CN117592091B - Computer information anti-theft method and system - Google Patents

Computer information anti-theft method and system Download PDF

Info

Publication number
CN117592091B
CN117592091B CN202410077615.8A CN202410077615A CN117592091B CN 117592091 B CN117592091 B CN 117592091B CN 202410077615 A CN202410077615 A CN 202410077615A CN 117592091 B CN117592091 B CN 117592091B
Authority
CN
China
Prior art keywords
information
data
data information
encryption algorithm
initial
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410077615.8A
Other languages
Chinese (zh)
Other versions
CN117592091A (en
Inventor
李燕
段丽英
陈栋伟
董倩
贾梦
韩明
曹智轩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shijiazhuang University
Original Assignee
Shijiazhuang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shijiazhuang University filed Critical Shijiazhuang University
Priority to CN202410077615.8A priority Critical patent/CN117592091B/en
Publication of CN117592091A publication Critical patent/CN117592091A/en
Application granted granted Critical
Publication of CN117592091B publication Critical patent/CN117592091B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/10Pre-processing; Data cleansing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a method and a system for preventing computer information from being stolen. The field of information theft prevention includes: receiving data information sent by a computer intelligent terminal, and performing data cleaning on the data information to obtain first data information; screening and determining an information encryption algorithm matched with the first data information by combining an encryption protocol of a big data platform; encrypting the first data information based on the information encryption algorithm, and detecting the security of sensitive information based on the encrypted information; and optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of the sensitive data. By classifying and encrypting the computer information and optimizing the encryption algorithm for a plurality of times, the computer information can be encrypted more accurately, and the information theft prevention capability is stronger.

Description

Computer information anti-theft method and system
Technical Field
The invention relates to the field of information theft prevention, in particular to a method and a system for preventing computer information theft.
Background
At present, with the popularization of computers, the data volume of large data platforms is increasing in the general public bureau, and a large amount of sensitive data is contained in the large data platforms, so that network workers design anti-theft algorithms for a large amount of sensitive information in order to ensure the safety of the data.
However, the existing anti-theft algorithm is single, and meanwhile, the problems of low anti-theft execution efficiency, low safety coefficient and the like caused by large data volume exist.
Therefore, the invention provides a method and a system for preventing computer information from being stolen.
Disclosure of Invention
The invention provides a computer information anti-theft method and a system, which are used for encrypting computer information in a classified way and optimizing an encryption algorithm for a plurality of times, so that the computer information is more accurately encrypted and has stronger anti-theft capability.
The invention provides a computer information anti-theft method, which comprises the following steps:
step 1: receiving data information sent by a computer intelligent terminal, and performing data cleaning on the data information to obtain first data information;
step 2: screening and determining an information encryption algorithm matched with the first data information by combining an encryption protocol of a big data platform;
step 3: encrypting the first data information based on the information encryption algorithm, and detecting the security of sensitive information based on the encrypted information;
step 4: and optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of the sensitive data.
In one possible implementation manner, receiving data information sent by a computer intelligent terminal, and performing data cleaning on the data information to obtain first data information, where the data information includes:
step 11: receiving data information sent by a computer intelligent terminal and acquiring the information type of the data information;
step 12: carrying out initial classification on the data information based on the information type, and determining the information sensitivity level of each classified data information based on the initial classification result;
step 13: removing classified data information with the lowest information sensitivity level from the classified data information based on the information sensitivity level of the classified data information;
step 14: and carrying out data cleaning on the residual classified data information, removing abnormal information in the residual classified data information, and integrating based on the removed data information to obtain first data information.
In one possible implementation, an information encryption algorithm for determining a match to first data information in combination with encryption protocol screening of a big data platform includes:
step 21: based on the intelligent management terminal, carrying out initial comprehensive safety judgment on the first data information, and carrying out second classification on the first data information based on different data characteristics of the first data information to obtain second classified data information;
step 22: combining the second classified data information with the comprehensive information grade of the current intelligent management terminal to determine an initial information encryption algorithm corresponding to each group of second classified data information;
wherein, the classification based on the second classified data information is different, each classification result is different corresponding to the initial information encryption algorithm;
step 23: acquiring an initial encryption result of each piece of second classified data information under a corresponding initial information encryption algorithm;
step 24: acquiring a group of second classified data information with the highest information sensitivity level in the second classified data information as initial sensitive information;
step 25: determining whether the current initial sensitive information needs information expansion or not based on the information quantity ratio of the initial sensitive information and the first data information;
if the information quantity ratio is not greater than the preset ratio, the information expansion of the initial sensitive information is needed, otherwise, the information expansion of the initial sensitive information is not needed;
step 26: obtaining first sensitive information based on an information expansion result of the initial sensitive information, and carrying out information optimization on the first sensitive information based on an initial encryption result of each piece of second classified data information to obtain first classified optimized information data;
step 27: performing first optimization on the initial encryption algorithm based on the first classification optimization information data and the remaining second classification data information in the corresponding first data information to obtain a second optimized encryption algorithm corresponding to the current second classification data information;
step 28: respectively acquiring encryption protocols of the intelligent terminal and the data information transmission terminal, and comparing and extracting the same sub-protocol between the two encryption protocols;
step 29: and obtaining a second encryption algorithm based on the second optimized encryption algorithm and the rest of the initial encryption algorithm, and carrying out algorithm second optimization on the second encryption algorithm by combining protocol contents of the same sub-protocol to obtain an information encryption algorithm corresponding to the first data information.
In one possible implementation, the information augmentation of the initial sensitive information includes:
if the initial sensitive information needs to be subjected to information expansion, screening a group of second classified data information with the highest information sensitivity level from the rest of second classified data information as optimized data information;
determining a second information amount ratio based on the optimized data information and the information amount of the initial sensitive information and the information amount of the first data information;
comparing the second information amount ratio with a preset ratio;
if the second information quantity ratio is not greater than the preset ratio, a group of second classified data information with the highest information sensitivity level is selected from the rest of second classified data information again to serve as optimized data information to carry out information expansion on the initial sensitive information;
and when the information quantity ratio is larger than the preset ratio, stopping screening and extracting the second classified data information, and finishing information expansion to obtain an information expansion result of the initial sensitive information.
In one possible implementation manner, the information encryption algorithm is used for encrypting the first data information and performing sensitive information security detection based on the encrypted information, and the method includes:
step 31: encrypting the first data information based on an information encryption algorithm, and reserving an encryption key generated by the information encryption algorithm;
step 32: respectively detecting the security of the sensitive information and the general information in the first data information based on a preset attack type;
step 33: and comprehensively determining the security coefficients of the current information encryption algorithm on the sensitive information and the general information based on the security detection results corresponding to each attack type in the security detection results of the sensitive information.
In one possible implementation, determining the security coefficient of the current information encryption algorithm for sensitive information and general information includes:
the safety coefficient corresponding to the sensitive information is compared with the safety coefficient corresponding to the lowest sensitive information for the first time;
carrying out weighted average on the safety coefficient corresponding to the general information, obtaining a second safety coefficient based on the weighted average result, and carrying out second comparison on the second safety coefficient and the safety coefficient corresponding to the lowest general information;
and if the first comparison result and the second comparison result are both qualified, judging that the security detection of the current sensitive information is qualified.
In one possible implementation manner, optimizing an information encryption algorithm based on a detection result to obtain a second encryption algorithm, and performing second encryption on the first data information to realize data protection of sensitive data, including:
step 41: the security coefficient based on the security detection result of the sensitive information is matched with a corresponding security optimization scheme, and the information encryption algorithm is optimized based on the security optimization scheme;
step 42: and obtaining a second encryption algorithm based on the algorithm optimization result, and carrying out second encryption on the first data information based on the second encryption algorithm to realize data protection of sensitive data in the first data information.
The invention provides a computer information anti-theft system, comprising:
an information acquisition module: the method comprises the steps of receiving data information sent by a computer intelligent terminal, and carrying out data cleaning on the data information to obtain first data information;
an algorithm matching module: the information encryption algorithm is used for screening and determining the information matched with the first data information by combining the encryption protocol of the big data platform;
and a safety detection module: the information encryption algorithm is used for encrypting the first data information based on the information and detecting the security of the sensitive information based on the encrypted information;
encryption protection module: the method is used for optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of sensitive data.
Compared with the prior art, the beneficial effects of the application are as follows:
by classifying and encrypting the computer information and optimizing the encryption algorithm for a plurality of times, the computer information can be encrypted more accurately, and the information theft prevention capability is stronger.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.
The technical scheme of the invention is further described in detail through the drawings and the embodiments.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a flowchart of a method for preventing computer information from being stolen according to an embodiment of the present invention;
FIG. 2 is a flowchart of obtaining first data information according to an embodiment of the present invention;
fig. 3 is a block diagram of a computer information anti-theft system according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
Example 1:
the embodiment of the invention provides a method for preventing computer information from being stolen, which is shown in figure 1 and comprises the following steps:
step 1: receiving data information sent by a computer intelligent terminal, and performing data cleaning on the data information to obtain first data information;
step 2: screening and determining an information encryption algorithm matched with the first data information by combining an encryption protocol of a big data platform;
step 3: encrypting the first data information based on the information encryption algorithm, and detecting the security of sensitive information based on the encrypted information;
step 4: and optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of the sensitive data.
In this embodiment, the data information refers to data information received by the computer intelligent terminal in the current information acquisition period.
In this embodiment, data cleaning refers to performing data consistency checking, invalid value processing, missing value processing and other processing on the acquired data information, so that the data information is more accurate and simplified.
In this embodiment, the first data information refers to processing data information obtained by performing data classification and data cleaning on the acquired data information of the computer intelligent terminal.
In this embodiment, the encryption protocols include SSH, IPsec, and the like, where there is a difference in encryption protocols when encryption transmission is performed between different computer servers and browsers.
In this embodiment, the information encryption algorithm refers to a data encryption method for encrypting the first data information, which is primarily determined according to an encryption protocol of the computer intelligent terminal and the transmission terminal of the data information, and the first data information.
In this embodiment, the security detection of the sensitive information refers to performing new security detection based on the encryption result after encrypting the sensitive information in the first data information, so as to timely determine the anti-theft result after the sensitive information is encrypted based on the encryption algorithm.
In this embodiment, the second encryption algorithm is an encryption algorithm obtained by optimizing the encryption algorithm according to the security detection result of the sensitive information.
The beneficial effects of the technical scheme are as follows: by classifying and encrypting the computer information and optimizing the encryption algorithm for a plurality of times, the computer information can be encrypted more accurately, and the information theft prevention capability is stronger.
Example 2:
based on the embodiment 1, the first data information is obtained, as shown in fig. 2, including:
step 11: receiving data information sent by a computer intelligent terminal and acquiring the information type of the data information;
step 12: carrying out initial classification on the data information based on the information type, and determining the information sensitivity level of each classified data information based on the initial classification result;
step 13: removing classified data information with the lowest information sensitivity level from the classified data information based on the information sensitivity level of the classified data information;
step 14: and carrying out data cleaning on the residual classified data information, removing abnormal information in the residual classified data information, and integrating based on the removed data information to obtain first data information.
In this embodiment, the data information refers to data information received by the computer intelligent terminal in the current information acquisition period.
In this embodiment, the data information type refers to an information type of data information received by the computer intelligent terminal, wherein the data information type mainly includes a numeric type, a character type, and a logic type. The numerical data also comprises integer type, floating point type, double precision type and the like, wherein the types of data information are different, and the influence on the whole information is also different.
In this embodiment, the information sensitivity level refers to a level of influence of a current classification type determined based on a classification type of each classification on the whole data information and a level of occurrence of sensitive data information in the current classification type after classifying the data information based on the data information type.
In this embodiment, the classified data information refers to data information obtained by classifying data information according to a data information type, where the data information includes a plurality of classified data information.
In this embodiment, data cleaning refers to performing data consistency checking, invalid value processing, missing value processing and other processing on the acquired data information, so that the data information is more accurate and simplified.
In this embodiment, the anomaly information refers to data information that data existing in the remaining classified data is invalid or data is missing.
In this embodiment, the first data information refers to processing data information obtained by performing data classification and data cleaning on the acquired data information of the computer intelligent terminal.
The beneficial effects of the technical scheme are as follows: by classifying and cleaning the data information and removing the data information with low sensitivity level, the data information can be more accurate and simplified, so that the corresponding encryption algorithm is more accurate and the information theft prevention capability is stronger.
Example 3:
based on embodiment 2, the information encryption algorithm for determining the matching with the first data information by combining the encryption protocol screening of the big data platform includes:
step 21: based on the intelligent management terminal, carrying out initial comprehensive safety judgment on the first data information, and carrying out second classification on the first data information based on different data characteristics of the first data information to obtain second classified data information;
step 22: combining the second classified data information with the comprehensive information grade of the current intelligent management terminal to determine an initial information encryption algorithm corresponding to each group of second classified data information;
wherein, the classification based on the second classified data information is different, each classification result is different corresponding to the initial information encryption algorithm;
step 23: acquiring an initial encryption result of each piece of second classified data information under a corresponding initial information encryption algorithm;
step 24: acquiring a group of second classified data information with the highest information sensitivity level in the second classified data information as initial sensitive information;
step 25: determining whether the current initial sensitive information needs information expansion or not based on the information quantity ratio of the initial sensitive information and the first data information;
if the information quantity ratio is not greater than the preset ratio, the information expansion of the initial sensitive information is needed, otherwise, the information expansion of the initial sensitive information is not needed;
step 26: obtaining first sensitive information based on an information expansion result of the initial sensitive information, and carrying out information optimization on the first sensitive information based on an initial encryption result of each piece of second classified data information to obtain first classified optimized information data;
step 27: performing first optimization on the initial encryption algorithm based on the first classification optimization information data and the remaining second classification data information in the corresponding first data information to obtain a second optimized encryption algorithm corresponding to the current second classification data information;
step 28: respectively acquiring encryption protocols of the intelligent terminal and the data information transmission terminal, and comparing and extracting the same sub-protocol between the two encryption protocols;
step 29: and obtaining a second encryption algorithm based on the second optimized encryption algorithm and the rest of the initial encryption algorithm, and carrying out algorithm second optimization on the second encryption algorithm by combining protocol contents of the same sub-protocol to obtain an information encryption algorithm corresponding to the first data information.
In this embodiment, the first data information refers to processing data information obtained by performing data classification and data cleaning on the acquired data information of the computer intelligent terminal.
In this embodiment, the initial comprehensive security determination is determined based on the sensitive information level of the intelligent management terminal's historical received data information.
In this embodiment, the data characteristics are data attributes at the level of capacity, kind, speed, variability, value, and the like of the data information.
In this embodiment, the second classification data information refers to data information obtained by classifying the first data information according to the data characteristics.
In this embodiment, the integrated information level is determined according to the initial integrated security judgment result of the intelligent management terminal.
In this embodiment, the initial information encryption algorithm is determined according to the comprehensive information level of each group of second classified data information in combination with the current intelligent management terminal.
In this embodiment, the classification of the second classified data information is different, and each classification result is different corresponding to the initial information encryption algorithm.
In this embodiment, the initial sensitive information refers to a group of data information with the highest information sensitivity level in the second classified data information.
In this embodiment, the information amount ratio refers to the information amount ratio of the initial sensitive information to the first data information, for example, the information amount of the initial sensitive information is 15, the information amount of the first data information is 100, and the information amount ratio is 0.15.
In this embodiment, the information expansion refers to extracting, when the information amount ratio of the initial sensitive information to the first data information is not greater than a preset ratio, the second classified data information with the highest information sensitivity level from the second classified results of the first data information remaining after the initial sensitive information is removed, and performing information expansion on the initial sensitive information as optimized data information.
In this embodiment, the first sensitive information is sensitive information obtained by expanding initial sensitive information according to the information quantity ratio.
In this embodiment, the first classification optimization information data refers to optimization information obtained after information optimization is performed on the first sensitive information based on an initial encryption result of the second classification data corresponding to the first sensitive information.
In this embodiment, the second optimized encryption algorithm refers to performing first optimization on the initial encryption algorithm according to the first optimized information data and the remaining second classified data information in the corresponding first data information, so as to obtain an optimized encryption algorithm corresponding to the current second classified data information.
In this embodiment, the encryption protocols include SSH, IPsec, and the like, where there is a difference in encryption protocols when encryption transmission is performed between different computer servers and browsers.
In this embodiment, the second encryption algorithm is an encryption algorithm obtained by integrating the second optimized encryption algorithm with an initial encryption algorithm corresponding to the remaining second classification data information.
In this embodiment, the information encryption algorithm refers to a data encryption method for encrypting the first data information, which is primarily determined according to an encryption protocol of the computer intelligent terminal and the transmission terminal of the data information, and the first data information.
The beneficial effects of the technical scheme are as follows: by expanding and optimizing the sensitive information, the obtained first sensitive information is more accurate, the obtained encryption algorithm is more accurate, and the information theft prevention capability is stronger.
Example 4:
based on embodiment 3, the information expansion of the initial sensitive information includes:
if the initial sensitive information needs to be subjected to information expansion, screening a group of second classified data information with the highest information sensitivity level from the rest of second classified data information as optimized data information;
determining a second information amount ratio based on the optimized data information and the information amount of the initial sensitive information and the information amount of the first data information;
comparing the second information amount ratio with a preset ratio;
if the second information quantity ratio is not greater than the preset ratio, a group of second classified data information with the highest information sensitivity level is selected from the rest of second classified data information again to serve as optimized data information to carry out information expansion on the initial sensitive information;
and when the information quantity ratio is larger than the preset ratio, stopping screening and extracting the second classified data information, and finishing information expansion to obtain an information expansion result of the initial sensitive information.
In this embodiment, the information expansion refers to extracting, when the information amount ratio of the initial sensitive information to the first data information is not greater than a preset ratio, the second classified data information with the highest information sensitivity level from the second classified results of the first data information remaining after the initial sensitive information is removed, and performing information expansion on the initial sensitive information as optimized data information.
In this embodiment, the optimized data information is obtained by extracting the second classified data information with the highest information sensitivity level from the second classified results of the first data information remaining after the initial sensitive information is removed when the information amount ratio of the initial sensitive information to the first data information is not greater than a preset ratio.
In this embodiment, the second information amount ratio refers to a ratio of an information amount of the initial sensitive information to the optimized data information to an information amount of the first data information.
The beneficial effects of the technical scheme are as follows: by expanding the initial sensitive information, the obtained first sensitive information is more accurate, so that a more accurate encryption algorithm is obtained, the encryption of the data information is more accurate, and the anti-theft capability of the information is stronger.
Example 5:
based on the embodiment 3, the sensitive information security detection is performed, including:
step 31: encrypting the first data information based on an information encryption algorithm, and reserving an encryption key generated by the information encryption algorithm;
step 32: respectively detecting the security of the sensitive information and the general information in the first data information based on a preset attack type;
step 33: and comprehensively determining the security coefficients of the current information encryption algorithm on the sensitive information and the general information based on the security detection results corresponding to each attack type in the security detection results of the sensitive information.
In this embodiment, the encryption key is a parameter that is input in an algorithm that converts plaintext into ciphertext or converts ciphertext into plaintext.
In this embodiment, the preset attack types include Dos, MITM, SQL, URL and the like.
In this embodiment, the sensitive information and the general information are determined according to the information sensitivity level of the data information, after the data information is classified according to the second classification, each classification type determines the information sensitivity level of the corresponding classified data information, the sensitive information is the data information with high information sensitivity level, and the general information is the data information except the sensitive information in the first data information.
In this embodiment, the security detection of the sensitive information refers to performing security detection based on an encryption result after encrypting the sensitive information in the first data information, so as to timely determine an anti-theft result after the sensitive information is encrypted based on an encryption algorithm.
In this embodiment, the security coefficient refers to a corresponding detection result obtained after the current encrypted sensitive information and the general information are attacked according to the preset attack type, for example, the security detection result of the sensitive information under Dos attack after the data encryption is 0.95, the security detection result under MITM attack is 0.91, and the security detection result under SQL attack is 0.93, and then the security coefficient of the sensitive information is 0.93.
In this embodiment, the security coefficient of the sensitive information is:
wherein,security factor for sensitive information for current information encryption algorithm, < ->The number of attack types for attacking sensitive information, < +.>Is->Reference coefficients for individual attack types,/->Is->The attack types correspond to the probability of failure of the attack when the attack is performed on the sensitive information.
The attack probability of each attack type on the sensitive information is different, the corresponding reference coefficient is also different, the larger the attack probability is, the larger the corresponding reference coefficient is, and the value range of the reference coefficient is (0, 1).
The probability of failure of each attack type is generally (0.8,1), when the encrypted sensitive information is attacked by a certain attack type, if the probability of failure of the attack is less than 0.8, the security detection of the current sensitive information is directly judged to be unqualified.
In this embodiment, the security coefficient of the general information is:
wherein,security factor for general information for current information encryption algorithm, < ->The number of classification information being general information in the second classification information, and (2)>For the information influence coefficient of the j-th group general information on the first data information,/for the information influence coefficient of the j-th group general information on the first data information>The number of attack types for attacking sensitive information, < +.>Is the j-th general information +.>Reference coefficients for individual attack types,/->Is->The probability of corresponding attack failure when the jth general information is attacked by the attack type, ++>For the corresponding indifferent attack error value when the ith attack type is attacked,/for the ith attack type>And carrying out corresponding indiscriminate attack intensity coefficients for the first attack type.
Wherein, in addition to the sensitive information, if 9 groups of classified data information exist in the second classified data information, the value of m is 9.
The beneficial effects of the technical scheme are as follows: by respectively carrying out security detection on the sensitive information and the general information in the encrypted data information, the encryption scheme of the computer information can be more accurate, and the information theft prevention capability is stronger.
Example 6:
based on embodiment 5, determining the security coefficient of the current information encryption algorithm on the sensitive information and the general information includes:
the safety coefficient corresponding to the sensitive information is compared with the safety coefficient corresponding to the lowest sensitive information for the first time;
carrying out weighted average on the safety coefficient corresponding to the general information, obtaining a second safety coefficient based on the weighted average result, and carrying out second comparison on the second safety coefficient and the safety coefficient corresponding to the lowest general information;
and if the first comparison result and the second comparison result are both qualified, judging that the security detection of the current sensitive information is qualified.
In this embodiment, the first comparison refers to comparing the security coefficient corresponding to the sensitive information with the security coefficient corresponding to the lowest sensitive information, the second comparison refers to weighted averaging the security coefficient corresponding to the general information, obtaining the second security coefficient based on the weighted average result, and comparing the second security coefficient with the security coefficient corresponding to the lowest general information.
In this embodiment, the lowest sensitive information security factor and the lowest general information security factor are determined according to the transmission accuracy of the information transmission.
In this embodiment, the weighted average refers to weighting according to the information sensitivity level corresponding to general information, where the higher the information sensitivity level is, the larger the weighted value is.
The beneficial effects of the technical scheme are as follows: the security detection result of the computer information is more accurate by comparing and determining the security coefficients, so that the encryption scheme of the computer information is more accurate, and the information theft prevention capability is stronger.
Example 7:
based on embodiment 5, the second encryption is performed on the first data information to realize data protection of the sensitive data, which includes:
step 41: the security coefficient based on the security detection result of the sensitive information is matched with a corresponding security optimization scheme, and the information encryption algorithm is optimized based on the security optimization scheme;
step 42: and obtaining a second encryption algorithm based on the algorithm optimization result, and carrying out second encryption on the first data information based on the second encryption algorithm to realize data protection of sensitive data in the first data information.
In this embodiment, the security optimization scheme refers to an algorithm optimization scheme for screening a security coefficient-optimization scheme database for matching with a current security detection result according to a security coefficient of a security detection result of sensitive information.
In this embodiment, the second encryption algorithm is an encryption algorithm obtained by performing algorithm optimization on the information encryption algorithm according to the security optimization scheme.
The beneficial effects of the technical scheme are as follows: by optimizing the encryption algorithm, the computer information can be encrypted more accurately, and the information theft prevention capability is stronger.
Example 8:
an embodiment of the present invention provides a computer information anti-theft system, as shown in fig. 3, including:
an information acquisition module: the method comprises the steps of receiving data information sent by a computer intelligent terminal, and carrying out data cleaning on the data information to obtain first data information;
an algorithm matching module: the information encryption algorithm is used for screening and determining the information matched with the first data information by combining the encryption protocol of the big data platform;
and a safety detection module: the information encryption algorithm is used for encrypting the first data information based on the information and detecting the security of the sensitive information based on the encrypted information;
encryption protection module: the method is used for optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of sensitive data.
The beneficial effects of the technical scheme are as follows: by classifying and encrypting the computer information and optimizing the encryption algorithm for a plurality of times, the computer information can be encrypted more accurately, and the information theft prevention capability is stronger.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (6)

1. A method for preventing computer information from being stolen, comprising the steps of:
step 1: receiving data information sent by a computer intelligent terminal, and performing data cleaning on the data information to obtain first data information;
step 2: screening and determining an information encryption algorithm matched with the first data information by combining an encryption protocol of a big data platform;
step 3: encrypting the first data information based on the information encryption algorithm, and detecting the security of sensitive information based on the encrypted information;
step 4: optimizing an information encryption algorithm based on the detection result to obtain a second encryption algorithm, and performing second encryption on the first data information to realize data protection of sensitive data;
wherein, step 1 includes:
step 11: receiving data information sent by a computer intelligent terminal and acquiring the information type of the data information;
step 12: carrying out initial classification on the data information based on the information type, and determining the information sensitivity level of each classified data information based on the initial classification result;
step 13: removing classified data information with the lowest information sensitivity level from the classified data information based on the information sensitivity level of the classified data information;
step 14: the method comprises the steps of performing data cleaning on the residual classified data information, removing abnormal information in the residual classified data information, and integrating based on the removed data information to obtain first data information;
wherein, step 2 includes:
step 21: based on the intelligent management terminal, carrying out initial comprehensive safety judgment on the first data information, and carrying out second classification on the first data information based on different data characteristics of the first data information to obtain second classified data information;
step 22: combining the second classified data information with the comprehensive information grade of the current intelligent management terminal to determine an initial information encryption algorithm corresponding to each group of second classified data information;
wherein, the classification based on the second classified data information is different, each classification result is different corresponding to the initial information encryption algorithm;
step 23: acquiring an initial encryption result of each piece of second classified data information under a corresponding initial information encryption algorithm;
step 24: acquiring a group of second classified data information with the highest information sensitivity level in the second classified data information as initial sensitive information;
step 25: determining whether the current initial sensitive information needs information expansion or not based on the information quantity ratio of the initial sensitive information and the first data information;
if the information quantity ratio is not greater than the preset ratio, the information expansion of the initial sensitive information is needed, otherwise, the information expansion of the initial sensitive information is not needed;
step 26: obtaining first sensitive information based on an information expansion result of the initial sensitive information, and carrying out information optimization on the first sensitive information based on an initial encryption result of each piece of second classified data information to obtain first classified optimized information data;
step 27: performing first optimization on the initial encryption algorithm based on the first classification optimization information data and the remaining second classification data information in the corresponding first data information to obtain a second optimized encryption algorithm corresponding to the current second classification data information;
step 28: respectively acquiring encryption protocols of the intelligent terminal and the data information transmission terminal, and comparing and extracting the same sub-protocol between the two encryption protocols;
step 29: and obtaining a second encryption algorithm based on the second optimized encryption algorithm and the rest of the initial encryption algorithm, and carrying out algorithm second optimization on the second encryption algorithm by combining protocol contents of the same sub-protocol to obtain an information encryption algorithm corresponding to the first data information.
2. The method for preventing computer information from being stolen according to claim 1, wherein the step of expanding the initial sensitive information comprises the steps of:
if the initial sensitive information needs to be subjected to information expansion, screening a group of second classified data information with the highest information sensitivity level from the rest of second classified data information as optimized data information;
determining a second information amount ratio based on the optimized data information and the information amount of the initial sensitive information and the information amount of the first data information;
comparing the second information amount ratio with a preset ratio;
if the second information quantity ratio is not greater than the preset ratio, a group of second classified data information with the highest information sensitivity level is selected from the rest of second classified data information again to serve as optimized data information to carry out information expansion on the initial sensitive information;
and when the information quantity ratio is larger than the preset ratio, stopping screening and extracting the second classified data information, and finishing information expansion to obtain an information expansion result of the initial sensitive information.
3. The method for preventing computer information from being stolen according to claim 2, wherein the steps of encrypting the first data information based on the information encryption algorithm and performing sensitive information security detection based on the encrypted information include:
step 31: encrypting the first data information based on an information encryption algorithm, and reserving an encryption key generated by the information encryption algorithm;
step 32: respectively detecting the security of the sensitive information and the general information in the first data information based on a preset attack type;
step 33: and comprehensively determining the security coefficients of the current information encryption algorithm on the sensitive information and the general information based on the security detection results corresponding to each attack type in the security detection results of the sensitive information.
4. A method for preventing theft of computer information according to claim 3, wherein determining the security factor of the current information encryption algorithm for sensitive information and general information comprises:
the safety coefficient corresponding to the sensitive information is compared with the safety coefficient corresponding to the lowest sensitive information for the first time;
carrying out weighted average on the safety coefficient corresponding to the general information, obtaining a second safety coefficient based on the weighted average result, and carrying out second comparison on the second safety coefficient and the safety coefficient corresponding to the lowest general information;
and if the first comparison result and the second comparison result are both qualified, judging that the security detection of the current sensitive information is qualified.
5. The method for preventing computer information from being stolen according to claim 4, wherein optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and performing second encryption on the first data information to realize data protection of the sensitive data, comprises:
step 41: the security coefficient based on the security detection result of the sensitive information is matched with a corresponding security optimization scheme, and the information encryption algorithm is optimized based on the security optimization scheme;
step 42: and obtaining a second encryption algorithm based on the algorithm optimization result, and carrying out second encryption on the first data information based on the second encryption algorithm to realize data protection of sensitive data in the first data information.
6. A computer information theft prevention system, comprising:
an information acquisition module: the method comprises the steps of receiving data information sent by a computer intelligent terminal, and carrying out data cleaning on the data information to obtain first data information;
an algorithm matching module: the information encryption algorithm is used for screening and determining the information matched with the first data information by combining the encryption protocol of the big data platform;
and a safety detection module: the information encryption algorithm is used for encrypting the first data information based on the information and detecting the security of the sensitive information based on the encrypted information;
encryption protection module: the method is used for optimizing the information encryption algorithm based on the detection result to obtain a second encryption algorithm, and carrying out second encryption on the first data information to realize data protection of sensitive data;
the information acquisition module is specifically configured to:
receiving data information sent by a computer intelligent terminal and acquiring the information type of the data information;
carrying out initial classification on the data information based on the information type, and determining the information sensitivity level of each classified data information based on the initial classification result;
removing classified data information with the lowest information sensitivity level from the classified data information based on the information sensitivity level of the classified data information;
the method comprises the steps of performing data cleaning on the residual classified data information, removing abnormal information in the residual classified data information, and integrating based on the removed data information to obtain first data information;
the algorithm matching module is specifically configured to:
based on the intelligent management terminal, carrying out initial comprehensive safety judgment on the first data information, and carrying out second classification on the first data information based on different data characteristics of the first data information to obtain second classified data information;
combining the second classified data information with the comprehensive information grade of the current intelligent management terminal to determine an initial information encryption algorithm corresponding to each group of second classified data information;
wherein, the classification based on the second classified data information is different, each classification result is different corresponding to the initial information encryption algorithm;
acquiring an initial encryption result of each piece of second classified data information under a corresponding initial information encryption algorithm;
acquiring a group of second classified data information with the highest information sensitivity level in the second classified data information as initial sensitive information;
determining whether the current initial sensitive information needs information expansion or not based on the information quantity ratio of the initial sensitive information and the first data information;
if the information quantity ratio is not greater than the preset ratio, the information expansion of the initial sensitive information is needed, otherwise, the information expansion of the initial sensitive information is not needed;
obtaining first sensitive information based on an information expansion result of the initial sensitive information, and carrying out information optimization on the first sensitive information based on an initial encryption result of each piece of second classified data information to obtain first classified optimized information data;
performing first optimization on the initial encryption algorithm based on the first classification optimization information data and the remaining second classification data information in the corresponding first data information to obtain a second optimized encryption algorithm corresponding to the current second classification data information;
respectively acquiring encryption protocols of the intelligent terminal and the data information transmission terminal, and comparing and extracting the same sub-protocol between the two encryption protocols;
and obtaining a second encryption algorithm based on the second optimized encryption algorithm and the rest of the initial encryption algorithm, and carrying out algorithm second optimization on the second encryption algorithm by combining protocol contents of the same sub-protocol to obtain an information encryption algorithm corresponding to the first data information.
CN202410077615.8A 2024-01-19 2024-01-19 Computer information anti-theft method and system Active CN117592091B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410077615.8A CN117592091B (en) 2024-01-19 2024-01-19 Computer information anti-theft method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410077615.8A CN117592091B (en) 2024-01-19 2024-01-19 Computer information anti-theft method and system

Publications (2)

Publication Number Publication Date
CN117592091A CN117592091A (en) 2024-02-23
CN117592091B true CN117592091B (en) 2024-03-29

Family

ID=89912026

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410077615.8A Active CN117592091B (en) 2024-01-19 2024-01-19 Computer information anti-theft method and system

Country Status (1)

Country Link
CN (1) CN117592091B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113987543A (en) * 2021-11-02 2022-01-28 北京中海闻达信息技术有限公司 Online data monitoring method and device
CN114422134A (en) * 2021-12-23 2022-04-29 山东浪潮工业互联网产业股份有限公司 Data secure transmission method and equipment
CN115017519A (en) * 2021-03-04 2022-09-06 中国移动通信集团江苏有限公司 Data sealing regularity detecting method and device
CN115314313A (en) * 2022-08-15 2022-11-08 平安壹钱包电子商务有限公司 Information encryption method and device, storage medium and computer equipment
CN116599766A (en) * 2023-07-11 2023-08-15 深圳友讯达科技股份有限公司 Smart electric meter detection method, device, equipment and storage medium
CN116896445A (en) * 2023-09-08 2023-10-17 中国电子信息产业集团有限公司第六研究所 Satellite network information encryption system and method
CN117131517A (en) * 2023-10-27 2023-11-28 鼎铉商用密码测评技术(深圳)有限公司 Security detection method for encryption algorithm, terminal equipment and storage medium
CN117390637A (en) * 2023-09-28 2024-01-12 华能浙江能源销售有限责任公司 Method and system for protecting safety of safety access area system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115017519A (en) * 2021-03-04 2022-09-06 中国移动通信集团江苏有限公司 Data sealing regularity detecting method and device
CN113987543A (en) * 2021-11-02 2022-01-28 北京中海闻达信息技术有限公司 Online data monitoring method and device
CN114422134A (en) * 2021-12-23 2022-04-29 山东浪潮工业互联网产业股份有限公司 Data secure transmission method and equipment
CN115314313A (en) * 2022-08-15 2022-11-08 平安壹钱包电子商务有限公司 Information encryption method and device, storage medium and computer equipment
CN116599766A (en) * 2023-07-11 2023-08-15 深圳友讯达科技股份有限公司 Smart electric meter detection method, device, equipment and storage medium
CN116896445A (en) * 2023-09-08 2023-10-17 中国电子信息产业集团有限公司第六研究所 Satellite network information encryption system and method
CN117390637A (en) * 2023-09-28 2024-01-12 华能浙江能源销售有限责任公司 Method and system for protecting safety of safety access area system
CN117131517A (en) * 2023-10-27 2023-11-28 鼎铉商用密码测评技术(深圳)有限公司 Security detection method for encryption algorithm, terminal equipment and storage medium

Also Published As

Publication number Publication date
CN117592091A (en) 2024-02-23

Similar Documents

Publication Publication Date Title
CN108989150B (en) Login abnormity detection method and device
CN100456258C (en) Method and system for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis
CN109660518B (en) Communication data detection method and device of network and machine-readable storage medium
CN107733834B (en) Data leakage protection method and device
US20210044607A1 (en) Monitor, monitoring method, and recording medium
CN112671767A (en) Security event early warning method and device based on alarm data analysis
Zheng et al. Preprocessing method for encrypted traffic based on semisupervised clustering
CN105468972B (en) A kind of mobile terminal document detection method
CN117592091B (en) Computer information anti-theft method and system
US11539730B2 (en) Method, device, and computer program product for abnormality detection
CN116502171B (en) Network security information dynamic detection system based on big data analysis algorithm
CN113792291B (en) Host recognition method and device infected by domain generation algorithm malicious software
CN109324985A (en) A kind of SQL injection recognition methods of the automatic adaptation scene based on machine learning
CN112287252B (en) Method, device, equipment and storage medium for detecting website domain name hijacking
CN110532758B (en) Risk identification method and device for group
CN114070641A (en) Network intrusion detection method, device, equipment and storage medium
CN112861160A (en) Data privacy protection system and protection method
KR101907443B1 (en) Component-based malicious file similarity analysis device and method
CN113630425B (en) Financial data safe transmission method for multiple power bodies
Karthik et al. Detecting Internet of Things Attacks Using Post Pruning Decision Tree-Synthetic Minority Over Sampling Technique.
CN112287345A (en) Credible edge computing system based on intelligent risk detection
CN111585953A (en) Method and system for judging network access validity of local area network terminal equipment
CN114157514B (en) Multi-channel IDS integrated detection method and device
CN117544420B (en) Fusion system safety management method and system based on data analysis
CN117692257B (en) High-speed encryption method and device for service data of electric power Internet of things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant