CN117879858A - Safe interaction method and device for reversely screening derivative features - Google Patents
Safe interaction method and device for reversely screening derivative features Download PDFInfo
- Publication number
- CN117879858A CN117879858A CN202311606572.XA CN202311606572A CN117879858A CN 117879858 A CN117879858 A CN 117879858A CN 202311606572 A CN202311606572 A CN 202311606572A CN 117879858 A CN117879858 A CN 117879858A
- Authority
- CN
- China
- Prior art keywords
- data transmission
- target
- community
- transmission equipment
- target data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000012216 screening Methods 0.000 title claims abstract description 27
- 230000003993 interaction Effects 0.000 title claims abstract description 25
- 230000005540 biological transmission Effects 0.000 claims abstract description 270
- 238000012549 training Methods 0.000 claims description 6
- 230000002452 interceptive effect Effects 0.000 claims description 2
- 238000012545 processing Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 6
- 230000006399 behavior Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 230000003595 spectral effect Effects 0.000 description 2
- 238000007792 addition Methods 0.000 description 1
- 238000013527 convolutional neural network Methods 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a safe interaction method and a safe interaction device for reversely screening derivative features, wherein the method comprises the following steps: determining communities to which each data transmission device belongs through community discovery; reversely screening out target communities according to the data security indexes of all communities; determining derivative characteristics of target data transmission equipment according to the association relation between the target data transmission equipment and a target community; and identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics, and transmitting data according to the data transmission security level. The method combines community discovery and data security indexes of all communities to reversely screen out a target community; determining derivative characteristics of the target data transmission equipment according to the association relation between the target data transmission equipment and the target community; therefore, the data transmission security level of the equipment is identified from the community association angle through the derivative features, the identification accuracy of malicious attack on the data by the cooperation of a plurality of equipment is improved, and the safety of data interaction is ensured.
Description
Technical Field
The invention relates to the technical field of computer processing, in particular to a safe interaction method, a safe interaction device, electronic equipment and a computer readable medium for reversely screening derivative features.
Background
With the advent of the big data age, more and more data is applied to various fields, and therefore, security of data in transmission and exchange is particularly important. Such as: in the process of data transmission by using a fifth generation mobile communication Network (5G Network), malicious attacks are often disguised as legal devices, and the attacks are carried out under the condition of obtaining trust of Network communication services. In addition, for the application of the mobile network, the intelligent device is required to be used as support, however, the network technology and the intelligent device can be attacked by certain malicious attacks in the practical application, so that the security of the 5G network in the practical data transmission process can be influenced. In addition, there are security issues with the exchange of data between information systems. Taking a cluster as an example, the cluster may use a larger service system composed of a group of mutually independent terminals (such as computers) by using a high-speed communication network. Terminals in the cluster can communicate with each other to cooperatively provide applications, system resources and data to the user. Therefore, the terminals have the data security problems of malicious attack, data theft and the like in the data transmission process.
In the prior art, the security of the data transmission device can be identified through machine learning, the mode is only based on the data transmission behavior of a single device, the association relationship among a plurality of devices is not considered, and in practice, malicious attack, theft and the like on the data are often performed cooperatively by the plurality of devices.
Disclosure of Invention
Accordingly, the present invention is directed to a method, apparatus, electronic device and computer readable medium for secure interaction of reverse screening derived features, which are designed to at least partially solve at least one of the above-mentioned problems.
In order to solve the above technical problems, a first aspect of the present invention provides a secure interaction method for reversely screening derived features, the method comprising:
determining communities to which each data transmission device belongs through community discovery;
reversely screening out target communities according to the data security indexes of all communities;
determining derivative characteristics of target data transmission equipment according to the association relation between the target data transmission equipment and a target community;
and identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics, and carrying out data interaction according to the data transmission security level.
According to a preferred embodiment of the present invention, the determining the derivative feature of the target data transmission device according to the association relationship between the target data transmission device and the target community includes:
respectively determining the distance between the target data transmission equipment and each target community;
and determining the derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
According to a preferred embodiment of the present invention, determining the distance between the target data transmission device and each target community comprises:
judging whether the target data transmission equipment can reach a target community or not;
if the target community is not reachable, the distance from the target data transmission equipment to the unreachable target community is zero;
if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node.
According to a preferred embodiment of the present invention, the determining the derivative feature of the target data transmission device according to the association relationship between the target data transmission device and the target community includes:
judging whether the target data transmission equipment exists in a target community or not;
if the target community exists, determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment exists;
if the target community is not available, searching a target community which can be reached by the target data transmission equipment, and determining the derivative characteristic of the target data transmission equipment according to the distance between the target data transmission equipment and the target community which can be reached.
According to a preferred embodiment of the present invention, the determining, by community discovery, the community to which each data transmission device belongs includes:
establishing a network by taking data transmission equipment as a node;
and determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
According to a preferred embodiment of the invention, if the target communities are not screened according to the data security indexes of the communities, the communities to which the data transmission devices belong are determined through community discovery after the network is adjusted and/or the community discovery process is adjusted.
According to a preferred embodiment of the invention, the adjusting network comprises: adjusting the type of the network node and/or adjusting the association relationship between the nodes; the adjusting community discovery process includes: and adjusting a community discovery algorithm or adjusting training parameters in the community discovery algorithm.
To solve the above technical problem, a second aspect of the present invention provides a secure interaction device for reversely screening derived features, the device comprising:
the first determining module is used for determining communities to which each data transmission device belongs through community discovery;
the reverse screening module is used for reversely screening out target communities according to the data security indexes of all communities;
the second determining module is used for determining the derivative characteristics of the target data transmission equipment according to the association relation between the target data transmission equipment and the target community;
and the data transmission module is used for identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics and carrying out data interaction according to the data transmission security level.
According to a preferred embodiment of the present invention, the second determining module includes:
the first sub-determining module is used for respectively determining the distance between the target data transmission equipment and each target community;
and the second sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
According to a preferred embodiment of the present invention, the first sub-determination module includes:
the first judging module is used for judging whether the target data transmission equipment can reach the target community or not;
a third sub-determining module, configured to, if the target data transmission device is not reachable, make a distance between the target data transmission device and the unreachable target community zero; if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node.
According to a preferred embodiment of the present invention, the second determining module includes:
the second judging module is used for judging whether the target data transmission equipment exists in the target community or not;
the third sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment is located if the target data transmission equipment exists; if the target community is not available, searching a target community which can be reached by the target data transmission equipment, and determining the derivative characteristic of the target data transmission equipment according to the distance between the target data transmission equipment and the target community which can be reached.
According to a preferred embodiment of the present invention, the first determining module includes:
the creation module is used for creating a network by taking the data transmission equipment as a node;
and the community discovery module is used for determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
According to a preferred embodiment of the present invention, further comprising:
and the adjustment module is used for determining communities to which each data transmission device belongs through community discovery after adjusting the network and/or adjusting the community discovery process if the reverse screening module does not screen the target communities according to the data security indexes of each community.
According to a preferred embodiment of the invention, the adjusting network comprises: adjusting the type of the network node and/or adjusting the association relationship between the nodes; the adjusting community discovery process includes: and adjusting a community discovery algorithm or adjusting training parameters in the community discovery algorithm.
To solve the above technical problem, a third aspect of the present invention provides an electronic device, including:
a processor; and
a memory storing computer executable instructions that, when executed, cause the processor to perform the method of any of the above.
To solve the above technical problem, a fourth aspect of the present invention provides a computer-readable storage medium storing one or more programs, which when executed by a processor, implement the above method.
The community discovery method comprises the steps of determining communities to which each data transmission device belongs through community discovery; reversely screening out target communities according to the data security indexes of all communities; determining derivative characteristics of target data transmission equipment according to the association relation between the target data transmission equipment and a target community; therefore, the data transmission security level of the equipment is identified from the community association angle through the derivative features, the identification accuracy of malicious attack on the data by the cooperation of a plurality of equipment is improved, and the data transmission security is ensured.
Drawings
In order to make the technical problems solved by the present invention, the technical means adopted and the technical effects achieved more clear, specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted, however, that the drawings described below are merely illustrative of exemplary embodiments of the present invention and that other embodiments of the drawings may be derived from these drawings by those skilled in the art without undue effort.
FIG. 1 is a flow chart of a method for secure interaction of reverse screening derived features according to an embodiment of the present invention;
fig. 2 is a schematic diagram of determining derivative characteristics of the target data transmission device according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a security interaction device for inverse screening of derived features according to an embodiment of the present invention;
FIG. 4 is a block diagram of an exemplary embodiment of an electronic device according to the present invention;
FIG. 5 is a schematic diagram of one embodiment of a computer readable medium of the present invention.
Detailed Description
Exemplary embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments are shown, although the exemplary embodiments may be practiced in various specific ways. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art.
The same reference numerals in the drawings denote the same or similar elements, components or portions, and thus repeated descriptions of the same or similar elements, components or portions may be omitted hereinafter. It will be further understood that, although the terms first, second, third, etc. may be used herein to describe various devices, elements, components or portions, these devices, elements, components or portions should not be limited by these terms. That is, these phrases are merely intended to distinguish one from the other. For example, a first device may also be referred to as a second device without departing from the spirit of the invention. Furthermore, the term "and/or," "and/or" is meant to include all combinations of any one or more of the items listed.
Referring to fig. 1, fig. 1 is a secure interaction method for reversely screening derived features, as shown in fig. 1, provided by the present invention, where the method includes:
s1, determining communities to which all data transmission devices belong through community discovery;
in this embodiment, the data transmission device may be a switching device, a transmission device or a terminal device in the data communication system, or may be a data interaction network, for example: the micro-service architecture, the terminals or the servers in the cluster can communicate with each other, perform data interaction, and cooperatively provide application programs, system resources and data for users.
In this embodiment, both the data communication system and the data interaction network may be abstracted into a network, and a community structure in the network may be discovered through community discovery. According to graph theory, communities are sub-graphs with closely connected internal nodes, the nodes in the communities are closely connected, the nodes in different communities are sparsely connected, the nodes in the same communities can share common characteristics, and the local characteristics of node behaviors in a network and the association relationship between the local characteristics can be reflected by the communities. In this embodiment, the determining, by community discovery, the community to which each data transmission device belongs includes:
s11, establishing a network by taking data transmission equipment as a node;
wherein: the network is formed by nodes and edges describing the association between the nodes. In this embodiment, the association relationship between the nodes may be: communication relationships, shared address relationships, data interaction relationships, and so forth. For example, the network may be established with the data transmission device as a node and the communication relationship between the data transmission devices as an edge.
And S12, determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
Wherein: the community discovery algorithm may employ statistical inferences such as: random block model (stochastic block model, SBM) of the graph generation model, traditional machine learning, such as: spectral clustering (spectral clustering), deep learning, such as self encoder (AutoEncoder), deep nmf, convolutional neural network (GCN). Preferably, the community discovery algorithm (Louvain algorithm) and the tag propagation algorithm (LPA algorithm) based on modularity are adopted in the embodiment to determine communities to which each data transmission device in the network belongs. For example, in fig. 2, community 1, community 2 and community 3 to which the data transmission device belongs are obtained through community discovery.
S2, reversely screening out target communities according to the data security indexes of all communities;
in this embodiment, the target community is preferably: the community with low data transmission security can be a target community, and the community with high data transmission security can be a target community. The data security index is used for reflecting the security of data transmission in communities. Illustratively, the data security indicator may employ a data transmission risk rateThe higher the data transmission risk rate in the community is, the lower the data transmission safety of the community is, and the lower the data transmission risk rate is, the higher the data transmission safety of the community is. Wherein: q 1 Q is the number of data transmission devices with risks of malicious attack, data theft and the like when transmitting data in communities 0 Q is the total number of data transmission devices in the community 0 Data transmission device q comprising data transmission records in a community 01 And a data transmission device q without data transmission record 02 . The data security index can adopt risk index +.>The higher the risk index of the community is, the lower the data transmission safety of the community is, and the lower the risk index is, the higher the data transmission safety of the community is. Wherein: q 1 Q is the number of data transmission devices with risks of malicious attack, data theft and the like when transmitting data in communities 01 The number of data transmission devices in the community with data transmission records.
Taking a community with low data transmission safety as an example, a threshold value can be preset, and a community with data transmission risk rate or community risk index larger than the threshold value is taken as a target community; and otherwise, taking the community with the data transmission risk rate or the community risk index smaller than the threshold value as a target community. For example, in fig. 2, if the threshold is 0.5, the risk index of community 1 is 0.8, the risk index of community 2 is 0.6, and the risk index of community 3 is 0.6, then communities 1, 2 and 3 are all target communities with low data transmission security.
Wherein the threshold may be set according to a security level of the data, such as: a plurality of thresholds with different sizes can be preconfigured, and a corresponding threshold is selected according to the security level of the data to be transmitted, and the security level of the data to be transmitted is inversely proportional to the size of the threshold, namely: the data with high security level adopts a threshold with small value, and the data with low security level adopts a threshold with large value.
In this embodiment, if the target community is not screened according to the data security index of each community, the method may return to step S1, and after the network is adjusted and/or the community discovery process is adjusted, determine the community to which each data transmission device belongs through community discovery, and reversely screen the target community according to the data security index of each community again. Wherein: the adjusting network may adjust the network node type, such as: the node type is adjusted from the data transmission equipment to the data transmission equipment with the data transmission record, and the association relationship between the nodes can be adjusted, for example: the communication relationship is adjusted to be a shared position relationship, and the association relationship between the node types and the nodes can be adjusted at the same time. Adjusting the community discovery process may adjust community discovery algorithms such as: adjusting the Louvain algorithm to an LPA algorithm; alternatively, training parameters in the community discovery algorithm are adjusted, such as: and continuously adopting the Louvain algorithm, and modifying the folding times termination condition.
S3, determining derivative characteristics of the target data transmission equipment according to the association relation between the target data transmission equipment and the target community;
wherein: the target data transmission device may be a data transmission device to which data is to be transmitted. In one example, the association relationship between the target data transmission device and the target community can be described by the distance between the target data transmission device and the target community, and derivative features are obtained by combining the target community safety index on the basis of the distance. The determining the derivative characteristic of the target data transmission device according to the association relationship between the target data transmission device and the target community may include:
s31, respectively determining the distance between the target data transmission equipment and each target community;
in this embodiment, the distance between the target data transmission device and the target community refers to the distance between the target data transmission device and the center node of the target community, and may be determined through the network in step S11. Wherein: the target data transmission device may be located in a target community, may reach the target community by being provided with edges, or may not be provided with edges with the target community, i.e. may not reach the target community. In this step, it is first determined whether the target data transmission device can reach the target community, that is, whether the target data transmission device has a common edge with the target community in the network. If the target community is not reachable, the distance from the target data transmission equipment to the unreachable target community is zero; if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node. Wherein: the center node may be the node with the greatest degree of centrality (Degree Centrality) in the community, the node with the smallest total distance from other points to the proximity centrality (Closeness Centrality), or the node with the shortest path through the greatest degree of centrality (Betweeness Centrality) in the community, etc.
For example, in fig. 2, a solid origin represents a central node of each target community, a hollow origin represents a node of each target community, and the target data transmission device 3 has no shared edge with each of the target communities 1, 2 and 3, so that distances from the target data transmission device 3 to each of the target communities 1, 2 and 3 are zero. The shortest distance from the target data transmission device 2 to the center node of the target community 1 is 4, the shortest distance from the target data transmission device 2 to the center node of the target community 2 is 3, and the shortest distance from the target data transmission device 3 to the center node of the target community 3 is 2, and the distances from the target data transmission device 3 to the target community 1, the target community 2 and the target community 3 are respectively: 4. 3, 2. The target data transmission equipment 1 is located in the target community 1, the shortest distance reaching the center node of the target community 1 is 1, the shortest distance reaching the center node of the target community 2 is 3, the shortest distance reaching the center node of the target community 3 is 3, and then the distances from the target data transmission equipment 1 to the target community 1, the target community 2 and the target community 3 are respectively: 1. 3, 3.
S32, determining derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
For example, the data security index of the target communities can be used as a weight, and the distances between the target data transmission equipment and each target community are weighted and summed to obtain the derivative characteristics of the target data transmission equipment. In fig. 2, the risk index is taken as the data security index, the derivative characteristic of the target data transmission device 3 is 0, and the derivative characteristic of the target data transmission device 2 is: 0.8/4+0.6/3+0.6/2=0.7, the derivative characteristics of the target data transmission device 3 are: 0.8/1+0.6/3+0.6/3=1.2.
In another example, the association relationship between the target data transmission device and the target community can be described by the position relationship between the target data transmission device and the target community, and derivative features are obtained by combining the target community safety index on the basis of the position relationship. The determining the derivative characteristic of the target data transmission device according to the association relationship between the target data transmission device and the target community may include:
s301, judging whether target data transmission equipment exists in a target community or not;
s302, if the target community exists, determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment exists;
specifically, the derivative characteristics of the data transmission device can be determined according to the distance between the target data transmission device and the central node of the target community and the safety index of the target community where the target data transmission device is located. For example, in fig. 2, the target data transmission device 1 is located in the target community 1, the shortest distance to the central node of the target community 1 is 1, the risk index of the target community 1 is 0.8, and the derivative characteristic of the target data transmission device 1 is 0.8.
S303, if the target community which can be reached by the target data transmission equipment is not found, and the derivative characteristics of the target data transmission equipment are determined according to the distance between the target data transmission equipment and the reachable target community.
For example, the data security index of the target communities can be used as a weight, and the distances between the target data transmission equipment and each target community are weighted and summed to obtain the derivative characteristics of the target data transmission equipment. For example, in fig. 2, all the target data transmission devices 2 can reach the target communities 1, 2 and 3, and the risk index is used as a data security index, and the derivative characteristics of the target data transmission device 2 are as follows: 0.8/4+0.6/3+0.6/2=0.7.
And S4, identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics, and carrying out data interaction according to the data transmission security level.
For example, the derived features of the target data transmission device may be input into a trained recognition model to obtain the data transmission security level of the target data transmission device. Wherein: the trained recognition model can analyze the derived features to recognize the data transmission security level of the target data transmission device. And if the data transmission security level is greater than or equal to the preset level, carrying out data transmission through the target data transmission equipment, and if the data transmission security level is less than the preset level, not carrying out data transmission through the target data transmission equipment.
Furthermore, in order to improve the accuracy of data transmission security level identification, the derivative features and the data transmission features of the target data transmission device can be input into a trained second identification model together to obtain the data transmission security level of the target data transmission device. Wherein: the trained second recognition model can analyze the derived features and the data transmission features to recognize the data transmission security level of the target data transmission device. Wherein: the data transmission features may include: transmission time, transmission channel, transmission protocol, device information of the data transmission device, etc. The device information may be attribute information disclosed by the terminal selection, such as: device location information, device communication information, device model number, device user attribute information, and the like.
Fig. 3 is a secure interactive apparatus for reverse screening derived features of the present invention, as shown in fig. 3, the apparatus comprising:
a first determining module 31, configured to determine, through community discovery, a community to which each data transmission device belongs;
the reverse screening module 32 is configured to reversely screen out the target community according to the data security index of each community;
a second determining module 33, configured to determine derived features of the target data transmission device according to an association relationship between the target data transmission device and a target community;
and the data transmission module 34 is used for identifying the data transmission security level of the target data transmission device according to the derivative characteristics and performing data interaction according to the data transmission security level.
In one embodiment, the second determining module 33 includes:
the first sub-determining module is used for respectively determining the distance between the target data transmission equipment and each target community;
and the second sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
Further, the first sub-determination module includes:
the first judging module is used for judging whether the target data transmission equipment can reach the target community or not;
a third sub-determining module, configured to, if the target data transmission device is not reachable, make a distance between the target data transmission device and the unreachable target community zero; if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node.
In another embodiment, the second determining module 33 includes:
the second judging module is used for judging whether the target data transmission equipment exists in the target community or not;
the third sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment is located if the target data transmission equipment exists; if the target community is not available, searching a target community which can be reached by the target data transmission equipment, and determining the derivative characteristic of the target data transmission equipment according to the distance between the target data transmission equipment and the target community which can be reached.
The first determining module 31 includes:
the creation module is used for creating a network by taking the data transmission equipment as a node;
and the community discovery module is used for determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
Further, the device further comprises:
and the adjustment module is used for determining communities to which each data transmission device belongs through community discovery after adjusting the network and/or adjusting the community discovery process if the reverse screening module does not screen the target communities according to the data security indexes of each community. Wherein: the tuning network comprises: adjusting the type of the network node and/or adjusting the association relationship between the nodes; the adjusting community discovery process includes: and adjusting a community discovery algorithm or adjusting training parameters in the community discovery algorithm.
It will be appreciated by those skilled in the art that the modules in the embodiments of the apparatus described above may be distributed in an apparatus as described, or may be distributed in one or more apparatuses different from the embodiments described above with corresponding changes. The modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.
The following describes an embodiment of an electronic device of the present invention, which may be regarded as a physical form of implementation for the above-described embodiment of the method and apparatus of the present invention. Details described in relation to the embodiments of the electronic device of the present invention should be considered as additions to the embodiments of the method or apparatus described above; for details not disclosed in the embodiments of the electronic device of the present invention, reference may be made to the above-described method or apparatus embodiments.
Fig. 4 is a block diagram of an exemplary embodiment of an electronic device according to the present invention. The electronic device shown in fig. 4 is only an example and should not be construed as limiting the functionality and scope of use of the embodiments of the present invention.
As shown in fig. 4, the electronic device 400 of the exemplary embodiment is in the form of a general-purpose data processing device. The components of electronic device 400 may include, but are not limited to: at least one processing unit 410, at least one memory unit 420, a bus 430 connecting the different electronic device components (including memory unit 420 and processing unit 410), a display unit 440, and the like.
The storage unit 420 stores a computer readable program, which may be a source program or code of a read only program. The program may be executed by the processing unit 410 such that the processing unit 410 performs the steps of various embodiments of the present invention. For example, the processing unit 410 may perform the steps shown in fig. 1.
Bus 430 may be a local bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or using any of a variety of bus architectures.
The electronic device 400 may also communicate with one or more external devices 100 (e.g., keyboard, display, network device, bluetooth device, etc.), such that a user can interact with the electronic device 400 via the external devices 100, and/or such that the electronic device 400 can communicate with one or more other data processing devices (e.g., routers, modems, etc.). Such communication may occur through an input/output (I/O) interface 450, and may also be through a network adapter 460 to one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network the network adapter 460 may communicate with other modules of the electronic device 400 via the bus 430.
FIG. 5 is a schematic diagram of one embodiment of a computer readable medium of the present invention. As shown in fig. 5, the computer program may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. The computer program, when executed by one or more data processing devices, enables the computer readable medium to carry out the above-described method of the present invention, namely: determining communities to which each data transmission device belongs through community discovery; reversely screening out target communities according to the data security indexes of all communities; determining derivative characteristics of target data transmission equipment according to the association relation between the target data transmission equipment and a target community; and identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics, and carrying out data interaction according to the data transmission security level.
The above-described specific embodiments further describe the objects, technical solutions and advantageous effects of the present invention in detail, and it should be understood that the present invention is not inherently related to any particular computer, virtual device or electronic apparatus, and various general-purpose devices may also implement the present invention. The foregoing description of the embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the invention.
Claims (16)
1. A method of secure interaction for reverse screening derived features, the method comprising:
determining communities to which each data transmission device belongs through community discovery;
reversely screening out target communities according to the data security indexes of all communities;
determining derivative characteristics of target data transmission equipment according to the association relation between the target data transmission equipment and a target community;
and identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics, and carrying out data interaction according to the data transmission security level.
2. The method of claim 1, wherein the determining the derivative characteristic of the target data transfer device based on the association between the target data transfer device and the target community comprises:
respectively determining the distance between the target data transmission equipment and each target community;
and determining the derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
3. The method of claim 2, wherein determining the distance between the target data transfer device and each target community comprises:
judging whether the target data transmission equipment can reach a target community or not;
if the target community is not reachable, the distance from the target data transmission equipment to the unreachable target community is zero;
if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node.
4. The method according to claim 1, characterized in that: the determining the derivative characteristics of the target data transmission equipment according to the association relation between the target data transmission equipment and the target community comprises the following steps:
judging whether the target data transmission equipment exists in a target community or not;
if the target community exists, determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment exists;
if the target community is not available, searching a target community which can be reached by the target data transmission equipment, and determining the derivative characteristic of the target data transmission equipment according to the distance between the target data transmission equipment and the target community which can be reached.
5. The method of claim 1, wherein the determining, by community discovery, the community to which each data transmission device belongs comprises:
establishing a network by taking data transmission equipment as a node;
and determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
6. The method according to claim 5, wherein if the target community is not selected according to the data security index of each community, the network is adjusted and/or the community discovery process is adjusted, and then the community to which each data transmission device belongs is determined through community discovery.
7. The method of claim 6, wherein the adjusting the network comprises: adjusting the type of the network node and/or adjusting the association relationship between the nodes; the adjusting community discovery process includes: and adjusting a community discovery algorithm or adjusting training parameters in the community discovery algorithm.
8. A secure interactive apparatus for retrospectively screening derived features, the apparatus comprising:
the first determining module is used for determining communities to which each data transmission device belongs through community discovery;
the reverse screening module is used for reversely screening out target communities according to the data security indexes of all communities;
the second determining module is used for determining the derivative characteristics of the target data transmission equipment according to the association relation between the target data transmission equipment and the target community;
and the data transmission module is used for identifying the data transmission security level of the target data transmission equipment according to the derivative characteristics and carrying out data interaction according to the data transmission security level.
9. The apparatus of claim 8, wherein the second determining module comprises:
the first sub-determining module is used for respectively determining the distance between the target data transmission equipment and each target community;
and the second sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the distance between the target data transmission equipment and each target community and the data security index of each target community.
10. The apparatus of claim 9, wherein the first sub-determination module comprises:
the first judging module is used for judging whether the target data transmission equipment can reach the target community or not;
a third sub-determining module, configured to, if the target data transmission device is not reachable, make a distance between the target data transmission device and the unreachable target community zero; if the target community is reachable, the distance between the target data transmission device and the reachable target community is the shortest distance between the target data transmission device and the reachable target community center node.
11. The apparatus according to claim 8, wherein: the second determining module includes:
the second judging module is used for judging whether the target data transmission equipment exists in the target community or not;
the third sub-determining module is used for determining the derivative characteristics of the target data transmission equipment according to the target community where the target data transmission equipment is located if the target data transmission equipment exists; if the target community is not available, searching a target community which can be reached by the target data transmission equipment, and determining the derivative characteristic of the target data transmission equipment according to the distance between the target data transmission equipment and the target community which can be reached.
12. The apparatus of claim 8, wherein the first determining module comprises:
the creation module is used for creating a network by taking the data transmission equipment as a node;
and the community discovery module is used for determining communities to which each data transmission device in the network belongs through a community discovery algorithm.
13. The apparatus as recited in claim 12, further comprising:
and the adjustment module is used for determining communities to which each data transmission device belongs through community discovery after adjusting the network and/or adjusting the community discovery process if the reverse screening module does not screen the target communities according to the data security indexes of each community.
14. The apparatus of claim 13, wherein the adjustment network comprises: adjusting the type of the network node and/or adjusting the association relationship between the nodes; the adjusting community discovery process includes: and adjusting a community discovery algorithm or adjusting training parameters in the community discovery algorithm.
15. An electronic device, comprising:
a processor; and
a memory storing computer-executable instructions that, when executed, cause the processor to perform the method of any one of claims 1 to 7.
16. A computer readable storage medium storing one or more programs, which when executed by a processor, implement the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311606572.XA CN117879858A (en) | 2023-11-28 | 2023-11-28 | Safe interaction method and device for reversely screening derivative features |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311606572.XA CN117879858A (en) | 2023-11-28 | 2023-11-28 | Safe interaction method and device for reversely screening derivative features |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117879858A true CN117879858A (en) | 2024-04-12 |
Family
ID=90583559
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311606572.XA Pending CN117879858A (en) | 2023-11-28 | 2023-11-28 | Safe interaction method and device for reversely screening derivative features |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117879858A (en) |
-
2023
- 2023-11-28 CN CN202311606572.XA patent/CN117879858A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3304823B1 (en) | Method and apparatus for computing cell density based rareness for use in anomaly detection | |
| CN110445653B (en) | Network state prediction method, device, equipment and medium | |
| US10547618B2 (en) | Method and apparatus for setting access privilege, server and storage medium | |
| US9191403B2 (en) | Cyber security adaptive analytics threat monitoring system and method | |
| CN112019575B (en) | Data packet processing method and device, computer equipment and storage medium | |
| US7809824B2 (en) | Classification and cluster analysis spam detection and reduction | |
| CN113315742B (en) | Attack behavior detection method and device and attack detection equipment | |
| US20140258520A1 (en) | Systems and methods for categorizing network traffic content | |
| CN104995870A (en) | Multi-objective server placement determination | |
| CN105915602B (en) | Dispatching method and system based on community detection algorithm P2P network | |
| CN110224859B (en) | Method and system for identifying a group | |
| Chen et al. | FCM technique for efficient intrusion detection system for wireless networks in cloud environment | |
| CN113821793B (en) | Multi-stage attack scene construction method and system based on graph convolution neural network | |
| CN111224941A (en) | Threat type identification method and device | |
| CN114358312A (en) | Training method, equipment and storage medium of network alarm event recognition model | |
| Vairagade et al. | Enabling machine learning‐based side‐chaining for improving QoS in blockchain‐powered IoT networks | |
| CN114598512A (en) | Honeypot-based network security guarantee method and device and terminal equipment | |
| CN115883187A (en) | Method, device, equipment and medium for identifying abnormal information in network traffic data | |
| CN112532408B (en) | Method, device and storage medium for extracting fault propagation condition | |
| CN117879858A (en) | Safe interaction method and device for reversely screening derivative features | |
| CN114401199B (en) | Hierarchical network capability model management method | |
| CN114205816B (en) | Electric power mobile internet of things information security architecture and application method thereof | |
| CN114567678A (en) | Resource calling method and device of cloud security service and electronic equipment | |
| Lysenko et al. | Botnet Detection Approach Based on DNS. | |
| CN115460110B (en) | Abnormal AS _ PATH detection method and device based on link prediction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |