CN117395078B - Network security protection method and system based on big data - Google Patents
Network security protection method and system based on big data Download PDFInfo
- Publication number
- CN117395078B CN117395078B CN202311657078.6A CN202311657078A CN117395078B CN 117395078 B CN117395078 B CN 117395078B CN 202311657078 A CN202311657078 A CN 202311657078A CN 117395078 B CN117395078 B CN 117395078B
- Authority
- CN
- China
- Prior art keywords
- data
- transmission
- slice data
- transmission slice
- representing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 230000005540 biological transmission Effects 0.000 claims abstract description 285
- 239000011159 matrix material Substances 0.000 claims description 74
- 238000004422 calculation algorithm Methods 0.000 claims description 37
- 125000004122 cyclic group Chemical group 0.000 claims description 25
- 231100000817 safety factor Toxicity 0.000 claims description 15
- 230000008569 process Effects 0.000 claims description 14
- 238000012163 sequencing technique Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 6
- 230000001174 ascending effect Effects 0.000 claims description 4
- 238000005192 partition Methods 0.000 claims description 2
- 241001522296 Erithacus rubecula Species 0.000 claims 2
- 238000005516 engineering process Methods 0.000 description 6
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000009792 diffusion process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Algebra (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data encryption, and provides a network security protection method and system based on big data. The invention aims to improve the safety and reliability of network data transmission and realize network safety protection based on big data.
Description
Technical Field
The invention relates to the technical field of data encryption, in particular to a network security protection method and system based on big data.
Background
With the popularity of the internet and the increasing degree of informatization, large amounts of sensitive information, such as personal privacy data, business secrets, etc., are transmitted and stored in computer networks. And such information is often faced with threats from hackers, malware, and other network attacks. Network security protection is becoming increasingly important in today's information society, and in particular, with rapid advances in information technology and network technology, data encryption is becoming increasingly critical as an important part of network security. Data encryption refers to the process of converting plaintext data into ciphertext data using cryptographic techniques such that an unauthorized person cannot read or understand the encrypted data. Data encryption is divided into two types, one is symmetric encryption and the other is asymmetric encryption. The asymmetric encryption is more suitable for the condition that the plaintext data is shorter, and the symmetric encryption is suitable for the storage and transmission of large data. Symmetric encryption uses the same key for encryption and decryption. This encryption method requires that the sender and the receiver share a key before communicating and that the key must be kept secret. The sender encrypts the message using this key and the receiver decrypts the message using the same key.
AES encryption algorithms, while more secure than DES encryption algorithms that have been hacked, are not random enough and secure due to the lack of sufficient security of the random numbers used in the AES algorithm initial key generation process. This easily results in a certain risk of encrypted ciphertext data. The generation of the initial key can be performed through high confusion of the transmission data, and the initial key has high randomness and can improve the security of the initial key.
Disclosure of Invention
In order to solve the technical problems, the invention aims to provide a network security protection method and system based on big data, and the adopted technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a network security protection method based on big data, where the method includes the following steps:
collecting transmission data of a computer;
all the acquired transmission data are segmented to obtain transmission slice data and data words; obtaining the internal replay risk of each transmission slice data according to the internal similarity of the transmission slice data; obtaining relative risk factors among the transmission slice data according to the intrinsic replay risk amount of each transmission slice data and the similarity among the transmission slice data; obtaining a relative risk coefficient between the transmission slice data according to the relative risk factor between the transmission slice data;
obtaining local dangerous quantity of each transmission slice data according to the relative risk coefficient among the transmission slice data; obtaining the safety factor of each data word in each transmission slice data according to the similarity among the data words in the transmission slice data; combining the safety factors of the data words and the local dangerous quantity of the transmission slice data to obtain a left original key matrix, a right original key matrix, a left cyclic matrix and a right cyclic matrix of the transmission data;
obtaining an initial key matrix of the transmission data according to the left original key matrix, the right original key matrix, the left cyclic matrix and the right cyclic matrix of the transmission data; and replacing the initial key matrix of the AES-128 algorithm with the initial key matrix of the transmission data, and encrypting the transmission data by using the AES-128 algorithm and the ECC algorithm to finish network security protection based on big data.
Preferably, the slicing all the collected transmission data to obtain each transmission slice data and each data word includes:
all the acquired transmission data are segmented according to the size of 128 bits, each segmented data segment is used as each transmission slice data, and for each transmission slice data, continuous 8-bit data are used as one data word.
Preferably, the obtaining the intrinsic replay risk of each transmission slice data according to the internal similarity of the transmission slice data includes:
counting the occurrence frequency of each transmission slice data in the whole transmission data and the number of data words divided by each transmission slice data, and calculating the Levenshtein editing distance between each data word and the rest other data words in the transmission slice data, wherein the expression of the inherent replay dangerous quantity of each transmission slice data is as follows:
in the method, in the process of the invention,representing an intrinsic replay risk of the ith transmission slice data; />Representing the frequency of occurrence of the ith transmission slice data in the transmission data; />Represent the firsti number of transmission slice data dividing data words; />Represents the x-th data word in the ith transmission slice data,>representing the y-th data word in the ith transmission slice data; />Representing data words +.>The Levenshtein edit distance between.
Preferably, the obtaining the relative risk factor between the transmission slice data according to the intrinsic replay risk of each transmission slice data and the similarity between the transmission slice data includes:
the method comprises the steps of carrying out descending order sequencing on all transmission slice data according to the occurrence frequency of all the transmission slice data in the whole transmission data, taking the sequence number of each transmission slice data as the ranking of each transmission slice data in the transmission data, wherein the expression of the relative risk factor among the transmission slice data is as follows:
in the method, in the process of the invention,representing a relative risk factor between the ith transmission slice data and the jth transmission slice data;representing an intrinsic replay risk of the ith transmission slice data; />Representing the number of different transmission slice data; />Representing a ranking of the ith transmission slice data in the transmission data; />Indicate->Intrinsic replay risk of the individual transmitted slice data; />Indicate->Ranking of the transmission slice data in the transmission data.
Preferably, the obtaining the relative risk coefficient between the transmission slice data according to the relative risk factor between the transmission slice data includes:
for each transmission slice data, calculating the length of the longest common substring between the transmission slice data and the rest other transmission slice data by using an LCS algorithm, calculating the sum value of the DTW distance and 1 between the transmission slice data and the rest other transmission slice data, calculating the ratio of the length to the sum value, and taking the product of the ratio and the relative risk factor between the transmission slice data as the relative risk factor between the transmission slice data.
Preferably, the obtaining the local risk of each transmission slice data according to the relative risk coefficient between the transmission slice data includes:
and for each transmission slice data, carrying out ascending order sequencing on all relative risk coefficients with other transmission slice data, counting corresponding serial numbers of the transmission slice data according to the sequenced relative risk coefficients, and taking the sum of all the serial numbers as the local risk of each transmission slice data.
Preferably, the obtaining the security factor of each data word in each transmission slice data according to the similarity between data words in the transmission slice data includes:
calculating exclusive-or values of all data words in all transmission slice data and the rest other data words, counting the number of 0 elements in all exclusive-or values, calculating the sum value of the number of 0 elements in all exclusive-or values, marking the sum value as a first sum value, counting the occurrence times of all data words in the transmission slice data in the whole transmission data, calculating the sum value of the times and 1, marking the sum value as a second sum value, and taking the ratio of the first sum value to the second sum value as a safety factor of all data words.
Preferably, the combining the security factor of each data word and the local dangerous amount of each transmission slice data to obtain a left original key matrix, a right original key matrix, a left cyclic matrix and a right cyclic matrix of the transmission data includes:
setting data word thresholdThe local dangerous quantity of each transmission slice data is sequenced in an ascending order to be used as the sequencing of each transmission slice data, and the data word with the largest safety factor in each transmission slice data is sequentially extracted according to the sequenced transmission slice data until enough +_>Data word, will->The data words are ordered according to the sequence from left to right and from top to bottom, and are divided into a left original key matrix and a right original key matrix, the occurrence frequency of transmission slice data corresponding to each data word in the left original key matrix in the whole transmission data is counted and used as a left cyclic matrix, and the occurrence frequency of transmission slice data corresponding to each data word in the right original key matrix in the whole transmission data is counted and used as a right cyclic matrix.
Preferably, the initial key matrix of the transmission data is obtained according to the left original key matrix, the right original key matrix, the left cyclic matrix and the right cyclic matrix of the transmission data, and the expression is:
in the method, in the process of the invention,data representing the p-th row and the q-th column in the initial key matrix; />Representing the left original key matrix->Data of p-th row and q-th column; />Representing left circulant matrix->Data of p-th row and q-th column; />Representing left cyclic shift symbols; />Representing the right original key matrix->Data of p-th row and q-th column; />Representing right circulant matrix->Data of p-th row and q-th column; />Representing a right cyclic shift symbol; />Representing exclusive or operation symbols.
In a second aspect, an embodiment of the present invention further provides a network security protection system based on big data, including a memory, a processor, and a computer program stored in the memory and running on the processor, where the processor implements the steps of any one of the methods described above when executing the computer program.
The invention has at least the following beneficial effects:
firstly, analyzing the state of transmitted slice data, calculating the internal replay dangerous quantity of the transmitted slice data through the repeatability of the transmitted slice data, and reflecting the dangerous of the transmitted slice data; the relative risk coefficient among the transmission slice data is calculated by utilizing the relation among the transmission slice data, the safety factor of each data word in the transmission slice data is calculated, the safety factor indicates the safety of the data word in the whole transmission data, the data word is extracted by utilizing the safety factor of the data word and the ranking of the transmission slice data, and an initial key matrix is constructed by utilizing the extracted data word, so that the problem of insufficient safety of the key caused by the fact that the generation mode of the initial key of the AES-128 algorithm is not strong in randomness is solved. The invention has the beneficial effects of safe and efficient data transmission.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of steps of a network security protection method based on big data according to an embodiment of the present invention;
fig. 2 is a flow chart for data encryption protection index acquisition.
Detailed Description
In order to further describe the technical means and effects adopted by the present invention to achieve the preset purpose, the following detailed description refers to the specific implementation, structure, characteristics and effects of a network security protection method and system based on big data according to the present invention with reference to the accompanying drawings and preferred embodiments. In the following description, different "one embodiment" or "another embodiment" means that the embodiments are not necessarily the same. Furthermore, the particular features, structures, or characteristics of one or more embodiments may be combined in any suitable manner.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
The invention provides a network security protection method and a network security protection system based on big data, which are concretely described below with reference to the accompanying drawings.
Referring to fig. 1, a flowchart illustrating a method for protecting network security based on big data according to an embodiment of the present invention is shown, the method includes the following steps:
and S001, acquiring transmission data in a computer transmission system and preprocessing the transmission data.
By installing a data collector in front of an application layer in a computer transmission system, data to be transmitted is acquired from an API interface by using the data collector.
When the AES-128 algorithm is used for encrypting data transmitted by a network, the data is sliced according to the information quantity of 128 bits, and the 128-bit plaintext data is respectively encrypted. Firstly, the plaintext data is sliced according to 128 bits to obtain a plurality of 128-bit data blocks, and if the last block of data is not 128 bits, the bits are complemented by adopting a PKCS5Padding bit complementation mode, wherein PKCS5Padding is the prior known technology, and the embodiment is not described in detail here. Consecutive 8-bit data are taken as one data word, and each 128-bit transmission slice data is divided into 16 data words.
Step S002, calculating the intrinsic replay hazard of the transmitted slice data by the repeatability of the transmitted slice data; calculating a relative risk coefficient of the transmission slice data by using the relation between the transmission slice data; and ranking by utilizing the local dangerous quantity, calculating the safety factor of each data word in the transmission slice data, extracting the data word by utilizing the safety factor of each data word and the sequence of the transmission slice data, and constructing an initial key matrix according to the extracted data word.
Specifically, in this embodiment, firstly, the transmission data is sliced to obtain each transmission slice data, the intrinsic replay risk of each transmission slice data is obtained, the relative risk factors and the relative risk coefficients between the transmission slice data are obtained according to the intrinsic replay risk of each transmission slice data, then the security factors of each data word in the transmission slice data are obtained, an initial key matrix is constructed according to the security factors of each data word, network security protection is completed by combining an AES-128 algorithm and an ECC algorithm, and a specific data encryption protection index obtaining flowchart is shown in fig. 2. The construction process of the initial key matrix of the transmission data specifically comprises the following steps:
in order to ensure confidentiality of data, a large amount of real-time data needs to use a symmetric encryption algorithm to ensure that even if the data is stolen in the data transmission process, an attacker cannot obtain real data information easily. However, the same data using the same key will produce the same ciphertext, leaving the attacker with the opportunity to steal the ciphertext for replay attacks.
And comparing the encrypted transmission slice data by character, comparing the transmission slice data pairwise, and counting the occurrence frequency and ranking of different transmission slice data.
The frequency of occurrence of the transmission slice data is recorded asThe rank of transmitting slice data is recorded as +.>. And similarly, if the transmission slice data with the same occurrence frequency are arranged, the transmission slice data with the highest occurrence frequency are compared from the first bit until the transmission slice data with the different values being 1 are arranged at the front, and the transmission slice data with the different values being 0 are arranged at the rear. For example, 1010 1100 and 1011 0000 are two transmission slice data, and when ranking, the two transmission slice data are different in the fourth bit, and the second transmission slice data is ranked first because the value of the second transmission slice data in the fourth bit is 1.
When the same data is encrypted using the same key, the same ciphertext may be generated, potentially providing an attacker with the opportunity to steal the ciphertext and re-attack. Therefore, it is necessary to evaluate the high sensitivity of the transmission slice data. The more times transmission slice data occurs and the more similar the transmission slice data is to other transmission slice data, the higher the risk of transmitting slice data, which is determined as the replay risk of the transmission slice. The replay risk for transmitting slice data is divided into two parts, one part is the replay risk of transmitting slice data itself and the other part is the replay risk of transmitting slice data compared with the whole data.
In data transmission, replay hazards are related to the number of repeated occurrences of transmitted data and the similarity of the data interiors. The more the number of repetitions of transmitting slice data means the higher the risk of a potential replay attack, since an attacker can analyze and attack with repeated data. In addition, if the similarity of the transmission slice data is high, even if the data is encrypted, the security may be weakened, because an attacker can infer the data content by using the similarity or perform statistical analysis, thereby constructing the intrinsic replay risk of each transmission slice data, which is expressed in the following specific expression:
in the method, in the process of the invention,representing an intrinsic replay risk of the ith transmission slice data; />Representing the frequency of occurrence of the ith transmission slice data in the transmission data; />Representing the number of data words of the ith transmission slice data partition, in this embodimentThe practitioner can set himself according to the actual situation, and the embodiment is not limited to this; />Represents the x-th data word in the ith transmission slice data,>representing the y-th data word in the ith transmission slice data; />Representing data wordsThe Levenshtein editing distance is known in the prior art, and the detailed description of this embodiment is omitted here.
The higher the value, the greater the variability between the x-th data word and the y-th data word in the ith transmission slice data, the greater the variability between the data words, and the greater the security between the data words. The number of occurrences of transmitting slice data +.>The larger the value of (c) is, the lower the security of transmitting slice data is. Therefore, when the number of occurrences of the transmission slice data is greater and the similarity between the data words within the transmission slice data is greater, the intrinsic replay risk of the transmission slice data is calculated>The greater the value of (2).
When the similarity between the transmission slice data is higher, meaning that the two transmission slice data are very similar in content, they are relatively vulnerable to attack or are utilized, representing that the security of the two transmission slice data relative to the overall data is lower. By inherently replaying the risk and similarity in the transmitted slice data, the relative risk factor for both transmitted slices data compared to the whole can be calculated. The relative risk factor may evaluate the risk of transmitting slice data as compared to whole data.
In the method, in the process of the invention,representing a relative risk factor between the ith transmission slice data and the jth transmission slice data;representing an intrinsic replay risk of the ith transmission slice data; />Representing the number of different transmission slice data; />Representing a ranking of the ith transmission slice data in the transmission data; />Indicate->Intrinsic replay risk of the individual transmitted slice data; />Indicate->Ranking of the transmission slice data in the transmission data.
Representing transmission slice data iA relative risk factor with the transmission of slice data j; />And->Binary data representing transmission slice data i and transmission slice data j; />Representing the length of the longest common substring between two strings; />Representing +.about.between transmission slice data i and transmission slice data j>The LCS (Longest Common Subsequence ) algorithm and DTW (Dynamic Time Warping, dynamic time warping) algorithm are well known in the art, and detailed descriptions thereof are omitted here.
The higher indicates that the number of times of occurrence of the transmission slice data i and the transmission slice data j in the transmission slice data is greater, and the higher the risk of occurrence of the transmission slice data i and the transmission slice data j is. When the data between the transmission slice data i and the transmission slice data j are more similar, the similarity between the obtained data is higher, i.e. +.>The smaller the value of (2), the longer the length of the largest common substring between data. Formed relative risk factor between transmission slice data i and transmission slice data jThe greater the value of (2).
And calculating the transmission slice data pairwise to obtain relative risk coefficients, and reordering according to the rule from small to large. Record each transmissionThe positions and values of the transmitted slice data, e.g. the positions at which the transmitted slice data i occur are 2, 4, 14, then the positions and values are. The position and value of the transmitted slice data are determined as the local risk amount of the transmitted slice data compared to the overall transmitted data. Sequencing the transmission slice data according to the local dangerous quantity from small to large, and marking the sequenced transmission slice data as +.>。
For each data word in the transmission slice data, the higher the similarity degree between the data word and other data words is, the lower the security of the data word is, so the security factor of the data word is calculated through the similarity between the data words, and the specific expression of the security factor is as follows:
in the method, in the process of the invention,representing a security factor of an xth data word in the transmission slice data I; />Representing the number of times the x-th data word in the transmission slice data I appears in the overall transmission data; />Representing the number of data words in the transmission slice data;binary data representing the xth data word of the transmission slice data I, < >>Binary data representing the y-th data word in the transmission slice data I; />Representing exclusive or operation symbols; />A function representing the number of 0 elements in the statistical string. Will beLet the first sum value be +.>And is noted as a second sum.
The larger the specification the less similar between the data words. />Description of the larger->The larger the difference between the data word and other data words in the transmission slice data, the higher priority the extraction is required in the initial key construction. />The smaller the value of (2), the description data word +.>The lower the frequency of occurrence in the transmitted data, the higher the security of the data word. The lower the number of occurrences of data and the greater the gap between the transmission of slice data and other data words, the security factor of the data word +.>The larger.
According to transmission slice dataSequentially extracting data words with the largest safety factor from the transmission slice data, wherein the data words are formed by continuous 8-bit binary data. Setting data wordsThreshold->In this embodiment +.>The implementation can be set by the user according to the actual situation, and the embodiment is not limited to this, if the number of extracted data words is larger than +.>Before the reservation->And data words. If the number of extracted data words is insufficient +.>Then the second round of extraction is performed until the +.>And data words. Ordering from left to right and top to bottom, and then +.>The individual data words are built up as two +.>To the left is the left original key matrix +.>The data word is 1 to +.>Right is right original key matrix +.>The data word is +.>To->。
Counting the occurrence frequency of transmission slice data corresponding to each data word in the left original key matrix and the right original key matrix in the whole transmission data, and constructing a left cyclic matrix and a right cyclic matrix in sequence correspondingly, wherein the left cyclic matrix is expressed asThe right circulant matrix is denoted +.>. Constructing an initial key matrix of an AES-128 encryption algorithm by left and right original key matrices and left and right round-robin matrices>。
In order to enable the obtained initial key matrix to have higher safety, when the initial key is calculated, data in the left and right original key matrixes are circularly moved to improve data confusion, and the data sequence in the key matrixes can be disturbed by the circular shifting operation, so that the key mode is more complex and random, and the difficulty of cracking is increased. This operation increases the diffusion of the key space and increases the difficulty of cracking by cryptanalyzers.
The initial key matrix is constructed as follows:
in the method, in the process of the invention,data representing the p-th row and the q-th column in the initial key matrix; />Representing the left original key matrix->Data of p-th row and q-th column; />Representing left circulant matrix->Data of p-th row and q-th column; />Representing left cyclic shift symbols; />Representing the right original key matrix->Data of p-th row and q-th column; />Representing right circulant matrix->Data of p-th row and q-th column; />Representing a right cyclic shift symbol; />Representing exclusive or operation symbols.
Calculation of the initial key matrix by transmitting dataThe initial key matrix of the AES-128 algorithm is replaced, the AES-128 algorithm is improved, and the improved AES-128 encryption algorithm can generate an initial key by transmitting data and the initial key matrix, so that the security of the AES-128 encryption algorithm is improved. The AES-128 encryption algorithm is a known technology, and the embodiment is not described in detail here.
In step S003, the data is encrypted by the modified AES-128 algorithm. The joint ECC algorithm performs a hybrid encryption operation on the transmission data.
In order to ensure that the same transmission slice data is not encrypted into the same ciphertext data when encrypted, the transmission slice data is encrypted in a CBC mode (cipher block chaining mode) when the transmission slice data is encrypted, so as to improve the confusion between the ciphertext data after the data is encrypted. The CBC mode is a conventional technology, and this embodiment is not described herein.
During network data transmission, an initial key and 10 rounds of keys of an AES-128 algorithm are encrypted by adopting an ECC encryption algorithm. And sending the ciphertext of the key and the ciphertext of the transmission data to a receiver, decrypting the ciphertext of the key by the receiver through a private key of an ECC encryption algorithm to obtain a key of an AES-128 encryption algorithm, and decrypting the ciphertext data by the receiver through the key of the AES-128 algorithm. The ECC encryption algorithm is a known technology, and the embodiment is not described herein.
In conclusion, the ECC encryption algorithm and the AES-128 algorithm are combined to encrypt the transmission data, so that the information security of the transmission data in network transmission is ensured.
Based on the same inventive concept as the above method, the embodiment of the present invention further provides a network security protection system based on big data, which includes a memory, a processor, and a computer program stored in the memory and running on the processor, where the processor implements the steps of any one of the above network security protection methods based on big data when executing the computer program.
In summary, the embodiment of the invention solves the problem of insufficient security of the key caused by the weak randomness of the generation mode of the initial key of the AES-128 algorithm, and encrypts the network transmission data by combining the ECC encryption algorithm and the AES-128 algorithm, thereby improving the security of network data transmission.
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. And the foregoing description has been directed to specific embodiments of this specification. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
The foregoing description of the preferred embodiments of the present invention is not intended to be limiting, but rather, any modifications, equivalents, improvements, etc. that fall within the principles of the present invention are intended to be included within the scope of the present invention.
Claims (6)
1. The network security protection method based on big data is characterized by comprising the following steps:
collecting transmission data of a computer;
all the acquired transmission data are segmented to obtain transmission slice data and data words; obtaining the internal replay risk of each transmission slice data according to the internal similarity of the transmission slice data; obtaining relative risk factors among the transmission slice data according to the intrinsic replay risk amount of each transmission slice data and the similarity among the transmission slice data; obtaining a relative risk coefficient between the transmission slice data according to the relative risk factor between the transmission slice data;
obtaining local dangerous quantity of each transmission slice data according to the relative risk coefficient among the transmission slice data; obtaining the safety factor of each data word in each transmission slice data according to the similarity among the data words in the transmission slice data; combining the safety factors of the data words and the local dangerous quantity of the transmission slice data to obtain a left original key matrix, a right original key matrix, a left cyclic matrix and a right cyclic matrix of the transmission data;
obtaining an initial key matrix of the transmission data according to the left original key matrix, the right original key matrix, the left cyclic matrix and the right cyclic matrix of the transmission data; replacing the initial key matrix of the AES-128 algorithm with the initial key matrix of the transmission data, and encrypting the transmission data by using the AES-128 algorithm and the ECC algorithm to finish network security protection based on big data;
the obtaining the internal replay risk of each transmission slice data according to the internal similarity of the transmission slice data comprises the following steps:
counting the occurrence frequency of each transmission slice data in the whole transmission data and the number of data words divided by each transmission slice data, and calculating the Levenshtein editing distance between each data word and the rest other data words in the transmission slice data, wherein the expression of the inherent replay dangerous quantity of each transmission slice data is as follows:
in the method, in the process of the invention,representing an intrinsic replay risk of the ith transmission slice data; />Representing the frequency of occurrence of the ith transmission slice data in the transmission data; />Representing the number of data words of the ith transmission slice data partition; />Represents the x-th data word in the ith transmission slice data,>representing the y-th data word in the ith transmission slice data; />Representing data words +.>A Levenshtein editing distance between the two;
the method for obtaining the relative risk factors among the transmission slice data according to the intrinsic replay risk amount of each transmission slice data and the similarity among the transmission slice data comprises the following steps:
the method comprises the steps of carrying out descending order sequencing on all transmission slice data according to the occurrence frequency of all the transmission slice data in the whole transmission data, taking the sequence number of each transmission slice data as the ranking of each transmission slice data in the transmission data, wherein the expression of the relative risk factor among the transmission slice data is as follows:
in the method, in the process of the invention,representing a relative risk factor between the ith transmission slice data and the jth transmission slice data; />Representing an intrinsic replay risk of the ith transmission slice data; />Representing the number of different transmission slice data; />Representing a ranking of the ith transmission slice data in the transmission data; />Indicate->Intrinsic replay risk of the individual transmitted slice data; />Indicate->Ranking the transmission slice data in the transmission data;
the obtaining the relative risk coefficient between the transmission slice data according to the relative risk factor between the transmission slice data comprises the following steps:
for each transmission slice data, calculating the length of the longest common substring between the transmission slice data and the rest other transmission slice data by using an LCS algorithm, calculating the sum value of the DTW distance and 1 between the transmission slice data and the rest other transmission slice data, calculating the ratio of the length to the sum value, and taking the product of the ratio and the relative risk factor between the transmission slice data as the relative risk factor between the transmission slice data;
the method for obtaining the safety factor of each data word in each transmission slice data according to the similarity among the data words in the transmission slice data comprises the following steps:
calculating exclusive-or values of all data words in all transmission slice data and the rest other data words, counting the number of 0 elements in all exclusive-or values, calculating the sum value of the number of 0 elements in all exclusive-or values, marking the sum value as a first sum value, counting the occurrence times of all data words in the transmission slice data in the whole transmission data, calculating the sum value of the times and 1, marking the sum value as a second sum value, and taking the ratio of the first sum value to the second sum value as a safety factor of all data words.
2. The network security protection method based on big data according to claim 1, wherein the slicing all the collected transmission data to obtain each transmission slice data and each data word comprises:
all the acquired transmission data are segmented according to the size of 128 bits, each segmented data segment is used as each transmission slice data, and for each transmission slice data, continuous 8-bit data are used as one data word.
3. The network security protection method based on big data according to claim 1, wherein the obtaining the local risk of each transmission slice data according to the relative risk coefficient between the transmission slice data comprises:
and for each transmission slice data, carrying out ascending order sequencing on all relative risk coefficients with other transmission slice data, counting corresponding serial numbers of the transmission slice data according to the sequenced relative risk coefficients, and taking the sum of all the serial numbers as the local risk of each transmission slice data.
4. The network security protection method based on big data according to claim 1, wherein the combining the security factor of each data word and the local dangerous amount of each transmission slice data to obtain the left original key matrix, the right original key matrix, the left round robin matrix and the right round robin matrix of the transmission data comprises:
setting data word thresholdThe local dangerous quantity of each transmission slice data is sequenced in an ascending order to be used as the sequencing of each transmission slice data, and the data word with the largest safety factor in each transmission slice data is sequentially extracted according to the sequenced transmission slice data until enough +_>Data word, will->The data words are ordered according to the sequence from left to right and from top to bottom, and are divided into a left original key matrix and a right original key matrix, the occurrence frequency of transmission slice data corresponding to each data word in the left original key matrix in the whole transmission data is counted and used as a left cyclic matrix, and the occurrence frequency of transmission slice data corresponding to each data word in the right original key matrix in the whole transmission data is counted and used as a right cyclic matrix.
5. The network security protection method based on big data according to claim 1, wherein the initial key matrix of the transmission data is obtained according to a left original key matrix, a right original key matrix, a left round-robin matrix and a right round-robin matrix of the transmission data, and the expression is:
in the method, in the process of the invention,data representing the p-th row and the q-th column in the initial key matrix; />Representing left original key matrixData of p-th row and q-th column; />Representing left circulant matrix->Data of p-th row and q-th column; />Representing left cyclic shift symbols; />Representing the right original key matrix->Data of p-th row and q-th column; />Representing right circulant matrix->Data of p-th row and q-th column; />Representing a right cyclic shift symbol; />Representing exclusive or operation symbols.
6. A big data based network security protection system comprising a memory, a processor and a computer program stored in the memory and running on the processor, characterized in that the processor implements the steps of the method according to any of claims 1-5 when the computer program is executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311657078.6A CN117395078B (en) | 2023-12-06 | 2023-12-06 | Network security protection method and system based on big data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311657078.6A CN117395078B (en) | 2023-12-06 | 2023-12-06 | Network security protection method and system based on big data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117395078A CN117395078A (en) | 2024-01-12 |
| CN117395078B true CN117395078B (en) | 2024-02-06 |
Family
ID=89441254
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311657078.6A Active CN117395078B (en) | 2023-12-06 | 2023-12-06 | Network security protection method and system based on big data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117395078B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114268429A (en) * | 2021-11-29 | 2022-04-01 | 国家广播电视总局五七三台 | Terminal-specific encrypted communication access device |
| CN117082502A (en) * | 2023-10-17 | 2023-11-17 | 南京华飞数据技术有限公司 | Data acquisition and signal identification method based on data information encryption method |
| CN117176474A (en) * | 2023-11-02 | 2023-12-05 | 深圳市国芯物联科技有限公司 | Encryption protection method and system for RFID data |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11438148B2 (en) * | 2020-03-27 | 2022-09-06 | Ahp-Tech Inc. | Quantum computing-threat-resistant method and system for use on cryptography key exchanging processes |
-
2023
- 2023-12-06 CN CN202311657078.6A patent/CN117395078B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114268429A (en) * | 2021-11-29 | 2022-04-01 | 国家广播电视总局五七三台 | Terminal-specific encrypted communication access device |
| CN117082502A (en) * | 2023-10-17 | 2023-11-17 | 南京华飞数据技术有限公司 | Data acquisition and signal identification method based on data information encryption method |
| CN117176474A (en) * | 2023-11-02 | 2023-12-05 | 深圳市国芯物联科技有限公司 | Encryption protection method and system for RFID data |
Non-Patent Citations (3)
| Title |
|---|
| Research on string similarity algorithm based on Levenshtein Distance;S.Zhang等;《2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)》;第2247-2251页 * |
| 云环境中相似数据去重系统设计与实现;刘帆;《中国优秀硕士学位论文全文数据库信息科技辑》(第5期);第1-94页 * |
| 无线网络通信数据安全态势量化评估方法仿真;吕国等;《计算机仿真》;第37卷(第07期);第337-340页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117395078A (en) | 2024-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107317666B (en) | Parallel full homomorphic encryption and decryption method supporting floating point operation | |
| US8300828B2 (en) | System and method for a derivation function for key per page | |
| US20170293913A1 (en) | System and methods for validating and performing operations on homomorphically encrypted data | |
| CN110324143A (en) | Data transmission method, electronic equipment and storage medium | |
| JP2000315999A (en) | Cryptographic key generating method | |
| CN102170350A (en) | Multiple uncertainty encryption system with misleading function | |
| CN106778292B (en) | A kind of quick restoring method of Word encrypted document | |
| CN110263570B (en) | Gene data desensitization method for realizing efficient similarity query and access control | |
| Huang et al. | Efficiently secure data privacy on hybrid cloud | |
| Selvanayagam et al. | Secure file storage on cloud using cryptography | |
| Fang et al. | A secure chaotic block image encryption algorithm using generative adversarial networks and DNA sequence coding | |
| CN107592298A (en) | A kind of sequence comparison algorithm based on single server model safely outsourced method, user terminal and server | |
| CN111475690B (en) | Character string matching method and device, data detection method and server | |
| CN117395078B (en) | Network security protection method and system based on big data | |
| CN117135291A (en) | Image encryption method, system, equipment and medium | |
| Talukder et al. | An Enhanced Method for Encrypting Image and Text Data Simultaneously using AES Algorithm and LSB-Based Steganography | |
| Sivakumar et al. | Generation of random key stream using word grid puzzle for the applications of cryptography | |
| Padmapriya et al. | A Technique of Data Security using DNA Cryptography with Optimized Data Storage | |
| KR20100003093A (en) | Method of producing searchable keyword encryption based on public key for minimizing data size of searchable keyword encryption and method of searching data based on public key through that | |
| AB et al. | A New Security Mechanism for Secured Communications Using Steganography and CBA | |
| Maheswari et al. | Secure data transmission for multisharingin big data storage | |
| CN116881986B (en) | Hard disk data confidentiality method and system | |
| CN117077185B (en) | Data storage and protection method, system and medium based on HMAC and secret sharing | |
| CN114095157B (en) | Key management method, key management device, computer equipment and readable storage medium | |
| AU2021107080A4 (en) | A system and method for storing user’s data securely in a cloud storage |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |