CN116884556B - A secure sharing platform for medical data based on inline blockchain - Google Patents

A secure sharing platform for medical data based on inline blockchain Download PDF

Info

Publication number
CN116884556B
CN116884556B CN202311148619.2A CN202311148619A CN116884556B CN 116884556 B CN116884556 B CN 116884556B CN 202311148619 A CN202311148619 A CN 202311148619A CN 116884556 B CN116884556 B CN 116884556B
Authority
CN
China
Prior art keywords
data
attack
sharing
blockchain
detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311148619.2A
Other languages
Chinese (zh)
Other versions
CN116884556A (en
Inventor
王樱蓉
邹保文
吴响
曹俊
王丽丽
王换换
张永婷
李怡聪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Huiruikang Intelligent Technology Co ltd
Xuzhou Medical College
Original Assignee
Suzhou Huiruikang Intelligent Technology Co ltd
Xuzhou Medical College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Huiruikang Intelligent Technology Co ltd, Xuzhou Medical College filed Critical Suzhou Huiruikang Intelligent Technology Co ltd
Priority to CN202311148619.2A priority Critical patent/CN116884556B/en
Publication of CN116884556A publication Critical patent/CN116884556A/en
Application granted granted Critical
Publication of CN116884556B publication Critical patent/CN116884556B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/213Feature extraction, e.g. by transforming the feature space; Summarisation; Mappings, e.g. subspace methods
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H80/00ICT specially adapted for facilitating communication between medical practitioners or patients, e.g. for collaborative diagnosis, therapy or health monitoring

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Databases & Information Systems (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Public Health (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Epidemiology (AREA)
  • Primary Health Care (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computing Systems (AREA)
  • Biomedical Technology (AREA)
  • Pathology (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明公开了一种基于内联区块链的医学数据安全共享平台,包括数据接口模块、共享功能模块、资源反馈模块和资源供给池,其中,数据接口模块,用于连接本地用户设备,并且被配置有设备漏洞检测功能;共享功能模块接入被检测后的设备,对待共享数据进行风险检测;将本地用户上传数据摘要信息至外层区块链;将本地用户上传数据信息至内层区块链;以及当请求端用户在外层区块链上发起共享请求时,基于共享请求联动内层区块链启动自动化共享任务;资源反馈模块用于实现数据共享交易记录及交易溯源,实现对数据共享全流程的全面维护,资源攻击池的构建及智能攻击检测优化方法的设计,实现对模型精度、效率等性能的大幅提升。

The invention discloses a medical data security sharing platform based on inline blockchain, which includes a data interface module, a sharing function module, a resource feedback module and a resource supply pool, wherein the data interface module is used to connect local user equipment, and It is configured with a device vulnerability detection function; the sharing function module accesses the detected device and performs risk detection on the data to be shared; it uploads data summary information from local users to the outer blockchain; it uploads data information from local users to the inner area. block chain; and when the requesting user initiates a sharing request on the outer block chain, the inner block chain is linked to start an automated sharing task based on the sharing request; the resource feedback module is used to realize data sharing transaction records and transaction traceability, and to realize data Comprehensive maintenance of the entire sharing process, construction of resource attack pools, and design of intelligent attack detection optimization methods achieve significant improvements in model accuracy, efficiency and other performance.

Description

一种基于内联区块链的医学数据安全共享平台A secure sharing platform for medical data based on inline blockchain

技术领域Technical field

本发明涉及数据安全共享技术领域,具体为一种基于内联区块链的医学数据安全共享平台。The invention relates to the technical field of data security sharing, specifically a medical data security sharing platform based on inline blockchain.

背景技术Background technique

医学研究和医疗保健需要使用大量的数据,例如患者的病历、影像资料、遗传数据等;由于这些数据通常分散在各个医疗机构、研究机构和数据仓库中,因此难以对它们进行有效的利用;为了解决这一问题,医学数据共享应运而生;通过共享数据,医学研究人员和医疗保健工作者可以更好地理解疾病的发生和发展规律,开发新的诊断方法和治疗方案,从而提高疾病诊治的准确性和成功率;医学数据共享也存在一些风险个人敏感信息共享可能导致隐私泄露,例如病历、遗传数据等;传统的数据共享平台采用加密技术、访问控制和攻击检测等手段来确保数据安全性和隐私性,传统同态加密技术要求平台具有较高的硬件性能,访问控制无法实现对共享过程溯源,智能攻击检测模型仍存在检测精度低,效率不高等问题;为此,设计一个可溯源、安全、高效的数据共享平台是当前研究的热点问题。Medical research and healthcare require the use of large amounts of data, such as patient medical records, imaging data, genetic data, etc.; since these data are usually scattered in various medical institutions, research institutions and data warehouses, it is difficult to utilize them effectively; in order to To solve this problem, medical data sharing came into being; by sharing data, medical researchers and health care workers can better understand the occurrence and development of diseases, develop new diagnostic methods and treatment plans, thereby improving the efficiency of disease diagnosis and treatment. Accuracy and success rate; there are also some risks in medical data sharing. Sharing of sensitive personal information may lead to privacy leaks, such as medical records, genetic data, etc.; traditional data sharing platforms use encryption technology, access control and attack detection to ensure data security. and privacy. Traditional homomorphic encryption technology requires the platform to have high hardware performance. Access control cannot achieve traceability of the sharing process. Intelligent attack detection models still have problems such as low detection accuracy and low efficiency. To this end, design a traceable, A safe and efficient data sharing platform is a hot issue in current research.

发明内容Contents of the invention

本发明的目的是提供一种基于内联区块链的医学数据安全共享平台,能有效解决上述问题。The purpose of the present invention is to provide a secure sharing platform for medical data based on inline blockchain, which can effectively solve the above problems.

为解决上述技术问题,本发明采用了以下技术方案:一种基于内联区块链的医学数据安全共享平台,所述平台包括:In order to solve the above technical problems, the present invention adopts the following technical solution: a medical data security sharing platform based on inline blockchain, the platform includes:

数据接口模块,用于连接本地用户设备,并且被配置有设备漏洞检测功能;The data interface module is used to connect to local user equipment and is configured with device vulnerability detection function;

共享功能模块,接入被检测后的设备,并执行:The shared function module accesses the detected device and executes:

对待共享数据进行风险检测;Conduct risk detection on data to be shared;

将本地用户上传数据摘要信息至外层区块链;Upload data summary information from local users to the outer blockchain;

将本地用户上传数据信息至内层区块链;Upload data information from local users to the inner blockchain;

以及当请求端用户在外层区块链上发起共享请求时,基于共享请求联动内层区块链启动自动化共享任务;And when the requesting user initiates a sharing request on the outer blockchain, the inner blockchain is linked to start an automated sharing task based on the sharing request;

资源反馈模块,用于实现数据共享交易记录及交易溯源。The resource feedback module is used to realize data sharing transaction records and transaction traceability.

优选的,进行设备漏洞检测功能时,通过启动智能攻击检测模型对用户设备进行漏洞检测,若发现漏洞则发起警报,并定义网络设备漏洞攻击检测结果为N_a,定义第一层警报阈值为N,若,则发起警报。Preferably, when performing the device vulnerability detection function, the user device is tested for vulnerabilities by starting an intelligent attack detection model. If a vulnerability is found, an alarm is initiated, and the network device vulnerability attack detection result is defined as N_a, and the first layer alarm threshold is defined as N, like , an alarm is initiated.

优选的,所述风险检测为:启动智能攻击检测模型对待上传数据进行检测,若发现风险则发起警报,并定义待上传数据检测结果为U_d,定义第二层警报阈值为U,若,则发起警报。Preferably, the risk detection is: start the intelligent attack detection model to detect the data to be uploaded, initiate an alarm if a risk is found, define the detection result of the data to be uploaded as U_d, define the second layer alarm threshold as U, if , an alarm is initiated.

优选的,在共享功能模块中,所述外层区块链还用于记录共享交易信息及共享结果信息,并支持链上所有用户访问;所述内层区块链仅支持自动化操作。Preferably, in the sharing function module, the outer blockchain is also used to record shared transaction information and shared result information, and supports access by all users on the chain; the inner blockchain only supports automated operations.

优选的,所述资源反馈模块还具备要求请求端用户上传本地数据及数据操作结果,并启动智能攻击检测模型对上传结果实现攻击检测。Preferably, the resource feedback module is also configured to require the requesting end user to upload local data and data operation results, and activate an intelligent attack detection model to implement attack detection on the uploaded results.

进一步优选的,对上传结果实现攻击检测时,若发现风险则发起警报;每层警报均需用户手动确认是否解除警报继续任务并定义待上传结果数据检测结果为U_r,定义第二层警报阈值为R,若,则发起警报。Further preferably, when implementing attack detection on the uploaded results, if a risk is found, an alarm will be initiated; each level of alarm requires the user to manually confirm whether to cancel the alarm and continue the task and define the detection result of the data to be uploaded as U_r, and define the second level alarm threshold as R, if , an alarm is initiated.

优选的,所述平台还包括资源供给池,所述资源供给池用于储存归类后的攻击检测结果,并用于优化训练智能攻击检测模型。Preferably, the platform further includes a resource supply pool, which is used to store classified attack detection results and to optimize and train an intelligent attack detection model.

优选的,智能攻击检测模型的优化训练具体为:Preferably, the optimization training of the intelligent attack detection model is specifically as follows:

S1、由资源供给池获取已知攻击特征数据集T并进行拷贝,形成拷贝集S1. Obtain the known attack characteristic data set T from the resource supply pool and copy it to form a copy set. ;

S2、根据设计的攻击特征变化方法对拷贝集进行操作,直至所有特征实现变化形成变异集合/>S2. According to the designed attack characteristic changing method, modify the copy set Perform operations until all features change to form a mutation set/> ;

S3、将变异集合与已知攻击特征数据集T合并,形成新的攻击特征集/>S3. Collect the mutations Merge with known attack feature data set T to form a new attack feature set/> ;

S4、对智能攻击检测模型采用优化方法进行参数选择,得到最优参数模型;S4. Use optimization methods to select parameters for the intelligent attack detection model to obtain the optimal parameter model;

S5、利用攻击特征集去训练最优参数模型。S5. Utilize attack signature set to train the optimal parameter model.

进一步优选的,所述攻击特征变化方法为:利用拷贝集、切比雪夫距离公式,计算得到距离阈值;将拷贝集/>、距离阈值代入切比雪夫距离公式,得到多组未知攻击特征,接着计算特征变种方向及变种范围并根据计算结果对多组未知攻击特征进行筛选,最终得到符合要求的未知攻击的变异集合/>Further preferably, the attack characteristic changing method is: using copy set , Chebyshev distance formula, calculate the distance threshold; copy the set/> , the distance threshold is substituted into the Chebyshev distance formula to obtain multiple sets of unknown attack features, and then the feature variant direction and variant range are calculated and the multiple sets of unknown attack features are screened based on the calculation results, and finally a mutation set of unknown attacks that meets the requirements is obtained/> .

进一步优选的,其中,采用优化方法进行参数选择,得到最优参数模型具体为:Further preferably, an optimization method is used for parameter selection, and the optimal parameter model is obtained as follows:

S1、以模型检测准确率为优化目标函数,检测率最高时,对应的参数集合为最优参数集合;S1. Optimize the objective function based on the model detection accuracy. When the detection rate is the highest, the corresponding parameter set is the optimal parameter set;

S2、给定参数变化范围,以较小的区间进行参数划分;S2. Given the parameter variation range, divide the parameters into smaller intervals;

S3、随机选择一组参数集合p进行模型训练,存储参数集合p及模型准确率为最优值;S3. Randomly select a set of parameter sets p for model training, and store the parameter set p and model accuracy. is the optimal value;

S4、生产一个随机旋转方向向量i,以及对应步长C(i),参数集合p在旋转方向上移动了C(i)步长,产生新的参数集合S4. Produce a random rotation direction vector i and the corresponding step size C(i). The parameter set p moves the step size C(i) in the rotation direction to generate a new parameter set. ;

S5、计算的模型准确度/>,比较/>和/>,存储准确率更高的参数集合为最新的最优参数集合;S5, calculation model accuracy/> , compare/> and/> , storing the parameter set with higher accuracy as the latest optimal parameter set;

S6、重复步骤S3-S5,直至准确率不再变化,当前参数集合即为模型最优参数。S6. Repeat steps S3-S5 until the accuracy no longer changes, and the current parameter set is the optimal parameter of the model.

本发明的有益效果在于:本发明中通过共享功能模块对本地用户上传的不同信息分类传输至外层区块链和内层区块链中,并在请求端用户在外层区块链上发起共享请求时,基于共享请求联动内层区块链启动自动化共享任务,保证数据共享安全及交易可溯源,并在数据接口模块、共享功能模块和资源反馈模块中均设置有警报功能,实现了三层攻击警报架构,对数据共享全流程的安全监测,同时,允许用户与警报系统进行交互,提高系统容错能力,进而实现对数据共享全流程的全面维护。The beneficial effects of the present invention are: in the present invention, different information uploaded by local users is classified and transmitted to the outer blockchain and the inner blockchain through the sharing function module, and the requesting end user initiates sharing on the outer blockchain When requested, based on the sharing request, the inner blockchain is linked to start an automated sharing task to ensure data sharing security and transaction traceability. Alarm functions are set up in the data interface module, sharing function module and resource feedback module, realizing a three-layer The attack alarm architecture monitors the security of the entire data sharing process. At the same time, it allows users to interact with the alarm system to improve the system's fault tolerance, thereby achieving comprehensive maintenance of the entire data sharing process.

另外,本发明中,通过资源攻击池的设置,能对智能攻击检测模型进行优化训练,从而实现对模型精度、效率等性能的大幅提升。In addition, in the present invention, through the setting of a resource attack pool, the intelligent attack detection model can be optimized and trained, thereby achieving a significant improvement in model accuracy, efficiency and other performance.

附图说明Description of the drawings

附图用来提供对本发明的进一步理解,并且构成说明书的一部分,与本发明的实施例一起用于解释本发明,并不构成对本发明的限制。The drawings are used to provide a further understanding of the present invention and constitute a part of the specification. They are used to explain the present invention together with the embodiments of the present invention and do not constitute a limitation of the present invention.

在附图中:In the attached picture:

图1为本发明的整体流程图;Figure 1 is an overall flow chart of the present invention;

图2为本发明中共享功能模块示意图;Figure 2 is a schematic diagram of the shared function module in the present invention;

图3为本发明中智能攻击检测模型优化过程示意图;Figure 3 is a schematic diagram of the optimization process of the intelligent attack detection model in the present invention;

图4为本发明中多层警报系统架构流程图。Figure 4 is a flow chart of the multi-layer alarm system architecture in the present invention.

具体实施方式Detailed ways

为了使本发明的目的及优点更加清楚明白,以下结合实施例对本发明进行具体说明。In order to make the purpose and advantages of the present invention more clear, the present invention will be described in detail below with reference to examples.

应当理解,以下文字仅仅用以描述本发明的一种基于内联区块链的医学数据安全共享平台或几种具体的实施方式,并不对本发明具体请求的保护范围进行严格限定。It should be understood that the following text is only used to describe an inline blockchain-based medical data security sharing platform or several specific implementations of the present invention, and does not strictly limit the scope of protection specifically requested by the present invention.

实施例,一种基于内联区块链的医学数据安全共享平台,如图1所示,平台包括数据接口模块、共享功能模块、资源反馈模块和资源供给池;Embodiment, a medical data security sharing platform based on inline blockchain, as shown in Figure 1, the platform includes a data interface module, a shared function module, a resource feedback module and a resource supply pool;

数据接口模块用于连接本地用户设备,并且被配置有设备漏洞检测功能,通过启动智能攻击检测模型对用户设备进行漏洞检测,其中,用户设备漏洞检测特征有,网络流量中大量的TCP SYN连接请求及UDP数据包;The data interface module is used to connect to local user equipment and is configured with a device vulnerability detection function. It performs vulnerability detection on user equipment by starting an intelligent attack detection model. Among them, user equipment vulnerability detection features include a large number of TCP SYN connection requests in network traffic. and UDP packets;

设备日志内频繁访问某个特定的URL、使用未知的协议的行为;设备中的软件信息;Behavior of frequently accessing a specific URL and using unknown protocols in the device log; software information in the device;

设备弱口令的安全强度;是否存在未打补丁;The security strength of the weak password of the device; whether it is not patched;

经检测的设备进入共享功能模块,如图2所示,为共享功能模块示意图;The tested equipment enters the shared function module, as shown in Figure 2, which is a schematic diagram of the shared function module;

共享功能模块接入被检测后的设备,并执行:The shared function module accesses the detected device and executes:

首先,对待共享数据进行风险检测;First, perform risk detection on the data to be shared;

其中,用户待上传数据检测特征有:Among them, the detection characteristics of data to be uploaded by users are:

本地设备日志中有关用户登录信息、访问时间、IP地址和数据操作记录;是否偏离平均值、标准差或者位于极端百分位数;数据是否呈现出明显的峰值或者长尾分布;某些数据点是否具有极端高或极端低的值,罕见或非常不寻常;某个数据点与周围数据点相比,它的变化是否是异常的;User login information, access time, IP address and data operation records in local device logs; whether it deviates from the average, standard deviation or is in the extreme percentile; whether the data shows an obvious peak or long-tail distribution; certain data points Whether it has extremely high or low values, rare or very unusual; whether the change of a certain data point is abnormal compared with surrounding data points;

接着,将本地用户上传数据摘要信息至外层区块链,除了数据摘要信息,外层区块链还用于记录共享交易信息及共享结果信息,支持链上所有用户访问;Then, local users upload data summary information to the outer blockchain. In addition to data summary information, the outer blockchain is also used to record shared transaction information and shared result information, supporting access by all users on the chain;

将本地用户上传数据信息至内层区块链,内层区块链仅支持自动化操作不支持访问;Upload data information from local users to the inner blockchain. The inner blockchain only supports automated operations and does not support access;

以及当请求端用户在外层区块链上发起共享请求时,基于共享请求联动内层区块链启动自动化共享任务,如传输、挖掘、存储等;And when the requesting user initiates a sharing request on the outer blockchain, based on the sharing request, the inner blockchain is linked to start automated sharing tasks, such as transmission, mining, storage, etc.;

资源反馈模块,用于实现数据共享交易记录及交易溯源,还具备要求请求端用户上传本地数据及数据操作结果,并启动智能攻击检测模型对上传结果实现攻击检测;The resource feedback module is used to realize data sharing transaction records and transaction traceability. It also requires the requesting end user to upload local data and data operation results, and activates the intelligent attack detection model to implement attack detection on the uploaded results;

资源供给池,用于储存归类后的攻击检测结果,并根据标定的攻击特征优化训练智能攻击检测模型。The resource supply pool is used to store classified attack detection results and optimize and train intelligent attack detection models based on calibrated attack characteristics.

如图3所示,为智能攻击检测模型优化过程示意图,智能攻击检测模型的优化训练具体为:As shown in Figure 3, it is a schematic diagram of the optimization process of the intelligent attack detection model. The optimization training of the intelligent attack detection model is specifically as follows:

S1、由资源供给池获取已知攻击特征数据集T并进行拷贝,形成拷贝集S1. Obtain the known attack characteristic data set T from the resource supply pool and copy it to form a copy set. ;

S2、根据设计的攻击特征变化方法对拷贝集进行操作,直至所有特征实现变化形成变异集合/>S2. According to the designed attack characteristic changing method, modify the copy set Perform operations until all features change to form a mutation set/> ;

S3、将变异集合与已知攻击特征数据集T合并,形成新的攻击特征集/>S3. Collect the mutations Merge with known attack feature data set T to form a new attack feature set/> ;

S4、对智能攻击检测模型采用优化方法进行参数选择,得到最优参数模型;S4. Use optimization methods to select parameters for the intelligent attack detection model to obtain the optimal parameter model;

S5、利用攻击特征集去训练最优参数模型;S5. Utilize attack signature set To train the optimal parameter model;

其中,攻击特征变化方法为:利用拷贝集、切比雪夫距离公式,计算得到距离阈值;将拷贝集/>、距离阈值代入切比雪夫距离公式,得到多组未知攻击特征,接着计算特征变种方向及变种范围并根据计算结果对多组未知攻击特征进行筛选,最终得到符合要求的未知攻击的变异集合/>Among them, the attack characteristics change method is: using copy set , Chebyshev distance formula, calculate the distance threshold; copy the set/> , the distance threshold is substituted into the Chebyshev distance formula to obtain multiple sets of unknown attack features, and then the feature variant direction and variant range are calculated and the multiple sets of unknown attack features are screened based on the calculation results, and finally a mutation set of unknown attacks that meets the requirements is obtained/> ;

例如,假设已知攻击特征为,变种后特征为,切比雪夫距离公式为:For example, assume that the known attack signature is , the characteristic after mutation is , the Chebyshev distance formula is:

其中,a和b为集合A和集合B中特征,/>为对应的向量坐标;接着,计算集合A中最小距离阈值/>及最大距离阈值/>,/>确定特征扩大范围,/>确定特征扩大方向;随机选择集合A中的特征/>代入公式,计算出对应扩大特征/>;循环计算过程直至所有已知特征都被扩大。 Among them, a and b are the features in set A and set B,/> is the corresponding vector coordinate; then, calculate the minimum distance threshold in set A/> and maximum distance threshold/> ,/> Determine the characteristics and expand the scope,/> Determine the direction of feature expansion; randomly select features in set A/> Substitute into the formula to calculate the corresponding expanded features/> ;Loop the calculation process until all known features have been enlarged.

其中,优化方法为:Among them, the optimization method is:

S1、以模型检测准确率为优化目标函数,检测率最高时,对应的参数集合为最优参数集合;S1. Optimize the objective function based on the model detection accuracy. When the detection rate is the highest, the corresponding parameter set is the optimal parameter set;

S2、给定参数变化范围,以较小的区间进行参数划分;S2. Given the parameter variation range, divide the parameters into smaller intervals;

S3、随机选择一组参数集合p进行模型训练,存储参数集合p及模型准确率为最优值;S3. Randomly select a set of parameter sets p for model training, and store the parameter set p and model accuracy. is the optimal value;

S4、生产一个随机旋转方向向量i,以及对应步长C(i),参数集合p在旋转方向上移动了C(i)步长,产生新的参数集合S4. Produce a random rotation direction vector i and the corresponding step size C(i). The parameter set p moves the step size C(i) in the rotation direction to generate a new parameter set. ;

S5、计算的模型准确度/>,比较/>和/>,存储准确率更高的参数集合为最新的最优参数集合;S5, calculation model accuracy/> , compare/> and/> , storing the parameter set with higher accuracy as the latest optimal parameter set;

S6、重复步骤S3-S5,直至准确率不再变化,当前参数集合即为模型最优参数。S6. Repeat steps S3-S5 until the accuracy no longer changes, and the current parameter set is the optimal parameter of the model.

另外,本发明的安全共享平台的又一个实施例中,如图4所示,为多层预警系统架构流程图,在平台内构建一个三层攻击警报架构,具体为:In addition, in another embodiment of the security sharing platform of the present invention, as shown in Figure 4, which is a multi-layer early warning system architecture flow chart, a three-layer attack alarm architecture is constructed within the platform, specifically as follows:

第一层警报,设置在数据接口模块处,用户设备接入本系统,对用户设备进行漏洞检测,若发现漏洞则发起警报,并定义网络设备漏洞攻击检测结果为N_a,定义第一层警报阈值为N,若,则发起警报;The first layer alarm is set at the data interface module. The user equipment is connected to the system, and vulnerability detection is performed on the user equipment. If a vulnerability is found, an alarm is initiated, and the network equipment vulnerability attack detection result is defined as N_a, and the first layer alarm threshold is defined. is N, if , then an alarm is initiated;

第二层警报,设置在共享功能模块处,对待上传数据进行检测,若发现风险则发起警报,并定义待上传数据检测结果为U_d,定义第二层警报阈值为U,若,则发起警报。The second-level alarm is set at the shared function module. It detects the data to be uploaded. If a risk is found, an alarm is initiated. The detection result of the data to be uploaded is defined as U_d, and the second-level alarm threshold is defined as U. If , an alarm is initiated.

第三层警报,设置在资源反馈模块处,对待上传结果进行检测,若发现风险则发起警报,并定义待上传结果数据检测结果为U_r,定义第二层警报阈值为R,若,则发起警报;The third layer alarm is set at the resource feedback module. It detects the results to be uploaded. If a risk is found, an alarm is initiated. The detection result of the data to be uploaded is defined as U_r. The second layer alarm threshold is defined as R. If , then an alarm is initiated;

其中,每层警报均需用户手动确认是否解除警报继续任务,实现对数据共享全流程的安全监测;同时,允许用户与预警系统进行交互,提高系统容错能力。Among them, each level of alarm requires the user to manually confirm whether to cancel the alarm and continue the task, realizing security monitoring of the entire data sharing process; at the same time, users are allowed to interact with the early warning system to improve the system's fault tolerance.

上面结合附图对本发明的实施方式作了详细说明,但是本发明并不限于上述实施方式,对于本技术领域的普通技术人员来说,在获知本发明中记载内容后,在不脱离本发明原理的前提下,还可以对其作出若干同等变换和替代,这些同等变换和替代也应视为属于本发明的保护范围。The embodiments of the present invention have been described in detail above with reference to the accompanying drawings. However, the present invention is not limited to the above embodiments. For those of ordinary skill in the art, after learning the contents described in the present invention, they can proceed without departing from the principles of the present invention. Under the premise, several equivalent transformations and substitutions can also be made, and these equivalent transformations and substitutions should also be regarded as belonging to the protection scope of the present invention.

Claims (7)

1.一种基于内联区块链的医学数据安全共享平台,其特征在于,所述平台包括:1. A secure sharing platform for medical data based on inline blockchain, characterized in that the platform includes: 数据接口模块,用于连接本地用户设备,并且被配置有设备漏洞检测功能;The data interface module is used to connect to local user equipment and is configured with device vulnerability detection function; 共享功能模块,接入被检测后的设备,并执行:The shared function module accesses the detected device and executes: 对待共享数据进行风险检测;Conduct risk detection on data to be shared; 将本地用户上传数据摘要信息至外层区块链;Upload data summary information from local users to the outer blockchain; 将本地用户上传数据信息至内层区块链;以及Upload data from local users to the inner blockchain; and 当请求端用户在外层区块链上发起共享请求时,基于共享请求联动内层区块链启动自动化共享任务;When the requesting user initiates a sharing request on the outer blockchain, the inner blockchain is linked to start an automated sharing task based on the sharing request; 资源反馈模块,用于实现数据共享交易记录及交易溯源;Resource feedback module, used to realize data sharing transaction records and transaction traceability; 所述资源反馈模块还具备要求请求端用户上传本地数据及数据操作结果,并启动智能攻击检测模型对上传结果实现攻击检测;The resource feedback module also requires the requesting end user to upload local data and data operation results, and activates an intelligent attack detection model to implement attack detection on the uploaded results; 所述平台还包括资源供给池,所述资源供给池用于储存归类后的攻击检测结果,并用于优化训练智能攻击检测模型;The platform also includes a resource supply pool, which is used to store classified attack detection results and to optimize and train intelligent attack detection models; 智能攻击检测模型的优化训练具体为:The optimization training of the intelligent attack detection model is specifically as follows: S1、由资源供给池获取已知攻击特征数据集T并进行拷贝,形成拷贝集S1. Obtain the known attack characteristic data set T from the resource supply pool and copy it to form a copy set. ; S2、根据设计的攻击特征变化方法对集合进行操作,直至所有特征实现变化形成变异集合/>S2. According to the designed attack characteristics change method, the set Perform operations until all features change to form a mutation set/> ; S3、将变异集合与已知攻击特征集合T合并,形成新的攻击特征集/>S3. Collect the mutations Merge with the known attack feature set T to form a new attack feature set/> ; S4、对智能攻击检测模型采用优化方法进行参数选择,得到最优参数模型;S4. Use optimization methods to select parameters for the intelligent attack detection model to obtain the optimal parameter model; S5、利用攻击特征集去训练最优参数模型。S5. Utilize attack signature set to train the optimal parameter model. 2.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:进行设备漏洞检测功能时,通过启动智能攻击检测模型对用户设备进行漏洞检测,若发现漏洞则发起警报,并定义网络设备漏洞攻击检测结果为N_a,定义第一层警报阈值为N,若,则发起警报。2. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: when performing the device vulnerability detection function, vulnerability detection is performed on the user equipment by starting an intelligent attack detection model. If a vulnerability is found If the vulnerability is detected, an alarm is initiated, and the network device vulnerability attack detection result is defined as N_a, and the first layer alarm threshold is defined as N. If , an alarm is initiated. 3.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:所述风险检测为:启动智能攻击检测模型对待上传数据进行检测,若发现风险则发起警报,并定义待上传数据检测结果为U_d,定义第二层警报阈值为U,若,则发起警报。3. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: the risk detection is: initiating an intelligent attack detection model to detect the data to be uploaded, and if a risk is found, initiate alarm, and define the detection result of the data to be uploaded as U_d, and define the second-level alarm threshold as U. If , an alarm is initiated. 4.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:在共享功能模块中,所述外层区块链还用于记录共享交易信息及共享结果信息,并支持链上所有用户访问;所述内层区块链仅支持自动化操作。4. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: in the sharing function module, the outer blockchain is also used to record shared transaction information and sharing The result information is accessible to all users on the chain; the inner blockchain only supports automated operations. 5.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:对上传结果实现攻击检测时,若发现风险则发起警报;每层警报均需用户手动确认是否解除警报继续任务,并定义待上传结果数据检测结果为U_r,定义第二层警报阈值为R,若,则发起警报。5. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: when detecting attacks on uploaded results, an alarm will be initiated if a risk is found; each level of alarm requires manual operation by the user. Confirm whether to cancel the alarm and continue the task, and define the detection result of the data to be uploaded as U_r, and define the second-level alarm threshold as R. If , an alarm is initiated. 6.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:所述攻击特征变化方法为:已知攻击特征拷贝集、切比雪夫距离公式,计算得到距离阈值;将攻击特征拷贝集/>、距离阈值代入切比雪夫距离公式,得到多组未知攻击特征,接着计算特征变种方向及变种范围并根据计算结果对多组未知攻击特征进行筛选,最终得到符合要求的未知攻击变异特征集/>6. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: the attack feature changing method is: known attack feature copy set , Chebyshev distance formula, calculate the distance threshold; copy the attack feature set/> , the distance threshold is substituted into the Chebyshev distance formula to obtain multiple sets of unknown attack features, and then the feature variant direction and variant range are calculated and the multiple sets of unknown attack features are screened based on the calculation results, and finally a set of unknown attack variant features that meet the requirements are obtained/> . 7.根据权利要求1所述的一种基于内联区块链的医学数据安全共享平台,其特征在于:其中,采用优化方法进行参数选择,得到最优参数模型具体为:7. A medical data security sharing platform based on inline blockchain according to claim 1, characterized in that: wherein, an optimization method is used for parameter selection, and the optimal parameter model is obtained as follows: S1、以模型检测准确率为优化目标函数,准确率最高时,对应的参数集合为最优参数集合;S1. Optimize the objective function based on the model detection accuracy. When the accuracy is the highest, the corresponding parameter set is the optimal parameter set; S2、给定参数变化范围,以较小的区间进行参数划分;S2. Given the parameter variation range, divide the parameters into smaller intervals; S3、随机选择一组参数集合p进行模型训练,存储参数p及模型准确率为最优值;S3. Randomly select a set of parameters p for model training, and store the parameters p and model accuracy. is the optimal value; S4、生产一个随机旋转方向向量i,以及对应步长C(i),参数集合p在旋转方向上移动了C(i)步长,产生新的参数集合S4. Produce a random rotation direction vector i and the corresponding step size C(i). The parameter set p moves the step size C(i) in the rotation direction to generate a new parameter set. ; S5、计算的模型准确率/>,比较/>和/>,存储准确率更高的参数集合为最新的最优参数集合;S5, calculation model accuracy/> , compare/> and/> , storing the parameter set with higher accuracy as the latest optimal parameter set; S6、重复步骤S3-S5,直至准确率不再变化,当前参数集合即为模型最优参数。S6. Repeat steps S3-S5 until the accuracy no longer changes, and the current parameter set is the optimal parameter of the model.
CN202311148619.2A 2023-09-07 2023-09-07 A secure sharing platform for medical data based on inline blockchain Active CN116884556B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311148619.2A CN116884556B (en) 2023-09-07 2023-09-07 A secure sharing platform for medical data based on inline blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311148619.2A CN116884556B (en) 2023-09-07 2023-09-07 A secure sharing platform for medical data based on inline blockchain

Publications (2)

Publication Number Publication Date
CN116884556A CN116884556A (en) 2023-10-13
CN116884556B true CN116884556B (en) 2024-01-12

Family

ID=88262580

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311148619.2A Active CN116884556B (en) 2023-09-07 2023-09-07 A secure sharing platform for medical data based on inline blockchain

Country Status (1)

Country Link
CN (1) CN116884556B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111698322A (en) * 2020-06-11 2020-09-22 福州数据技术研究院有限公司 Medical data safety sharing method based on block chain and federal learning
CN112559625A (en) * 2020-12-09 2021-03-26 国网安徽省电力有限公司物资分公司 Power business material information storage system and method based on block chain
WO2021218885A1 (en) * 2020-04-28 2021-11-04 万维数码智能有限公司 Security and confidentiality protection method and system for data transmission
CN114024719A (en) * 2021-10-13 2022-02-08 北京八分量信息科技有限公司 Medical information safety management system based on block chain technology
CN114553523A (en) * 2022-02-21 2022-05-27 平安普惠企业管理有限公司 Attack detection method and device based on attack detection model, medium and equipment
CN114567491A (en) * 2022-03-03 2022-05-31 北京雁翎网卫智能科技有限公司 Medical record sharing method and system based on zero trust principle and block chain technology
CN114884678A (en) * 2022-05-11 2022-08-09 深圳嘉业产业发展有限公司 Block chain-based data security management method and system
CN116389012A (en) * 2023-05-29 2023-07-04 国家卫生健康委统计信息中心 Medical health data trusted sharing method based on blockchain

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021218885A1 (en) * 2020-04-28 2021-11-04 万维数码智能有限公司 Security and confidentiality protection method and system for data transmission
CN111698322A (en) * 2020-06-11 2020-09-22 福州数据技术研究院有限公司 Medical data safety sharing method based on block chain and federal learning
CN112559625A (en) * 2020-12-09 2021-03-26 国网安徽省电力有限公司物资分公司 Power business material information storage system and method based on block chain
CN114024719A (en) * 2021-10-13 2022-02-08 北京八分量信息科技有限公司 Medical information safety management system based on block chain technology
CN114553523A (en) * 2022-02-21 2022-05-27 平安普惠企业管理有限公司 Attack detection method and device based on attack detection model, medium and equipment
CN114567491A (en) * 2022-03-03 2022-05-31 北京雁翎网卫智能科技有限公司 Medical record sharing method and system based on zero trust principle and block chain technology
CN114884678A (en) * 2022-05-11 2022-08-09 深圳嘉业产业发展有限公司 Block chain-based data security management method and system
CN116389012A (en) * 2023-05-29 2023-07-04 国家卫生健康委统计信息中心 Medical health data trusted sharing method based on blockchain

Also Published As

Publication number Publication date
CN116884556A (en) 2023-10-13

Similar Documents

Publication Publication Date Title
CN107276982B (en) A kind of abnormal login detection method and device
US9679125B2 (en) Characterizing user behavior via intelligent identity analytics
WO2023216641A1 (en) Security protection method and system for power terminal
CN107659543B (en) Protection method for APT (android packet) attack of cloud platform
CN104346571B (en) Security breaches management method, system and equipment
CN105763562A (en) Electric power information network vulnerability threat evaluation model establishment method faced to electric power CPS risk evaluation and evaluation system based on the model
JP2018503197A (en) Session security partitioning and application profiler
CN104270372B (en) A kind of network safety situation quantitative estimation method of parameter adaptive
US11736503B2 (en) Detection of anomalous lateral movement in a computer network
CN103476033B (en) A kind of Security Protocol in Wireless Sensor Network verification method based on model testing
CN118337512A (en) Network information intrusion detection early warning system and method based on deep learning
CN103001946A (en) Website security detection method, device and system
CN102970282A (en) Website security detection system
CN102693384A (en) Method and apparatus for safe self adjustment of browsers
CN113947152A (en) Network trust relationship tree generation method based on behavior cognition
CN116884556B (en) A secure sharing platform for medical data based on inline blockchain
WO2017172349A2 (en) Iot and pos anti-malware strategy
CN101527636A (en) Platform recognition and management method suitable to ternary-equally recognizing credible network connecting architecture
CN106789906A (en) Betting data analysis method and device
JP6066877B2 (en) Authentication server, authentication method, and authentication program
CN112969180B (en) Wireless sensor network attack defense method and system in fuzzy environment
CN114363066A (en) Secure access method, device, electronic device and storage medium for terminal equipment
CN115567237A (en) Network security assessment method based on knowledge graph
CN115296830A (en) Network collaborative attack modeling and harm quantitative analysis method based on game theory
Yan et al. [Retracted] Power IoT System Architecture Integrating Trusted Computing and Blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: No. 801-802, Floor 8, Building 2, Smart Valley Park, the Taihu Lake Software Industrial Park, No. 1463, Wuzhong Avenue, Yuexi Street, Suzhou Economic Development Zone, Jiangsu Province, 215000

Applicant after: Suzhou Huiruikang Intelligent Technology Co.,Ltd.

Applicant after: XUZHOU MEDICAL University

Address before: 221000 No. 209 Tongshan Road, Yunlong District, Xuzhou City, Jiangsu Province

Applicant before: XUZHOU MEDICAL University

Applicant before: Suzhou Huiruikang Intelligent Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant