CN120979701A - Data analysis methods, apparatus, computer equipment and storage media - Google Patents
Data analysis methods, apparatus, computer equipment and storage mediaInfo
- Publication number
- CN120979701A CN120979701A CN202511045232.3A CN202511045232A CN120979701A CN 120979701 A CN120979701 A CN 120979701A CN 202511045232 A CN202511045232 A CN 202511045232A CN 120979701 A CN120979701 A CN 120979701A
- Authority
- CN
- China
- Prior art keywords
- attack
- verification
- probability
- preset
- coefficient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B10/00—Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
- H04B10/70—Photonic quantum communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Optics & Photonics (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
本申请属于人工智能技术领域,涉及一种数据分析方法,包括:采集目标设备的参数数据;其中,参数数据包括指纹验证失败次数与误码率;对指纹验证失败次数进行计算得到攻击威胁系数;对误码率进行计算得到信道脆弱系数;基于破解概率计算策略对攻击威胁系数与信道脆弱系数进行计算处理得到破解概率;获取概率阈值与时间阈值;基于概率阈值与时间阈值对破解概率进行攻击识别处理生成攻击识别结果;对攻击识别结果进行输出处理。本申请还提供一种数据分析装置、计算机设备及存储介质。此外,本申请还涉及区块链技术,攻击识别结果可存储于区块链中。本申请可应用于金融科技领域中的设备攻击识别场景,提高了设备攻击识别的识别效率与识别准确率。
This application belongs to the field of artificial intelligence technology and relates to a data analysis method, including: collecting parameter data of a target device; wherein the parameter data includes the number of fingerprint verification failures and the bit error rate; calculating an attack threat coefficient from the number of fingerprint verification failures; calculating a channel vulnerability coefficient from the bit error rate; calculating and processing the attack threat coefficient and the channel vulnerability coefficient based on a cracking probability calculation strategy to obtain a cracking probability; obtaining a probability threshold and a time threshold; performing attack identification processing on the cracking probability based on the probability threshold and the time threshold to generate an attack identification result; and outputting the attack identification result. This application also provides a data analysis device, a computer device, and a storage medium. Furthermore, this application relates to blockchain technology, and the attack identification result can be stored in the blockchain. This application can be applied to device attack identification scenarios in the fintech field, improving the identification efficiency and accuracy of device attack identification.
Description
技术领域Technical Field
本申请涉及人工智能技术领域,可应用于金融科技领域,尤其涉及数据分析方法、装置、计算机设备及存储介质。This application relates to the field of artificial intelligence technology and can be applied to the financial technology field, particularly to data analysis methods, devices, computer equipment and storage media.
背景技术Background Technology
在物联网技术深度融入保险行业的当下,物联网保险风控体系的建设成为保障业务安全、稳定运行的关键环节。然而,现有的物联网保险风控体系存在显著缺陷,其中物联网设备的攻击识别方式是突出问题之一。目前,大部分物联网设备攻击识别主要依赖传统的规则匹配或简单的特征提取方法,这些方法在面对日益复杂、多变的网络攻击手段时,显得力不从心。一方面,识别效率较低,难以快速响应实时攻击,导致攻击行为可能持续较长时间,对物联网保险系统造成严重损害;另一方面,准确率欠佳,容易将正常设备行为误判为攻击行为,或者将实际攻击行为漏判,进而影响保险业务的正常开展和风险评估的准确性。With the deep integration of IoT technology into the insurance industry, the construction of an IoT insurance risk control system has become a crucial link in ensuring the security and stable operation of the business. However, existing IoT insurance risk control systems have significant shortcomings, among which the methods for identifying attacks on IoT devices are a prominent issue. Currently, most IoT device attack identification relies mainly on traditional rule matching or simple feature extraction methods. These methods are inadequate in the face of increasingly complex and varied cyberattacks. On the one hand, the identification efficiency is low, making it difficult to respond quickly to real-time attacks, which can lead to attacks lasting for a long time and causing serious damage to the IoT insurance system. On the other hand, the accuracy is poor, easily misjudging normal device behavior as attack behavior or missing actual attack behavior, thereby affecting the normal operation of insurance business and the accuracy of risk assessment.
在金融领域,类似的问题同样存在。以银行自助终端设备为例,部分银行采用的攻击识别系统在面对新型网络攻击时,由于识别算法的局限性,对攻击特征的提取不够精准全面,导致攻击识别的准确率较低。例如,曾出现黑客利用隐蔽的恶意软件对自助终端进行数据窃取攻击,而现有的识别系统未能及时、准确地识别出该攻击行为,致使大量客户信息泄露,给银行和客户带来巨大损失。因此,提高物联网设备攻击识别的效率和准确率,成为当前物联网保险风控体系亟待解决的重要问题。Similar problems exist in the financial sector. Taking bank self-service terminals as an example, some banks' attack detection systems, when facing new types of cyberattacks, suffer from low accuracy due to limitations in their algorithms and insufficient precision in extracting attack characteristics. For instance, hackers have used covert malware to launch data theft attacks on self-service terminals, and existing detection systems failed to identify these attacks promptly and accurately, leading to the leakage of large amounts of customer information and causing significant losses to banks and customers. Therefore, improving the efficiency and accuracy of attack detection for IoT devices has become a crucial issue that urgently needs to be addressed in current IoT insurance risk control systems.
发明内容Summary of the Invention
本申请实施例的目的在于提出一种数据分析方法、装置、计算机设备及存储介质,以解决现有的物联网设备的攻击识别方式存在的识别效率和识别准确率较低的技术问题。The purpose of this application is to provide a data analysis method, apparatus, computer equipment, and storage medium to solve the technical problems of low identification efficiency and low identification accuracy in existing attack identification methods for Internet of Things devices.
第一方面,提供了一种数据分析方法,包括:Firstly, a data analysis method is provided, including:
采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率;Collect parameter data corresponding to the target device; wherein, the target device is an Internet of Things (IoT) device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate;
基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数;The number of fingerprint verification failures is calculated based on a preset attack threat coefficient calculation strategy to obtain the corresponding attack threat coefficient.
基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数;The bit error rate is calculated based on a preset channel vulnerability coefficient calculation strategy to obtain the corresponding channel vulnerability coefficient.
基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率;The attack threat coefficient and the channel vulnerability coefficient are calculated based on a preset cracking probability calculation strategy to obtain the corresponding cracking probability.
获取预设的概率阈值与时间阈值;Obtain the preset probability threshold and time threshold;
基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果;Based on the probability threshold and the time threshold, the attack identification process is performed on the cracking probability to generate the corresponding attack identification result;
对所述攻击识别结果进行输出处理。The attack identification results are then processed for output.
第二方面,提供了一种数据分析装置,包括:Secondly, a data analysis device is provided, comprising:
采集模块,用于采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率;The acquisition module is used to acquire parameter data corresponding to the target device; wherein, the target device is an Internet of Things (IoT) device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate;
第一计算模块,用于基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数;The first calculation module is used to calculate the number of fingerprint verification failures based on a preset attack threat coefficient calculation strategy to obtain the corresponding attack threat coefficient.
第二计算模块,用于基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数;The second calculation module is used to calculate the bit error rate based on a preset channel vulnerability coefficient calculation strategy to obtain the corresponding channel vulnerability coefficient.
第三计算模块,用于基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率;The third calculation module is used to calculate the attack threat coefficient and the channel vulnerability coefficient based on a preset cracking probability calculation strategy to obtain the corresponding cracking probability.
获取模块,用于获取预设的概率阈值与时间阈值;The acquisition module is used to acquire preset probability thresholds and time thresholds;
识别模块,用于基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果;The identification module is used to perform attack identification processing on the cracking probability based on the probability threshold and the time threshold, and generate the corresponding attack identification result;
输出模块,用于对所述攻击识别结果进行输出处理。The output module is used to process the attack identification results.
第三方面,提供了一种计算机设备,包括存储器、处理器以及存储在存储器中并可在处理器上运行的计算机程序,处理器执行计算机程序时实现上述数据分析方法的步骤。Thirdly, a computer device is provided, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the steps of the above-described data analysis method.
第四方面,提供了一种计算机可读存储介质,计算机可读存储介质存储有计算机程序,计算机程序被处理器执行时实现上述数据分析方法的步骤。Fourthly, a computer-readable storage medium is provided, which stores a computer program that, when executed by a processor, implements the steps of the above-described data analysis method.
上述数据分析方法、装置、计算机设备及存储介质所实现的方案中,首先采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率;然后基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数;之后基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数;后续基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率;进一步获取预设的概率阈值与时间阈值;并基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果;最后对所述攻击识别结果进行输出处理。基于以上的自动化处理流程,本申请通过采集与目标设备的指纹验证失败次数与误码率,然后基于攻击威胁系数计算策略的使用对指纹验证失败次数进行计算处理得到攻击威胁系数,以及基于信道脆弱系数计算策略的使用对误码率进行计算处理得到信道脆弱系数,进而基于破解概率计算策略的使用对攻击威胁系数与信道脆弱系数进行计算处理得到破解概率,以结合量子参数与设备行为动态计算破解概率,后续基于概率阈值与时间阈值的结合使用对破解概率进行攻击识别处理,以实现毫秒级攻击识别并自动准确地生成对应的攻击识别结果,有效地提高了攻击识别的识别效率与识别准确率,保证了生成的攻击识别结果的准确性。In the above-described data analysis method, apparatus, computer equipment, and storage medium, parameter data corresponding to the target device is first collected; wherein, the target device is an IoT device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate; then, the number of fingerprint verification failures is calculated based on a preset attack threat coefficient calculation strategy to obtain the corresponding attack threat coefficient; subsequently, the bit error rate is calculated based on a preset channel vulnerability coefficient calculation strategy to obtain the corresponding channel vulnerability coefficient; subsequently, the attack threat coefficient and the channel vulnerability coefficient are calculated based on a preset cracking probability calculation strategy to obtain the corresponding cracking probability; further, preset probability thresholds and time thresholds are obtained; and attack identification processing is performed on the cracking probability based on the probability thresholds and the time thresholds to generate the corresponding attack identification result; finally, the attack identification result is output. Based on the above automated processing flow, this application collects the number of fingerprint verification failures and the bit error rate of the target device. Then, it calculates the attack threat coefficient based on the number of fingerprint verification failures using an attack threat coefficient calculation strategy, and calculates the channel vulnerability coefficient based on the bit error rate using a channel vulnerability coefficient calculation strategy. Subsequently, it calculates the cracking probability based on the attack threat coefficient and the channel vulnerability coefficient using a cracking probability calculation strategy. The cracking probability is then dynamically calculated by combining quantum parameters and device behavior. Finally, the cracking probability is processed for attack identification based on a combination of probability threshold and time threshold, so as to achieve millisecond-level attack identification and automatically and accurately generate the corresponding attack identification results. This effectively improves the identification efficiency and accuracy of attack identification and ensures the accuracy of the generated attack identification results.
附图说明Attached Figure Description
为了更清楚地说明本申请中的方案,下面将对本申请实施例描述中所需要使用的附图作一个简单介绍,显而易见地,下面描述中的附图是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。To more clearly illustrate the solutions in this application, the accompanying drawings used in the description of the embodiments of this application will be briefly introduced below. Obviously, the accompanying drawings described below are some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
图1是本申请可以应用于其中的示例性系统架构图;Figure 1 is an exemplary system architecture diagram in which this application can be applied;
图2是根据本申请的数据分析方法的一个实施例的流程图;Figure 2 is a flowchart of an embodiment of the data analysis method according to this application;
图3是根据本申请的数据分析装置的一个实施例的结构示意图;Figure 3 is a schematic diagram of a structure of an embodiment of the data analysis apparatus according to this application;
图4是根据本申请的计算机设备的一个实施例的结构示意图。Figure 4 is a schematic diagram of the structure of an embodiment of a computer device according to this application.
具体实施方式Detailed Implementation
除非另有定义,本文所使用的所有的技术和科学术语与属于本申请的技术领域的技术人员通常理解的含义相同;本文中在申请的说明书中所使用的术语只是为了描述具体的实施例的目的,不是旨在于限制本申请;本申请的说明书和权利要求书及上述附图说明中的术语“包括”和“具有”以及它们的任何变形,意图在于覆盖不排他的包含。本申请的说明书和权利要求书或上述附图中的术语“第一”、“第二”等是用于区别不同对象,而不是用于描述特定顺序。Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application pertains; the terminology used herein in the specification of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having," and any variations thereof, in the specification, claims, and foregoing drawings of this application, are intended to cover non-exclusive inclusion. The terms "first," "second," etc., in the specification, claims, or foregoing drawings of this application are used to distinguish different objects, not to describe a particular order.
在本文中提及“实施例”意味着,结合实施例描述的特定特征、结构或特性可以包含在本申请的至少一个实施例中。在说明书中的各个位置出现该短语并不一定均是指相同的实施例,也不是与其它实施例互斥的独立的或备选的实施例。本领域技术人员显式地和隐式地理解的是,本文所描述的实施例可以与其它实施例相结合。In this document, the term "embodiment" means that a particular feature, structure, or characteristic described in connection with an embodiment may be included in at least one embodiment of this application. The appearance of this phrase in various places throughout the specification does not necessarily refer to the same embodiment, nor is it a separate or alternative embodiment mutually exclusive with other embodiments. It will be explicitly and implicitly understood by those skilled in the art that the embodiments described herein can be combined with other embodiments.
为了使本技术领域的人员更好地理解本申请方案,下面将结合附图,对本申请实施例中的技术方案进行清楚、完整地描述。To enable those skilled in the art to better understand the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings.
如图1所示,系统架构100可以包括终端设备101、网络102和服务器103,终端设备101可以是笔记本电脑1011、平板电脑1012或手机1013。网络102用以在终端设备101和服务器103之间提供通信链路的介质。网络102可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。As shown in Figure 1, the system architecture 100 may include a terminal device 101, a network 102, and a server 103. The terminal device 101 may be a laptop computer 1011, a tablet computer 1012, or a mobile phone 1013. The network 102 is used as a medium to provide a communication link between the terminal device 101 and the server 103. The network 102 may include various connection types, such as wired or wireless communication links or fiber optic cables, etc.
用户可以使用终端设备101通过网络102与服务器103交互,以接收或发送消息等。终端设备101上可以安装有各种通讯客户端应用,例如网页浏览器应用、购物类应用、搜索类应用、即时通信工具、邮箱客户端、社交平台软件等。Users can use terminal device 101 to interact with server 103 via network 102 to receive or send messages, etc. Various communication client applications can be installed on terminal device 101, such as web browser applications, shopping applications, search applications, instant messaging tools, email clients, social media platform software, etc.
终端设备101可以是具有显示屏并且支持网页浏览的各种电子设备,除了笔记本电脑1011、平板电脑1012或手机1013以外,终端设备101还可以是电子书阅读器、MP3播放器(Moving Picture Experts G roup Audio Layer III,动态影像专家压缩标准音频层面III)、MP4(Moving Picture Experts Group Audio Layer IV,动态影像专家压缩标准音频层面IV)播放器、膝上型便携计算机和台式计算机等等。Terminal device 101 can be various electronic devices with a display screen and support web browsing. In addition to laptops 1011, tablets 1012, or mobile phones 1013, terminal device 101 can also be an e-book reader, an MP3 player (Moving Picture Experts Group Audio Layer III), an MP4 player (Moving Picture Experts Group Audio Layer IV), a laptop computer, and a desktop computer, etc.
服务器103可以是提供各种服务的服务器,例如对终端设备101上显示的页面提供支持的后台服务器。Server 103 can be a server that provides various services, such as a backend server that provides support for the pages displayed on terminal device 101.
需要说明的是,本申请实施例所提供的数据分析方法一般由服务器/终端设备执行,相应地,数据分析装置一般设置于服务器/终端设备中。It should be noted that the data analysis method provided in the embodiments of this application is generally executed by a server/terminal device, and correspondingly, the data analysis device is generally located in the server/terminal device.
应该理解,图1中的终端设备、网络和服务器的数目仅仅是示意性的。根据实现需要,可以具有任意数目的终端设备、网络和服务器。It should be understood that the number of terminal devices, networks, and servers shown in Figure 1 is merely illustrative. Depending on implementation needs, any number of terminal devices, networks, and servers can be included.
继续参考图2,示出了根据本申请的数据分析方法的一个实施例的流程图。根据不同的需求,该流程图中步骤的顺序可以改变,某些步骤可以省略。本申请实施例提供的数据分析方法能够应用于任意一种需要进行设备数据分析的场景中,则该数据分析方法能够应用于这些场景的产品中,例如,金融保险领域中的设备数据分析。所述的数据分析方法,包括以下步骤:Referring again to Figure 2, a flowchart of an embodiment of the data analysis method according to this application is shown. The order of steps in this flowchart can be changed, and some steps can be omitted, depending on different needs. The data analysis method provided by this application embodiment can be applied to any scenario requiring device data analysis, and thus can be applied to products in these scenarios, such as device data analysis in the financial insurance field. The data analysis method includes the following steps:
步骤S201,采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率。Step S201: Collect parameter data corresponding to the target device; wherein, the target device is an IoT device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate.
在本实施例中,数据分析方法运行于其上的电子设备(例如图1所示的服务器/终端设备),可以通过有线连接方式或者无线连接方式获取与目标设备对应的参数数据。需要指出的是,上述无线连接方式可以包括但不限于3G/4G/5G连接、WiFi连接、蓝牙连接、WiMAX连接、Zigbee连接、UWB(ultra wideband)连接、以及其他现在已知或将来开发的无线连接方式。本申请的执行主体具体为数据分析系统,或称为量子风控系统,可简称为系统,其中,上述指纹验证失败次数(a)是指设备在24小时内与注册指纹的汉明距离(即二进制位差异数)超过阈值的次数。示例:若注册指纹为101010,当前采样指纹为100010,汉明距离为1(仅第3位不同),则计数a=1。上述误码率(b)是指QKD误码率,通过量子密钥分发信道传输时,因环境干扰或攻击导致的比特错误率,每秒更新一次。示例:正常误码率应低于2%,若攻击者干扰光子传输,误码率可能升至5%。In this embodiment, the electronic device on which the data analysis method runs (e.g., the server/terminal device shown in Figure 1) can acquire parameter data corresponding to the target device through wired or wireless connections. It should be noted that the aforementioned wireless connection methods may include, but are not limited to, 3G/4G/5G connections, WiFi connections, Bluetooth connections, WiMAX connections, Zigbee connections, UWB (ultra wideband) connections, and other currently known or future-developed wireless connection methods. The executing entity of this application is specifically a data analysis system, also known as a quantum risk control system, which can be simply referred to as the system. The aforementioned fingerprint verification failure count (a) refers to the number of times the Hamming distance (i.e., the number of binary bit differences) between the device and the registered fingerprint exceeds a threshold within 24 hours. Example: If the registered fingerprint is 101010, the currently sampled fingerprint is 100010, and the Hamming distance is 1 (only the 3rd bit is different), then the count a = 1. The aforementioned bit error rate (b) refers to the QKD bit error rate, which is the bit error rate caused by environmental interference or attacks during transmission through the quantum key distribution channel, updated once per second. Example: The normal bit error rate should be below 2%. If an attacker interferes with photon transmission, the bit error rate may rise to 5%.
另外,上述目标设备为基于量子技术的物联网设备。物联网设备的注册与量子指纹生成过程包括:1.硬件层量子熵源初始化。实现过程:物联网设备(如智能保险箱)内置铟镓砷化物半导体芯片,通过3.3V电压驱动激光二极管,激发单个光子通过分束器产生量子叠加态(|0>代表水平偏振,|1>代表垂直偏振)。光子偏振态在测量前处于不确定状态,其坍缩结果由海森堡不确定性原理保障不可预测,确保每次采样结果随机且不可复制。量子随机性是设备指纹唯一性的物理基础,解决了传统MAC地址或设备序列号易被中间人攻击伪造的问题(实验显示商用设备指纹克隆成功率达23%)。Furthermore, the target device mentioned above is an IoT device based on quantum technology. The registration and quantum fingerprint generation process of IoT devices includes: 1. Initialization of the hardware-level quantum entropy source. Implementation process: The IoT device (such as a smart safe) has a built-in indium gallium arsenide semiconductor chip, which drives a laser diode with a 3.3V voltage to excite a single photon to generate a quantum superposition state (|0> represents horizontal polarization, |1> represents vertical polarization) through a beam splitter. The photon polarization state is in an uncertain state before measurement, and its collapse result is guaranteed to be unpredictable by the Heisenberg uncertainty principle, ensuring that each sampling result is random and cannot be copied. Quantum randomness is the physical basis for the uniqueness of device fingerprints, solving the problem that traditional MAC addresses or device serial numbers are easily forged by man-in-the-middle attacks (experiments show that the success rate of cloning commercial device fingerprints reaches 23%).
2.指纹生成与存储。实现过程:原始数据采集:芯片以1MHz频率连续采样106个量子态(如|0>,|1>,|0>...),生成长度为106bit的原始序列S。偏置消除:将S分割为相邻2位组,丢弃[00]和[11](因无法体现量子随机性),将[01]转换为"0"、[10]转换为"1",输出约250,000bit的序列F。哈希压缩:对F进行SHA-3(Keccak算法)单向哈希处理,生成128位摘要作为最终设备指纹,存储于设备TPM安全芯片中。通过量子随机性(原始数据)与哈希算法(防碰撞)结合,确保指纹不可克隆,为后续风控提供唯一标识。2. Fingerprint Generation and Storage. Implementation Process: Raw Data Acquisition: The chip continuously samples 10⁶ quantum states (e.g., |0>, |1>, |0>...) at a frequency of 1MHz, generating a raw sequence S of length 10⁶ bits. Bias Elimination: S is divided into adjacent 2-bit groups, discarding [00] and [11] (because they cannot reflect quantum randomness), converting [01] to "0" and [10] to "1", outputting a sequence F of approximately 250,000 bits. Hash Compression: F is subjected to SHA-3 (Keccak algorithm) one-way hash processing to generate a 128-bit digest as the final device fingerprint, which is stored in the device's TPM security chip. By combining quantum randomness (raw data) with a hash algorithm (collision prevention), the fingerprint is ensured to be unclonable, providing a unique identifier for subsequent risk control.
3.首次注册验证。实现过程:设备首次联网时,通过QKD安全信道向保险公司量子认证中心发送指纹H1。认证中心记录H1并与设备标识(如序列号)绑定,完成初始备案。通过建立设备与保险系统的初始信任链,后续所有风控操作均基于此指纹的唯一性验证。3. Initial Registration Verification. Implementation Process: When the device connects to the network for the first time, it sends its fingerprint H1 to the insurance company's quantum certification center via the QKD secure channel. The certification center records H1 and binds it to the device identifier (such as a serial number), completing the initial registration. By establishing an initial trust chain between the device and the insurance system, all subsequent risk control operations are based on the uniqueness verification of this fingerprint.
设备注册阶段通过量子物理特性生成不可伪造的唯一指纹,解决传统物联网设备身份可信问题。TPM芯片存储指纹确保本地安全,而量子认证中心备案则为后续动态监测提供基准。During the device registration phase, a unique, unforgeable fingerprint is generated using quantum physics properties, solving the problem of trustworthy identity for traditional IoT devices. The TPM chip stores the fingerprint to ensure local security, while the quantum certification center registration provides a benchmark for subsequent dynamic monitoring.
步骤S202,基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数。Step S202: Calculate the number of fingerprint verification failures based on a preset attack threat coefficient calculation strategy to obtain the corresponding attack threat coefficient.
在本实施例中,上述攻击威胁系数计算策略包括:攻击威胁系数(T):反映设备指纹异常的频率,公式为:T=(a/10)×α,其中,a为指纹验证失败次数,α为基于历史攻击数据回归得出的参数,数值可设为0.73,逻辑:每10次指纹异常增加0.73的威胁值。示例:若24小时内a=20,则T=20/10×0.73=1.46。In this embodiment, the above-mentioned attack threat coefficient calculation strategy includes: Attack Threat Coefficient (T): reflecting the frequency of device fingerprint anomalies, the formula is: T = (a/10) × α, where a is the number of fingerprint verification failures, and α is a parameter derived from regression based on historical attack data, the value of which can be set to 0.73. The logic is: every 10 fingerprint anomalies increase the threat value by 0.73. Example: If a = 20 within 24 hours, then T = 20/10 × 0.73 = 1.46.
步骤S203,基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数。Step S203: The bit error rate is calculated based on a preset channel vulnerability coefficient calculation strategy to obtain the corresponding channel vulnerability coefficient.
在本实施例中,上述信道脆弱系数计算策略包括:信道脆弱系数(V):反映QKD信道受攻击的强度,公式为:V=e^(20×(b-0.02)),b为误码率。逻辑:误码率超过2%时,指数级增长(如b=3%时,V=e^(20×0.01)≈1.22)。示例:若误码率b=5%,则V=e^(20×0.03)≈1.82。In this embodiment, the channel vulnerability coefficient calculation strategy includes: Channel vulnerability coefficient (V): reflecting the strength of the QKD channel under attack, the formula is: V=e^(20×(b-0.02)), where b is the bit error rate. Logically: when the bit error rate exceeds 2%, it increases exponentially (e.g., when b=3%, V=e^(20×0.01)≈1.22). Example: If the bit error rate b=5%, then V=e^(20×0.03)≈1.82.
步骤S204,基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率。Step S204: Calculate the attack threat coefficient and the channel vulnerability coefficient based on a preset cracking probability calculation strategy to obtain the corresponding cracking probability.
在本实施例中,上述基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率的具体实施过程,本申请将在后续的具体实施例中对此进行进一步的细节描述,在此不作过多阐述。In this embodiment, the specific implementation process of calculating the attack threat coefficient and the channel vulnerability coefficient based on the preset cracking probability calculation strategy to obtain the corresponding cracking probability will be further described in detail in subsequent specific embodiments of this application, and will not be elaborated on here.
步骤S205,获取预设的概率阈值与时间阈值。Step S205: Obtain the preset probability threshold and time threshold.
在本实施例中,对于上述概率阈值与时间阈值的取值不做具体限定,可根据实际的业务需求进行设置,例如概率阈值可设为10^-6,时间阈值设为5秒。In this embodiment, the values of the probability threshold and time threshold are not specifically limited and can be set according to actual business needs. For example, the probability threshold can be set to 10^-6 and the time threshold can be set to 5 seconds.
步骤S206,基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果。Step S206: Based on the probability threshold and the time threshold, perform attack identification processing on the cracking probability to generate the corresponding attack identification result.
在本实施例中,上述基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果的具体实施过程,本申请将在后续的具体实施例中对此进行进一步的细节描述,在此不作过多阐述。In this embodiment, the specific implementation process of performing attack identification processing on the cracking probability based on the probability threshold and the time threshold to generate the corresponding attack identification result will be further described in detail in subsequent specific embodiments of this application, and will not be elaborated on here.
步骤S207,对所述攻击识别结果进行输出处理。Step S207: Output the attack identification result.
在本实施例中,可通过将生成的攻击识别结果发送给相关人员,如目标设备的使用者,或者还可包括保险公司的相关业务人员,从而完成对于攻击识别结果的输出处理。In this embodiment, the generated attack identification results can be sent to relevant personnel, such as users of the target device, or relevant business personnel of the insurance company, thereby completing the output processing of the attack identification results.
本申请首先采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率;然后基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数;之后基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数;后续基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率;进一步获取预设的概率阈值与时间阈值;并基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果;最后对所述攻击识别结果进行输出处理。基于以上的自动化处理流程,本申请通过采集与目标设备的指纹验证失败次数与误码率,然后基于攻击威胁系数计算策略的使用对指纹验证失败次数进行计算处理得到攻击威胁系数,以及基于信道脆弱系数计算策略的使用对误码率进行计算处理得到信道脆弱系数,进而基于破解概率计算策略的使用对攻击威胁系数与信道脆弱系数进行计算处理得到破解概率,以结合量子参数与设备行为动态计算破解概率,后续基于概率阈值与时间阈值的结合使用对破解概率进行攻击识别处理,以实现毫秒级攻击识别并自动准确地生成对应的攻击识别结果,有效地提高了攻击识别的识别效率与识别准确率,保证了生成的攻击识别结果的准确性。This application first collects parameter data corresponding to the target device; wherein, the target device is an IoT device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate; then, based on a preset attack threat coefficient calculation strategy, the number of fingerprint verification failures is calculated to obtain the corresponding attack threat coefficient; then, based on a preset channel vulnerability coefficient calculation strategy, the bit error rate is calculated to obtain the corresponding channel vulnerability coefficient; subsequently, based on a preset cracking probability calculation strategy, the attack threat coefficient and the channel vulnerability coefficient are calculated to obtain the corresponding cracking probability; further, preset probability thresholds and time thresholds are obtained; and based on the probability thresholds and time thresholds, the cracking probability is subjected to attack identification processing to generate the corresponding attack identification result; finally, the attack identification result is output. Based on the above automated processing flow, this application collects the number of fingerprint verification failures and the bit error rate of the target device. Then, it calculates the attack threat coefficient based on the number of fingerprint verification failures using an attack threat coefficient calculation strategy, and calculates the channel vulnerability coefficient based on the bit error rate using a channel vulnerability coefficient calculation strategy. Subsequently, it calculates the cracking probability based on the attack threat coefficient and the channel vulnerability coefficient using a cracking probability calculation strategy. The cracking probability is then dynamically calculated by combining quantum parameters and device behavior. Finally, the cracking probability is processed for attack identification based on a combination of probability threshold and time threshold, so as to achieve millisecond-level attack identification and automatically and accurately generate the corresponding attack identification results. This effectively improves the identification efficiency and accuracy of attack identification and ensures the accuracy of the generated attack identification results.
在一些可选的实现方式中,步骤S204包括以下步骤:In some alternative implementations, step S204 includes the following steps:
获取与所述目标设备对应的目标设备参数。Obtain the target device parameters corresponding to the target device.
在本实施例中,基于实际的业务需求,上述目标设备参数根据目标设备的设备类型进行调整(如保险箱γ=1,000,000,智能门锁γ=100,000)。In this embodiment, based on actual business needs, the above target device parameters are adjusted according to the device type of the target device (e.g., safe γ = 1,000,000, smart lock γ = 100,000).
调用预设的加权公式。Invoke the preset weighting formula.
在本实施例中,上述加权公式是指攻击威胁系数与信道脆弱系数进行加权的公式,公式包括:P=(T+V)/γ,其中,P为破解概率、T为攻击威胁系数、V为信道脆弱系数,γ为目标设备参数。In this embodiment, the above weighting formula refers to the formula that weights the attack threat coefficient and the channel vulnerability coefficient. The formula includes: P = (T + V) / γ, where P is the cracking probability, T is the attack threat coefficient, V is the channel vulnerability coefficient, and γ is the target device parameter.
基于所述加权公式对所述攻击威胁系数、所述信道脆弱系数以及所述目标设备参数进行计算处理,得到对应的第一计算结果。The attack threat coefficient, the channel vulnerability coefficient, and the target device parameters are calculated based on the weighted formula to obtain the corresponding first calculation result.
在本实施例中,通过将上述攻击威胁系数、信道脆弱系数以及目标设备参数代入至上述加权公式内的对应位置处进行计算,并将得到的第一计算结果作为相应的破解概率。示例性的:对于保险箱场景:P=(1.46+1.82)/1,000,000=3.28×10^-6(未触发警报)。若攻击者同时伪造指纹(a=50)并干扰信道(b=8%),则:In this embodiment, the attack threat coefficient, channel vulnerability coefficient, and target device parameters are substituted into the corresponding positions in the weighted formula for calculation, and the first calculation result is used as the corresponding cracking probability. For example: For a safe scenario: P = (1.46 + 1.82) / 1,000,000 = 3.28 × 10^-6 (no alarm triggered). If the attacker simultaneously forges a fingerprint (a = 50) and interferes with the channel (b = 8%), then:
T=1050×a(0.73)=3.65,V=e^(20×0.06)≈3.32。T=1050×a(0.73)=3.65, V=e^(20×0.06)≈3.32.
P=(3.65+3.32)/1,000,000=6.97×10^-6(超过阈值10^-6)。P = (3.65 + 3.32) / 1,000,000 = 6.97 × 10^-6 (exceeds the threshold of 10^-6).
将所述第一计算结果作为所述破解概率。The first calculation result is taken as the cracking probability.
本申请通过获取与所述目标设备对应的目标设备参数;然后调用预设的加权公式;之后基于所述加权公式对所述攻击威胁系数、所述信道脆弱系数以及所述目标设备参数进行计算处理,得到对应的第一计算结果;后续将所述第一计算结果作为所述破解概率。基于以上的处理流程,本申请通过获取与目标设备对应的目标设备参数,进而基于加权公式的使用对攻击威胁系数、信道脆弱系数以及目标设备参数进行计算处理,从而可以高效准确地计算出相应的破解概率,提高了破解概率的计算效率,保证了得到的破解概率的数据准确性。This application obtains target device parameters corresponding to the target device; then calls a preset weighted formula; subsequently, it calculates the attack threat coefficient, the channel vulnerability coefficient, and the target device parameters based on the weighted formula to obtain a corresponding first calculation result; and then uses the first calculation result as the cracking probability. Based on the above processing flow, this application obtains target device parameters corresponding to the target device, and then calculates the attack threat coefficient, the channel vulnerability coefficient, and the target device parameters based on the use of a weighted formula, thereby efficiently and accurately calculating the corresponding cracking probability, improving the calculation efficiency of the cracking probability, and ensuring the accuracy of the obtained cracking probability data.
在本实施例的一些可选的实现方式中,步骤S206包括以下步骤:In some optional implementations of this embodiment, step S206 includes the following steps:
判断所述破解概率是否大于所述概率阈值。Determine whether the probability of cracking is greater than the probability threshold.
在本实施例中,通过对上述破解概率与概率阈值进行数值比较,以判别出破解概率是否大于概率阈值。如果检测出破解概率小于概率阈值,则直接判定为无效攻击,并生成内容为不存在攻击事件的攻击识别结果。In this embodiment, the cracking probability is compared numerically with a probability threshold to determine whether the cracking probability is greater than the probability threshold. If the cracking probability is detected to be less than the probability threshold, it is directly determined as an invalid attack, and an attack identification result indicating that no attack event exists is generated.
若所述破解概率大于所述概率阈值,则判断与所述破解概率对应的持续时间是否大于所述时间阈值。If the hacking probability is greater than the probability threshold, then it is determined whether the duration corresponding to the hacking probability is greater than the time threshold.
在本实施例中,通过对上述破解概率对应的持续时间与时间阈值进行数值比较,以判别出持续时间是否大于时间阈值。In this embodiment, the duration corresponding to the above-mentioned cracking probability is compared with a time threshold to determine whether the duration is greater than the time threshold.
若所述持续时间大于所述时间阈值,则生成内容为存在攻击事件的第一攻击识别结果。If the duration is greater than the time threshold, the generated content is the first attack identification result indicating the presence of an attack event.
在本实施例中,如果检测出上述持续时间大于时间阈值,则判定为有效攻击,并生成内容为存在攻击事件的第一攻击识别结果。In this embodiment, if the duration is detected to be greater than the time threshold, it is determined to be a valid attack, and a first attack identification result containing the content of an attack event is generated.
若所述持续时间不大于所述时间阈值,则生成内容为不存在攻击事件的第二攻击识别结果。If the duration is not greater than the time threshold, the generated content is a second attack identification result indicating that no attack event exists.
在本实施例中,而如果检测出上述持续时间不大于时间阈值,则判定为无效攻击,并生成内容为不存在攻击事件的第二攻击识别结果。In this embodiment, if the duration is not greater than the time threshold, it is determined to be an invalid attack, and a second attack identification result is generated, which states that no attack event exists.
本申请通过判断所述破解概率是否大于所述概率阈值;若所述破解概率大于所述概率阈值,则判断与所述破解概率对应的持续时间是否大于所述时间阈值;若所述持续时间大于所述时间阈值,则生成内容为存在攻击事件的第一攻击识别结果;而若所述持续时间不大于所述时间阈值,则生成内容为不存在攻击事件的第二攻击识别结果。基于以上的处理流程,本申请通过将破解概率分别与概率阈值与时间阈值进行数值比较,进而根据得到的数值比较结果可以实现自动准确地完成对于破解概率的攻击识别处理,保证了得到的攻击识别结果的准确性。This application determines whether the cracking probability is greater than a probability threshold; if the cracking probability is greater than the probability threshold, it determines whether the duration corresponding to the cracking probability is greater than a time threshold; if the duration is greater than the time threshold, a first attack identification result indicating the presence of an attack event is generated; and if the duration is not greater than the time threshold, a second attack identification result indicating the absence of an attack event is generated. Based on the above processing flow, this application automatically and accurately completes the attack identification processing for the cracking probability by comparing the cracking probability with both the probability threshold and the time threshold, thereby ensuring the accuracy of the obtained attack identification result.
在一些可选的实现方式中,所述攻击识别结果为存在攻击事件;在步骤S206之后,上述电子设备还可以执行以下步骤:In some optional implementations, the attack identification result indicates the presence of an attack event; after step S206, the aforementioned electronic device may further perform the following steps:
基于预设的安全信道向所述目标设备发送验证指令。A verification command is sent to the target device based on a preset secure channel.
在本实施例中,上述安全信道具体为QKD安全信道。其中,QKD安全信道的建立实现过程包括:光子发射:设备端激光器发射45°线偏振光子流(每脉冲含单光子)。基矢比对:保险服务器随机选择测量基(水平/垂直或45°/135°)。设备通过经典信道告知发射基矢,双方丢弃基矢不匹配的测量结果(约50%数据被丢弃)。密钥生成:保留的比特构成初始密钥K1,误码率阈值设为2%(超过阈值视为信道受干扰)。其中,QKD安全信道确保风控指令传输的量子级安全性,防止中间人攻击或数据篡改。In this embodiment, the aforementioned secure channel is specifically a QKD secure channel. The establishment process of the QKD secure channel includes: Photon emission: The device-side laser emits a 45° linearly polarized photon stream (each pulse contains a single photon). Basis alignment: The security server randomly selects a measurement basis (horizontal/vertical or 45°/135°). The device informs the transmitted basis via a classical channel; both parties discard measurement results with mismatched basis vectors (approximately 50% of the data is discarded). Key generation: The reserved bits constitute the initial key K1, and the bit error rate threshold is set to 2% (exceeding the threshold is considered channel interference). The QKD secure channel ensures quantum-level security for the transmission of risk control commands, preventing man-in-the-middle attacks or data tampering.
判断是否接收到所述目标设备返回的响应信息。Determine whether a response message has been received from the target device.
在本实施例中,通过检测是否接收到目标设备返回的与上述验证指令相对应的响应信息,如果检测到响应信息,响应正常但指纹仍异常,则判定为逻辑攻击(如固件篡改)。In this embodiment, by detecting whether a response information corresponding to the above verification command is received from the target device, if a response information is detected, and the response is normal but the fingerprint is still abnormal, it is determined to be a logical attack (such as firmware tampering).
若未接收到所述目标设备返回的响应信息,则对所述目标设备进行功能锁定处理。If no response is received from the target device, the target device will be locked.
在本实施例中,如果未接收到目标设备返回的响应信息,或者设备响应超时200ms,确认物理入侵(如设备被拆解或信号屏蔽),进而会对目标设备进行功能锁定处理。In this embodiment, if no response information is received from the target device, or if the device response times out by 200ms, physical intrusion is confirmed (such as the device being disassembled or its signal being blocked), and the target device will be subject to a function lockout.
生成与所述目标设备对应的攻击警报。Generate an attack alert corresponding to the target device.
在本实施例中,生成的攻击警告为携带警报数据包的信息,警报数据包可包含以下内容:攻击类型标识(如“指纹伪造”或“信道干扰”)、时间戳(精确到毫秒)、设备唯一ID(链上已注册的哈希值)。In this embodiment, the generated attack warning is information carrying an alarm data packet, which may include the following: attack type identifier (such as "fingerprint forgery" or "channel interference"), timestamp (accurate to milliseconds), and device unique ID (a hash value registered on the chain).
将所述攻击警报发送给相关人员。The attack alert was sent to the relevant personnel.
在本实施例中,上述相关人员可为目标设备的使用者,或者还可以包括保险公司的相关业务人员。可通过采用邮件发送、短信发送等方式,将生成的攻击警报发送给对应的相关人员。In this embodiment, the aforementioned relevant personnel may be users of the target device, or may also include relevant business personnel from an insurance company. The generated attack alert can be sent to the corresponding relevant personnel via email, SMS, or other means.
本申请通过基于预设的安全信道向所述目标设备发送验证指令;然后判断是否接收到所述目标设备返回的响应信息;若未接收到所述目标设备返回的响应信息,则对所述目标设备进行功能锁定处理;之后生成与所述目标设备对应的攻击警报;后续将所述攻击警报发送给相关人员。基于以上的处理流程,本申请在识别出攻击识别结果为存在攻击事件时,会智能地基于安全信道的使用向目标设备发送验证指令,并在检测出未接收到目标设备返回的响应信息时,会自动对目标设备进行功能锁定处理,以及会生成与目标设备对应的攻击警报并发送给相关人员,从而可以实现高效识别攻击并阻断,并且能够及时完成防御,有效确保风控决策的及时性,防止黑客在窗口期内完成渗透,有利于保证用户财产的安全性。This application sends a verification command to the target device via a preset secure channel; then determines whether a response is received from the target device; if no response is received, the target device is functionally locked; subsequently, an attack alert corresponding to the target device is generated; and the attack alert is then sent to relevant personnel. Based on the above processing flow, when the attack identification result indicates the existence of an attack event, this application intelligently sends a verification command to the target device using a secure channel, and automatically locks the target device's functions when no response is received, and generates an attack alert corresponding to the target device and sends it to relevant personnel. This enables efficient attack identification and blocking, timely defense, and ensures timely risk control decisions, preventing hackers from penetrating the target device within the window period, thus protecting user assets.
在一些可选的实现方式中,在所述生成与所述目标设备对应的攻击警报的步骤之后,上述电子设备还可以执行以下步骤:In some alternative implementations, after the step of generating an attack alert corresponding to the target device, the electronic device may further perform the following steps:
调用预设的区块链智能合约。Invoke the preset blockchain smart contract.
在本实施例中,系统在检测到攻击后(如P≥10-6且持续5秒)时,会通过调用区块链智能合约来接收与目标设备对应的攻击警告,该攻击警告为携带警报数据包的信息,警报数据包可包含以下内容:攻击类型标识(如“指纹伪造”或“信道干扰”)、时间戳(精确到毫秒)、设备唯一ID(链上已注册的哈希值)。In this embodiment, when the system detects an attack (e.g., P≥10⁻⁶ and lasts for 5 seconds), it will call the blockchain smart contract to receive the attack warning corresponding to the target device. The attack warning is information carrying an alarm data packet, which may include the following: attack type identifier (e.g., "fingerprint forgery" or "channel interference"), timestamp (accurate to milliseconds), and device unique ID (a hash value registered on the chain).
基于所述区块链智能合约对所述攻击警报进行风险验证。The attack alert is verified based on the blockchain smart contract.
在本实施例中,上述基于所述区块链智能合约对所述攻击警报进行风险验证的具体实施过程,本申请将在后续的具体实施例中对此进行进一步的细节描述,在此不作过多阐述。In this embodiment, the specific implementation process of verifying the attack alert based on the blockchain smart contract will be further described in detail in subsequent specific embodiments of this application, and will not be elaborated on here.
若所述攻击警报通过风险验证,基于预设的保费返还计算策略对所述破解概率进行计算处理,得到对应的目标返还保费。If the attack alert passes the risk verification, the probability of the attack is calculated based on the preset premium refund calculation strategy to obtain the corresponding target premium refund.
在本实施例中,上述基于预设的保费返还计算策略对所述破解概率进行计算处理,得到对应的目标返还保费的具体实施过程,本申请将在后续的具体实施例中对此进行进一步的细节描述,在此不作过多阐述。In this embodiment, the above-mentioned calculation of the cracking probability based on the preset premium return calculation strategy to obtain the specific implementation process of the target premium return is described in more detail in subsequent specific embodiments of this application, and will not be elaborated on here.
将所述目标返还保费发送给与所述目标设备对应的目标用户的用户钱包。The target refund premium will be sent to the user wallet of the target user corresponding to the target device.
在本实施例中,可通过根据生成的目标返还保费,向目标用户的钱包地址发起数值匹配的ERC-1155代币转账,完成资金返还。如此,将量子风险量化结果直接转化为经济激励,形成“安全-收益”正向循环。In this embodiment, the funds can be returned by initiating a numerically matched ERC-1155 token transfer to the target user's wallet address based on the generated target return premium. In this way, the quantum risk quantification result is directly transformed into economic incentives, forming a positive "security-return" cycle.
本申请通过调用预设的区块链智能合约;然后基于所述区块链智能合约对所述攻击警报进行风险验证;若所述攻击警报通过风险验证,基于预设的保费返还计算策略对所述破解概率进行计算处理,得到对应的目标返还保费;后续将所述目标返还保费发送给与所述目标设备对应的目标用户的用户钱包。基于以上的处理流程,本申请在生成与目标设备对应的攻击警报后,会智能地调用区块链智能合约对攻击警报进行风险验证,并在检测出攻击警报通过风险验证后,会自动地基于保费返还计算策略的使用对破解概率进行计算处理得到目标返还保费,并将目标返还保费发送给与目标设备对应的目标用户的用户钱包,可以实现将量子风险量化结果直接转化为经济激励,形成安全-收益正向循环,有利于提高用户体验。This application invokes a preset blockchain smart contract; then, based on the blockchain smart contract, it performs risk verification on the attack alert; if the attack alert passes the risk verification, it calculates the probability of successful attack based on a preset premium refund calculation strategy to obtain the corresponding target refund premium; subsequently, it sends the target refund premium to the user wallet of the target user corresponding to the target device. Based on the above processing flow, after generating an attack alert corresponding to the target device, this application intelligently invokes a blockchain smart contract to perform risk verification on the attack alert, and after detecting that the attack alert has passed the risk verification, it automatically calculates the probability of successful attack based on the premium refund calculation strategy to obtain the target refund premium, and sends the target refund premium to the user wallet of the target user corresponding to the target device. This can realize the direct conversion of quantum risk quantification results into economic incentives, forming a positive cycle of security and benefit, which is conducive to improving user experience.
在本实施例的一些可选的实现方式中,所述基于所述区块链智能合约对所述攻击警报进行风险验证,包括以下步骤:In some optional implementations of this embodiment, the risk verification of the attack alert based on the blockchain smart contract includes the following steps:
基于所述区块链智能合约,根据预设的信息类型从指定数据源获取与所述目标设备对应的验证数据。Based on the blockchain smart contract, verification data corresponding to the target device is obtained from a specified data source according to a preset information type.
在本实施例中,上述信息类型包括设备指纹哈希值信息类型与QKD误码率曲线信息类型。上述指定数据源包括链上分布式存储(如IPFS)与量子信道监测节点(由第三方权威机构运营)。其中,可通过基于区块链智能合约,使用预言机(Oracle)服务从链上分布式存储中拉取目标设备最后10次指纹的哈希值,以及从量子信道监测节点获取最近60秒的误码率原始数据。In this embodiment, the aforementioned information types include device fingerprint hash value information and QKD bit error rate curve information. The specified data sources include on-chain distributed storage (such as IPFS) and quantum channel monitoring nodes (operated by a third-party authoritative institution). Specifically, based on blockchain smart contracts, an oracle service can be used to retrieve the hash values of the target device's last 10 fingerprints from on-chain distributed storage, and the raw bit error rate data for the most recent 60 seconds can be obtained from the quantum channel monitoring node.
基于预设的服务验证策略对所述验证数据进行服务验证。The verification data is verified based on a preset service verification strategy.
在本实施例中,服务验证的目标是确认接收的警报数据(指纹哈希值、误码率曲线)确实来自真实设备,且未被中间人篡改。上述服务验证策略包括:对比上传的当前指纹哈希是否与链上记录一致。示例:若链上记录的哈希为0x123...,而上传数据为0x456...,则判定指纹被篡改,进而判定验证数据未通过服务验证。以及对比上传的误码率曲线是否与节点记录一致。示例:若节点记录误码率在00:00:00-00:00:01为1.5%,而上传数据为8%,则初步判定为攻击导致或数据被篡改。只有在同时检测出上传的当前指纹哈希是否与链上记录一致,且误码率曲线与节点记录一致,才会判定验证数据通过服务验证,否则判定验证数据未通过服务验证。In this embodiment, the goal of service verification is to confirm that the received alarm data (fingerprint hash value, bit error rate curve) indeed comes from a real device and has not been tampered with by a man-in-the-middle attack. The service verification strategy includes: comparing whether the uploaded current fingerprint hash is consistent with the on-chain record. Example: If the hash recorded on the chain is 0x123..., while the uploaded data is 0x456..., then the fingerprint is determined to have been tampered with, and the verification data is determined to have failed service verification. It also compares whether the uploaded bit error rate curve is consistent with the node record. Example: If the node record shows a bit error rate of 1.5% between 00:00:00 and 00:00:01, while the uploaded data shows 8%, then it is initially determined that an attack caused the data tampering. Only when both the uploaded current fingerprint hash and the bit error rate curve are detected to be consistent with the node record will the verification data be determined to have passed service verification; otherwise, the verification data is determined to have failed service verification.
其中,服务验证的作用包括:过滤粗粒度伪造:防止黑客直接伪造整个警报数据包(如虚构指纹哈希或误码率)。建立可信数据源:确保后续分析基于真实设备产生的原始数据。The functions of service verification include: filtering coarse-grained forgery: preventing hackers from directly forging the entire alert data packet (such as fabricating fingerprint hashes or error rates); and establishing trusted data sources: ensuring that subsequent analysis is based on raw data generated by real devices.
若所述验证数据通过服务验证,则基于预设的完整性验证策略对所述验证数据进行完整性验证。If the verification data passes the service verification, then the verification data is subjected to integrity verification based on the preset integrity verification strategy.
在本实施例中,完整性验证的目标包括:检测服务验证通过的数据是否在传输或存储过程中被局部篡改(如修改单个误码率数值或指纹哈希的某几位。上述完整性验证策略包括:量子傅里叶变换(QFT)分析:将误码率曲线或指纹哈希值转换为频率分量(类似傅里叶变换,但利用量子叠加态加速计算)。检测频率分量是否存在异常突变(如黑客篡改数据会引入非自然频率峰值)。Shor算法辅助的频域阈值检测:预设正常数据的频率分布范围(如误码率曲线的基频应在0.1-1Hz之间)。若检测到高频分量(如100Hz尖峰)或频率能量突变超过阈值(如标准差≥3倍),判定数据被篡改。In this embodiment, the objectives of integrity verification include: detecting whether data verified by the service has been partially tampered with during transmission or storage (e.g., modifying a single bit error rate value or a few bits of the fingerprint hash). The integrity verification strategy includes: Quantum Fourier Transform (QFT) analysis: converting the bit error rate curve or fingerprint hash value into frequency components (similar to Fourier transform, but using quantum superposition to accelerate computation). Detecting whether there are abnormal abrupt changes in the frequency components (e.g., hacker tampering with data introduces unnatural frequency peaks). Shor's algorithm-assisted frequency domain threshold detection: pre-setting the frequency distribution range of normal data (e.g., the fundamental frequency of the bit error rate curve should be between 0.1-1Hz). If a high-frequency component (e.g., a 100Hz spike) or a frequency energy abrupt change exceeds the threshold (e.g., standard deviation ≥ 3 times), it is determined that the data has been tampered with.
其中,只有在检测出频率分量不存在异常突变,且未检测到高频分量或频率能量突变不超过阈值,才会判定验证数据通过完整性验证,否则判定验证数据未通过完整性验证。Specifically, the verification data is considered to have passed the integrity verification only if no abnormal changes are detected in the frequency components and no high-frequency components are detected or the frequency energy changes do not exceed the threshold; otherwise, the verification data is considered to have failed the integrity verification.
若所述验证数据通过完整性验证,则判定所述攻击警报通过风险验证,否则判定所述攻击警报未通过风险验证。If the verification data passes the integrity verification, the attack alert is determined to have passed the risk verification; otherwise, the attack alert is determined to have failed the risk verification.
在本实施例中,只有在检测出验证数据同时通过了服务验证与完整性验证,才会判定攻击警报通过风险验证,否则判定攻击警报未通过风险验证。In this embodiment, an attack alert is considered to have passed risk verification only if the detected verification data has passed both service verification and integrity verification; otherwise, the attack alert is considered to have failed risk verification.
其中,双重验证的作用:若仅依赖服务验证,黑客可能通过中间人攻击篡改传输中的数据(如拦截误码率曲线并修改部分数值)。示例:黑客将真实误码率2%→8%的曲线中的2%改为1.5%,使攻击看起来更“自然”,绕过简单阈值检测。量子验证的优势:完整性验证通过频域分析捕捉此类篡改,即使数值修改幅度小,频率分布异常也会暴露问题。The role of dual authentication is crucial: relying solely on service authentication allows hackers to tamper with transmitted data via man-in-the-middle attacks (e.g., intercepting the bit error rate curve and modifying some values). Example: A hacker might change 2% in the curve representing the true bit error rate from 2% to 8% to 1.5%, making the attack appear more "natural" and bypassing simple threshold detection. The advantage of quantum authentication is that integrity verification captures such tampering through frequency domain analysis; even small numerical modifications will reveal problems if the frequency distribution is abnormal.
另外,系统还提供联盟链协同验证功能:节点角色:保险公司节点:存储保费池资金。监管节点:持有Shor算法验证密钥。实验室节点:提供γ系数校准服务。共识机制:PBFT算法需超2/3节点确认攻击事件真实性。关联性:多中心化治理提升监管穿透性,防止单点故障。联盟链设计确保监管机构可实时审计,同时保护用户隐私(如仅存储指纹哈希值而非原始数据)。In addition, the system provides consortium blockchain collaborative verification functionality: Node roles: Insurance company nodes: store premium pool funds. Regulatory nodes: hold Shor's algorithm verification keys. Laboratory nodes: provide gamma coefficient calibration services. Consensus mechanism: The PBFT algorithm requires confirmation of the authenticity of an attack event by more than 2/3 of the nodes. Correlation: Decentralized governance enhances regulatory transparency and prevents single points of failure. The consortium blockchain design ensures that regulatory agencies can audit in real time while protecting user privacy (e.g., storing only fingerprint hash values rather than raw data).
本申请通过基于所述区块链智能合约,根据预设的信息类型从指定数据源获取与所述目标设备对应的验证数据;然后基于预设的服务验证策略对所述验证数据进行服务验证;若所述验证数据通过服务验证,则基于预设的完整性验证策略对所述验证数据进行完整性验证;若所述验证数据通过完整性验证,则判定所述攻击警报通过风险验证,否则判定所述攻击警报未通过风险验证。本申请通过基于区块链智能合约的使用,根据信息类型从指定数据源获取与目标设备对应的验证数据,进而通过对验证数据进行服务验证与完整性验证,以实现高效准确地完成对于攻击警报的风险验证处理,并且只有在检测出验证数据同时通过了服务验证与完整性验证,才会判定攻击警报通过风险验证,有效地确保了生成的风险验证结果的准确性。This application, based on a blockchain smart contract, retrieves verification data corresponding to the target device from a specified data source according to a preset information type. Then, it performs service verification on the verification data based on a preset service verification strategy. If the verification data passes service verification, it performs integrity verification on the verification data based on a preset integrity verification strategy. If the verification data passes integrity verification, the attack alert is determined to have passed risk verification; otherwise, the attack alert is determined to have failed risk verification. This application, through the use of a blockchain smart contract, retrieves verification data corresponding to the target device from a specified data source according to the information type, and then performs service and integrity verification on the verification data to achieve efficient and accurate risk verification processing for attack alerts. Furthermore, only when the verification data is detected to have passed both service and integrity verification is the attack alert determined to have passed risk verification, effectively ensuring the accuracy of the generated risk verification results.
在本实施例的一些可选的实现方式中,所述基于预设的保费返还计算策略对所述破解概率进行计算处理,得到对应的目标返还保费的步骤,包括以下步骤:In some optional implementations of this embodiment, the step of calculating the hacking probability based on a preset premium refund calculation strategy to obtain the corresponding target refund premium includes the following steps:
获取与所述目标设备对应的设备风险系数。Obtain the equipment risk coefficient corresponding to the target equipment.
在本实施例中,可通过对目标设备进行数据查询,以得到目标设备的设备风险系数。其中,不同设备的设备风险系数可根据实际的业务需求进行预先设置,例如保险箱为0.9,智能门锁为0.7。In this embodiment, the device risk coefficient of the target device can be obtained by querying data on the target device. The device risk coefficient for different devices can be preset according to actual business needs; for example, a safe is set to 0.9, and a smart lock to 0.7.
调用预设的返还计算公式。Call the preset return calculation formula.
在本实施例中,上述返还计算公式具体为:返还金额=年度保费×(1-P×z)×设备风险系数(γ),其中,P为破解概率,z为惩罚因子,用于放大攻击风险的经济影响,例如可设置为10,000。In this embodiment, the above-mentioned return calculation formula is as follows: Return amount = annual premium × (1-P×z) × equipment risk coefficient (γ), where P is the probability of cracking and z is the penalty factor, which is used to amplify the economic impact of the attack risk, for example, it can be set to 10,000.
基于所述返还计算公式对所述破解概率与所述设备风险系数进行计算处理,得到对应的第二计算结果。The probability of hacking and the risk coefficient of the device are calculated based on the return calculation formula to obtain the corresponding second calculation result.
在本实施例中,通过将上述破解概率与设备风险系数输入至上述返还计算公式内的对应位置处进行计算处理,并将生成的第二计算结果作为相应的目标返还保费。示例计算:用户A的保险箱:年度保费=500美元,P=3.98×10-5,γ=0.9。返还金额=500×(1-3.98×10-5×10,000)×0.9≈500×0.602×0.9≈270.9美元(约54%返还)。用户B的智能门锁(γ=0.7):相同条件下返还金额≈500×0.602×0.7≈210.7美元(约42%返还)。In this embodiment, the above-mentioned hacking probability and device risk coefficient are input into the corresponding positions in the above-mentioned return calculation formula for calculation, and the generated second calculation result is used as the corresponding target return premium. Example calculation: User A's safe: Annual premium = $500, P = 3.98 × 10⁻⁵ , γ = 0.9. Return amount = 500 × (1 - 3.98 × 10⁻⁵ × 10,000) × 0.9 ≈ 500 × 0.602 × 0.9 ≈ $270.9 (approximately 54% return). User B's smart lock (γ = 0.7): Under the same conditions, return amount ≈ 500 × 0.602 × 0.7 ≈ $210.7 (approximately 42% return).
将所述第二计算结果作为所述目标返还保费。The second calculation result will be used as the target premium to be returned.
本申请通过获取与所述目标设备对应的设备风险系数;然后调用预设的返还计算公式;之后基于所述返还计算公式对所述破解概率与所述设备风险系数进行计算处理,得到对应的第二计算结果;后续将所述第二计算结果作为所述目标返还保费。基于以上的处理流程,本申请通过获取与目标设备对应的设备风险系数,进而基于返还计算公式的使用对破解概率与设备风险系数进行计算处理,从而可以实现自动准确地计算出相应的目标返还保费,提高了目标返还保费的计算效率,保证了得到的目标返还保费的数据准确性。This application obtains the device risk coefficient corresponding to the target device; then calls a preset return calculation formula; subsequently, it calculates the hacking probability and the device risk coefficient based on the return calculation formula to obtain a corresponding second calculation result; and finally, it uses the second calculation result as the target return premium. Based on the above processing flow, this application obtains the device risk coefficient corresponding to the target device, and then calculates the hacking probability and the device risk coefficient based on the return calculation formula, thereby automatically and accurately calculating the corresponding target return premium, improving the calculation efficiency of the target return premium, and ensuring the accuracy of the obtained target return premium data.
在一些可选的实现方式中,获取的用户信息征求了用户同意,且符合相关法律和相关政策的规定。In some alternative implementations, the user information obtained is subject to user consent and complies with relevant laws and policies.
另外,本申请实施例中出现的非本公司软件工具或组件,仅仅是举例介绍,不代表实际使用。Furthermore, any software tools or components not belonging to our company that appear in the embodiments of this application are merely illustrative examples and do not represent actual use.
此外,本申请基于以下核心技术实现功能支撑:Furthermore, this application achieves functional support based on the following core technologies:
1.量子-经典系统接口。时间同步机制:设备端GPS模块提供纳秒级时钟,与QKD光子发射器同步误差<1ns。数据封装协议:定义专用Q-Insurance报文格式:|量子指纹(128bit)|时间戳(64bit)|误码率(16bit)|数字签名(256bit)|。1. Quantum-Classical System Interface. Time Synchronization Mechanism: The device-side GPS module provides a nanosecond-level clock, with a synchronization error of <1ns with the QKD photon transmitter. Data Encapsulation Protocol: Defines a dedicated Q-Insurance message format: | Quantum Fingerprint (128 bits) | Timestamp (64 bits) | Bit Error Rate (16 bits) | Digital Signature (256 bits) |.
2.抗环境干扰设计。温度补偿:量子芯片内置温度传感器,当温度偏移>2℃时自动校正激光波长:波长λ=1550nm+0.08×(T-25)nm/℃。光强自适应:根据光子探测器计数率动态调节激光功率,维持单光子态概率>99.9%。2. Environmental Interference Resistance Design. Temperature Compensation: The quantum chip has a built-in temperature sensor that automatically corrects the laser wavelength when the temperature deviation exceeds 2℃: wavelength λ = 1550nm + 0.08 × (T - 25)nm/℃. Adaptive Light Intensity: The laser power is dynamically adjusted according to the photon detector count rate to maintain a single-photon state probability >99.9%.
本申请的益处包括:1.绝对身份可信:量子指纹伪造需突破海森堡不确定性原理,理论需同时测量共轭物理量(如位置/动量),现有技术条件下成功概率<10^-30。2.风控响应速度提升1000倍:量子参数采样频率达1MHz,相比传统日级统计模型,攻击行为可在50ms内被识别。3.保险成本结构性优化:保险公司可将安全设备保费降低30-50%。用户年均获得保费返还率约12%(基于10万台设备仿真数据)。4.构建新型安全生态:设备厂商需通过量子安全认证才能接入保险网络。保险公司从风险承担者转型为安全能力提供者。5.监管穿透性提升:量子参数+区块链存证使监管机构可实时审计风控有效性。The benefits of this application include: 1. Absolutely trustworthy identity: Quantum fingerprint forgery requires overcoming the Heisenberg uncertainty principle, theoretically requiring simultaneous measurement of conjugate physical quantities (such as position/momentum), with a success probability of <10^-30 under current technology. 2. 1000-fold improvement in risk control response speed: Quantum parameter sampling frequency reaches 1MHz, compared to traditional daily statistical models, attack behavior can be identified within 50ms. 3. Structural optimization of insurance costs: Insurance companies can reduce security equipment premiums by 30-50%. Users receive an average annual premium return rate of approximately 12% (based on simulation data from 100,000 devices). 4. Building a new security ecosystem: Equipment manufacturers need to pass quantum security certification to access the insurance network. Insurance companies transform from risk bearers to security capability providers. 5. Enhanced regulatory transparency: Quantum parameters + blockchain notarization enable regulatory agencies to audit the effectiveness of risk control in real time.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。It should be understood that the sequence number of each step in the above embodiments does not imply the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
需要强调的是,为进一步保证上述攻击识别结果的私密和安全性,上述攻击识别结果还可以存储于一区块链的节点中。It should be emphasized that, to further ensure the privacy and security of the above attack identification results, the above attack identification results can also be stored in a blockchain node.
本申请所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchai n),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in this application is a novel application model of computer technologies such as distributed data storage, peer-to-peer transmission, consensus mechanisms, and encryption algorithms. Essentially, a blockchain is a decentralized database, a chain of data blocks linked together using cryptographic methods. Each data block contains information about a batch of network transactions, used to verify the validity of the information (anti-counterfeiting) and generate the next block. A blockchain can include an underlying blockchain platform, a platform product service layer, and an application service layer.
本申请实施例可以基于人工智能技术对相关的数据进行获取和处理。其中,人工智能(ArtificialIntelligence,AI)是利用数字计算机或者数字计算机控制的机器模拟、延伸和扩展人的智能,感知环境、获取知识并使用知识获得最佳结果的理论、方法、技术及应用系统。The embodiments of this application can acquire and process relevant data based on artificial intelligence technology. Artificial intelligence (AI) is the theory, method, technology, and application system that uses digital computers or machines controlled by digital computers to simulate, extend, and expand human intelligence, perceive the environment, acquire knowledge, and use that knowledge to obtain optimal results.
人工智能基础技术一般包括如传感器、专用人工智能芯片、云计算、分布式存储、大数据处理技术、操作/交互系统、机电一体化等技术。人工智能软件技术主要包括计算机视觉技术、机器人技术、生物识别技术、语音处理技术、自然语言处理技术以及机器学习/深度学习等几大方向。Foundational technologies for artificial intelligence generally include sensors, dedicated AI chips, cloud computing, distributed storage, big data processing, operating/interactive systems, and mechatronics. AI software technologies mainly encompass computer vision, robotics, biometrics, speech processing, natural language processing, and machine learning/deep learning.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,该计算机可读指令可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,前述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)等非易失性存储介质,或随机存储记忆体(Random Access Memory,RAM)等。Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing related hardware with computer-readable instructions. These computer-readable instructions can be stored in a computer-readable storage medium. When executed, the program can include the processes of the embodiments of the above methods. The aforementioned storage medium can be a non-volatile storage medium such as a magnetic disk, optical disk, or read-only memory (ROM), or random access memory (RAM).
应该理解的是,虽然附图的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,其可以以其他的顺序执行。而且,附图的流程图中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,其执行顺序也不必然是依次进行,而是可以与其他步骤或者其他步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。It should be understood that although the steps in the flowcharts of the accompanying figures are shown sequentially as indicated by the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the accompanying figures may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily completed at the same time, but can be executed at different times, and their execution order is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the sub-steps or stages of other steps.
进一步参考图3,作为对上述图2所示方法的实现,本申请提供了一种数据分析装置的一个实施例,该装置实施例与图2所示的方法实施例相对应,该装置具体可以应用于各种电子设备中。Referring further to FIG3, as an implementation of the method shown in FIG2, this application provides an embodiment of a data analysis device, which corresponds to the method embodiment shown in FIG2, and the device can be specifically applied to various electronic devices.
如图3所示,本实施例所述的数据分析装置300包括:采集模块301、第一计算模块302、第二计算模块303、第三计算模块304、获取模块305、识别模块306以及输出模块307。其中:As shown in Figure 3, the data analysis device 300 described in this embodiment includes: a data acquisition module 301, a first calculation module 302, a second calculation module 303, a third calculation module 304, an acquisition module 305, an identification module 306, and an output module 307. Wherein:
采集模块301,用于采集与目标设备对应的参数数据;其中,所述目标设备为基于量子技术的物联网设备;所述参数数据包括指纹验证失败次数与误码率;The acquisition module 301 is used to acquire parameter data corresponding to the target device; wherein, the target device is an Internet of Things device based on quantum technology; the parameter data includes the number of fingerprint verification failures and the bit error rate;
第一计算模块302,用于基于预设的攻击威胁系数计算策略对所述指纹验证失败次数进行计算处理,得到对应的攻击威胁系数;The first calculation module 302 is used to calculate the number of fingerprint verification failures based on a preset attack threat coefficient calculation strategy to obtain the corresponding attack threat coefficient.
第二计算模块303,用于基于预设的信道脆弱系数计算策略对所述误码率进行计算处理,得到对应的信道脆弱系数;The second calculation module 303 is used to calculate the bit error rate based on a preset channel vulnerability coefficient calculation strategy to obtain the corresponding channel vulnerability coefficient.
第三计算模块304,用于基于预设的破解概率计算策略对所述攻击威胁系数与所述信道脆弱系数进行计算处理,得到对应的破解概率;The third calculation module 304 is used to calculate the attack threat coefficient and the channel vulnerability coefficient based on a preset cracking probability calculation strategy to obtain the corresponding cracking probability.
获取模块305,用于获取预设的概率阈值与时间阈值;The acquisition module 305 is used to acquire preset probability thresholds and time thresholds;
识别模块306,用于基于所述概率阈值与所述时间阈值对所述破解概率进行攻击识别处理,生成对应的攻击识别结果;The identification module 306 is used to perform attack identification processing on the cracking probability based on the probability threshold and the time threshold, and generate a corresponding attack identification result;
输出模块307,用于对所述攻击识别结果进行输出处理。The output module 307 is used to output the attack identification result.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,第三计算模块304包括:In some optional implementations of this embodiment, the third calculation module 304 includes:
第一获取子模块,用于获取与所述目标设备对应的目标设备参数;The first acquisition submodule is used to acquire target device parameters corresponding to the target device;
第一调用子模块,用于调用预设的加权公式;The first calling submodule is used to call the preset weighting formula;
第一计算子模块,用于基于所述加权公式对所述攻击威胁系数、所述信道脆弱系数以及所述目标设备参数进行计算处理,得到对应的第一计算结果;The first calculation submodule is used to calculate and process the attack threat coefficient, the channel vulnerability coefficient and the target device parameters based on the weighting formula to obtain the corresponding first calculation result;
第一确定子模块,用于将所述第一计算结果作为所述破解概率。The first determining submodule is used to take the first calculation result as the cracking probability.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,识别模块306包括:In some optional implementations of this embodiment, the identification module 306 includes:
第一判断子模块,用于判断所述破解概率是否大于所述概率阈值;The first judgment submodule is used to determine whether the cracking probability is greater than the probability threshold.
第二判断子模块,用于若所述破解概率大于所述概率阈值,则判断与所述破解概率对应的持续时间是否大于所述时间阈值;The second judgment submodule is used to determine whether the duration corresponding to the cracking probability is greater than the time threshold if the cracking probability is greater than the probability threshold.
第一生成子模块,用于若所述持续时间大于所述时间阈值,则生成内容为存在攻击事件的第一攻击识别结果;The first generation submodule is used to generate a first attack identification result indicating the presence of an attack event if the duration is greater than the time threshold.
第二生成子模块,用于若所述持续时间不大于所述时间阈值,则生成内容为不存在攻击事件的第二攻击识别结果。The second generation submodule is used to generate a second attack identification result that indicates the absence of an attack event if the duration is not greater than the time threshold.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,所述攻击识别结果为存在攻击事件;数据分析装置还包括:In some optional implementations of this embodiment, the attack identification result is that an attack event exists; the data analysis device further includes:
发送模块,用于基于预设的安全信道向所述目标设备发送验证指令;The sending module is used to send a verification command to the target device based on a preset secure channel;
判断模块,用于判断是否接收到所述目标设备返回的响应信息;The judgment module is used to determine whether the response information returned by the target device has been received;
处理模块,用于若未接收到所述目标设备返回的响应信息,则对所述目标设备进行功能锁定处理;The processing module is used to perform a function lockout process on the target device if no response information is received from the target device.
生成模块,用于生成与所述目标设备对应的攻击警报;The generation module is used to generate an attack alert corresponding to the target device;
第一发送模块,用于将所述攻击警报发送给相关人员。The first sending module is used to send the attack alert to relevant personnel.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,数据分析装置还包括:In some optional implementations of this embodiment, the data analysis device further includes:
调用模块,用于调用预设的区块链智能合约;The calling module is used to invoke pre-defined blockchain smart contracts;
验证模块,用于基于所述区块链智能合约对所述攻击警报进行风险验证;The verification module is used to perform risk verification on the attack alert based on the blockchain smart contract;
计算模块,用于若所述攻击警报通过风险验证,基于预设的保费返还计算策略对所述破解概率进行计算处理,得到对应的目标返还保费;The calculation module is used to calculate the probability of the attack based on a preset premium return calculation strategy if the attack alarm passes the risk verification, and obtain the corresponding target premium return.
第二发送模块,用于将所述目标返还保费发送给与所述目标设备对应的目标用户的用户钱包。The second sending module is used to send the target refund premium to the user wallet of the target user corresponding to the target device.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,验证模块包括:In some optional implementations of this embodiment, the verification module includes:
第二获取子模块,用于基于所述区块链智能合约,根据预设的信息类型从指定数据源获取与所述目标设备对应的验证数据;The second acquisition submodule is used to acquire verification data corresponding to the target device from a specified data source based on the blockchain smart contract and according to a preset information type.
第一验证子模块,用于基于预设的服务验证策略对所述验证数据进行服务验证;The first verification submodule is used to perform service verification on the verification data based on a preset service verification strategy.
第二验证子模块,用于若所述验证数据通过服务验证,则基于预设的完整性验证策略对所述验证数据进行完整性验证;The second verification submodule is used to perform integrity verification on the verification data based on a preset integrity verification strategy if the verification data passes the service verification.
判定子模块,用于若所述验证数据通过完整性验证,则判定所述攻击警报通过风险验证,否则判定所述攻击警报未通过风险验证。The determination submodule is used to determine that the attack alert passes the risk verification if the verification data passes the integrity verification, and otherwise determine that the attack alert fails the risk verification.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
在本实施例的一些可选的实现方式中,计算模块包括:In some optional implementations of this embodiment, the calculation module includes:
第三获取模块,用于获取与所述目标设备对应的设备风险系数;The third acquisition module is used to acquire the equipment risk coefficient corresponding to the target equipment;
第二调用模块,用于调用预设的返还计算公式;The second calling module is used to call the preset return calculation formula;
第二计算模块,用于基于所述返还计算公式对所述破解概率与所述设备风险系数进行计算处理,得到对应的第二计算结果;The second calculation module is used to calculate the hacking probability and the device risk coefficient based on the return calculation formula to obtain the corresponding second calculation result;
第二确定模块,用于将所述第二计算结果作为所述目标返还保费。The second determining module is used to use the second calculation result as the target return premium.
在本实施例中,上述模块或单元分别用于执行的操作与前述实施方式的数据分析方法的步骤一一对应,在此不再赘述。In this embodiment, the operations performed by the above modules or units correspond one-to-one with the steps of the data analysis method in the aforementioned embodiments, and will not be repeated here.
为解决上述技术问题,本申请实施例还提供计算机设备。具体请参阅图4,图4为本实施例计算机设备基本结构框图。To address the aforementioned technical problems, this application also provides a computer device. Please refer to Figure 4 for details; Figure 4 is a basic structural block diagram of the computer device according to this embodiment.
所述计算机设备4包括通过系统总线相互通信连接存储器41、处理器42、网络接口43。需要指出的是,图中仅示出了具有组件41-43的计算机设备4,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。其中,本技术领域技术人员可以理解,这里的计算机设备是一种能够按照事先设定或存储的指令,自动进行数值计算和/或信息处理的设备,其硬件包括但不限于微处理器、专用集成电路(ApplicationSpecificI ntegrated Circuit,ASIC)、可编程门阵列(Field-Programmab le Gate Array,FPGA)、数字处理器(DigitalSignal Processor,DSP)、嵌入式设备等。The computer device 4 includes a memory 41, a processor 42, and a network interface 43 that are interconnected via a system bus. It should be noted that only the computer device 4 with components 41-43 is shown in the figure; however, it should be understood that it is not required to implement all the shown components, and more or fewer components can be implemented alternatively. Those skilled in the art will understand that the computer device described here is a device capable of automatically performing numerical calculations and/or information processing according to pre-set or stored instructions, and its hardware includes, but is not limited to, microprocessors, application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), digital signal processors (DSPs), embedded devices, etc.
所述计算机设备可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。所述计算机设备可以与用户通过键盘、鼠标、遥控器、触摸板或声控设备等方式进行人机交互。The computer device can be a desktop computer, laptop, handheld computer, or cloud server, etc. The computer device can interact with the user via a keyboard, mouse, remote control, touchpad, or voice control.
所述存储器41至少包括一种类型的可读存储介质,所述可读存储介质包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,所述存储器41可以是所述计算机设备4的内部存储单元,例如该计算机设备4的硬盘或内存。在另一些实施例中,所述存储器41也可以是所述计算机设备4的外部存储设备,例如该计算机设备4上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secu re Digital,SD)卡,闪存卡(FlashCard)等。当然,所述存储器41还可以既包括所述计算机设备4的内部存储单元也包括其外部存储设备。本实施例中,所述存储器41通常用于存储安装于所述计算机设备4的操作系统和各类应用软件,例如数据分析方法的计算机可读指令等。此外,所述存储器41还可以用于暂时地存储已经输出或者将要输出的各类数据。The memory 41 includes at least one type of readable storage medium, including flash memory, hard disk, multimedia card, card-type memory (e.g., SD or DX memory), random access memory (RAM), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the memory 41 may be an internal storage unit of the computer device 4, such as the hard disk or memory of the computer device 4. In other embodiments, the memory 41 may also be an external storage device of the computer device 4, such as a plug-in hard disk, smart media card (SMC), secure digital (SD) card, flash card, etc., equipped on the computer device 4. Of course, the memory 41 may also include both the internal storage unit and its external storage device of the computer device 4. In this embodiment, the memory 41 is typically used to store the operating system and various application software installed on the computer device 4, such as computer-readable instructions for data analysis methods. In addition, the memory 41 can also be used to temporarily store various types of data that have been output or will be output.
所述处理器42在一些实施例中可以是中央处理器(Cent ral Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器42通常用于控制所述计算机设备4的总体操作。本实施例中,所述处理器42用于运行所述存储器41中存储的计算机可读指令或者处理数据,例如运行所述数据分析方法的计算机可读指令。In some embodiments, the processor 42 may be a central processing unit (CPU), a controller, a microcontroller, a microprocessor, or other data processing chip. The processor 42 is typically used to control the overall operation of the computer device 4. In this embodiment, the processor 42 is used to execute computer-readable instructions stored in the memory 41 or to process data, such as executing computer-readable instructions for the data analysis method.
所述网络接口43可包括无线网络接口或有线网络接口,该网络接口43通常用于在所述计算机设备4与其他电子设备之间建立通信连接。The network interface 43 may include a wireless network interface or a wired network interface, which is typically used to establish communication connections between the computer device 4 and other electronic devices.
与现有技术相比,本申请实施例有以下有益效果:Compared with the prior art, the embodiments of this application have the following beneficial effects:
本申请实施例中,通过采集与目标设备的指纹验证失败次数与误码率,然后基于攻击威胁系数计算策略的使用对指纹验证失败次数进行计算处理得到攻击威胁系数,以及基于信道脆弱系数计算策略的使用对误码率进行计算处理得到信道脆弱系数,进而基于破解概率计算策略的使用对攻击威胁系数与信道脆弱系数进行计算处理得到破解概率,以结合量子参数与设备行为动态计算破解概率,后续基于概率阈值与时间阈值的结合使用对破解概率进行攻击识别处理,以实现毫秒级攻击识别并自动准确地生成对应的攻击识别结果,有效地提高了攻击识别的识别效率与识别准确率,保证了生成的攻击识别结果的准确性。In this embodiment, the number of fingerprint verification failures and the bit error rate of the target device are collected. Then, the attack threat coefficient is obtained by calculating the number of fingerprint verification failures based on the attack threat coefficient calculation strategy, and the channel vulnerability coefficient is obtained by calculating the bit error rate based on the channel vulnerability coefficient calculation strategy. Then, the cracking probability is obtained by calculating the attack threat coefficient and the channel vulnerability coefficient based on the cracking probability calculation strategy. The cracking probability is dynamically calculated by combining quantum parameters and device behavior. Subsequently, the cracking probability is processed for attack identification based on the combination of probability threshold and time threshold, so as to achieve millisecond-level attack identification and automatically and accurately generate the corresponding attack identification results. This effectively improves the identification efficiency and accuracy of attack identification and ensures the accuracy of the generated attack identification results.
本申请还提供了另一种实施方式,即提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令可被至少一个处理器执行,以使所述至少一个处理器执行如上述的数据分析方法的步骤。This application also provides another embodiment, namely, providing a computer-readable storage medium storing computer-readable instructions that can be executed by at least one processor to cause the at least one processor to perform the steps of the data analysis method described above.
与现有技术相比,本申请实施例主要有以下有益效果:Compared with the prior art, the embodiments of this application have the following main advantages:
本申请实施例中,通过采集与目标设备的指纹验证失败次数与误码率,然后基于攻击威胁系数计算策略的使用对指纹验证失败次数进行计算处理得到攻击威胁系数,以及基于信道脆弱系数计算策略的使用对误码率进行计算处理得到信道脆弱系数,进而基于破解概率计算策略的使用对攻击威胁系数与信道脆弱系数进行计算处理得到破解概率,以结合量子参数与设备行为动态计算破解概率,后续基于概率阈值与时间阈值的结合使用对破解概率进行攻击识别处理,以实现毫秒级攻击识别并自动准确地生成对应的攻击识别结果,有效地提高了攻击识别的识别效率与识别准确率,保证了生成的攻击识别结果的准确性。In this embodiment, the number of fingerprint verification failures and the bit error rate of the target device are collected. Then, the attack threat coefficient is obtained by calculating the number of fingerprint verification failures based on the attack threat coefficient calculation strategy, and the channel vulnerability coefficient is obtained by calculating the bit error rate based on the channel vulnerability coefficient calculation strategy. Then, the cracking probability is obtained by calculating the attack threat coefficient and the channel vulnerability coefficient based on the cracking probability calculation strategy. The cracking probability is dynamically calculated by combining quantum parameters and device behavior. Subsequently, the cracking probability is processed for attack identification based on the combination of probability threshold and time threshold, so as to achieve millisecond-level attack identification and automatically and accurately generate the corresponding attack identification results. This effectively improves the identification efficiency and accuracy of attack identification and ensures the accuracy of the generated attack identification results.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk), and includes several instructions to cause a terminal device (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the various embodiments of this application.
显然,以上所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例,附图中给出了本申请的较佳实施例,但并不限制本申请的专利范围。本申请可以以许多不同的形式来实现,相反地,提供这些实施例的目的是使对本申请的公开内容的理解更加透彻全面。尽管参照前述实施例对本申请进行了详细的说明,对于本领域的技术人员来而言,其依然可以对前述各具体实施方式所记载的技术方案进行修改,或者对其中部分技术特征进行等效替换。凡是利用本申请说明书及附图内容所做的等效结构,直接或间接运用在其他相关的技术领域,均同理在本申请专利保护范围之内。Obviously, the embodiments described above are only some embodiments of this application, not all embodiments. The accompanying drawings show preferred embodiments of this application, but do not limit the patent scope of this application. This application can be implemented in many different forms; rather, the purpose of providing these embodiments is to provide a more thorough and comprehensive understanding of the disclosure of this application. Although this application has been described in detail with reference to the foregoing embodiments, those skilled in the art can still modify the technical solutions described in the foregoing specific embodiments, or make equivalent substitutions for some of the technical features. Any equivalent structures made using the content of this application's specification and drawings, directly or indirectly applied to other related technical fields, are similarly within the scope of patent protection of this application.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202511045232.3A CN120979701A (en) | 2025-07-28 | 2025-07-28 | Data analysis methods, apparatus, computer equipment and storage media |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202511045232.3A CN120979701A (en) | 2025-07-28 | 2025-07-28 | Data analysis methods, apparatus, computer equipment and storage media |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN120979701A true CN120979701A (en) | 2025-11-18 |
Family
ID=97649751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202511045232.3A Pending CN120979701A (en) | 2025-07-28 | 2025-07-28 | Data analysis methods, apparatus, computer equipment and storage media |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN120979701A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20240396719A1 (en) * | 2023-05-24 | 2024-11-28 | Richard D'Souza | Quantum key distribution (qkd) based secure communication system using artificial intelligence |
-
2025
- 2025-07-28 CN CN202511045232.3A patent/CN120979701A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20240396719A1 (en) * | 2023-05-24 | 2024-11-28 | Richard D'Souza | Quantum key distribution (qkd) based secure communication system using artificial intelligence |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12074967B2 (en) | Systems and methods for post-quantum cryptography optimization | |
| US12073300B2 (en) | Systems and methods for post-quantum cryptography optimization | |
| US11322050B1 (en) | Systems and methods for post-quantum cryptography optimization | |
| US12219058B1 (en) | Systems and methods for post-quantum cryptography on a smartcard | |
| Khan et al. | Blockchain-integrated security for real-time patient monitoring in the internet of medical things using federated learning | |
| US11398915B2 (en) | Apparatus and method for two-way authentication | |
| US11477016B1 (en) | Systems and methods for post-quantum cryptography optimization | |
| CN105354604B (en) | A kind of method for anti-counterfeit effectively based on physics unclonable function | |
| CN115550002B (en) | A smart home remote control method and related device based on TEE | |
| CN120979701A (en) | Data analysis methods, apparatus, computer equipment and storage media | |
| Kumar et al. | Secure data dissemination scheme for digital twin empowered vehicular networks in open RAN | |
| Moradi et al. | Security‐Level Improvement of IoT‐Based Systems Using Biometric Features | |
| KR102665644B1 (en) | Method for authentication and device thereof | |
| Yang | [Retracted] Prevention of Business Risks of Internet Information Security Platforms Based on Blockchain Technology | |
| CN120498764A (en) | Protection system for network security authentication | |
| Peng et al. | Privacy protection based on key-changed mutual authentication protocol in internet of things | |
| CN112671787B (en) | Rule execution verification method and device, electronic equipment and storage medium | |
| CN120672341B (en) | Big data transaction security management and control method and system | |
| CN120165847A (en) | Authentication method, device, equipment and storage medium based on quantum key and PUF | |
| US12455962B2 (en) | Systems and methods for preventing communications with malicious cryptography-based storage application addresses using consensus | |
| CN119211924A (en) | Chip verification method, device, equipment and storage medium | |
| Kumar et al. | Intrusion Detection Model Using Chaotic MAP for Network Coding Enabled Mobile Small Cells | |
| KR102249758B1 (en) | Artificial intelligence personal privacy data security system applying case based reasoning technology and block chain method and server thereof | |
| Ma et al. | Design and Implementation of Digital Currency Transaction Security Mechanism Based on Block Chain | |
| Rao et al. | An Improved Biometric Fuzzy Signature with Timestamp of Blockchain Technology for Electrical Equipment Maintenance |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |