CN117131543A - Mobile phone safety privacy protection system - Google Patents

Mobile phone safety privacy protection system Download PDF

Info

Publication number
CN117131543A
CN117131543A CN202311182117.1A CN202311182117A CN117131543A CN 117131543 A CN117131543 A CN 117131543A CN 202311182117 A CN202311182117 A CN 202311182117A CN 117131543 A CN117131543 A CN 117131543A
Authority
CN
China
Prior art keywords
software
seagull
mobile phone
individual
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311182117.1A
Other languages
Chinese (zh)
Inventor
施超
蔡元彬
姚礼根
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Daocheng Network Technology Co ltd
Original Assignee
Nanjing Daocheng Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Daocheng Network Technology Co ltd filed Critical Nanjing Daocheng Network Technology Co ltd
Priority to CN202311182117.1A priority Critical patent/CN117131543A/en
Publication of CN117131543A publication Critical patent/CN117131543A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/004Artificial life, i.e. computing arrangements simulating life
    • G06N3/006Artificial life, i.e. computing arrangements simulating life based on simulated virtual individual or collective life forms, e.g. social simulations or particle swarm optimisation [PSO]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Biophysics (AREA)
  • Medical Informatics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Biomedical Technology (AREA)
  • Databases & Information Systems (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Molecular Biology (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明涉及信息安全技术领域,尤其为手机安全隐私防护系统,包括:访问认证模块:用于认证用户身份;软件检测模块:用于对用户安装的软件进行安全检测;权限访问模块:用于询问并设置软件的访问权限;隔离运行模块:用于根据设置的访问权限进行软件的隔离运行。本发明通过对访问手机的用户进行身份确认,保证手机处于安全运行环境,同时通过改进海鸥优化算法得出的安全检测算法对软件进行安全检测,保证安装的软件的安全性,降低用户信息的外泄风险,并通过对软件的权限进行询问和隔离运行,进一步保证用户的信息安全。

The invention relates to the technical field of information security, especially a mobile phone security and privacy protection system, which includes: an access authentication module: used to authenticate user identity; a software detection module: used to perform security detection on software installed by the user; and a permission access module: used to query And set the access rights of the software; the isolation operation module: used to run the software in isolation according to the set access rights. The invention ensures that the mobile phone is in a safe operating environment by confirming the identity of the user who accesses the mobile phone. At the same time, it performs security detection on the software through a security detection algorithm obtained by improving the Seagull optimization algorithm, ensuring the security of the installed software and reducing the exposure of user information. Risks of leakage are eliminated, and user information security is further ensured by inquiring about software permissions and running in isolation.

Description

手机安全隐私防护系统Mobile phone security and privacy protection system

技术领域Technical field

本发明涉及信息安全技术领域,尤其是手机安全隐私防护系统。The invention relates to the technical field of information security, in particular to a mobile phone security and privacy protection system.

背景技术Background technique

随着5G技术的推广和智能手机的普及,手机不再仅用于个人消费领域,还不断应用于处理公务领域,如起草商务文件、收发公司邮件等,随着手机安装的应用软件的增多,它的安全问题也不再仅限于个人隐私范畴,还会涉及到保密组织的信息安全问题,对手机上的数据进行安全防护,越来越受到大家的关注;目前手机中建立的信息安全防护系统仍然存在缺陷,软件的识别检测功能亟需进一步完善,避免出现用户下载的软件隐含恶意获取用户隐私信息并泄露的情况,使得用户的安全隐私受到威胁。With the promotion of 5G technology and the popularity of smartphones, mobile phones are no longer only used in the field of personal consumption, but are also constantly used in the field of official business, such as drafting business documents, sending and receiving company emails, etc. With the increase in the number of application software installed on mobile phones, Its security issues are no longer limited to personal privacy, but also involve the information security issues of confidential organizations. The security protection of data on mobile phones has attracted more and more attention; the information security protection system currently established in mobile phones There are still flaws, and the identification and detection function of the software needs to be further improved to avoid the situation where the software downloaded by the user has the hidden malicious intent to obtain the user's private information and leak it, putting the user's security and privacy at risk.

发明内容Contents of the invention

本发明的目的是通过提出手机安全隐私防护系统,以解决上述背景技术中提出的缺陷。The purpose of the present invention is to solve the above-mentioned defects in the background technology by proposing a mobile phone security and privacy protection system.

本发明采用的技术方案如下:The technical solutions adopted by the present invention are as follows:

提供手机安全隐私防护系统,包括:Provide mobile phone security and privacy protection system, including:

访问认证模块:用于认证用户身份;Access authentication module: used to authenticate user identity;

软件检测模块:用于对用户安装的软件进行安全检测;Software detection module: used to perform security detection on software installed by users;

权限访问模块:用于询问并设置软件的访问权限;Permission access module: used to query and set software access permissions;

隔离运行模块:用于根据设置的访问权限进行软件的隔离运行。Isolated running module: used to run the software in isolation according to the set access rights.

作为本发明的一种优选技术方案:还包括数据库,所述数据库基于DES算法对手机数据信息进行加密存储。As a preferred technical solution of the present invention: it also includes a database, which encrypts and stores mobile phone data information based on the DES algorithm.

作为本发明的一种优选技术方案:所述DES算法经过16轮DES加密运算并生成密钥,当手机通过所述访问认证模块认证用户身份后,根据用户许可进行数据的逆向解密处理。As a preferred technical solution of the present invention: the DES algorithm undergoes 16 rounds of DES encryption operations and generates a key. After the mobile phone authenticates the user's identity through the access authentication module, the reverse decryption process of the data is performed according to the user's permission.

作为本发明的一种优选技术方案:所述访问认证模块通过人脸认证、指纹认证或密码认证的方式进行用户身份的确认。As a preferred technical solution of the present invention: the access authentication module confirms the user's identity through face authentication, fingerprint authentication or password authentication.

作为本发明的一种优选技术方案:所述软件检测模块检测软件的权限申请信息和软件的基本信息。As a preferred technical solution of the present invention: the software detection module detects the permission application information of the software and the basic information of the software.

作为本发明的一种优选技术方案:所述软件检测模块基于安全检测算法对软件进行检测。As a preferred technical solution of the present invention: the software detection module detects software based on a security detection algorithm.

作为本发明的一种优选技术方案:所述安全检测算法具体如下:As a preferred technical solution of the present invention: the security detection algorithm is specifically as follows:

对软件信息进行归一化处理,并对归一化处理后的软件信息进行特征提取处理,之后对特征提取处理后的软件信息进行如下的质心划分:Normalize the software information, perform feature extraction on the normalized software information, and then divide the software information after feature extraction into the following centroid divisions:

其中,cj为软件信息的第j个质心,ai为第i个软件特征向量,N为软件特征向量个数,bj(ai)为第i个软件特征向量与第j个质心的关联程度;Among them, c j is the j-th centroid of software information, a i is the i-th software feature vector, N is the number of software feature vectors, b j (a i ) is the relationship between the i-th software feature vector and the j-th centroid degree of association;

其中,d(ai,cj)为软件特征向量与质心的距离,mind(ai,cj)为软件特征向量与质心的最小距离;Among them, d(a i ,c j ) is the distance between the software feature vector and the centroid, mind(a i ,c j ) is the minimum distance between the software feature vector and the centroid;

初始化质心并进行迭代,计算误差率和误差值:Initialize the centroid and iterate, calculating the error rate and error value:

其中,ηl为第l次迭代的误差率,σl-1为第l-1次迭代的误差值,σl为第l次迭代的误差值,σ为误差值;Among them, η l is the error rate of the l-th iteration, σ l-1 is the error value of the l-1 iteration, σ l is the error value of the l-th iteration, and σ is the error value;

基于改进海鸥优化算法寻优获取误差门限Δ,当误差率不大于设置的误差门限时,返回继续迭代,直至误差率大于设置的误差门限时,终止算法。The error threshold Δ is obtained based on the improved seagull optimization algorithm. When the error rate is not greater than the set error threshold, the algorithm returns to continue iteration until the error rate is greater than the set error threshold.

作为本发明的一种优选技术方案:所述改进海鸥优化算法具体如下:As a preferred technical solution of the present invention: the improved seagull optimization algorithm is specifically as follows:

yI=δ×YI(τ)y I =δ×Y I (τ)

其中,yI为第I只海鸥个体完成避免碰撞后的位置,δ为表示海鸥个体在搜索空间中的运动行为的附加变量,YI(τ)为第τ次迭代第I只海鸥个体的位置,r1为从2线性递减至0的随机数,T为最大迭代次数;Among them, y I is the position of the I seagull individual after completing the collision avoidance, δ is an additional variable representing the movement behavior of the seagull individual in the search space, Y I (τ) is the position of the I seagull individual in the τ iteration , r 1 is a random number that linearly decreases from 2 to 0, and T is the maximum number of iterations;

bI=B×(Yb(τ)-YI(τ))b I =B×(Y b (τ)-Y I (τ))

B=2×δ2×r2 B=2×δ 2 ×r 2

其中,Yb(τ)是第τ次迭代的最优海鸥个体,B为用于平衡算法的全局搜索和局部开发,bI为最优海鸥个体所在的方向,r2为[0,1]之间的随机数;Among them, Y b (τ) is the optimal seagull individual in the τ iteration, B is the global search and local development used for the balancing algorithm, b I is the direction of the optimal seagull individual, and r 2 is [0,1] random number between;

海鸥根据最优海鸥个体的位置信息更新位置:The seagull updates its location based on the location information of the optimal seagull individual:

ZI=yI+bI ZI = yI + bI

其中,ZI为海鸥个体与最优海鸥个体之间的距离;Among them, Z I is the distance between the seagull individual and the optimal seagull individual;

海鸥个体在攻击行为中以螺旋的飞行轨迹攻击捕食猎物,在x、y、z平面上,攻击行为为:Seagull individuals attack prey in a spiral flight trajectory during their attack behavior. On the x, y, and z planes, the attack behavior is:

x=r×cos qx =r×cos q

y=r×sinqy =r×sinq

z=r×qz =r×q

r=ε×a×eqb r=ε×a× eqb

其中,r为海鸥个体螺旋飞行轨迹每一圈的半径,q为[0,2π]之间的一个随机数,a、b为用于定义螺旋飞行轨迹形状的常数,ε为动态收敛因子,r3为[0,1]之间的随机数,YI(τ+1)为第τ+1次迭代第I只海鸥个体的更新位置,ρ为海鸥攻击方式区分阈值,x、y和z为海鸥个体在x、y、z平面上进行攻击行为后更新的位置。Among them, r is the radius of each circle of the individual seagull's spiral flight trajectory, q is a random number between [0, 2π], a and b are constants used to define the shape of the spiral flight trajectory, ε is the dynamic convergence factor, r 3 is a random number between [0,1], Y I (τ+1) is the updated position of the I-th seagull individual in the τ+1 iteration, ρ is the seagull attack mode distinction threshold, x , y and z is the position updated after the individual seagull performs aggressive behavior on the x, y, and z planes.

作为本发明的一种优选技术方案:所述权限访问模块根据所述软件检测模块的权限申请和信息检测结果,设置权限问题并询问用户,根据用户选择结果设置权限。As a preferred technical solution of the present invention: the permission access module sets permission questions and asks the user based on the permission application and information detection results of the software detection module, and sets permissions according to the user's selection results.

作为本发明的一种优选技术方案:所述软件检测模块基于所述隔离运行模块的设置结果进行软件的隔离运行,并对软件的异常运行行为进行告警和软件停止运行处理。As a preferred technical solution of the present invention: the software detection module performs isolated operation of the software based on the setting result of the isolated operation module, and performs alarm and software stop operation processing for abnormal operation behavior of the software.

本发明提供的手机安全隐私防护系统,与现有技术相比,其有益效果有:Compared with the existing technology, the mobile phone security and privacy protection system provided by the present invention has the following beneficial effects:

本发明通过对访问手机的用户进行身份确认,保证手机处于安全运行环境,同时通过改进海鸥优化算法得出的安全检测算法对软件进行安全检测,保证安装的软件的安全性,降低用户信息的外泄风险,并通过对软件的权限进行询问和隔离运行,进一步保证用户的信息安全。The present invention ensures that the mobile phone is in a safe operating environment by confirming the identity of the user who accesses the mobile phone. At the same time, it performs security detection on the software through a security detection algorithm obtained by improving the Seagull optimization algorithm, ensuring the security of the installed software and reducing the exposure of user information. Risks of leakage are eliminated, and user information security is further ensured by inquiring about software permissions and running in isolation.

附图说明Description of the drawings

图1为本发明的系统模块化结构图;Figure 1 is a modular structure diagram of the system of the present invention;

图中各个标记的意义为:100、访问认证模块;200、软件检测模块;300、权限设置模块;400、隔离运行模块;500、数据库。The meaning of each mark in the figure is: 100. Access authentication module; 200. Software detection module; 300. Permission setting module; 400. Isolated operation module; 500. Database.

具体实施方式Detailed ways

需要说明的是,在不冲突的情况下,本实施例中的实施例及实施例中的特征可以相互组合,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。It should be noted that, without conflict, the embodiments and features in the embodiments can be combined with each other. The technical solutions in the embodiments of the present invention will be described below in conjunction with the drawings in the embodiments of the present invention. Clearly and completely described, it is obvious that the described embodiments are only some, not all, of the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the scope of protection of the present invention.

参照图1,本发明优选实施例提供了手机安全隐私防护系统,包括:Referring to Figure 1, a preferred embodiment of the present invention provides a mobile phone security and privacy protection system, including:

访问认证模块100:用于认证用户身份;Access authentication module 100: used to authenticate user identity;

软件检测模块200:用于对用户安装的软件进行安全检测;Software detection module 200: used to perform security detection on software installed by users;

权限访问模块300:用于询问并设置软件的访问权限;Permission access module 300: used to query and set software access permissions;

隔离运行模块400:用于根据设置的访问权限进行软件的隔离运行。Isolated operation module 400: used to perform isolated operation of software according to the set access rights.

还包括数据库500,所述数据库500基于DES算法对手机数据信息进行加密存储。It also includes a database 500, which encrypts and stores mobile phone data information based on the DES algorithm.

所述DES算法经过16轮DES加密运算并生成密钥,当手机通过所述访问认证模块100认证用户身份后,根据用户许可进行数据的逆向解密处理。The DES algorithm undergoes 16 rounds of DES encryption operations and generates a key. After the mobile phone authenticates the user's identity through the access authentication module 100, the data is reversely decrypted according to the user's permission.

所述访问认证模块100通过人脸认证、指纹认证或密码认证的方式进行用户身份的确认。The access authentication module 100 confirms the user's identity through face authentication, fingerprint authentication or password authentication.

所述软件检测模块200检测软件的权限申请信息、软件的基本信息。The software detection module 200 detects the permission application information of the software and the basic information of the software.

所述软件检测模块200基于安全检测算法对软件进行检测。The software detection module 200 detects software based on a security detection algorithm.

所述安全检测算法具体如下:The security detection algorithm is specifically as follows:

对软件信息进行归一化处理,并对归一化处理后的软件信息进行特征提取处理,之后对特征提取处理后的软件信息进行如下的质心划分:Normalize the software information, perform feature extraction on the normalized software information, and then divide the software information after feature extraction into the following centroid divisions:

其中,cj为软件信息的第j个质心,ai为第i个软件特征向量,N为软件特征向量个数,bj(ai)为第i个软件特征向量与第j个质心的关联程度;Among them, c j is the j-th centroid of software information, a i is the i-th software feature vector, N is the number of software feature vectors, b j (a i ) is the relationship between the i-th software feature vector and the j-th centroid degree of association;

其中,d(ai,cj)为软件特征向量与质心的距离,mind(ai,cj)为软件特征向量与质心的最小距离;Among them, d(a i ,c j ) is the distance between the software feature vector and the centroid, mind(a i ,c j ) is the minimum distance between the software feature vector and the centroid;

初始化质心并进行迭代,计算误差率和误差值:Initialize the centroid and iterate, calculating the error rate and error value:

其中,ηl为第l次迭代的误差率,σl-1为第l-1次迭代的误差值,σl为第l次迭代的误差值,σ为误差值;Among them, η l is the error rate of the l-th iteration, σ l-1 is the error value of the l-1 iteration, σ l is the error value of the l-th iteration, and σ is the error value;

基于改进海鸥优化算法寻优获取误差门限θ,当误差率不大于设置的误差门限时,返回继续迭代,直至误差率大于设置的误差门限时,终止算法。Based on the improved seagull optimization algorithm, the error threshold θ is obtained through optimization. When the error rate is not greater than the set error threshold, the algorithm returns to continue iteration until the error rate is greater than the set error threshold, and the algorithm is terminated.

所述改进海鸥优化算法具体如下:The details of the improved Seagull optimization algorithm are as follows:

yI=δ×YI(τ)y I =δ×Y I (τ)

其中,yI为第I只海鸥个体完成避免碰撞后的位置,δ为表示海鸥个体在搜索空间中的运动行为的附加变量,YI(τ)为第τ次迭代第I只海鸥个体的位置,r1为从2线性递减至0的随机数,T为最大迭代次数;Among them, y I is the position of the I seagull individual after completing the collision avoidance, δ is an additional variable representing the movement behavior of the seagull individual in the search space, Y I (τ) is the position of the I seagull individual in the τ iteration , r 1 is a random number that linearly decreases from 2 to 0, and T is the maximum number of iterations;

bI=B×(Yb(τ)-YI(τ))b I =B×(Y b (τ)-Y I (τ))

B=2×δ2×r2 B=2×δ 2 ×r 2

其中,Yb(τ)是第τ次迭代的最优海鸥个体,B为用于平衡算法的全局搜索和局部开发,bI为最优海鸥个体所在的方向,r2为[0,1]之间的随机数;Among them, Y b (τ) is the optimal seagull individual in the τ iteration, B is the global search and local development used for the balancing algorithm, b I is the direction of the optimal seagull individual, and r 2 is [0,1] random number between;

海鸥根据最优海鸥个体的位置信息更新位置:The seagull updates its location based on the location information of the optimal seagull individual:

ZI=yI+bI ZI = yI + bI

其中,ZI为海鸥个体与最优海鸥个体之间的距离;Among them, Z I is the distance between the seagull individual and the optimal seagull individual;

海鸥个体在攻击行为中以螺旋的飞行轨迹攻击捕食猎物,在x、y、z平面上,攻击行为为:Seagull individuals attack prey in a spiral flight trajectory during their attack behavior. On the x, y, and z planes, the attack behavior is:

x=r×cos qx =r×cos q

y=r×sinqy =r×sinq

z=r×qz =r×q

r=ε×a×eqb r=ε×a× eqb

其中,r为海鸥个体螺旋飞行轨迹每一圈的半径,q为[0,2π]之间的一个随机数,a、b为用于定义螺旋飞行轨迹形状的常数,ε为动态收敛因子,r3为[0,1]之间的随机数,YI(τ+1)为第τ+1次迭代第I只海鸥个体的更新位置,ρ为海鸥攻击方式区分阈值,x、y和z为海鸥个体在x、y、z平面上进行攻击行为后更新的位置。Among them, r is the radius of each circle of the individual seagull's spiral flight trajectory, q is a random number between [0, 2π], a and b are constants used to define the shape of the spiral flight trajectory, ε is the dynamic convergence factor, r 3 is a random number between [0,1], Y I (τ+1) is the updated position of the I-th seagull individual in the τ+1 iteration, ρ is the seagull attack mode discrimination threshold, x , y and z is the position updated after the individual seagull performs aggressive behavior on the x, y, and z planes.

所述权限访问模块300根据所述软件检测模块200的权限申请和信息检测结果,设置权限问题并询问用户,根据用户选择结果设置权限。The permission access module 300 sets permission questions and asks the user based on the permission application and information detection results of the software detection module 200, and sets permissions according to the user's selection results.

所述软件检测模块400基于所述隔离运行模块300的设置结果进行软件的隔离运行,并对软件的异常运行行为进行告警和软件停止运行处理。The software detection module 400 performs isolation operation of the software based on the setting result of the isolation operation module 300, and performs alarm and software stop operation processing for abnormal operation behavior of the software.

本实施例中,数据库500采集用户手机数据信息,并基于DES算法进行用户手机数据信息的加密处理。DES算法中,首先,需要生成一个56位的密钥;通常情况下,使用密码学安全的伪随机数生成器生成密钥,再使用密钥生成算法将56位的密钥扩展为16个48位的子密钥;每个子密钥用于对应的轮函数;将待加密的数据按照64位一组进行分组,如果数据长度不是64位的倍数,使用填充方式将其补齐;对每个64位数据块进行初始置换IP,将其顺序打乱,增加加密的随机性;最后对每个64位数据块进行16轮迭代加密。DES算法的优点是加密速度快、安全性较高。在手机数据信息的加密过程中能够结合不同的场景选择相应的加密数据结构,对保密重点及难点内容进行分析,选取合理、科学的算法类型。In this embodiment, the database 500 collects the user's mobile phone data information, and performs encryption processing of the user's mobile phone data information based on the DES algorithm. In the DES algorithm, first, a 56-bit key needs to be generated; usually, a cryptographically secure pseudo-random number generator is used to generate the key, and then a key generation algorithm is used to extend the 56-bit key to 16 48 bit subkey; each subkey is used for the corresponding round function; the data to be encrypted is grouped into groups of 64 bits. If the data length is not a multiple of 64 bits, padding is used to complete it; for each The 64-bit data blocks are initially replaced by IP to disrupt their order to increase the randomness of encryption; finally, each 64-bit data block is encrypted for 16 rounds of iterations. The advantages of the DES algorithm are fast encryption speed and high security. In the encryption process of mobile phone data information, the corresponding encryption data structure can be selected based on different scenarios, the key points and difficulties of confidentiality can be analyzed, and a reasonable and scientific algorithm type can be selected.

访问认证模块100通过人脸认证、指纹认证或密码认证的方式进行用户身份的确认,确认操作人为用户本人,保证手机的安全运行。The access authentication module 100 confirms the user's identity through face authentication, fingerprint authentication or password authentication, confirms that the operator is the user himself, and ensures the safe operation of the mobile phone.

软件检测模块200对软件的对软件的权限申请信息、版本信息、软件名称信息等进行基本检测,并通过安全检测算法进行恶意软件检测,确认软件是否存在信息外泄的风险:The software detection module 200 performs basic detection on the software's permission application information, version information, software name information, etc., and performs malware detection through a security detection algorithm to confirm whether the software has the risk of information leakage:

首先对软件信息进行归一化处理,使软件信息规格化,平衡软件息对距离的影响,有利于反映软件信息真实的相异度。First, the software information is normalized to standardize the software information, balance the impact of the software information on the distance, and help reflect the true degree of dissimilarity of the software information.

再计算软件信息特征的质心,将软件信息划分为多个数据类,并通过寻优获取的误差阈值进行数据的迭代划分,Then calculate the centroid of the software information features, divide the software information into multiple data categories, and perform iterative division of the data through the error threshold obtained through optimization.

并对归一化处理后的软件信息进行特征提取处理,对特征提取处理后的软件信息进行如下的质心划分:And perform feature extraction processing on the normalized software information, and divide the software information after feature extraction processing into the following centroid divisions:

其中,cj为软件信息的第j个质心,ai为第i个软件特征向量,N为软件特征向量个数,bj(ai)为第i个软件特征向量与第j个质心的关联程度;Among them, c j is the j-th centroid of software information, a i is the i-th software feature vector, N is the number of software feature vectors, b j (a i ) is the relationship between the i-th software feature vector and the j-th centroid degree of association;

其中,d(ai,cj)为软件特征向量与质心的距离,mind(ai,cj)为软件特征向量与质心的最小距离;Among them, d(a i ,c j ) is the distance between the software feature vector and the centroid, mind(a i ,c j ) is the minimum distance between the software feature vector and the centroid;

初始化质心并进行迭代,计算误差率和误差值:Initialize the centroid and iterate, calculating the error rate and error value:

其中,ηl为第l次迭代的误差率,σl-1为第l-1次迭代的误差值,σl为第l次迭代的误差值,σ为误差值;Among them, η l is the error rate of the l-th iteration, σ l-1 is the error value of the l-1 iteration, σ l is the error value of the l-th iteration, and σ is the error value;

基于改进的海鸥优化算法进行误差门限θ的寻优:Based on the improved seagull optimization algorithm, the error threshold θ is optimized:

yI=δ×YI(τ)y I =δ×Y I (τ)

其中,yI为第I只海鸥个体完成避免碰撞后的位置,δ为表示海鸥个体在搜索空间中的运动行为的附加变量,YI(τ)为第τ次迭代第I只海鸥个体的位置,r1为从2线性递减至0的随机数,T为最大迭代次数;Among them, y I is the position of the I seagull individual after completing the collision avoidance, δ is an additional variable representing the movement behavior of the seagull individual in the search space, Y I (τ) is the position of the I seagull individual in the τ iteration , r 1 is a random number that linearly decreases from 2 to 0, and T is the maximum number of iterations;

bI=B×(Yb(τ)-YI(τ))b I =B×(Y b (τ)-Y I (τ))

B=2×δ2×r2 B=2×δ 2 ×r 2

其中,Yb(τ)是第τ次迭代的最优海鸥个体,B为用于平衡算法的全局搜索和局部开发,bI为最优海鸥个体所在的方向,r2为[0,1]之间的随机数;Among them, Y b (τ) is the optimal seagull individual in the τ iteration, B is the global search and local development used for the balancing algorithm, b I is the direction of the optimal seagull individual, and r 2 is [0,1] random number between;

海鸥根据最优海鸥个体的位置信息更新位置:The seagull updates its location based on the location information of the optimal seagull individual:

ZI=yI+bI ZI = yI + bI

其中,ZI为海鸥个体与最优海鸥个体之间的距离;Among them, Z I is the distance between the seagull individual and the optimal seagull individual;

海鸥个体在攻击行为中以螺旋的飞行轨迹攻击捕食猎物,在x、y、z平面上,攻击行为为:Seagull individuals attack prey in a spiral flight trajectory during their attack behavior. On the x, y, and z planes, the attack behavior is:

x=r×cos qx =r×cos q

y=r×sinqy =r×sinq

z=r×qz =r×q

r=ε×a×eqb r=ε×a× eqb

其中,r为海鸥个体螺旋飞行轨迹每一圈的半径,q为[0,2π]之间的一个随机数,a、b为用于定义螺旋飞行轨迹形状的常数,ε为动态收敛因子,r3为[0,1]之间的随机数,YI(τ+1)为第τ+1次迭代第I只海鸥个体的更新位置,ρ为海鸥攻击方式区分阈值,x、y和z为海鸥个体在x、y、z平面上进行攻击行为后更新的位置。Among them, r is the radius of each circle of the individual seagull's spiral flight trajectory, q is a random number between [0, 2π], a and b are constants used to define the shape of the spiral flight trajectory, ε is the dynamic convergence factor, r 3 is a random number between [0,1], Y I (τ+1) is the updated position of the I-th seagull individual in the τ+1 iteration, ρ is the seagull attack mode discrimination threshold, x , y and z is the position updated after the individual seagull performs aggressive behavior on the x, y, and z planes.

海鸥优化算法在攻击时存在攻击方向单一性的问题,基于改进的攻击方式可以增强海鸥优化算法在进行螺旋攻击时的方向多样性,减小局部搜索过程中可能存在的攻击盲区。The Seagull optimization algorithm has the problem of single attack direction when attacking. The improved attack method can enhance the direction diversity of the Seagull optimization algorithm when performing spiral attacks and reduce the possible attack blind spots during the local search process.

根据寻优获取的误差门限θ进行判断,当误差率不大于设置的误差门限时,返回继续迭代直至误差率大于设置的误差门限时,终止算法。Judgment is made based on the error threshold θ obtained through optimization. When the error rate is not greater than the set error threshold, the algorithm returns and continues to iterate until the error rate is greater than the set error threshold, and the algorithm is terminated.

根据迭代划分结果进行软件异常信息的判定,对于判定为异常数据的情况,判定软件为恶意软件,向用户发出异常告警。The software abnormality information is determined based on the iterative division results. For cases where abnormal data is determined, the software is determined to be malware and an abnormality alarm is issued to the user.

对于被划分为正常的软件,权限设置模块300根据检测的权限申请信息向用户询问是否给予相应的权限,隔离运行模块400根据用户的选择结果进行软件的隔离运行,防止软件在运行过程中出现手机数据信息窃取的行为,对于检测到的异常行为进行告警和停止运行的处理。For software that is classified as normal, the permission setting module 300 asks the user whether to grant corresponding permissions based on the detected permission application information. The isolation operation module 400 performs isolation operation of the software based on the user's selection results to prevent the mobile phone from appearing during the operation of the software. For the behavior of data information theft, alarms and stop operations will be processed for detected abnormal behaviors.

对于本领域技术人员而言,显然本发明不限于上述示范性实施例的细节,而且在不背离本发明的精神或基本特征的情况下,能够以其他的具体形式实现本发明。因此,无论从哪一点来看,均应将实施例看作是示范性的,而且是非限制性的,本发明的范围由所附权利要求而不是上述说明限定,因此旨在将落在权利要求的等同要件的含义和范围内的所有变化囊括在本发明内。不应将权利要求中的任何附图标记视为限制所涉及的权利要求。It is obvious to those skilled in the art that the present invention is not limited to the details of the above-described exemplary embodiments, and that the present invention can be implemented in other specific forms without departing from the spirit or essential characteristics of the present invention. Therefore, the embodiments should be regarded as illustrative and non-restrictive from any point of view, and the scope of the present invention is defined by the appended claims rather than the above description, and it is therefore intended that all claims falling within the claims All changes within the meaning and scope of equivalent elements are included in the present invention. Any reference signs in the claims shall not be construed as limiting the claim in question.

此外,应当理解,虽然本说明书按照实施方式加以描述,但并非每个实施方式仅包含一个独立的技术方案,说明书的这种叙述方式仅仅是为清楚起见,本领域技术人员应当将说明书作为一个整体,各实施例中的技术方案也可以经适当组合,形成本领域技术人员可以理解的其他实施方式。In addition, it should be understood that although this specification is described in terms of implementations, not each implementation only contains an independent technical solution. This description of the specification is only for the sake of clarity, and those skilled in the art should take the specification as a whole. , the technical solutions in each embodiment can also be appropriately combined to form other implementations that can be understood by those skilled in the art.

Claims (10)

1. The mobile phone safety privacy protection system is characterized in that: comprising the following steps:
access authentication module (100): for authenticating the identity of the user;
software detection module (200): the security detection device is used for carrying out security detection on software installed by a user;
rights access module (300): for querying and setting access rights of the software;
isolation run module (400): and the software isolation operation is performed according to the set access authority.
2. The mobile phone security privacy protection system of claim 1, wherein: the mobile phone data encryption method further comprises a database (500), and the database (500) stores mobile phone data information in an encryption mode based on a DES algorithm.
3. The mobile phone security privacy protection system of claim 2, wherein: the DES algorithm generates a secret key through 16 rounds of DES encryption operation, and after the mobile phone authenticates the user identity through the access authentication module (100), the reverse decryption processing of the data is performed according to the user permission.
4. The mobile phone security privacy protection system of claim 1, wherein: the access authentication module (100) confirms the identity of the user through a mode of face authentication, fingerprint authentication or password authentication.
5. The mobile phone security privacy protection system of claim 1, wherein: the software detection module (200) detects authority application information of the software and basic information of the software.
6. The mobile phone security privacy protection system of claim 5, wherein: the software detection module (200) detects software based on a security detection algorithm.
7. The mobile phone security privacy protection system of claim 6, wherein: the security detection algorithm is specifically as follows:
normalizing the software information, performing feature extraction processing on the software information after the normalization processing, and performing centroid division on the software information after the feature extraction processing as follows:
wherein c j Is the j-th centroid of software information, a i For the ith software feature vector, N is the number of the software feature vectors, b j (a i ) The degree of association of the ith software feature vector and the jth centroid;
wherein d (a) i ,c j ) For the distance of the software feature vector from the centroid, mini (a i ,c j ) The minimum distance between the software feature vector and the centroid;
initializing the centroid and iterating, and calculating error rate and error value:
wherein eta l Error rate, σ, for the first iteration l-1 For the error value, σ, of iteration 1-1 l The error value of the first iteration is shown as sigma, and the error value of the first iteration is shown as sigma;
and optimizing and acquiring an error threshold theta based on the improved seagull optimization algorithm, returning to continue iteration when the error rate is not greater than the set error threshold until the error rate is greater than the set error threshold, and terminating the algorithm.
8. The mobile phone security privacy protection system of claim 7, wherein: the improved seagull optimization algorithm is specifically as follows:
y I =δ×Y I (τ)
wherein y is I The position after collision avoidance is completed for the I-th seagull individual, delta is an additional variable representing the motion behavior of the seagull individual in the search space, Y I (τ) is the position of the individual seagull of the τ iteration, r 1 For a random number linearly decreasing from 2 to 0, T is the maximum number of iterations;
b I =B×(Y b (τ)-Y I (τ))
B=2×δ 2 ×r 2
wherein Y is b (τ) is the optimal individual seagull for the τ -th iteration, B is the global search and local development for the balancing algorithm, B I Is the direction of the optimal seagull individual, r 2 Is [0,1]Random numbers in between;
the seagull updates the position according to the position information of the optimal seagull individual:
Z I =y I +b I
wherein Z is I Is the distance between the individual seagulls and the optimal individual seagulls;
the seagull individuals attack prey objects in a spiral flight track in the attack behaviors, and the attack behaviors are as follows in the x, y and z planes:
x′=r×cos q
y′=r×sin q
z′=r×q
r=ε×a×e qb
wherein r is the radius of each circle of the individual helical flight track of the seagull, and q is [0,2 pi ]]A random number, a and b are constants for defining the shape of the spiral flight path, epsilon is a dynamic convergence factor, and r 3 Is [0,1]Random number, Y between I (tau+1) is the updated position of the I-th seagull individual in the tau+1 iteration, ρ is the threshold value of the seagull attack mode, and x ', y ' and z ' are the updated positions of the seagull individual after the attack on the x, y and z planes.
9. The mobile phone security privacy protection system of claim 8, wherein: the authority access module (300) sets an authority problem according to the authority application information and the detection result of the software detection module (200), inquires the user, and sets the authority according to the user selection result.
10. The mobile phone security privacy protection system of claim 9, wherein: the software detection module (400) performs isolated operation of the software based on the setting result of the isolated operation module (300), and alarms abnormal operation behaviors of the software and software stopping operation processing.
CN202311182117.1A 2023-09-13 2023-09-13 Mobile phone safety privacy protection system Pending CN117131543A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311182117.1A CN117131543A (en) 2023-09-13 2023-09-13 Mobile phone safety privacy protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311182117.1A CN117131543A (en) 2023-09-13 2023-09-13 Mobile phone safety privacy protection system

Publications (1)

Publication Number Publication Date
CN117131543A true CN117131543A (en) 2023-11-28

Family

ID=88859959

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311182117.1A Pending CN117131543A (en) 2023-09-13 2023-09-13 Mobile phone safety privacy protection system

Country Status (1)

Country Link
CN (1) CN117131543A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115499844A (en) * 2022-09-22 2022-12-20 贵州电网有限责任公司 Mobile terminal information safety protection system and method
CN115808880A (en) * 2022-12-21 2023-03-17 南通大学 A Parameter Tuning Method of PI Controller Based on Seagull Optimization Algorithm

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115499844A (en) * 2022-09-22 2022-12-20 贵州电网有限责任公司 Mobile terminal information safety protection system and method
CN115808880A (en) * 2022-12-21 2023-03-17 南通大学 A Parameter Tuning Method of PI Controller Based on Seagull Optimization Algorithm

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
潘夏福;: "基于kNN算法和K-means算法的Android恶意软件检测", 电脑知识与技术, no. 14, pages 1 - 3 *

Similar Documents

Publication Publication Date Title
CN111431707B (en) Service data information processing method, device, equipment and readable storage medium
Lee et al. Reverse‐safe authentication protocol for secure USB memories
CN102236607B (en) Data security protection method and data security protection device
US20170272427A1 (en) Object management for external off-host authentication processing systems
Acharya et al. Host platform security and mobile agent classification: A systematic study
CN118677596A (en) Block chain multi-factor identity verification method based on federal deep learning
KR101468192B1 (en) Secure User Authentication Scheme Based on Facial Recognition for Smartwork Environment
Said et al. A multi-factor authentication-based framework for identity management in cloud applications
Debas et al. Biometric in cyber security: A mini review
Chien The study of RFID authentication protocols and security of some popular RFID tags
Jain et al. A literature review on machine learning for cyber security issues
CN117131543A (en) Mobile phone safety privacy protection system
WO2017153990A1 (en) System and method for device authentication using hardware and software identifiers
Shi et al. The Lightweight RFID Grouping‐Proof Protocols with Identity Authentication and Forward Security
Kamal et al. Secure mobile id architecture on android devices based on trust zone
US20180218357A1 (en) Export high value material based on ring 1 evidence of ownership
Kim et al. Secure IoT Device Authentication Scheme using Key Hiding Technology
Brintha et al. Securing banking credentials from SQL injection attacks using AES algorithm
Thakur et al. Malicious User Detection using Honeywords
Jyothi et al. Challenges and Artificial Intelligence–Centered Defensive Strategies for Authentication in Online Banking
Zhou et al. Data exfiltration via multipurpose RFID cards and countermeasures
SHIN et al. A study of cancelable biometrics in the security improvement of biometric authentication system using fault tree analysis
Ehsan et al. Securing Smart Contracts in Fog Computing: Machine Learning-Based Attack Detection for Registration and Resource Access Granting
JP7632477B2 (en) Recovery verification system, collation system, recovery verification method and program
Assylbek Analysis of cloud authentication systems for biometric data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20231128

RJ01 Rejection of invention patent application after publication