Search

CN-121479814-B - Self-adaptive data security policy generation method based on artificial intelligence

CN121479814BCN 121479814 BCN121479814 BCN 121479814BCN-121479814-B

Abstract

The application discloses an adaptive data security policy generation method based on artificial intelligence, which relates to the technical field of data security, and comprises the steps of firstly obtaining a multidimensional user behavior sample and a behavior risk tag containing an access behavior environment and data operation behaviors, then constructing an artificial intelligence model consisting of an environment feature extraction sub-model, an operation feature extraction sub-model and a feature identification sub-model, then providing a GCGWO algorithm, carrying out efficient optimization on super parameters of the artificial intelligence model according to the multidimensional user behavior sample and the behavior risk tag to obtain a high-precision artificial intelligence model, and finally identifying user behavior risks by utilizing the artificial intelligence model in real-time data access, dynamically generating an adaptive data security policy to carry out access control, thereby remarkably improving accuracy of risk identification and self-adaption capability of the policy, and realizing intellectualization and dynamics of data security protection.

Inventors

  • LI YINGBIN
  • ZHANG BING
  • WANG WENDI
  • SHI CHUNHUA

Assignees

  • 海天地数码科技(北京)有限公司
  • 珺馨科技有限公司

Dates

Publication Date
20260512
Application Date
20260109

Claims (9)

  1. 1. An artificial intelligence-based adaptive data security policy generation method is characterized by comprising the following steps: The method comprises the steps of obtaining a multi-dimensional user behavior sample and a corresponding behavior risk label, wherein the multi-dimensional user behavior sample is input through man-machine interaction and at least comprises an access behavior environment sample and a data operation behavior sample; constructing an artificial intelligent model, wherein the artificial intelligent model comprises an environment characteristic extraction sub-model, an operation characteristic extraction sub-model and a characteristic identification sub-model; optimizing and deploying the artificial intelligent model by adopting GCGWO algorithm according to the multidimensional user behavior sample and the corresponding behavior risk label, and obtaining the artificial intelligent model after deployment; In the process of accessing data by a user, a target multidimensional user behavior sample is adopted, and the deployed artificial intelligent model is scheduled to identify the target multidimensional user behavior sample, so that a user access behavior identification result is obtained; Generating an adaptive data security policy based on the user access behavior result, and controlling the data access process of the user by adopting the adaptive data security policy; according to the multidimensional user behavior sample and the corresponding behavior risk label, optimizing and deploying the artificial intelligent model by adopting GCGWO algorithm to obtain the deployed artificial intelligent model, wherein the method comprises the following steps: initializing hyper-parameters of the artificial intelligent model by adopting a segmented sine chaotic mapping strategy to obtain a wolf group; Acquiring the fitness corresponding to each wolf in the wolf group according to the multidimensional user behavior sample and the corresponding behavior risk label thereof; dividing the wolf clusters into the following groups according to the corresponding adaptability of all the wolves Wolves (wolves), Wolves (wolves), Wolf and Chinese wolf Wolves; aiming at any target wolf, updating the target wolf by adopting a chaotic spiral balance search strategy to obtain an updated target wolf, wherein the target wolf is Wolves (wolves), Wolf and Chinese wolf Wolves; For any one Wolf, adopting individual memory weighted fusion strategy to make said Wolf is updated to obtain updated wolf Wolves; target wolf after update and target wolf after update Re-fusing the wolves into a wolf group, and updating each target wolf in the re-fused wolf group by adopting a focusing chaos search strategy to obtain updated target wolves; Under the condition that the training times reach the preset maximum training times, acquiring a global optimal solution according to the updated target wolf, and deploying the artificial intelligent model according to the global optimal solution to obtain the deployed artificial intelligent model; and returning to the step of acquiring the fitness based on the updated wolf group consisting of the target wolves under the condition that the training times do not reach the preset maximum training times.
  2. 2. The method for generating an artificial intelligence based adaptive data security policy of claim 1, wherein constructing an artificial intelligence model comprises: Setting the environment characteristic extraction sub-model as a convolutional neural network model, setting the operation characteristic extraction sub-model as a convolutional neural network model, a long-term memory network or a Transformer model, and setting the characteristic identification sub-model as a BP neural network model; And splicing the feature vector output by the environment feature extraction sub-model with the feature vector output by the operation feature extraction sub-model and using the feature vector as the input of the feature identification sub-model to obtain the artificial intelligent model.
  3. 3. The method for generating the self-adaptive data security policy based on artificial intelligence according to claim 1, wherein initializing the hyper-parameters of the artificial intelligence model by using a segmented sinusoidal chaotic mapping policy to obtain a wolf group comprises: randomly initializing between the upper limit of the super parameter and the lower limit of the super parameter of the artificial intelligent model, and encoding the super parameter into a vector to obtain a basic vector; based on the basis vector, obtaining a plurality of gray wolves as follows: Wherein, the Represents the d-th dimension super parameter of the i-th gray wolf, and when i=1, The D-th dimension super-parameter representing the basis vector, d=1, 2, D, D represents the overall dimension of the hyper-parameters, The representation of a sinusoidal function is given, Representing the amplitude control coefficient of the sinusoidal function, The circumference ratio is indicated as such, Representing the function of the remainder of the solution, Represents a segment control value and is set to a constant between (0, 0.5); all the initialized wolves are formed into a wolf group.
  4. 4. The method for generating an adaptive data security policy based on artificial intelligence according to claim 1, wherein obtaining the fitness of each wolf in the wolf group according to the multidimensional user behavior sample and the corresponding behavior risk tag thereof comprises: taking the multidimensional user behavior sample as input, taking a behavior risk tag corresponding to the multidimensional user behavior sample as expected output, and obtaining a root mean square loss function value corresponding to the gray wolf; adding the root mean square loss function value corresponding to the gray wolf with a preset constant to obtain the adaptability corresponding to the gray wolf; traversing each wolf in the wolf group to obtain the corresponding fitness of each wolf in the wolf group.
  5. 5. The artificial intelligence based adaptive data security policy generation method of claim 1, wherein the wolf clusters are divided into according to the corresponding fitness of all wolves Wolves (wolves), Wolves (wolves), Wolf and Chinese wolf Wolf, comprising: According to the corresponding fitness of all the wolves, determining the wolves with the maximum fitness as Wolf with second highest adaptability Wolf with third highest adaptability Wolf and residual wolf as Wolf.
  6. 6. The method for generating the self-adaptive data security policy based on artificial intelligence according to claim 1, wherein updating the target wolf by adopting a chaotic spiral balance search policy to obtain the updated target wolf comprises: According to the described Wolf, acquiring chaotic search boundaries is as follows: Wherein, the Representing the lower boundary vector of the chaotic search, Representing the upper boundary vector of the chaotic search, Representing the corresponding upper boundary vector of the wolf, Representing the corresponding lower boundary vector of the wolf, Representing the time of the t training process Wolves; represents boundary control parameters, an , Representing a preset maximum training frequency; representing the presentation to be And (3) with Comparing the same dimension parameters and taking the maximum value to form a vector, Representing the presentation to be And (3) with Comparing the same dimension parameters and taking the minimum value to form a vector; according to the chaotic search boundary, carrying out chaotic spiral balance search on the target wolf, and obtaining updated target wolf as follows: Wherein, the Representing the jth target wolf in the t-th training process, j=1, 2,3; Representing the target wolf after the jth update, Represents a natural constant of the natural product, Representing the parameters of the adaptive spiral shape, Cos denotes a cosine function, k denotes a constant coefficient, and 5;T denotes a preset maximum number of training times, Representing the spiral direction parameter between [ -1,1], Represents a first spiral pitch constant and is set to 2, 3 or 4; the second spiral pitch constant is represented and set to 1 or-1.
  7. 7. The method of claim 6, wherein the individual memory weighted fusion strategy is used for the generation of the adaptive data security strategy based on artificial intelligence Wolf is updated to obtain updated wolf Wolf, comprising: According to the described Wolves (wolves), Wolf and Chinese wolf Wolf, respectively obtain first study position, second study position and third study position and be: Wherein, the Representing the mth training process The production process comprises the steps of (1) wolf, A first location of the study is indicated, A second learning location is indicated and a second learning location is indicated, A third learning position is indicated and a third learning position is indicated, Represents a convergence factor, an ; Representing a first random number between (0, 1), Representing a second random number between (0, 1), Representing a third random number between (0, 1), Representing a fourth random number between (0, 1), Representing a fifth random number between (0, 1), Representing a sixth random number between (0, 1), Representing the time of the t training process The production process comprises the steps of (1) wolf, The representation represents the time of the t training process Wolves; according to the first learning position, the second learning position and the third learning position, respectively obtaining a first weighting weight, a second weighting weight and a third weighting weight as follows: Wherein, the A first weight of the first weight is represented, Representing the second weight of the weight to be weighted, Representing a third weighting weight, representing modulo; Based on the first learning position, the second learning position, the third learning position, the first weighting weight, the second weighting weight and the third weighting weight, the method comprises the steps of Wolf searches individual memory mechanism to obtain updated data Wolf is: Wherein, the Representing the mth training process The production process comprises the steps of (1) wolf, Representing after the mth update Wolf, m=1, 2,..m, M represents The total number of wolves is calculated, Represents a population acceleration factor, and is set to 2; Represents an individual acceleration factor, and is set to 2; Represents a seventh random number between (0, 1), Represents an eighth random number between (0, 1), Representation of Corresponding historical optimum.
  8. 8. The method for generating the self-adaptive data security policy based on artificial intelligence according to claim 7, wherein updating each target wolf in the re-fused wolf group by adopting a focusing chaos search policy to obtain updated target wolf, comprises: the acquisition focusing density factor is: Wherein, the Representing the time of the t training process The d-th dimension super-parameter of wolf, Represents the d-th dimension super parameter of the n-th target wolf during the t-th training, n=1, 2,.., Representation of A corresponding focus density factor; According to the focusing density factor, acquiring focusing position information is as follows: Wherein, the A d-th dimension super parameter representing focus position information, Represents a ninth random number between (0, 1), Expressed in terms of Is the average value of A gaussian distributed random number that is a variance; The chaotic mapping factor is obtained as follows: Wherein, the Representation of The corresponding chaotic map factor is used to determine, Representing an arctangent function; Updating each target wolf in the re-fused wolf group according to the chaotic mapping factor and the focusing position information to obtain updated target wolf as follows: Wherein, the The d-th dimension hyper-parameter representing the target wolf after the nth update, Representing a tenth random number between (0, 1).
  9. 9. The method for generating an adaptive data security policy based on artificial intelligence according to claim 7, wherein generating an adaptive data security policy based on the result of the user access behavior and controlling a data access process of the user using the adaptive data security policy comprises: Based on the user access behavior result, inquiring a preset strategy mapping table to obtain a self-adaptive data security strategy; and controlling the data access process of the user by adopting the self-adaptive data security policy.

Description

Self-adaptive data security policy generation method based on artificial intelligence Technical Field The application relates to the technical field of data security, in particular to an artificial intelligence-based self-adaptive data security policy generation method. Background With the rapid development of information technology and the deep digital transformation, the amount of data accumulated by enterprises and organizations is increased explosively, and the data becomes a core asset. However, security events such as data leakage, data abuse, unauthorized access, etc. frequently occur, which brings great economic loss and reputation risks to enterprises. Therefore, it is important to ensure data security. Traditional data security measures, such as static access control lists, firewall rules, data desensitization, etc., typically rely on fixed rules that are preset. These rules are difficult to dynamically adjust after configuration and cannot effectively address complex and diverse internal and external threats. For example, an internal user with legal rights may have an abnormal behavior pattern at some point in time (e.g., downloading sensitive data in large amounts during non-working hours), and conventional static rules may not be able to timely identify and prevent such legal but high-risk behavior. Conventional methods often focus on behavior features of only a single dimension, such as operating frequency or access time, and it is difficult to comprehensively capture the complexity of user behavior. User behavior is the result of the combined action of environmental factors (such as IP addresses, device fingerprints, login time) and operational factors (such as inquiry, downloading, modification and copying), and single-dimension analysis is easy to generate false positives and false negatives. The performance of artificial intelligence models is highly dependent on the configuration of their hyper-parameters. Traditional super-parameter optimization methods, such as grid search and random search, have huge calculation overhead and low efficiency. While some improved intelligent optimization algorithms (such as standard sirius algorithm) still tend to be in local optimum when processing high-dimensional and complex super-parameter space, so that the model generalization capability is insufficient and the recognition accuracy is not high. Disclosure of Invention The application provides an artificial intelligence-based self-adaptive data security policy generation method, which aims to solve the problems of single characteristic dimension, low model optimization efficiency and lack of self-adaptability of security policies in the traditional data security scheme. The application provides an artificial intelligence-based self-adaptive data security policy generation method, which comprises the following steps: The method comprises the steps of obtaining a multi-dimensional user behavior sample and a corresponding behavior risk label, wherein the multi-dimensional user behavior sample is input through man-machine interaction and at least comprises an access behavior environment sample and a data operation behavior sample; constructing an artificial intelligent model, wherein the artificial intelligent model comprises an environment characteristic extraction sub-model, an operation characteristic extraction sub-model and a characteristic identification sub-model; optimizing and deploying the artificial intelligent model by adopting GCGWO algorithm according to the multidimensional user behavior sample and the corresponding behavior risk label, and obtaining the artificial intelligent model after deployment; In the process of accessing data by a user, a target multidimensional user behavior sample is adopted, and the deployed artificial intelligent model is scheduled to identify the target multidimensional user behavior sample, so that a user access behavior identification result is obtained; And generating an adaptive data security policy based on the user access behavior result, and controlling the data access process of the user by adopting the adaptive data security policy. In one possible implementation, constructing an artificial intelligence model includes: Setting the environment characteristic extraction sub-model as a convolutional neural network model, setting the operation characteristic extraction sub-model as a convolutional neural network model, a long-term memory network or a Transformer model, and setting the characteristic identification sub-model as a BP neural network model; And splicing the feature vector output by the environment feature extraction sub-model with the feature vector output by the operation feature extraction sub-model and using the feature vector as the input of the feature identification sub-model to obtain the artificial intelligent model. In a possible implementation manner, according to the multidimensional user behavior sample and the corresponding behavi