Search

CN-121997320-A - Data leakage detection system based on artificial intelligence

CN121997320ACN 121997320 ACN121997320 ACN 121997320ACN-121997320-A

Abstract

The invention relates to the technical field of intelligent campus construction, in particular to a data leakage detection system based on artificial intelligence, which comprises the steps of acquiring campus access events and associating users, paths and fields according to time, constructing continuous jump fragments, extracting field pairs and repeated jump relations, identifying path evolution and emergent paragraphs, associating role identities and field cis-position, generating access track numbers and forming data leakage detection marks. The invention constructs a field jump chain by splitting access events according to time, generates a path structure containing authority attributes, counts the calling relation of field pairs in the path, forms a field jump dependency set, extracts the first appearance position and operation distribution of a field to construct a path change track, associates the field calling order with a role tag to generate role behavior mapping, and extracts a field source to establish an access track number to identify an abnormal field flow direction.

Inventors

  • LIU JIA
  • YU SHUN
  • Yi Liangkun
  • WANG JISHEN

Assignees

  • 四川易迪优信息技术有限公司

Dates

Publication Date
20260508
Application Date
20260129

Claims (8)

  1. 1. An artificial intelligence based data leakage detection system, the system comprising: The access chain construction module acquires access events of the permission platform, the interface call entrance and the user authentication area, extracts user codes, path names and field numbers according to trigger time, extracts jump position access points according to the numbers, calculates the path jump interface names, extracts identity type permission labels to be attached to paths, and outputs a continuous access jump fragment set; The node relation extraction module is used for calling the continuous access jump segment set, extracting the positions of the front field and the rear field of the path, reading the mapping of the same identity field and the path, classifying the calling times of the extracted fields into a path sequence, jumping the read fields at different path frequencies, and outputting an access path repeated jump pair list; the path evolution recognition module calls the access path repeated jump pair list, extracts a field first access event, an identity code and an interface name, analyzes field jump operation field distribution, numbers and sorts path expansion positions, and outputs a discontinuous path salient content group; and the role cross analysis module calls the discontinuous path highlighting content group, extracts the field order and the role label, reads the label position and the field skip operation, embeds the role field into the path segment, extracts the continuous identity label segment and outputs a role mixed skip field index table.
  2. 2. The artificial intelligence based data leakage detection system according to claim 1, wherein the continuous access hop segment set comprises a user code identifier, a path tag combination, an interface name set, a permission tag addition, and a field hop sequence, the access path repeat hop pair list comprises a field pair mapping table, a field call frequency table, a path repeat hop pair, and field paragraph hop statistics, the discontinuous path hop content set comprises a field access time index, an operation field distribution segment, a path hop position number, and an interface call timing set, and the role mix hop field index table comprises a field call sequence number, a role tag mapping set, a path identity field pair, and a field hop association set.
  3. 3. The artificial intelligence based data leakage detection system of claim 1, wherein the access chain construction module comprises: the path extraction sub-module acquires a user code, a path name and a field number in an access event of the intelligent campus permission platform, sorts a path set with consistent field numbers according to an event triggering time sequence, and divides an operation area according to the field number sequence to obtain a path operation number sequence; The jump identification sub-module calls a field number in the path operation number sequence, extracts an access point of a corresponding interface entry and an operation field, identifies an interface name associated with a field number change position, extracts a jump paragraph in combination with the sequence of the field numbers among paths, and acquires a path jump interval paragraph; And the permission adding sub-module extracts identity type information according to the field numbers in the path jump section paragraphs, acquires corresponding permission labels, adds the permission labels to the field number positions corresponding to the path names, and sequentially splices according to the field number sequence to acquire the continuous access jump fragment sequence.
  4. 4. The artificial intelligence based data leakage detection system of claim 1, wherein the node relation extraction module comprises: The path positioning sub-module calls access point information in the continuous access jump segment sequence, acquires corresponding combinations of front and rear adjacent fields in each path, marks the starting and ending positions of each field combination in the path, extracts continuous field combination content according to the path appearance sequence, and acquires path field combination paragraphs; the field statistics sub-module extracts corresponding field paths under the same identity code according to field numbers in the path field combination paragraphs, records call frequencies of all fields in all paths, and merges the call frequencies into a corresponding number sequence to obtain a field call frequency list; and the jump association sub-module extracts the field paragraphs where the field number sequences are located in different paths according to the field number sequences in the field calling frequency list, identifies the field combination relation corresponding to repeated jumps, calculates the repeated times of the field combinations in the jump paragraphs and acquires the access path repeated jump pair list.
  5. 5. The artificial intelligence based data leakage detection system of claim 1, wherein the path evolution recognition module comprises: The event extraction sub-module calls the field paragraphs in the access path repeated jump pair list, extracts first access event indexes of each field content in a plurality of time slices, and orderly classifies the event indexes into corresponding field paragraphs to obtain a field time index sequence; The identity reading sub-module extracts corresponding identity code information and access interface names according to each event index in the field time index sequence, merges the interface names into corresponding identity codes according to the event sequence, and acquires corresponding fragments of the identity interfaces; and the abrupt identifying sub-module extracts the distribution area of the operation field between the fields according to the field jump sequence in the corresponding fragment of the identity interface, identifies the path expansion position in the field paragraph, and integrates the jump path numbers into a set to obtain the abrupt content group of the discontinuous path.
  6. 6. The artificial intelligence based data leakage detection system of claim 1, wherein the role crossover resolution module comprises: A field homing sub-module, which calls path paragraphs in the discontinuous path highlighting content group, extracts field calling order and corresponding role identity labels in each paragraph, compares the field order with the label order, extracts the position of the corresponding field of each role label, and obtains a role field order position group; The label matching sub-module extracts the jump action of the corresponding field according to the label position in the role field sequence position group, pairs the field jump position with the role identity label, writes the field index of the role in the jump path into the path information flow, and acquires the corresponding index sequence of the path role; and the jump extraction submodule extracts path identity fragments associated with continuous field jumps according to the field sequence in the index sequence corresponding to the path roles, records the field set related to each jump, screens out the identity roles to which each field in the same jump fragment belongs, and acquires a role mixed jump field index table.
  7. 7. The artificial intelligence based data leakage detection system of claim 1, further comprising: The behavior intervention calibration module is used for calling the path identity fragments in the role mixed jump field index table, extracting calling source fields, locating field contents and authority interface fields, writing paths corresponding to the interface fields into an access field track set, extracting all access path numbers containing the identity jump fields in the track set, and outputting a data leakage detection identifier; the data leakage detection identifier comprises an access field track number, an authority field positioning group, an identity field jump path and a leakage risk field set.
  8. 8. The artificial intelligence based data leakage detection system of claim 7, wherein the behavioral intervention calibration module comprises: The field source extraction submodule calls the path identity fragment in the role mixed jump field index table, extracts the call source field content corresponding to the field in each path, carries out corresponding processing on the extraction result and the field name in the authority interface field table, locates interface information of the field, and acquires an interface field locating mapping sequence; the track path writing sub-module extracts the corresponding call path content according to the interface field information in the interface field positioning mapping sequence, writes the path information into the access field track set according to the field sequence, and maintains the consistency of the field call sequence to obtain the access field track set; and the identity field screening sub-module screens out the position numbers containing the identity jump field according to the path number content of each field in the access field path track set, extracts all corresponding path numbers, combines the path numbers into an identifiable item set, and acquires the data leakage detection identification.

Description

Data leakage detection system based on artificial intelligence Technical Field The invention relates to the technical field of intelligent campus construction, in particular to a data leakage detection system based on artificial intelligence. Background The technical field of intelligent campus construction relates to intellectualization of teaching, management, safety and service, and core matters comprise teaching resource digital management, student behavior data acquisition, intelligent security and control and campus information system integration, and a unified data interaction and management platform is constructed by integrally relying on artificial intelligence, the Internet of things and big data processing technology, so that digital support is provided for a campus operation process. The conventional data leakage detection system is used for identifying the leakage behavior of sensitive information in the data transmission process by setting rules or behavior characteristics in a campus network, and the processing process generally comprises the steps of presetting sensitive words or data characteristics, matching transmission data content, extracting abnormal behavior indexes, setting a judgment threshold value, generating prompt information when meeting conditions, and commonly used means comprise keyword comparison, mode rule setting, access behavior statistics and abnormal frequency analysis. The existing method mainly uses static rules, relies on matching of sensitive words and threshold values, lacks structural expression on path behaviors, cannot establish field jump logic, and is difficult to reveal implicit relations between behavior chains. The access frequency and the abnormal index separate identity information, a field and role binding mechanism is lacked, and an identity unauthorized path is difficult to identify. The field behaviors have no time index, the evolution process of the field in the access chain cannot be tracked, and the behavior mutation points are difficult to restore. The interface field and the access path are not mapped, the source tracing capability of the field is weak, the path backtracking difficulty is high, and the leakage risk node is easy to miss. Disclosure of Invention The invention aims to solve the defects in the prior art, and provides a data leakage detection system based on artificial intelligence. In order to achieve the above purpose, the invention adopts the following technical scheme that the system for detecting data leakage based on artificial intelligence comprises: The access chain construction module acquires access events of the permission platform, the interface call entrance and the user authentication area, extracts user codes, path names and field numbers according to trigger time, extracts jump position access points according to the numbers, calculates the path jump interface names, extracts identity type permission labels to be attached to paths, and outputs a continuous access jump fragment set; The node relation extraction module is used for calling the continuous access jump segment set, extracting the positions of the front field and the rear field of the path, reading the mapping of the same identity field and the path, classifying the calling times of the extracted fields into a path sequence, jumping the read fields at different path frequencies, and outputting an access path repeated jump pair list; the path evolution recognition module calls the access path repeated jump pair list, extracts a field first access event, an identity code and an interface name, analyzes field jump operation field distribution, numbers and sorts path expansion positions, and outputs a discontinuous path salient content group; The role cross analysis module calls the discontinuous path highlighting content group, extracts a field order and a role label, reads label positions and field jumping operation, embeds a role field into a path segment, extracts a continuous identity label segment and outputs a role mixed jumping field index table; And the behavior intervention calibration module is used for calling the path identity fragments in the role mixed jump field index table, extracting calling source fields, locating field contents and authority interface fields, writing paths corresponding to the interface fields into an access field track set, extracting all access path numbers containing the identity jump fields in the track set, and outputting a data leakage detection identifier. As a further scheme of the invention, the continuous access jump segment set comprises a user code identifier, a path label combination, an interface name set, an authority label addition item and a field jump sequence, the access path repeated jump pair list comprises a field pair mapping table, a field call frequency table, a path repeated jump pair and field paragraph jump statistics, the discontinuous path salient content set comprises a field access time index,