CN116389170B - Network information security management method - Google Patents
Network information security management method Download PDFInfo
- Publication number
- CN116389170B CN116389170B CN202310650692.3A CN202310650692A CN116389170B CN 116389170 B CN116389170 B CN 116389170B CN 202310650692 A CN202310650692 A CN 202310650692A CN 116389170 B CN116389170 B CN 116389170B
- Authority
- CN
- China
- Prior art keywords
- information data
- sequence
- index
- frequency
- scrambling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 claims abstract description 51
- 239000011159 matrix material Substances 0.000 claims abstract description 31
- 238000011156 evaluation Methods 0.000 claims abstract description 28
- 238000012545 processing Methods 0.000 abstract description 5
- 230000000694 effects Effects 0.000 description 27
- 238000004458 analytical method Methods 0.000 description 6
- 238000006243 chemical reaction Methods 0.000 description 6
- 239000004973 liquid crystal related substance Substances 0.000 description 6
- 238000010606 normalization Methods 0.000 description 6
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of data processing, in particular to a network information security management method. The method obtains the hit damage index and the high-frequency range index by comprehensively analyzing the attack degree and the occurrence frequency degree of the information data sequence, and further classifies the signal data to obtain the importance level. Determining row and column parameters according to the length of a signal data sequence to obtain an associated matrix, scrambling the associated matrix through a plurality of encryption scanning paths to obtain a plurality of scrambling sequences, combining the importance level of information data, obtaining an evaluation index according to the similarity degree of the information data sequence and each scrambling sequence, and determining an optimal scrambling sequence; and finally, the optimal scrambling sequence is used as an encryption ciphertext, the row-column parameters and the encryption scanning path corresponding to the optimal scrambling sequence are used as keys for storage.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a network information security management method.
Background
With the development of the Internet age, people have increasingly greater demands on the network, but the Internet brings convenience, and meanwhile, the data security in a network platform cannot be ensured due to the rapid increase of the number of users and participants, and illegal molecules often steal and tamper network information, so that the encryption security problem of network information data is always a key concern of network information management.
In order to ensure the safety of network information, the encryption methods of traditional information data are all selected to carry out scrambling encryption by adopting a proper encryption path method, but as the scrambling methods of the method on all information data are the same, the problems of poor partial scrambling effect and poor confidentiality effect exist for partial information data, and in the related technology of the existing self-adaptive analysis information data, the information importance degree is not comprehensively analyzed on different information data, so that the effect of the self-adaptive scrambling result is poor, the data security is not ensured, and the reliability of security management is not strong.
Disclosure of Invention
In order to solve the technical problem that the effect of the self-adaptive scrambling result is poor because the importance degree of information is not comprehensively analyzed on different information data in the prior art, the invention aims to provide a network information security management method, and the adopted technical scheme is as follows:
the invention provides a network information security management method, which comprises the following steps:
acquiring an information data sequence composed of the preprocessed information data, and acquiring the frequency of each information data in the information data sequence appearing on a network platform;
obtaining a hit damage index of each information data according to the hit severity of each information data in the information data sequence; determining the high-frequency range of the information data according to the frequency of each information data; obtaining a high-frequency elevation index of each information data according to the importance degrees of the information data with different high-frequency degrees; obtaining an importance level of each information data according to the hit damage index and the high-frequency range index of each information data;
converting the information data sequence into an incidence matrix according to the row-column parameters determined by the length of the information data sequence; scrambling the incidence matrix through each encryption scanning path to be selected in a preset encryption scanning path set to obtain a scrambling sequence; combining the importance level of each information data, and obtaining an evaluation index of each scrambling sequence according to the similarity degree of the information data sequence and the scrambling sequence; determining an optimal scrambling sequence according to the evaluation index of the scrambling sequence;
and storing the optimal scrambling sequence as an encrypted ciphertext, and storing a row-column parameter and a to-be-selected encrypted scanning path corresponding to the optimal scrambling sequence as a secret key.
Further, the method for acquiring the hit damage index comprises the following steps:
acquiring historical network information data, and counting the interception times, the tampered times and the lost times of each information data in the historical network information data; calculating the weighted average value of the intercepted times, the tampered times and the lost times of each information data to obtain the attacked degree of each information data; the normalized degree of attack is taken as an index of damage to each piece of information data.
Further, the high frequency range determining method of the information data includes:
calculating the average value of the frequency of all the different information data as the fluctuation average value of the information data;
when the frequency of the information data is greater than or equal to the fluctuation average value, the high-frequency range of the information data is recorded as high frequency; when the frequency of the information data is smaller than the fluctuation average value, the high frequency range of the information data is recorded as a low frequency.
Further, the method for obtaining the high-frequency elevation index comprises the following steps:
when the high frequency degree of the information data is low frequency, taking a preset high frequency value as a high frequency range index of the corresponding information data;
when the high frequency range of the information data is high frequency, counting the quantity of the information data of all high frequencies as the high frequency information quantity; the ratio of the frequency corresponding to the information data of each high frequency to the number of the high frequency information is taken as the important duty ratio of the information data of each high frequency, and the normalized important duty ratio is taken as the high frequency range index of the corresponding information data.
Further, the method for acquiring the importance level includes:
calculating a weighted average value of the hit damage index and the high-frequency range index of each information data to obtain a grading index of the information data;
when the grading index is greater than or equal to a preset grading threshold, the importance level of the corresponding information data is marked as one level; and when the grading index is smaller than a preset grading threshold, the importance level of the corresponding information data is marked as a second grade.
Further, the method for acquiring the evaluation index includes:
in the information data sequence and the scrambling sequence, exclusive-or operation is adopted for the scrambled information data of the same position in each information data and the scrambling sequence, an exclusive-or value of each position in each information data is obtained, and the sum of all exclusive-or values is calculated to be used as a difference index of each information data; when the difference index is larger than or equal to a preset difference threshold value, corresponding information data are used as difference information data;
counting the number of information data of different importance levels in the difference information data to obtain the number of importance levels of each importance level; and carrying out weighted summation on all the important numbers to obtain the difference degree, and taking the ratio of the difference degree to the total length of the scrambling sequence as an evaluation index of the corresponding scrambling sequence.
Further, the method for obtaining the optimal scrambling sequence comprises the following steps:
and obtaining the maximum value of the evaluation indexes corresponding to all the scrambling sequences, and taking the scrambling sequence of the evaluation index corresponding to the maximum value as the optimal scrambling sequence.
Further, the method for acquiring the rank parameter comprises the following steps:
when the length of the information data sequence is not prime number, counting a factor group corresponding to the length of the information data sequence, and taking a factor group with the minimum difference between two factors in the factor group as a row-column parameter;
when the length of the information data sequence is prime number, the length of the information data sequence is increased by one, then a corresponding factor group is obtained, and the factor group with the smallest difference between two factors in the factor group is used as a row-column parameter.
Further, the acquiring the information data sequence composed of the preprocessed information data includes:
the method comprises the steps of obtaining original information data of network information, converting all the original information data into binary codes, using fixed-length codes converted by each binary code as information data, and forming all the information data into an information data sequence according to the sequence of the original information data.
The invention has the following beneficial effects:
according to the method, the attack damage index and the high-frequency range index are obtained through comprehensively analyzing the attack degree and the occurrence frequency degree of the information data sequence, the importance level can be obtained by grading the signal data through the attack damage index and the high-frequency range index, the importance level is analyzed through integrating the two indexes according to the concerned state of the information data, the importance level of the signal data is finally accurately divided, and the reliability of the encryption scrambling effect which is evaluated according to the importance level is higher. The method comprises the steps of considering different scrambling effects of different scrambling scanning paths on signal data, determining row and column parameters according to the length of the signal data sequence to obtain an associated matrix, scrambling the associated matrix through a plurality of scrambling scanning paths to obtain different scrambling sequences, evaluating and comprehensively screening the scrambling sequences to obtain an optimal scrambling scanning path, combining the importance level of the information data, obtaining an evaluation index according to the similarity degree of the information data sequence and each scrambling sequence, determining the optimal scrambling sequence, considering the importance degree of the information data, emphasizing the effect evaluation duty ratio of the important information data, and enabling the finally obtained optimal scrambling sequence to have the best scrambling effect on the current information data sequence. And finally, the optimal scrambling sequence is used as an encryption ciphertext, the row-column parameters and the encryption scanning path corresponding to the optimal scrambling sequence are used as keys for storage, so that the network information is safely stored and managed.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a network information security management method according to an embodiment of the present invention.
Detailed Description
In order to further describe the technical means and effects adopted by the present invention to achieve the preset purpose, the following detailed description refers to specific embodiments, structures, features and effects of a network information security management method according to the present invention with reference to the accompanying drawings and preferred embodiments. In the following description, different "one embodiment" or "another embodiment" means that the embodiments are not necessarily the same. Furthermore, the particular features, structures, or characteristics of one or more embodiments may be combined in any suitable manner.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
The following specifically describes a specific scheme of a network information security management method provided by the invention with reference to the accompanying drawings.
Referring to fig. 1, a flowchart of a network information security management method according to an embodiment of the invention is shown, and the method includes the following steps:
s1: and acquiring an information data sequence consisting of the preprocessed information data, and acquiring the frequency of each information data in the information data sequence on the network platform.
The invention mainly aims at ensuring safer information data storage of the network platform, and can adaptively select the optimal encryption scanning path aiming at different network information, so that the stored data ciphertext has stronger security. The information data in the invention is private data which needs to be stored and protected for the network platform, and the like, and can have various expression forms, such as user information data, user login data, collection data and the like in the network platform, and the data which needs to be safely stored for the network platform, but because the data forms are different, such as characters, numbers, english and the like, corresponding data coding forms in a computer are also different, the data needs to be preprocessed before the data is analyzed.
In the embodiment of the invention, the binary conversion of the English characters and the numbers can be performed by adopting an ASCII code table to perform code comparison conversion on the English characters, the numbers and the characters, and the Chinese characters can be represented by adopting built-in codes or national standard codes, and the code comparison conversion of the ASCII code table and the code conversion of the built-in codes or the national standard codes are all technical means well known to the person skilled in the art, and are not repeated herein.
Because the data types are different, the finally obtained binary code length after code conversion is also different, in order to facilitate the storage and analysis of the data, all the different binary code data need to be converted into fixed-length codes through the 0-complementing operation, and because the maximum bit number of the binary code length converted according to the ASCII code table is 8 bits, the fixed-length codes are binary codes with the length of 8, specifically, for example, the number of the digital characters is 12, the binary codes are converted into 1100, and the corresponding fixed-length codes are obtained as 00001100 after 0 is complemented by the first bit.
The fixed-length codes obtained after preprocessing are used as information data, an information data sequence is constructed according to the sequence of original data, in the information data sequence, different information data are focused differently, namely, the importance degree of the different information data is different, the attack degree in a network platform is different, and more important information data need to be considered when the information security is considered. Therefore, when information data is acquired, the occurrence frequency of each information data in the information data sequence in the network platform is counted at the same time, so that the subsequent analysis of important grading is carried out according to the frequency of the information data.
S2: obtaining a hit damage index of each information data according to the hit severity of each information data in the information data sequence; determining the high-frequency range of the information data according to the fluctuation condition of each information data frequency; obtaining a high-frequency elevation index of each information data according to the importance degrees of the information data with different high-frequency degrees; the importance level of each information data is obtained based on the hit damage index and the high frequency scale index of each information data.
In order to make the selection of the encryption path more convincing, the reliability is stronger, the importance degree of the information data needs to be graded, and the weight of the more important information data is larger when the encryption effect is considered. According to the method, the degree of attack and the occurrence frequency of the information data are analyzed, and the importance degree of the information data is comprehensively and comprehensively judged and classified.
In the network platform, for example, the login password of personal user information or the use authority of a user in a website belongs to important data which is easy to attack or tamper, a part of lawless persons can acquire the user password by using a technical means to steal the user information or tamper the use authority of the user, and the like, so that the information security of the network platform is greatly endangered, therefore, preferably, the historical information data of the network platform and the similar network platform are acquired, the interception times, the tampered times and the lost times of different information data in the historical information data are respectively counted, and the possibility of the attack of each information data is comprehensively evaluated through the severity of three attack types.
And calculating a weighted average value of the intercepted times, the tampered times and the lost times of each piece of information data, taking the weighted average value as the attacked degree of each piece of information data, comprehensively considering the severity of different attack types through weight distribution, and taking the normalized attacked degree as the hit damage index of each piece of information data. According to the importance degree of the hit damage index reflecting information data, in the embodiment of the invention, the importance of subsequent calculation is realized, and the concrete expression of the hit damage index is as follows:
in the method, in the process of the invention,expressed as a hit damage indicator->Expressed as number of interception>Expressed as number of tampered times, ">Expressed as the number of losses>The total number of attack types, denoted as attack types in the present embodiment is 3; />,/>,/>Denoted as assigning weights, in an embodiment of the invention>=0.3,/>=0.2,/>=0.5;/>Represented as a direct proportional normalization function.
Wherein, the liquid crystal display device comprises a liquid crystal display device,the degree of attack expressed as the degree of attack of each information data, the greater the degree of attack, the greater the degree of attention of the corresponding information data, the more important, the greater the hit damage index. It should be noted that, the normalization processing is performed by a proportional normalization function, which is a technical means well known to those skilled in the art, and in other embodiments of the present invention, a standard normalization or linear normalization method may be also used, which is not limited herein. So far, a hit damage index for each information data can be obtained.
Secondly, the importance level of the information data is further judged through occurrence frequencies of different information data, the high-frequency degree of the information data is determined according to the occurrence frequencies of the information data, the information data can be divided according to the frequency through the high-frequency degree, and different high-frequency degree indexes are given to the information data with different high-frequency degrees, so that the high-frequency degree of each information data is firstly determined, and the method specifically comprises the following steps:
preferably, the average frequency value of all the different information data is calculated as a fluctuation average value of the information data, the overall trend condition of all the information data is reflected by the fluctuation average value, and the fluctuation average value is used as a division value of the high frequency degree, and in the embodiment of the invention, the specific expression of the fluctuation average value is as follows:
in the method, in the process of the invention,expressed as mean fluctuation>Represented as total number of non-identical information data, < >>Denoted as +.>Frequency of the individual information data.
When the frequency of the information data is larger than or equal to the fluctuation average value, the frequency of the information data is higher, and the high frequency range of the corresponding information data is recorded as high frequency; when the frequency of the information data is smaller than the fluctuation average value, the frequency of the information data is lower, and the high frequency range of the corresponding information data is recorded as low frequency, so that preliminary frequency division is realized.
Further, different high-frequency range indexes of the information data are given according to different high-frequency degrees of the information data, when the high-frequency degree of the information data is low frequency, the information data is low in frequency, and the reference value of the information data under frequency analysis is not high, so that for all the information data with low high-frequency range, a preset high-frequency value is used as the high-frequency range index of the corresponding information data, and in the embodiment of the invention, the preset high-frequency value is 0, and a specific numerical value implementation can be adjusted by oneself.
When the high frequency of the information data is high frequency, the information data is indicated to have higher frequency, and the information data has higher occurrence probability, which indicates that the influence degree of the information data is possibly larger, so that importance analysis is carried out on the information data of high frequency, the quantity of the information data of all high frequencies is counted to be used as the quantity of the information data of high frequency, the ratio of the corresponding frequency of the information data of each high frequency to the quantity of the information data of high frequency is used as the important duty ratio of the information data of each high frequency, the duty ratio of the information data in the high frequency part is reflected by the important duty ratio, the larger the important duty ratio is, the larger the influence degree of the corresponding information data is indicated, and the normalized important duty ratio is used as the high frequency range index of the corresponding information data. The importance of the high-frequency information data is reflected by the high-frequency degree index, when the high-frequency degree index of the information data is larger, the specific gravity of the occurrence frequency of the information data is higher, the corresponding information data is more concerned, and the more important, in the embodiment of the invention, the specific expression of the high-frequency degree index is as follows:
in the method, in the process of the invention,denoted as +.>High frequency range index of personal information data, < >>Denoted as +.>The frequency of the individual information data is,expressed as the amount of high frequency information; />Represented as a direct proportional normalization function.
Wherein, the liquid crystal display device comprises a liquid crystal display device,denoted as +.>The higher the important duty ratio of the information data, the more concerned the higher the occurrence frequency of the corresponding information data, and therefore the higher the encryption degree is needed, the higher the importance, the higher the important duty ratio and the higher the importanceThe frequency degree index shows positive correlation. So far, the high frequency elevation index of each information data can be obtained.
The importance of each information data can be more comprehensively evaluated by comprehensively analyzing the degree of attack and the degree of occurrence frequency of each information data, so that the importance level of each information data is obtained, and the method specifically comprises the following steps: the weighted average of the hit damage index and the high-frequency range index of each information data is calculated to obtain a classification index of the information data, the importance degree of the data is reflected by the classification index, and the larger the classification index of the information data is, the more important the information data is, so that the information data can be classified by the classification index. In the embodiment of the invention, the specific expression of the grading index is as follows:
in the method, in the process of the invention,denoted as +.>A rating index of the personal information data,/>Denoted as +.>Hit damage indicator for personal information data, +.>Denoted as +.>A high frequency range index of the individual information data; />,/>Represented as assigned weights, at this pointIn the embodiment of the invention set to->=0.6,/>=0.4, and the specific numerical implementer may vary according to the specific implementation.
In one embodiment of the present invention, the information data may be preferably classified into two types according to the classification index, the preset classification threshold is 0.6, and when the classification index is greater than or equal to the preset classification threshold, it is indicated that the importance degree of the information data is greater, so that the importance level of the corresponding information data is marked as one level; when the grading index is smaller than the preset grading threshold, the importance degree of the information data is smaller, and the importance level of the corresponding information data is marked as a second grade. In other embodiments of the present invention, the information data may be classified into three categories according to the need, that is, the first classification threshold and the second classification threshold are preset to classify the information data, which is not described herein.
Thus, the judgment of the importance level of the information data is completed, and the smaller the importance level of the information data is, the more important the information data is, and the greater the proportion of the scrambling effect of the information data is considered.
S3: converting the information data sequence into an incidence matrix according to the row-column parameters determined by the length of the information data sequence; scrambling the incidence matrix through each encryption scanning path to be selected in a preset encryption scanning path set to obtain a scrambling sequence; combining the importance level of each information data, and obtaining an evaluation index of each scrambling sequence according to the similarity degree of the information data sequence and the scrambling sequence; and determining the optimal scrambling sequence according to the evaluation index of the scrambling sequence.
When scrambling and encrypting the information data sequence, the information data sequence is converted into a proper two-dimensional matrix and then the scanning of the encryption scanning path is completed, in the process of converting the two-dimensional matrix, the more optimal the encryption effect of the matrix which is the square matrix is considered when the matrix is scrambled by the existing encryption scanning path, so that the invention searches the nearest length and width to perform matrix conversion when scrambling and encrypting different information data sequences, so that the obtained two-dimensional matrix has better scanning and encryption effects, the subsequent analysis of the scrambling effect is more accurate, and the length of the information data sequence is firstly judged to be converted into row and column parameters after the association matrix, and the specific row and column parameters are determined as follows:
when the length of the information data sequence is not prime, the length of the information data sequence can be divided into factors to form a complete matrix, so that factor groups corresponding to the length are counted, the difference value of two factors in each factor group is calculated, the factor group with the smallest difference value is used as a row-column parameter, for example, when the length of the information data sequence is 12, two groups (2, 6) and (3, 4) corresponding to the factor group can be obtained, and at the moment, the factor difference value in the factor group is 4 and 1 respectively, and the factor group with the smallest difference value is the factor group (3, 4), so that (3, 4) is used as the row-column parameter of the information data sequence.
If the length is prime, the length is added by one, then factor judgment is carried out, at this time, factor groups are obtained again, and the factor group with the smallest difference between the two factors is taken as a row and column parameter, for example, when the length of the information data sequence is 17, 17 is prime, at this time, one is added to 17 to obtain 18, factor group statistics is carried out on 18 to obtain two groups (2, 9) and (3, 6), at this time, the factor group with the smallest difference between the factors in the factor groups is 7 and 3 respectively, and the factor group with the smallest difference between the factors is taken as the row and column parameter of the information data sequence.
After the row-column parameters are determined, dividing and converting the information data sequence into a two-dimensional matrix according to the row-column parameters, and then carrying out zero padding on the empty space of the two-dimensional matrix if empty elements exist in the two-dimensional matrix to obtain an associated matrix associated with the information data sequence, wherein the method for converting the sequence into the two-dimensional matrix according to the row-column parameters is a technical means well known to a person skilled in the art, for example, dividing the information data sequence into 4 rows according to the row-column parameters of (3, 4), namely dividing the information data sequence into 4 rows by taking 3 information data as one row to obtain a 3×4 associated matrix, and other dividing means are not limited herein.
In order to facilitate adaptive selection of the encryption scanning paths, the method and the device form a preset encryption scanning path set by a plurality of known encryption scanning paths to be selected in advance. It should be noted that, in other embodiments of the present invention, more scanning methods may be used to obtain the preset set of encrypted scanning paths to be selected, and the above methods of encrypting the scanning paths are known well known to those skilled in the art, and are not described herein.
Optionally presetting a to-be-selected encryption scanning path in the to-be-selected encryption scanning path set as a reference path, scrambling the incidence matrix by adopting the reference path to obtain a reference scrambling sequence, evaluating the similarity degree of the reference scrambling sequence and the information data sequence, wherein the evaluated result can reflect the scrambling effect of the reference scrambling sequence, and when the information data sequence is more dissimilar to the scrambling sequence, the scrambling effect is more excellent. It should be noted that, the scrambling method by encrypting the scan path is a well-known technique known to those skilled in the art, and will not be described herein.
Meanwhile, considering the influence of information data with different importance levels in the information data, combining the importance levels of each information data, and obtaining the evaluation index of the reference scrambling sequence according to the similarity degree of the information data sequence and the reference scrambling sequence, wherein the method for obtaining the evaluation index of the reference scrambling sequence comprises the following steps:
and in the information data sequence and the reference scrambling sequence, exclusive-or operation is adopted for the scrambled information data of the same position in the information data sequence and the reference scrambling sequence, an exclusive-or value of each position in each information data is obtained, and the sum of all exclusive-or values is calculated to serve as a difference index of each information data. For example, the information data and the information data at the corresponding positions after scrambling are 00001100 and 11001100, and only the elements at the two positions are different after the exclusive-or operation is adopted, so that the sum of the exclusive-or values is 2, that is, the difference index corresponding to 00001100 is 2. It should be noted that, each information data in the information data sequence and the information data in the reference scrambling sequence have a one-to-one correspondence relationship in the position, if the number of the information data in the reference scrambling sequence is greater than the number of the information data sequences, it is noted that in the process of obtaining the association matrix by the information data sequence, the zero padding operation is performed due to the length problem, and at this time, the one-to-one correspondence relationship in the position can be satisfied only by performing the same number of zero padding operations after the information data sequence.
When the difference index is greater than or equal to the preset difference threshold, the corresponding information data scrambling effect is described to reach the standard, and the corresponding information data can be used as the difference information data, in the embodiment of the invention, the preset difference threshold is 4, and a specific numerical value implementer can adjust according to specific implementation conditions.
Counting the number of information data with different importance levels in the difference information data, obtaining the number of importance levels of each importance level, comprehensively obtaining the scrambling effect of the whole scrambling sequence according to the importance levels for the difference information data reaching the scrambling effect, and indicating that the scrambling effect is better when the number of importance levels is larger for the information data with smaller importance levels and larger importance levels. Therefore, the weighted summation of all the important numbers obtains the difference degree, the scrambling effect of the final reference scrambling sequence is reflected by the difference degree, the ratio of the difference degree to the total length of the reference scrambling sequence is used as the evaluation index of the reference scrambling sequence, and in the embodiment of the invention, the specific expression of the evaluation index of the reference scrambling sequence is as follows:
in the method, in the process of the invention,expressed as reference scrambling sequence->Evaluation index of->Expressed as reference scrambling sequence->Is provided for the total length of (a),expressed as reference scrambling sequence->The importance level of the program is the importance level number of one level, < + >>Expressed as reference scrambling sequence->The importance level of the medium is the importance level number of the second level; />And->Expressed as assigned weights, set to +.in the present embodiment>=0.7 sum=0.3, and the specific numerical implementer may vary according to the specific implementation.
Wherein, the liquid crystal display device comprises a liquid crystal display device,the difference degree is expressed, the influence of information data with different importance levels is comprehensively considered through a weight distribution mode, when the information data scrambling effect with the larger importance level is better, the scrambling method at the moment can be considered to be better, and when the difference degree is larger, the scrambling effect of the whole reference scrambling sequence is better, and therefore the evaluation index is larger.
According to the evaluation index acquisition process of the reference scrambling sequence, the evaluation index of the scrambling sequence obtained by each encryption scanning path to be selected can be acquired. And obtaining the maximum value of the corresponding evaluation indexes of all the scrambling sequences, and taking the scrambling sequence of the maximum value evaluation index as the optimal scrambling sequence.
So far, the optimal scrambling sequence corresponding to the information data sequence can be obtained, and the encryption scanning path with the best scrambling effect of the information data sequence can be obtained.
S4: and storing the optimal scrambling sequence as an encrypted ciphertext, and storing the row-column parameter and the to-be-selected encrypted scanning path corresponding to the optimal scrambling sequence as a secret key.
The encryption scanning path when the scrambling effect corresponding to each information data sequence is optimal can be obtained through the step S3, the encryption scanning path corresponding to the information data sequence at the moment is used as the optimal encryption scanning path, the optimal scrambling sequence can be used as the encryption ciphertext to be stored, and the optimal encryption scanning path and the row and column parameters are used as keys to be stored.
When decryption is needed, firstly, the encrypted ciphertext is mapped and restored into a two-dimensional matrix according to row-column parameters, data restoration is carried out through an optimal encryption scanning path rule in a secret key to obtain an associated matrix, and an information data sequence before encryption is obtained in a raster scanning mode. It should be noted that raster scanning is a technical means well known to those skilled in the art, and is not described herein.
The self-adaptive encryption processing of the information data realizes the safe storage of the network information data, and the security of the network data is protected to the greatest extent by searching for a better scrambling encryption effect for each piece of information, so that the security and reliability of the network platform are improved.
In summary, the invention obtains the hit damage index and the high-frequency range index by comprehensively analyzing the attack degree and the occurrence frequency degree of the information data sequence, and can grade the signal data to obtain the importance level by the hit damage index and the high-frequency range index. Determining row and column parameters according to the length of a signal data sequence to obtain an associated matrix, scrambling the associated matrix through an encryption scanning path to obtain a scrambling sequence, combining the importance level of information data, obtaining an evaluation index according to the similarity degree of the information data sequence and the scrambling sequence, determining an optimal scrambling sequence, finally storing the optimal scrambling sequence as an encryption ciphertext, and storing the row and column parameters and the encryption scanning path corresponding to the optimal scrambling sequence as a secret key.
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. The processes depicted in the accompanying drawings do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
Claims (9)
1. A method for managing security of network information, the method comprising:
acquiring an information data sequence composed of the preprocessed information data, and acquiring the frequency of each information data in the information data sequence appearing on a network platform;
obtaining a hit damage index of each information data according to the hit severity of each information data in the information data sequence; determining the high-frequency range of the information data according to the frequency of each information data; obtaining a high-frequency elevation index of each information data according to the importance degrees of the information data with different high-frequency degrees; obtaining an importance level of each information data according to the hit damage index and the high-frequency range index of each information data;
converting the information data sequence into an incidence matrix according to the row-column parameters determined by the length of the information data sequence; scrambling the incidence matrix through each encryption scanning path to be selected in a preset encryption scanning path set to obtain a scrambling sequence; combining the importance level of each information data, and obtaining an evaluation index of each scrambling sequence according to the similarity degree of the information data sequence and the scrambling sequence; determining an optimal scrambling sequence according to the evaluation index of the scrambling sequence;
and storing the optimal scrambling sequence as an encrypted ciphertext, and storing a row-column parameter and a to-be-selected encrypted scanning path corresponding to the optimal scrambling sequence as a secret key.
2. The network information security management method according to claim 1, wherein the method for acquiring the hit damage indicator comprises:
acquiring historical network information data, and counting the interception times, the tampered times and the lost times of each information data in the historical network information data; calculating the weighted average value of the intercepted times, the tampered times and the lost times of each information data to obtain the attacked degree of each information data; the normalized degree of attack is taken as an index of damage to each piece of information data.
3. The network information security management method according to claim 1, wherein the information data high-frequency range determining method comprises:
calculating the average value of the frequency of all the different information data as the fluctuation average value of the information data;
when the frequency of the information data is greater than or equal to the fluctuation average value, the high-frequency range of the information data is recorded as high frequency; when the frequency of the information data is smaller than the fluctuation average value, the high frequency range of the information data is recorded as a low frequency.
4. The network information security management method according to claim 3, wherein the method for acquiring the high-frequency range index comprises:
when the high frequency degree of the information data is low frequency, taking a preset high frequency value as a high frequency range index of the corresponding information data;
when the high frequency range of the information data is high frequency, counting the quantity of the information data of all high frequencies as the high frequency information quantity; the ratio of the frequency corresponding to the information data of each high frequency to the number of the high frequency information is taken as the important duty ratio of the information data of each high frequency, and the normalized important duty ratio is taken as the high frequency range index of the corresponding information data.
5. The network information security management method according to claim 1, wherein the method for acquiring the importance level comprises:
calculating a weighted average value of the hit damage index and the high-frequency range index of each information data to obtain a grading index of the information data;
when the grading index is greater than or equal to a preset grading threshold, the importance level of the corresponding information data is marked as one level; and when the grading index is smaller than a preset grading threshold, the importance level of the corresponding information data is marked as a second grade.
6. The network information security management method according to claim 1, wherein the evaluation index acquisition method comprises:
in the information data sequence and the scrambling sequence, exclusive-or operation is adopted for the scrambled information data of the same position in each information data and the scrambling sequence, an exclusive-or value of each position in each information data is obtained, and the sum of all exclusive-or values is calculated to be used as a difference index of each information data; when the difference index is larger than or equal to a preset difference threshold value, corresponding information data are used as difference information data;
counting the number of information data of different importance levels in the difference information data to obtain the number of importance levels of each importance level; and carrying out weighted summation on all the important numbers to obtain the difference degree, and taking the ratio of the difference degree to the total length of the scrambling sequence as an evaluation index of the corresponding scrambling sequence.
7. The network information security management method according to claim 1, wherein the method for obtaining the optimal scrambling sequence comprises:
and obtaining the maximum value of the evaluation indexes corresponding to all the scrambling sequences, and taking the scrambling sequence of the evaluation index corresponding to the maximum value as the optimal scrambling sequence.
8. The network information security management method according to claim 1, wherein the acquiring method of the rank parameter comprises:
when the length of the information data sequence is not prime number, counting a factor group corresponding to the length of the information data sequence, and taking a factor group with the minimum difference between two factors in the factor group as a row-column parameter;
when the length of the information data sequence is prime number, the length of the information data sequence is increased by one, then a corresponding factor group is obtained, and the factor group with the smallest difference between two factors in the factor group is used as a row-column parameter.
9. The network information security management method according to claim 1, wherein the acquiring the information data sequence composed of the preprocessed information data comprises:
the method comprises the steps of obtaining original information data of network information, converting all the original information data into binary codes, using fixed-length codes converted by each binary code as information data, and forming all the information data into an information data sequence according to the sequence of the original information data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310650692.3A CN116389170B (en) | 2023-06-05 | 2023-06-05 | Network information security management method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310650692.3A CN116389170B (en) | 2023-06-05 | 2023-06-05 | Network information security management method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116389170A CN116389170A (en) | 2023-07-04 |
| CN116389170B true CN116389170B (en) | 2023-07-28 |
Family
ID=86969718
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310650692.3A Active CN116389170B (en) | 2023-06-05 | 2023-06-05 | Network information security management method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116389170B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116566585B (en) * | 2023-07-10 | 2023-09-05 | 中国科学院东北地理与农业生态研究所 | Informationized intelligent storage method |
| CN117688612B (en) * | 2024-01-31 | 2024-04-26 | 青岛闪收付信息技术有限公司 | Electronic creditor voucher data information safety storage method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115758422A (en) * | 2022-11-29 | 2023-03-07 | 广东职业技术学院 | File encryption method and system |
| CN116150714A (en) * | 2023-04-20 | 2023-05-23 | 无锡弘鼎软件科技有限公司 | Security management method for software development data |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10789369B2 (en) * | 2018-06-12 | 2020-09-29 | Fujitsu Limited | Oblivious array shuffling in trusted execution environments |
-
2023
- 2023-06-05 CN CN202310650692.3A patent/CN116389170B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115758422A (en) * | 2022-11-29 | 2023-03-07 | 广东职业技术学院 | File encryption method and system |
| CN116150714A (en) * | 2023-04-20 | 2023-05-23 | 无锡弘鼎软件科技有限公司 | Security management method for software development data |
Non-Patent Citations (1)
| Title |
|---|
| 基于置乱切换决策机制和声搜索的图像加密算法;陈煜欣;;沈阳工业大学学报(第03期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116389170A (en) | 2023-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN116389170B (en) | Network information security management method | |
| Soto | Randomness testing of the advanced encryption standard candidate algorithms | |
| Thorpe et al. | Graphical Dictionaries and the Memorable Space of Graphical Passwords. | |
| CN115883109B (en) | Data compression encryption method and system for aviation system | |
| CN115665340B (en) | Image encryption method in remote fault diagnosis system | |
| Toktas et al. | A robust bit-level image encryption based on Bessel map | |
| CN117235796B (en) | Electronic commerce data processing method | |
| CN116776386B (en) | Cloud service data information security management method and system | |
| Geetha et al. | Optimized image steganalysis through feature selection using MBEGA | |
| CN115865431A (en) | Network security sharing method for private data | |
| Brisbane et al. | High-capacity steganography using a shared colour palette | |
| Idakwo et al. | An extensive survey of digital image steganography: State of the art | |
| Hartloff et al. | Security analysis for fingerprint fuzzy vaults | |
| CN115834792A (en) | Video data processing method and system based on artificial intelligence | |
| Mullaymeri et al. | A two-party private string matching fuzzy vault scheme | |
| CN110661611B (en) | Side channel-oriented detection method and system for code energy leakage signal | |
| Taha et al. | Retina random number generator for stream cipher cryptography | |
| Taha et al. | Retina random number generator for security applications | |
| CN113630425B (en) | Financial data safe transmission method for multiple power bodies | |
| CN115514485B (en) | Method for transmitting community correction system data with quantum encryption | |
| CN116699258B (en) | Method, system and lightning protection equipment for lightning protection detection based on radio signal | |
| CN117171720B (en) | Data attribution right identification system and method based on behavior fingerprint | |
| CN116707803B (en) | Private data crushing method based on data encryption | |
| CN115795523B (en) | Loan information encryption management platform based on financial big data | |
| CN117692257B (en) | High-speed encryption method and device for service data of electric power Internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |