication Critical patent/CN115879075A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Collating Specific Patterns (AREA)

Abstract

The invention relates to the technical field of information security management, in particular to an information security management system and method based on big data, wherein the system comprises an information acquisition module, a data processing module, a distributed cloud storage module and an abnormality monitoring module; the information acquisition module is used for acquiring data of the facial features and the two-dimension code information for identity recognition and uploading the data to the distributed cloud storage module; the data processing module is used for managing the identity recognition data acquired by the data acquisition module and analyzing whether the identity recognition data has abnormal records; the distributed cloud storage module is used for storing the identity identification data acquired by the information acquisition module, screening the data and clearing redundant invalid data; the abnormity monitoring module is used for monitoring the process of acquiring the facial features and the identity of the two-dimension code information of the access control system in real time, and preventing privacy data from being leaked due to embezzlement.

Description

Information security management system and method based on big data
Technical Field
The invention relates to the technical field of information security management, in particular to an information security management system and method based on big data.
Background
The combination of big data analysis technology and social behavior data is rapidly developed in recent years, which benefits from the continuous development of big data platforms, and the big data analysis is widely applied to various fields along with the outbreak of the internet industry, meanwhile, various sensors are used for detecting and collecting the social behavior data in large quantity, and the data resources for analysis are abundant; for example, in the data monitoring of an access control system for people to enter and exit, the existing access control system adopts a localized data storage mode, the identification mode is face brushing or code scanning, the localized data storage mode cannot meet the requirement of rapid increase of user data, face brushing is performed to extract facial features of a user, and a two-dimensional code is scanned to acquire personal information of the user, so that the method is effective for a long time, has no timeliness, has the possibility of stealing brushing and has great potential safety hazard; the running efficiency and the state of the access control system are often constrained by defects of unstable artificial management level, imperfect access control equipment and the like, and the management of recorded data is very inefficient; therefore, a system and a method for information security management based on big data are needed to solve the above problems.
Disclosure of Invention
The present invention is directed to a system and a method for information security management based on big data, so as to solve the problems mentioned in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: an information security management system based on big data comprises an information acquisition module, a data processing module, a distributed cloud storage module and an anomaly monitoring module; the information acquisition module is used for acquiring data of face features and two-dimensional code information for identity recognition and uploading the data to the distributed cloud storage module; the data processing module is used for managing the identity recognition data collected by the data collection module and analyzing whether the identity recognition data has abnormal records; the distributed cloud storage module is used for storing the identity identification data acquired by the information acquisition module, screening the data and clearing redundant invalid data; the abnormity monitoring module is used for monitoring the process of acquiring the facial features and the identity of the two-dimension code information of the access control system in real time, and preventing privacy data from being leaked due to embezzlement.
Furthermore, the information acquisition module comprises an entrance guard data acquisition unit and a user information generation unit, wherein the entrance guard data acquisition unit is used for acquiring face feature data displayed when people pass through an entrance guard system and two-dimensional code data generated by filling personal information so as to retrieve historical storage data for comparison and confirm the identity of a user; the user information generation unit is used for finishing generation of a user information number and a face characteristic value according to the identity recognition data collected by the access control data collection unit and sending the user information number and the face characteristic value to the distributed cloud storage module, so that the identity recognition data stored in the database can be updated conveniently, and the timeliness of the data is guaranteed.
Furthermore, the data processing module comprises a data screening unit and a data encryption unit, wherein the data screening unit is used for managing the identity identification data stored in the distributed cloud storage module, detecting whether abnormal behaviors exist or not and clearing repeated invalid data, so that the data storage efficiency is improved, dynamic mass data can be rapidly retrieved, and the data utilization efficiency is improved; the data encryption unit is used for encrypting the identification data stored by the distributed cloud storage module to ensure the safety of the data, so that personal information of a user cannot be leaked when the user is attacked by a malicious network in the storage process of the identification data, and other people cannot pass through the access control by maliciously stealing the identification data.
Further, the distributed cloud storage module comprises a historical data storage unit and a real-time data comparison unit, wherein the historical data storage unit is used for storing data screened and encrypted by the data processing module and retrieving for data comparison; the real-time data comparison unit is used for storing the identity recognition data acquired by the access control system in real time, comparing the identity recognition data with the identity recognition data stored in the historical data storage unit and confirming that the identity information corresponds to each other one by one; so as to compare the collected real-time identification data with the historical identification data, confirm the identity of the user and prevent other people from embezzlement to pass through the access control system.
Furthermore, the abnormity monitoring module comprises an acquisition monitoring unit and a processing monitoring unit, wherein the acquisition monitoring unit is used for monitoring the process of acquiring the identity identification data by the information acquisition module in real time and judging whether abnormal behaviors exist in the acquisition of the data; the processing and monitoring unit is used for monitoring the screening and encryption process of the data processing module on the identification data and analyzing whether the abnormal risk of embezzlement exists in the data processing; the method and the device have the advantages that the identity recognition data cannot be stolen and brushed in the dynamic flowing process, meanwhile, abnormal behavior records in the identity recognition data can be rapidly and accurately found and recognized, and the safety of the data acquisition, storage, screening and processing processes is further ensured.
A big data-based information security management method comprises the following steps:
s1: establishing a distributed cloud storage database, wherein the facial features and the two-dimension code information of the human face collected by the storage information collection module are used for identifying data of the identity;
s2: the data screening unit screens the identity identification data in the distributed cloud storage database and removes redundant invalid data;
s3: the data encryption unit encrypts the screened data in the distributed cloud storage database;
s4: and the abnormity detection module monitors the acquisition process and the processing process of the identification data in real time.
Further, in step S1: the access control system acquires a face image, and the information acquisition module extracts corresponding user face characteristic information according to the face image; meanwhile, the entrance guard collects the two-dimension code information provided by the user and analyzes the personal information of the user contained in the two-dimension code; and then comparing the similarity between the face characteristic information of the user and the personal information of the user contained in the two-dimensional code, generating a face characteristic value and a user information number, and uploading the face characteristic value and the user information number to a distributed cloud storage database.
Further, in step S2: screening big data stored in a distributed cloud storage database, and firstly setting a face brushing and code scanning frequency threshold value and a face brushing and code scanning time interval threshold value every day; then reading and counting the number of times of brushing the face and scanning the code and the time sequence of brushing the face and scanning the code of each access control system in the access control record from the database; finally, clearing the card swiping records, which are larger than the threshold of the number of times of swiping the face code and smaller than the threshold of the time interval of swiping the face code, in each record of swiping the face code; carrying out format marking on the remaining identity identification data after clearing, and determining a format as (index, ID, time and flag), wherein the index represents a serial number of a face brushing and code scanning record, the ID represents a user information number, the time represents face brushing and code scanning time, the flag represents an entrance and exit identification, the flag =1 represents entrance, and the flag =0 represents exit; projecting the marked identification data into a space coordinate system, wherein each identification data corresponds to one point in the space, classifying all data points in the space according to the distance, and dividing all the data points into the classes closest to the data points; in the establishment of a clustering model, the determination method of the number of classes is that all data points are divided into n classes according to the distance between the data point and the center of the corresponding class, the distance between each data point and all data centers is calculated by a K-value clustering algorithm, the larger the value is, the higher the abnormal degree of the point is, and the calculation formula is as follows:
Figure BDA0003905538910000031
wherein (a) i ,b i ,c i ,d i ) Represents any data point (a) i ,b i ,c i ,d i ) Representing a data center point; the method comprises the following steps that the frequency of code swiping and scanning of a user is far higher than that of a door card, code swiping and scanning are repeated in a short time and the like due to the problems of illegal management, incomplete equipment functions and the like in original entrance guard records, so that redundant and invalid data in the entrance guard records are represented, and the timeliness of the data is guaranteed through data clearing; the clustering calculation needs to consider setting a reasonable number of classes, the distance between a data point and the center of the corresponding class, when all the data points are divided into n classes, the sum of the distances between all the data points and the class centers is calculated, the value is reduced along with the increase of the number of the classes, when n reaches a certain threshold value, the number of the reclassification does not obviously reduce the total distance, and the threshold value can be set as the final number of the classes.
Further, in step S3: the data encryption unit encrypts the identity recognition data after screening and clearing, the face characteristic value and the user information number form a basic information character string C, and then the basic information character string C is encoded by using a two-dimensional code encoding rule to form a basic information code word sequence D containing error correction code words; simultaneously generating an entrance guard password P and a secret key K for decrypting the basic information code word sequence D, carrying out RS error correction coding on the entrance guard password P to form a password code word sequence D containing error correction coding, and recording the length information c of the password code word sequence D; using the key K as a seed of a random bit generator to produce a random bit string B, the length of which depends on the length of the password codeword sequence d, the random bit string B being divided into three parts B 1 、B 2 And B 3 I.e. B = B 3 ||B 2 ||B 1 In which B is 1 For encrypting the sequence D of code words, the encrypted sequence D of code words being hidden in the sequence D of code words of the basic information, B 2 The hidden position of each encrypted code word in the basic information code word sequence D is given, and the length information c is hidden in the basic information code word sequence D, B 3 Giving the hidden position of the length information c in the basic information codeword sequence D; the entrance guard password P and the secret key K are used for decrypting the encrypted identification data, historical identification data are retrieved through the entrance guard P when a user enters and exits the entrance guard system, and then the retrieved data are decrypted through the secret key K to compare the real-time identification data with the historical identification data so as to confirm the identity of the user.
Further, in step S4: the abnormity monitoring module monitors the acquisition process of the identification data in real time, verifies the integrity of the data during the acquisition of the data, and sends out an early warning signal when the verification result is data loss; and simultaneously monitoring the screening and removing process of data, defining the degree of abnormality by monitoring the data volume of each class in the K value classes, wherein the less data points in the classes indicate that the classes are more abnormal, the distance between each data point and all data centers is monitored, and the larger the value is, the higher the degree of abnormality of the point is.
Compared with the prior art, the invention has the following beneficial effects: according to the invention, the face characteristic and the two-dimensional code information data in the access control system are acquired by the information acquisition module to generate the face characteristic value and the user information number, and the face characteristic value and the user information number are stored in the distributed cloud storage database, so that the safety of data storage can be better protected; then the data processing module screens and clears the data in storage by using a K value clustering algorithm, the problem that a large amount of data are repeatedly and redundantly accumulated along with the increase of time and users can be solved, the timeliness of the data is guaranteed, meanwhile, the cleared data are encrypted, the safety of the data is guaranteed, finally, the abnormity monitoring module carries out real-time monitoring on the data acquisition and processing process, the abnormity information in the data can be obtained more quickly and accurately, the safety degree of any recorded data can be effectively judged for the dynamically and progressively increased mass data, and the abnormity degree of the newly appeared data can be judged in real time.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic structural diagram of an information security management system based on big data according to the present invention;
fig. 2 is a schematic flow diagram of an information security management method based on big data according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides a technical solution: an information security management system based on big data comprises an information acquisition module, a data processing module, a distributed cloud storage module and an anomaly monitoring module; the information acquisition module is used for acquiring data of the facial features and the two-dimension code information for identity recognition and uploading the data to the distributed cloud storage module; the data processing module is used for managing the identity recognition data collected by the data collection module and analyzing whether the identity recognition data has abnormal records; the distributed cloud storage module is used for storing the identity identification data acquired by the information acquisition module, screening the data and clearing redundant invalid data; the abnormity monitoring module is used for monitoring the process that the access control system collects the face characteristics and the two-dimension code information to identify the identity in real time, and privacy data are prevented from being leaked by embezzlement.
The information acquisition module comprises an entrance guard data acquisition unit and a user information generation unit, wherein the entrance guard data acquisition unit is used for acquiring face feature data displayed when people pass through an entrance guard system and two-dimensional code data generated by filling personal information so as to retrieve historical storage data for comparison and confirm the identity of a user; the user information generation unit is used for finishing generation of a user information number and a face characteristic value according to the identity recognition data collected by the access control data collection unit and sending the user information number and the face characteristic value to the distributed cloud storage module, so that the identity recognition data stored in the database can be updated conveniently, and the timeliness of the data is guaranteed.
The data processing module comprises a data screening unit and a data encryption unit, wherein the data screening unit is used for managing the identity identification data stored in the distributed cloud storage module, detecting whether abnormal behaviors exist or not and clearing repeated invalid data, so that the data storage efficiency is improved, dynamic mass data can be rapidly retrieved conveniently, and the data utilization efficiency is improved; the data encryption unit is used for encrypting the identification data stored by the distributed cloud storage module to ensure the safety of the data, so that personal information of a user cannot be leaked when the user is attacked by a malicious network in the storage process of the identification data, and other people cannot pass through the access control by maliciously stealing the identification data.
The distributed cloud storage module comprises a historical data storage unit and a real-time data comparison unit, wherein the historical data storage unit is used for storing data screened and encrypted by the data processing module and retrieving for data comparison; the real-time data comparison unit is used for storing the identity recognition data acquired by the access control system in real time, comparing the identity recognition data with the identity recognition data stored in the historical data storage unit and confirming that the identity information corresponds to each other one by one; so as to compare the collected real-time identification data with the historical identification data, confirm the identity of the user and prevent other people from embezzlement to pass through the access control system.
The abnormity monitoring module comprises an acquisition monitoring unit and a processing monitoring unit, wherein the acquisition monitoring unit is used for monitoring the process of acquiring the identity identification data by the information acquisition module in real time and judging whether abnormal behaviors exist in the acquisition of the data; the processing and monitoring unit is used for monitoring the screening and encryption processes of the data processing module on the identification data and analyzing whether the abnormal risk of embezzlement exists in the data processing; so as to ensure that the identification data can not be embezzled in the dynamic flowing process, and can quickly and accurately discover and identify the abnormal behavior record in the identification data, thereby further ensuring the safety of the data acquisition, storage, screening and processing processes.
A big data-based information security management method comprises the following steps:
s1: establishing a distributed cloud storage database, wherein the facial features and the two-dimension code information of the human face collected by the information collection module are used for identifying data of the identity;
s2: the data screening unit screens the identity identification data in the distributed cloud storage database and removes redundant invalid data;
s3: the data encryption unit encrypts the screened data in the distributed cloud storage database;
s4: and the abnormity detection module monitors the acquisition process and the processing process of the identification data in real time.
In step S1: the access control system acquires a face image, and the information acquisition module extracts corresponding user face characteristic information according to the face image; meanwhile, the entrance guard collects two-dimension code information provided by a user and analyzes personal information of the user contained in the two-dimension code; and then comparing the similarity between the face characteristic information of the user and the personal information of the user contained in the two-dimensional code, generating a face characteristic value and a user information number, and uploading the face characteristic value and the user information number to a distributed cloud storage database.
In step S2: screening big data stored in a distributed cloud storage database, and firstly setting a face brushing and code scanning frequency threshold value and a face brushing and code scanning time interval threshold value every day; then reading and counting the number of times of brushing the face and scanning the code and the time sequence of brushing the face and scanning the code of each access control system in the access control record from the database; finally, clearing the card swiping records, which are larger than the threshold of the number of times of swiping the face code and smaller than the threshold of the time interval of swiping the face code, in each record of swiping the face code; carrying out format marking on the residual identity identification data after clearing, and determining the format as (index, ID, time and flag), wherein the index represents the serial number of the face brushing and code scanning record, the ID represents the user information number, the time represents the face brushing and code scanning time, the flag represents the entrance and exit identification, flag =1 represents entrance, and flag =0 represents exit; projecting the marked identification data into a space coordinate system, wherein each identification data corresponds to one point in the space, classifying all data points in the space according to the distance, and dividing all the data points into the classes closest to the data points; in the establishment of the clustering model, the determination method of the number of the classes is that all data points are divided into n classes according to the distance between the data point and the center of the corresponding class, the distance between each data point and all data centers is calculated through a K-value clustering algorithm, the larger the value is, the higher the abnormal degree of the point is, and the calculation formula is as follows:
Figure BDA0003905538910000061
wherein (a) i ,b i ,c i ,d i ) Represents any data point (a) i ,b i ,c i ,d i ) Representing a data center point; the problems of illegal management and imperfect equipment function in the original entrance guard record that the number of times of code scanning by a user is far higher than that of a door card and the code scanning by repeated face scanning in a short time are caused, and the redundant invalid data in the entrance guard record are represented through the condition that the number of times of code scanning by the user is far higher than that of the door card and the code scanning by repeated face scanning in a short timeData elimination ensures the timeliness of the data; the clustering calculation needs to consider setting a reasonable number of classes, the distance between a data point and the center of the corresponding class, when all the data points are divided into n classes, the sum of the distances between all the data points and the class centers is calculated, the value is reduced along with the increase of the number of the classes, when n reaches a certain threshold value, the number of the reclassification does not obviously reduce the total distance, and the threshold value can be set as the final number of the classes.
In step S3: the data encryption unit encrypts the identity recognition data after screening and clearing, the face characteristic value and the user information number form a basic information character string C, and then the basic information character string C is encoded by using a two-dimensional code encoding rule to form a basic information code word sequence D containing error correction code words; simultaneously generating an entrance guard password P and a secret key K for decrypting the basic information code word sequence D, carrying out RS error correction coding on the entrance guard password P to form a password code word sequence D containing error correction coding, and recording the length information c of the password code word sequence D; using the secret key K as a seed of a random bit generator to generate a random bit string B, the length of which depends on the length of a password code word sequence d, the random bit string B being divided into three parts B 1 、B 2 And B 3 I.e. B = B 3 ||B 2 ||B 1 In which B is 1 For encrypting the password code word sequence D, the encrypted password code word sequence D being hidden in the basic information code word sequence D, B 2 The hidden position of each encrypted code word in the basic information code word sequence D is given, and the length information c is hidden in the basic information code word sequence D, B 3 Giving the hidden position of the length information c in the basic information codeword sequence D; the entrance guard password P and the secret key K are used for decrypting the encrypted identification data, historical identification data are retrieved through the entrance guard port P when a user enters and exits the entrance guard system, and then the retrieved data are decrypted through the secret key K to compare the real-time identification data with the historical identification data to confirm the identity of the user.
In step S4: the abnormity monitoring module monitors the acquisition process of the identification data in real time, verifies the integrity of the data during the acquisition of the data, and sends out an early warning signal when the verification result is data loss; and simultaneously monitoring the screening and removing process of data, defining the degree of abnormality by monitoring the data volume of each class in the K value classes, wherein the less data points in the classes indicate that the classes are more abnormal, the distance between each data point and all data centers is monitored, and the larger the value is, the higher the degree of abnormality of the point is.
The first embodiment is as follows: the storage information acquisition module acquires data used for identity recognition of facial features and two-dimensional code information, the anomaly monitoring module simultaneously monitors the data acquisition process, and the acquired identity recognition data are stored in the distributed cloud storage module; the data exit module acquires stored data, and firstly sets a face brushing and code scanning frequency threshold value and a face brushing and code scanning time interval threshold value every day; then reading and counting the face brushing and code scanning times and the face brushing and code scanning time sequence of each access control system in the access control records from a database; and finally, clearing the card swiping records which are larger than the threshold of the number of times of swiping the face and scanning and smaller than the threshold of the time interval of swiping the face and scanning in each record of swiping the face and scanning the code, then determining the remaining identification data as (index, ID, time and flag), then classifying all data points in the space according to the distance, and the determining method of the number of classes is to divide all the data points into n classes according to the distance between the data points and the center of the corresponding class, and calculate the distance between each data point and all the data centers, wherein the distance calculation formula is as follows:
Figure BDA0003905538910000071
Figure BDA0003905538910000072
a larger value indicates a higher degree of abnormality at that point.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. The information safety management system based on the big data is characterized by comprising an information acquisition module, a data processing module, a distributed cloud storage module and an abnormality monitoring module; the information acquisition module is used for acquiring data of face features and two-dimensional code information for identity recognition and uploading the data to the distributed cloud storage module; the data processing module is used for managing the identity recognition data collected by the data collection module and analyzing whether the identity recognition data has abnormal records; the distributed cloud storage module is used for storing the identity identification data acquired by the information acquisition module, screening the data and eliminating redundant invalid data; the abnormity monitoring module is used for monitoring the process that the access control system collects the face characteristics and the two-dimension code information to identify the identity in real time, and privacy data are prevented from being leaked by embezzlement.
2. The big data-based information security management system according to claim 1, wherein: the information acquisition module comprises an entrance guard data acquisition unit and a user information generation unit, wherein the entrance guard data acquisition unit is used for acquiring human face feature data displayed when people pass through an entrance guard system and filling in two-dimensional code data generated by personal information; the user information generation unit is used for finishing generation of user information numbers and face characteristic values according to the identity identification data collected by the access control data collection unit and sending the user information numbers and the face characteristic values to the distributed cloud storage module.
3. The big data-based information security management system according to claim 1, wherein: the data processing module comprises a data screening unit and a data encryption unit, wherein the data screening unit is used for managing the identity identification data stored in the distributed cloud storage module, detecting whether abnormal behaviors exist or not and clearing repeated invalid data, so that the data storage efficiency is improved; the data encryption unit is used for encrypting the identification data stored in the distributed cloud storage module to ensure the safety of the data.
4. The big data-based information security management system according to claim 1, wherein: the distributed cloud storage module comprises a historical data storage unit and a real-time data comparison unit, wherein the historical data storage unit is used for storing data screened and encrypted by the data processing module and retrieving for data comparison; the real-time data comparison unit is used for storing the identity recognition data acquired by the access control system in real time and comparing the identity recognition data with the identity recognition data stored in the historical data storage unit to confirm the one-to-one correspondence of the identity information.
5. The big data-based information security management system according to claim 1, wherein: the abnormity monitoring module comprises an acquisition monitoring unit and a processing monitoring unit, wherein the acquisition monitoring unit is used for monitoring the process of acquiring the identity identification data by the information acquisition module in real time and judging whether abnormal behaviors exist in the data acquisition; the processing and monitoring unit is used for monitoring the screening and encryption process of the data processing module on the identification data and analyzing whether the abnormal risk of embezzlement exists in the data processing.
6. An information security management method based on big data is characterized by comprising the following steps:
s1: establishing a distributed cloud storage database, wherein the facial features and the two-dimension code information of the human face collected by the information collection module are used for identifying data of the identity;
s2: the data screening unit screens the identity identification data in the distributed cloud storage database and removes redundant and invalid data;
s3: the data encryption unit encrypts the screened data in the distributed cloud storage database;
s4: and the abnormity detection module monitors the acquisition process and the processing process of the identification data in real time.
7. The big data based information security management method according to claim 6, wherein: in step S1: the access control system acquires a face image, and the information acquisition module extracts corresponding face feature information of a user according to the face image; meanwhile, the entrance guard collects two-dimension code information provided by a user and analyzes personal information of the user contained in the two-dimension code; and then comparing the similarity between the face characteristic information of the user and the personal information of the user contained in the two-dimensional code, generating a face characteristic value and a user information number, and uploading the face characteristic value and the user information number to a distributed cloud storage database.
8. The big data based information security management method according to claim 6, wherein: in step S2: screening big data stored in a distributed cloud storage database, and firstly setting a face brushing and code scanning frequency threshold value and a face brushing and code scanning time interval threshold value every day; then reading and counting the number of times of brushing the face and scanning the code and the time sequence of brushing the face and scanning the code of each access control system in the access control record from the database; finally, clearing the card swiping records, which are larger than the threshold of the number of times of swiping the face code and smaller than the threshold of the time interval of swiping the face code, in each record of swiping the face code; carrying out format marking on the remaining identity identification data after clearing, and determining a format as (index, ID, time and flag), wherein the index represents a serial number of a face brushing and code scanning record, the ID represents a user information number, the time represents face brushing and code scanning time, the flag represents an entrance and exit identification, the flag =1 represents entrance, and the flag =0 represents exit; projecting the marked identification data into a space coordinate system, wherein each identification data corresponds to one point in the space, classifying all data points in the space according to the distance, and dividing all the data points into the classes closest to the data points; in the establishment of the clustering model, the determination method of the number of the classes is that all data points are divided into n classes according to the distance between the data point and the center of the corresponding class, the distance between each data point and all data centers is calculated through a K-value clustering algorithm, the larger the value is, the higher the abnormal degree of the point is, and the calculation formula is as follows:
Figure FDA0003905538900000021
wherein (a) i ,b i ,c i ,d i ) Represents any data point (a) i ,b i ,c i ,d i ) Representing the center point of the data.
9. The big data based information security management method according to claim 6, wherein: in step S3: the data encryption unit encrypts the identity recognition data after screening and clearing, the face characteristic value and the user information are numbered to form a basic information character string C, and then the basic information character string C is encoded by using a two-dimensional code encoding rule to form a basic information code word sequence D containing error correction code words; simultaneously generating an entrance guard password P and a secret key K for decrypting the basic information code word sequence D, carrying out RS error correction coding on the entrance guard password P to form a password code word sequence D containing error correction coding, and recording the length information c of the password code word sequence D; using the key K as a seed of a random bit generator to produce a random bit string B, the length of which depends on the length of the password codeword sequence d, the random bit string B being divided into three parts B 1 、B 2 And B 3 I.e. B = B 3 ||B 2 ||B 1 In which B is 1 For encrypting the sequence D of code words, the encrypted sequence D of code words being hidden in the sequence D of code words of the basic information, B 2 Gives each encrypted code word in basic informationThe hidden position in the codeword sequence D, and the length information c are also hidden in the basic information codeword sequence D, B 3 Giving the hidden position of the length information c in the basic information codeword sequence D.
10. The big data based information security management method according to claim 6, wherein: in step S4: the abnormity monitoring module monitors the acquisition process of the identification data in real time, verifies the integrity of the data during the acquisition, and sends out an early warning signal when the verification result is that the data is missing; and simultaneously monitoring the screening and removing process of data, defining the degree of abnormality by monitoring the data volume of each class in the K value classes, wherein the less data points in the classes indicate that the classes are more abnormal, the distance between each data point and all data centers is monitored, and the larger the value is, the higher the degree of abnormality of the point is.
CN202211307245.XA 2022-10-24 2022-10-24 Information security management system and method based on big data Pending CN115879075A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211307245.XA CN115879075A (en) 2022-10-24 2022-10-24 Information security management system and method based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211307245.XA CN115879075A (en) 2022-10-24 2022-10-24 Information security management system and method based on big data

Publications (1)

Publication Number Publication Date
CN115879075A true CN115879075A (en) 2023-03-31

Family

ID=85758879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211307245.XA Pending CN115879075A (en) 2022-10-24 2022-10-24 Information security management system and method based on big data

Country Status (1)

Country Link
CN (1) CN115879075A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN206042048U (en) * 2016-06-27 2017-03-22 广东恒电信息科技股份有限公司 Cloud system that stores
CN109087417A (en) * 2018-07-23 2018-12-25 湖北工业大学 A kind of safe two dimensional code entrance guard authentication system and method
CN109255863A (en) * 2018-07-31 2019-01-22 石数字技术成都有限公司 The intelligent door lock and its operation method verified based on user's face and two dimensional code
CN109492604A (en) * 2018-11-23 2019-03-19 北京嘉华科盈信息系统有限公司 Faceform's characteristic statistics analysis system
CN115171260A (en) * 2022-07-21 2022-10-11 陈宇 Intelligent access control system based on face recognition

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN206042048U (en) * 2016-06-27 2017-03-22 广东恒电信息科技股份有限公司 Cloud system that stores
CN109087417A (en) * 2018-07-23 2018-12-25 湖北工业大学 A kind of safe two dimensional code entrance guard authentication system and method
CN109255863A (en) * 2018-07-31 2019-01-22 石数字技术成都有限公司 The intelligent door lock and its operation method verified based on user's face and two dimensional code
CN109492604A (en) * 2018-11-23 2019-03-19 北京嘉华科盈信息系统有限公司 Faceform's characteristic statistics analysis system
CN115171260A (en) * 2022-07-21 2022-10-11 陈宇 Intelligent access control system based on face recognition

Similar Documents

Publication Publication Date Title
CN113676464B (en) Network security log alarm processing method based on big data analysis technology
CN107992739A (en) User authentication method, apparatus and system
US7555482B2 (en) Automatic detection of abnormal data access activities
Huang et al. Laplacian change point detection for dynamic graphs
Yu A survey of anomaly intrusion detection techniques
CN114915479B (en) Web attack stage analysis method and system based on Web log
Sheng et al. A biometric key generation method based on semisupervised data clustering
CN111859451B (en) Multi-source multi-mode data processing system and method for applying same
CN111698241B (en) Internet of things cloud platform system, verification method and data management method
CN111915468B (en) Network anti-fraud active inspection and early warning system
CN106951776A (en) A kind of Host Anomaly Detection method and system
CN107403091A (en) A kind of combination is traced to the source path and the system for real-time intrusion detection of figure of tracing to the source
Nguyen et al. A fingerprint fuzzy vault scheme using a fast chaff point generation algorithm
CN106657065A (en) Network abnormality detection method based on data mining
CN110674498B (en) Internal threat detection method and system based on multi-dimensional file activity
CN115632821A (en) Transformer substation threat safety detection and protection method and device based on multiple technologies
CN111639355A (en) Data security management method and system
Sulayman et al. User modeling via anomaly detection techniques for user authentication
CN116776386B (en) Cloud service data information security management method and system
CN115879075A (en) Information security management system and method based on big data
CN116707927A (en) Situation awareness method, system, computer equipment and storage medium
CN112733188B (en) Sensitive file management method
CN111314327A (en) Network intrusion detection method and system based on KNN outlier detection algorithm
KR102661221B1 (en) A method to detect abnormal symptoms occurring during login using text generated during login
CN117473475B (en) Big data security protection method, system and medium based on trusted computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination