Abnormal data detection methods, devices, electronic equipment, and computer storage media
By encrypting the meta-features of the participants in federated learning to generate perturbation values, and then decrypting and summing them, the problem of not being able to directly detect abnormal data in federated learning is solved, thus achieving both data security and detection accuracy.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA MOBILE INFORMATION TECHNOLOGY CO LTD
- Filing Date
- 2023-02-20
- Publication Date
- 2026-06-30
AI Technical Summary
In federated learning, because the original data of each initiator and participant is stored on their respective local devices and cannot be directly accessed by each other, the initiator cannot directly detect abnormal data, and encrypted transmission poses a risk of data leakage, thus failing to guarantee data security.
By encrypting the meta-features of the participants, a perturbation value is generated and sent to the initiator. The initiator uses the decryption private key and public key to decrypt and sum the data, thereby detecting abnormal data among the participants and ensuring that the data is secure and not leaked.
This enables the detection of anomalous data from participants without disclosing abnormal data, ensuring the data security and effectiveness of federated learning.
Smart Images

Figure CN116028257B_ABST
Abstract
Description
Technical Field
[0001] This application belongs to the field of cloud computing technology, and in particular relates to an abnormal data detection method, device, electronic device and computer storage medium. Background Technology
[0002] In the context of the big data era, federated learning is a distributed machine learning technology that enables initiators and participants to train a global model based on virtual fused data without exchanging raw data, but only by exchanging a small amount of computation results under end-to-end encryption.
[0003] The effectiveness of global model training largely depends on the validity of the original data and whether it is properly processed during the data processing stage. One key aspect is the detection and handling of outlier data.
[0004] However, in federated learning, since the original data of each initiator and participant is stored on their respective local end, the data between them cannot be accessed. Therefore, the initiator cannot directly detect abnormal data of other participants. Usually, the data is encrypted before transmission, but this involves data content and data attributes, which poses a risk of data leakage. Therefore, the security of data cannot be guaranteed during the abnormal data detection process. Summary of the Invention
[0005] This application provides an abnormal data detection method, apparatus, electronic device, and computer storage medium, which can prevent the leakage of abnormal data and improve the security of abnormal data during the detection process.
[0006] In a first aspect, embodiments of this application provide an abnormal data detection method, applied to participating parties, the method comprising:
[0007] Acquire multiple first target data, each first target data including at least one meta-feature, the meta-feature being used to represent a criterion of the first target data to which it belongs;
[0008] Encrypt the meta-features in each first target data to obtain perturbation values;
[0009] The perturbation value is sent to the initiator so that the initiator can detect abnormal data among the participants based on the perturbation value.
[0010] Secondly, embodiments of this application provide an abnormal data detection method, applied to the initiator, the method comprising:
[0011] Receive the first encrypted data and the perturbation value;
[0012] The first encrypted data is decrypted using the decryption private key to obtain the third target data, which includes multiple privacy data corresponding to multiple meta-features in the first target data;
[0013] Based on the perturbation value, obtain the public key of the participants, and use the public key to decrypt the second encrypted value to obtain the third encrypted value;
[0014] Based on the third encryption value, the second encrypted data is decrypted to obtain the second feature matrix, which includes multiple meta-features from the first target data.
[0015] The fourth encryption value is determined by summing multiple meta-features in the second feature matrix.
[0016] Thirdly, embodiments of this application provide an abnormal data detection device, applied to participating parties, the device comprising:
[0017] The first acquisition module is used to acquire multiple first target data, each first target data includes at least one meta-feature, and the meta-feature is used to represent a criterion of the first target data to which it belongs;
[0018] The encryption module is used to encrypt the meta-features in each first target data to obtain the perturbation value;
[0019] The sending module is used to send the perturbation value to the initiator so that the initiator can detect abnormal data in the participants based on the perturbation value.
[0020] Fourthly, embodiments of this application provide an abnormal data detection device, applied to the initiator, the device comprising:
[0021] The receiving module is used to receive the first encrypted data and the perturbation value;
[0022] The first decryption module uses the decryption private key to decrypt the first encrypted data to obtain the third target data. The third target data includes multiple privacy data corresponding to the meta-features in the first target data.
[0023] The second acquisition module obtains the public key of the participants based on the perturbation value, and decrypts the second encrypted value with the public key to obtain the third encrypted value;
[0024] The second decryption module decrypts the second encrypted data according to the third encryption value to obtain the second feature matrix, which includes multiple meta-features from the first target data.
[0025] The determination module sums up multiple meta-features in the second feature matrix to determine the fourth encryption value.
[0026] Fifthly, embodiments of this application provide an electronic device, the device including: a processor and a memory storing computer program instructions;
[0027] When the processor executes the computer program instructions, it implements the method as described in the first or second aspect.
[0028] In a sixth aspect, embodiments of this application provide a computer storage medium storing computer program instructions that, when executed by a processor, implement the method described in the first or second aspect.
[0029] The abnormal data detection method, apparatus, electronic device, and computer storage medium of this application embodiment acquire multiple first target data and encrypt the meta-features in the first target data. The meta-features are used to represent a standard of the first target data. After encryption, a perturbation value is obtained. This perturbation value can ensure the security of the participant data. The perturbation value is sent to the initiator, so that the initiator can detect abnormal data in the participant based on the perturbation value. In this way, the perturbation value only represents the situation of the participant's first target data and does not involve the data content and data attributes of the first target data. Therefore, the initiator can know the standard situation of the participant's first target data and perform abnormal data detection on the participant's first target data based on the perturbation value. In addition, the encryption process not only ensures that abnormal data is not leaked, but also ensures the security of abnormal data during the detection process. Attached Figure Description
[0030] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0031] Figure 1 This is a flowchart illustrating an abnormal data detection method provided in the first aspect of this application.
[0032] Figure 2 This is a flowchart illustrating an abnormal data detection method provided in a second aspect embodiment of this application;
[0033] Figure 3 This is a schematic diagram of the structure of an abnormal data detection device provided in the first aspect embodiment of this application;
[0034] Figure 4 This is a schematic diagram of the structure of an abnormal data detection device provided in the second aspect embodiment of this application;
[0035] Figure 5This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation
[0036] The features and exemplary embodiments of various aspects of this application will be described in detail below. To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are only intended to explain this application and not to limit it. For those skilled in the art, this application can be implemented without some of these specific details. The following description of the embodiments is merely to provide a better understanding of this application by illustrating examples.
[0037] It should be noted that, in this document, relational terms such as "first" and "second" are used merely to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising..." does not exclude the presence of additional identical elements in the process, method, article, or apparatus that includes said element.
[0038] As described in the background section, the inventors discovered that in federated learning, since the original data of each initiator and participant is stored on their respective local end, the data between them cannot be accessed. Therefore, the initiator cannot directly detect abnormal data from other participants. Usually, the data is encrypted before transmission, but this involves data content and data attributes, which poses a risk of data leakage. Therefore, the security of data cannot be guaranteed during the abnormal data detection process.
[0039] To address the problems of existing technologies, embodiments of this application provide an abnormal data detection method, apparatus, electronic device, and computer storage medium. The abnormal data detection method provided by these embodiments will be described in detail below with reference to the accompanying drawings and specific examples and application scenarios.
[0040] Figure 1 This is a flowchart illustrating an abnormal data detection method provided in the first aspect of this application, as shown below. Figure 1 As shown, the abnormal data detection method provided in this application embodiment may include steps S110-S130, wherein:
[0041] S110. Obtain multiple first target data, each first target data including at least one meta-feature, the meta-feature being used to represent a standard of the first target data to which it belongs;
[0042] S120. Encrypt the meta-features in each first target data to obtain the perturbation value;
[0043] S130. Send the perturbation value to the initiator so that the initiator can detect abnormal data in the participants based on the perturbation value.
[0044] Therefore, by acquiring multiple first target data sets and encrypting the meta-features within them (where each meta-feature represents a standard of the first target data set), a perturbation value is obtained after encryption. This perturbation value ensures the security of the participating data. The perturbation value is then sent to the initiator, enabling the initiator to detect abnormal data in the participating data set. In this way, the perturbation value only represents the status of the participating data set and does not involve the data content or attributes of the first target data set. Thus, the initiator can obtain the standard status of the participating data set and perform abnormal data detection based on the perturbation value. Furthermore, the encryption process not only ensures that abnormal data is not leaked but also guarantees the security of the abnormal data during the detection process.
[0045] The specific implementation methods for each of the above steps are described below.
[0046] In one embodiment of this application, in S110, the first target data is the standard data of the participating parties.
[0047] For example, with any participating party For example, the meta-features in each first target data For example, this includes data that is not null or data of character type, among which and It is a positive integer. A meta-feature can represent one criterion of the first target data, and multiple meta-features can represent multiple criteria of the first target data. Each first target data includes at least one meta-feature.
[0048] In one embodiment of this application, after S110, the following steps are further included:
[0049] Step 1: Obtain multiple second target data, where each second target data corresponds to the privacy data of the meta-features in a first target data;
[0050] For example, the second target data is privacy data stored internally by the participants, and the privacy data is data used for federated learning. There is a one-to-one correspondence between multiple second target data and multiple meta-features in the first target data.
[0051] Step 2: Encrypt multiple second target data as a whole to obtain the encrypted first encrypted data;
[0052] For example, multiple second target data are obtained. Previously, the target data was determined. Calculate the mean of all target data.
[0053]
[0054] in The target total number of data points. Identify the target data. Given a positive integer, calculate the standard deviation of the target data based on the mean of the target data.
[0055]
[0056] The second target data is calculated based on the mean and standard deviation of the target data.
[0057]
[0058] The second target data is then encrypted as a whole.
[0059] This step may specifically include the following steps:
[0060] Based on the acquired second target data, generate two prime numbers and one exponent;
[0061] Based on the two prime numbers and one exponent, the plurality of second target data are encrypted using the following expression to obtain the encrypted first encrypted data;
[0062]
[0063] The For the first encrypted data, For the second target data, and It is a prime number. and is any random integer.
[0064] For example, as described above, encrypting the second target data requires generating two large prime numbers. and ,in, and The greatest common divisor between them is 1. A random integer is determined based on the second target data. , and thus
[0065]
[0066] in, for and The least common multiple between Let be the modulo function. Let the second target data be denoted as . Then its first encrypted data is
[0067]
[0068] in, is any random integer.
[0069] Step 3: Send the first encrypted data to the initiator.
[0070] For example, in the above, the first encrypted data obtained through calculation is sent by the participant to the initiator. The data sent by the participant is encrypted data. During the data communication process, even if a third party illegally intercepts the first encrypted data, the privacy and security of the second target data can be guaranteed because it cannot be cracked to obtain the corresponding second target data.
[0071] In one embodiment of this application, in S120, the meta-features in each first target data are encrypted to obtain a perturbation value, including the following four steps:
[0072] Step 1: Arrange the meta-features of each first target data according to the acquisition order of the first target data in multiple first target data sets to form a first feature matrix;
[0073] Step 2: Encrypt the first feature matrix using the first encryption value to obtain the encrypted second encrypted data. The first encryption value is calculated by summing the meta-features in multiple first target data.
[0074] Step 3: Use the private key of each participant to encrypt the first encrypted value to obtain the encrypted second encrypted value;
[0075] Step 4: Add the second encrypted data and the second encrypted value together to obtain the perturbation value.
[0076] For example, with any participating party For example, the participating parties At least one meta-feature from the acquired first target data is used to arrange all meta-features in the order of acquisition, forming a first feature matrix. .
[0077] Participants Determine the first encrypted value r
[0078]
[0079] in, The first characteristic matrix The total number of elements.
[0080] Based on the first encryption value r, the first feature matrix Encryption is performed to obtain the second encrypted data. (Participants) Through the participants The private key is used to encrypt the first encrypted value to obtain the encrypted second encrypted value. The second encrypted data and the second encrypted value are added together to obtain the perturbation value.
[0081] In one embodiment of this application, in S130, as described above, after obtaining the disturbance value, the participating parties... The perturbation value is broadcast so that the initiator is aware of it. This allows the initiator to adjust the participating parties' behavior based on the sent perturbation value before proceeding with federated learning. The second target data is used for anomaly detection.
[0082] Figure 2 This is a flowchart illustrating an abnormal data detection method provided in a second aspect embodiment of this application. This abnormal data detection method can be applied to the initiator.
[0083] like Figure 2 As shown, the abnormal data detection method may specifically include steps S210-S250, wherein:
[0084] S210, Receive the first encrypted data and the perturbation value;
[0085] S220. Decrypt the first encrypted data using the decryption private key to obtain the third target data. The third target data includes multiple privacy data corresponding to the meta-features in the first target data.
[0086] S230. Based on the perturbation value, obtain the public key of the participants, and use the public key to decrypt the second encrypted value to obtain the third encrypted value;
[0087] S240. Based on the third encryption value, the second encrypted data is decrypted to obtain the second feature matrix, which includes multiple meta-features from the first target data.
[0088] S250. Summing up multiple meta-features in the second feature matrix to determine the fourth encryption value.
[0089] Therefore, by receiving the perturbation value and decrypting the second encrypted value based on the perturbation value, the third encrypted value is obtained. The second encrypted data is then decrypted using the third encrypted value to obtain the decrypted feature matrix, i.e., the second feature matrix. The multiple meta-features in the second feature matrix are summed again to obtain the fourth encrypted value. The accuracy of the second feature matrix is determined by whether the third and fourth encrypted values are the same. In this way, the correctness of the second feature matrix can be verified by decrypting and then encrypting again.
[0090] In one embodiment of this application, in S210, the receiving party... The first encrypted data and perturbation value sent.
[0091] In one embodiment of this application, in S220, the initiator The first received encrypted data is decrypted, and the decrypted third target data is...
[0092]
[0093] The third target data includes multiple privacy data corresponding to the meta-features in the multiple first target data.
[0094] In one embodiment of this application, in S230, the public key of the participating party is obtained, and the second encrypted value in the perturbation value is decrypted using the public key to obtain the third encrypted value. .
[0095] In one embodiment of this application, in S240, according to the third encryption value Decrypt the second encrypted data in the perturbation value to obtain the second feature matrix. The second feature matrix includes multiple meta-features from the first target data.
[0096] In one embodiment of this application, in S250, based on the obtained second feature matrix Determine the fourth encryption value
[0097]
[0098] in, Characteristic matrix The total number of elements.
[0099] This step is followed by the following steps:
[0100] If the decrypted third encrypted value is different from the fourth encrypted value, then the perturbation value is obtained again.
[0101] For example, if the decrypted third encrypted value is different from the fourth encrypted value, that is... This indicates that the obtained second characteristic matrix If the value is inaccurate, the perturbation value is reacquired until an accurate second feature matrix is obtained. Then, the correct second feature matrix is used to detect whether there are any anomalies in the final third target data.
[0102] In one embodiment of this application, in order to detect whether there is an anomaly in the third target data, the method may further include:
[0103] If the decrypted third encrypted value is the same as the fourth encrypted value, then check whether the multiple privacy data in the decrypted third target data correspond one-to-one with the multiple meta-features in the second feature matrix;
[0104] If multiple private data points in the decrypted third target data do not correspond one-to-one with multiple meta-features in the second feature matrix, then the abnormal data in the third target data will be deleted.
[0105] For example, if the decrypted third encrypted value is the same as the fourth encrypted value, that is... This indicates that the obtained feature matrix It is accurate, that is ,pass The system detects whether there is abnormal data in the third target data. If multiple privacy data in the decrypted third target data are found to correspond one-to-one with multiple meta-features in the second feature matrix, then the third target data is normal. If multiple privacy data in the decrypted third target data are not found to correspond one-to-one with multiple meta-features in the second feature matrix, then it indicates that there is an anomaly in the third target data, and the abnormal data in the third target data is deleted.
[0106] Through the above embodiments, the initiator can detect abnormal data in the data of the participants, thereby providing a data foundation for further data processing, which not only ensures data security but also guarantees the effectiveness of federated learning.
[0107] It should be noted that the application scenarios described in the above embodiments of this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided by the embodiments of this application. As those skilled in the art will know, with the emergence of new application scenarios, the technical solutions provided by the embodiments of this application are also applicable to similar technical problems.
[0108] Based on the same inventive concept, this application also provides an abnormal data detection device. Specifically, in conjunction with... Figure 3 Please provide a detailed explanation.
[0109] Figure 3This is a schematic diagram of an abnormal data detection device provided in the first aspect of this application. This abnormal data detection device can be applied to participating parties.
[0110] like Figure 3 As shown, the abnormal data detection device 300 includes:
[0111] The first acquisition module 301 is used to acquire multiple first target data, each first target data including at least one meta-feature, the meta-feature being used to represent a criterion of the first target data to which it belongs;
[0112] Encryption module 302 is used to encrypt the meta-features in each first target data to obtain a perturbation value;
[0113] The sending module 303 is used to send the disturbance value to the initiator so that the initiator can detect abnormal data in the participants based on the disturbance value.
[0114] The abnormal data detection device 300 described above will be explained in detail below:
[0115] In one embodiment of this application, the above-mentioned abnormal data detection device 300 may further include:
[0116] The second acquisition module is used to acquire multiple second target data, and each second target data corresponds to the privacy data of the meta-features in a first target data.
[0117] The acquisition module is used to encrypt multiple second target data as a whole to obtain the encrypted first encrypted data;
[0118] The sending module 303 is used to send the first encrypted data to the initiator.
[0119] In one embodiment of this application, the encryption module 302 may specifically include:
[0120] The arrangement submodule is used to arrange the meta-features of each first target data according to the acquisition order of each first target data in multiple first target data, forming a first feature matrix;
[0121] The first encryption submodule is used to encrypt the first feature matrix using the first encryption value to obtain the encrypted second encrypted data. The first encryption value is calculated by summing the meta-features in multiple first target data.
[0122] The second encryption submodule is used to encrypt the first encryption value using the private key of the participants to obtain the encrypted second encryption value;
[0123] The first obtaining submodule is used to sum the second encrypted data and the second encrypted value to obtain a perturbation value.
[0124] In one embodiment of this application, the above-mentioned obtaining module specifically includes:
[0125] The generation submodule is used to generate two prime numbers and an exponent based on the acquired second target data.
[0126] The second submodule is used to encrypt multiple second target data based on two prime numbers and an exponent, using the following expression, to obtain the encrypted first encrypted data;
[0127]
[0128] For the first encrypted data, For the second target data, and It is a prime number. and is any random integer.
[0129] Figure 4 This is a schematic diagram of an abnormal data detection device provided in a second aspect embodiment of this application. This abnormal data detection device can be applied to the initiator.
[0130] like Figure 4 As shown, the abnormal data detection device 400 includes:
[0131] Receiver module 401 is used to receive the first encrypted data and the perturbation value;
[0132] The first decryption module 402 uses the decryption private key to decrypt the first encrypted data to obtain the third target data. The third target data includes multiple privacy data corresponding to the meta-features in the first target data.
[0133] The third acquisition module 403 acquires the public key of the participants based on the perturbation value, and decrypts the second encrypted value with the public key to obtain the third encrypted value;
[0134] The second decryption module 404 decrypts the second encrypted data according to the third encryption value to obtain the second feature matrix, which includes multiple meta-features from the first target data.
[0135] The determination module 405 sums up multiple meta-features in the second feature matrix to determine the fourth encryption value.
[0136] In one embodiment of this application, the above-mentioned abnormal data detection device 300 may further include:
[0137] The fourth acquisition module is used to reacquire the perturbation value if the decrypted third encrypted value is different from the fourth encrypted value.
[0138] In one embodiment of this application, the above-mentioned abnormal data detection device 300 may further include:
[0139] The detection module is used to detect whether multiple privacy data in the decrypted third target data correspond one-to-one with multiple meta-features in the second feature matrix if the decrypted third encrypted value is the same as the fourth encrypted value.
[0140] The deletion module is used to delete abnormal data in the third target data if it is detected that multiple privacy data in the decrypted third target data do not correspond one-to-one with multiple meta-features in the second feature matrix.
[0141] Therefore, by acquiring multiple first target data sets and encrypting the meta-features within them (where each meta-feature represents a standard of the first target data set), a perturbation value is obtained after encryption. This perturbation value ensures the security of the participating data. The perturbation value is then sent to the initiator, enabling the initiator to detect abnormal data in the participating data set. In this way, the perturbation value only represents the status of the participating data set and does not involve the data content or attributes of the first target data set. Thus, the initiator can obtain the standard status of the participating data set and perform abnormal data detection based on the perturbation value. Furthermore, the encryption process not only ensures that abnormal data is not leaked but also guarantees the security of the abnormal data during the detection process.
[0142] Figure 5 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application.
[0143] An electronic device may include a processor 501 and a memory 502 storing computer program instructions.
[0144] Specifically, the processor 501 may include a central processing unit (CPU), an application-specific integrated circuit (ASIC), or one or more integrated circuits that can be configured to implement the embodiments of this application.
[0145] Memory 502 may include mass storage for data or instructions. For example, and not limitingly, memory 502 may include a hard disk drive (HDD), floppy disk drive, flash memory, optical disk, magneto-optical disk, magnetic tape, or Universal Serial Bus (USB) drive, or a combination of two or more of these. Where appropriate, memory 502 may include removable or non-removable (or fixed) media. Where appropriate, memory 502 may be internal or external to the integrated gateway disaster recovery device. In a particular embodiment, memory 502 is non-volatile solid-state memory.
[0146] Memory may include read-only memory (ROM), random access memory (RAM), disk storage media devices, optical storage media devices, flash memory devices, and electrical, optical, or other physical / tangible memory storage devices. Therefore, typically, memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., memory devices) encoded with software including computer-executable instructions, and when the software is executed (e.g., by one or more processors), it is operable to perform the operations described with reference to the methods according to the first or second aspect of this disclosure.
[0147] The processor 501 implements any of the abnormal data detection methods in the above embodiments by reading and executing computer program instructions stored in the memory 502.
[0148] In one example, the electronic device may also include a communication interface 503 and a bus 510. Wherein, as... Figure 5 As shown, the processor 501, memory 502, and communication interface 503 are connected through bus 510 and complete communication with each other.
[0149] The communication interface 503 is mainly used to realize communication between various modules, devices, units and / or equipment in the embodiments of this application.
[0150] Bus 510 includes hardware, software, or both, that couples components of an anomaly data detection method or verification device together. For example, and not as a limitation, the bus may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an Infinite Bandwidth Interconnect, a Low Pin Count (LPC) bus, a memory bus, a Microchannel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a Video Electronics Standards Association Local (VLB) bus, or other suitable buses, or combinations of two or more of these. Where appropriate, bus 510 may include one or more buses. Although specific buses are described and illustrated in embodiments of this application, any suitable bus or interconnect is contemplated herein.
[0151] Furthermore, in conjunction with the abnormal data detection methods in the above embodiments, this application embodiment can provide a computer storage medium for implementation. The computer storage medium stores computer program instructions; when these computer program instructions are executed by a processor, they implement any of the abnormal data detection methods in the above embodiments.
[0152] It should be clarified that this application is not limited to the specific configurations and processes described above and shown in the figures. For the sake of brevity, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of this application is not limited to the specific steps described and shown. Those skilled in the art can make various changes, modifications, and additions, or change the order of steps, after understanding the spirit of this application.
[0153] The functional blocks shown in the above-described structural diagram can be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, they can be, for example, electronic circuits, application-specific integrated circuits (ASICs), appropriate firmware, plug-ins, function cards, etc. When implemented in software, the elements of this application are programs or code segments used to perform the required tasks. Programs or code segments can be stored on a machine-readable medium or transmitted over a transmission medium or communication link via data signals carried on a carrier wave. "Machine-readable medium" can include any medium capable of storing or transmitting information. Examples of machine-readable media include electronic circuits, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio frequency (RF) links, etc. Code segments can be downloaded via computer networks such as the Internet, intranets, etc.
[0154] It should also be noted that the exemplary embodiments mentioned in this application describe methods or systems based on a series of steps or apparatus. However, this application is not limited to the order of the above steps; that is, the steps can be performed in the order mentioned in the embodiments, or in a different order, or several steps can be performed simultaneously.
[0155] The aspects of this disclosure have been described above with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this disclosure. It should be understood that each block in the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, or other programmable data processing apparatus to produce a machine such that these instructions, executable via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions / actions specified in one or more blocks of the flowchart illustrations and / or block diagrams. Such a processor can be, but is not limited to, a general-purpose processor, a special-purpose processor, a special application processor, or a field-programmable logic circuit. It is also understood that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, can also be implemented by special-purpose hardware performing the specified functions or actions, or can be implemented by a combination of special-purpose hardware and computer instructions.
[0156] The above description is merely a specific implementation of this application. Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, modules, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here. It should be understood that the protection scope of this application is not limited thereto. Any person skilled in the art can easily conceive of various equivalent modifications or substitutions within the technical scope disclosed in this application, and these modifications or substitutions should all be covered within the protection scope of this application.
Claims
1. An abnormal data detection method, characterized in that, Applied to participating parties, the method includes: Acquire multiple first target data, each first target data including at least one meta-feature, the meta-feature being used to represent a criterion of the first target data to which it belongs; Encrypt the meta-features in each of the first target data to obtain a perturbation value; The perturbation value is sent to the initiator so that the initiator can detect abnormal data in the participants based on the perturbation value; The step of encrypting the meta-features in each of the first target data to obtain a perturbation value includes: Based on the acquisition order of each first target data in the plurality of first target data, the meta-features of each first target data are arranged to form a first feature matrix; The first feature matrix is encrypted using the first encryption value to obtain the encrypted second encrypted data. The first encryption value is calculated by summing the meta-features in the plurality of first target data. The first encrypted value is encrypted using the private key of the participating party to obtain the encrypted second encrypted value; The second encrypted data and the second encrypted value are summed to obtain the perturbation value.
2. The method according to claim 1, characterized in that, After acquiring multiple first target data, the method further includes: Acquire multiple second target data, where each second target data corresponds to the privacy data of a meta-feature in a first target data; The multiple second target data are encrypted as a whole to obtain the encrypted first encrypted data; The first encrypted data is sent to the initiator.
3. The method according to claim 2, characterized in that, The step of encrypting the plurality of second target data as a whole to obtain the encrypted first encrypted data includes: Based on the acquired second target data, generate two prime numbers and one exponent; Based on the two prime numbers and one exponent, the plurality of second target data are encrypted using the following expression to obtain the encrypted first encrypted data; The For the first encrypted data, For the second target data, and It is a prime number. and is any random integer.
4. An abnormal data detection method, characterized in that, Applied to the initiator, the method includes: Receive first encrypted data and a perturbation value, wherein the first encrypted data is obtained by encrypting the obtained second target data, and the perturbation value is obtained by encrypting the obtained first target data; The first encrypted data is decrypted using the decryption private key to obtain the third target data, which includes multiple privacy data corresponding to the meta-features in the first target data; Based on the perturbation value, the public key of the participant is obtained, and the second encrypted value is decrypted using the public key to obtain the third encrypted value. The second encrypted value is obtained by encrypting the first encrypted value. The second encrypted data is decrypted according to the third encryption value to obtain a second feature matrix. The second feature matrix includes multiple meta-features from the plurality of first target data. The second encrypted data is obtained by encrypting the first feature matrix corresponding to the first target data with the first encryption value. The fourth encryption value is determined by summing multiple meta-features in the second feature matrix.
5. The method according to claim 4, characterized in that, After summing multiple meta-features in the second feature matrix to determine the fourth encryption value, the method further includes: If the decrypted third encrypted value is different from the fourth encrypted value, then the perturbation value is obtained again.
6. The method according to claim 4, characterized in that, The method further includes: If the decrypted third encrypted value is the same as the fourth encrypted value, then it is detected whether multiple privacy data in the decrypted third target data correspond one-to-one with multiple meta-features in the second feature matrix; If it is detected that multiple privacy data in the decrypted third target data do not correspond one-to-one with multiple meta-features in the second feature matrix, then the abnormal data in the third target data will be deleted.
7. An abnormal data detection device, characterized in that, Applied to participating parties, the device includes: A first acquisition module is used to acquire multiple first target data, each first target data including at least one meta-feature, the meta-feature being used to represent a criterion of the first target data to which it belongs; An encryption module is used to encrypt the meta-features in each of the first target data to obtain a perturbation value; A sending module is used to send the disturbance value to the initiator so that the initiator can detect abnormal data in the participants based on the disturbance value; The encryption module is further configured to: arrange the meta-features of each first target data according to the acquisition order of each first target data in the plurality of first target data to form a first feature matrix; encrypt the first feature matrix using a first encryption value to obtain encrypted second encrypted data, wherein the first encryption value is calculated by summing the meta-features in the plurality of first target data; encrypt the first encryption value using the private key of the participating party to obtain encrypted second encrypted value; and sum the second encrypted data and the second encryption value to obtain a perturbation value.
8. An abnormal data detection device, characterized in that, Applied to the initiator, the device includes: A receiving module is configured to receive first encrypted data and a perturbation value, wherein the first encrypted data is obtained by encrypting the obtained second target data, and the perturbation value is obtained by encrypting the obtained first target data; The first decryption module is used to decrypt the first encrypted data using a decryption private key to obtain the third target data, wherein the third target data includes multiple privacy data corresponding to the meta-features in the multiple first target data; The second acquisition module is used to acquire the public key of the participants based on the perturbation value, and to decrypt the second encrypted value with the public key to obtain the third encrypted value. The second encrypted value is obtained by encrypting the first encrypted value. The second decryption module is used to decrypt the second encrypted data according to the third encryption value to obtain a second feature matrix. The second feature matrix includes multiple meta-features in the plurality of first target data. The second encrypted data is obtained by encrypting the first feature matrix corresponding to the first target data with the first encryption value. The determination module is used to sum multiple meta-features in the second feature matrix to determine the fourth encryption value.
9. An electronic device, characterized in that, The electronic device includes: a processor, a memory, and a computer program stored in the memory and executable on the processor, wherein the computer program, when executed by the processor, performs the steps of abnormal data detection as described in any one of claims 1-3 or 4-5.
10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores computer program instructions that, when executed by a processor, implement the steps of abnormal data detection as described in any one of claims 1-3 or 4-6.