An artificial intelligence-based security data analysis and privacy protection method
By employing AI-based multi-source data analysis and privacy protection methods, utilizing decision trees, improved DPFL algorithms, and DeepES models, the problems of low privacy protection efficiency and insufficient adaptability in existing technologies are solved, achieving high-precision data analysis and real-time policy optimization.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- HUAIAN MIHUA NETWORK TECHNOLOGY CO LTD
- Filing Date
- 2026-03-04
- Publication Date
- 2026-06-05
AI Technical Summary
Existing privacy protection technologies suffer from low computational efficiency in multi-source data analysis, are unable to respond to threats in complex environments in real time, and lack comprehensive privacy protection strategies for multi-source data, resulting in information fragmentation and reduced accuracy of analysis results.
Using an artificial intelligence-based approach, this study utilizes multi-source data acquisition, decision trees, an improved DPFL algorithm, and the DeepES model to conduct privacy sensitivity assessments, distributed data analysis, and abnormal behavior identification. Combined with an intelligent response mechanism, the study dynamically optimizes the data and generates a multi-dimensional security risk report.
It achieves efficient privacy protection and security analysis, improves the accuracy and adaptability of data analysis, can adjust privacy protection strategies in real time, and is suitable for multi-source data processing in complex environments.
Smart Images

Figure CN122153879A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data security and privacy protection technology, and in particular to a method for secure data analysis and privacy protection based on artificial intelligence. Background Technology
[0002] With the rapid development of artificial intelligence and big data technologies, data privacy protection and security analysis have received increasing attention. Existing privacy protection technologies primarily rely on traditional encryption methods and differential privacy mechanisms. While protecting the privacy of highly sensitive data, these technologies often lead to decreased computational efficiency, particularly during data analysis and modeling, where they may affect the usability of the data and the accuracy of the analysis. Furthermore, existing privacy protection methods typically protect single data sources, lacking comprehensive privacy protection strategies for multi-source data, and failing to meet the dynamic protection needs of different data types and privacy sensitivities.
[0003] In the field of security data analytics, existing technologies primarily rely on traditional, single models for risk assessment, which often fail to respond in real time to emerging threats in complex environments. Current models lack sufficient flexibility and adaptability, resulting in the inability to adjust and optimize protective measures in a timely manner in the face of constantly changing security risks, thus impacting data security.
[0004] Furthermore, most existing data analysis methods employ static data fusion techniques, which struggle to achieve efficient fusion of multi-source data, leading to information fragmentation and impacting the overall effectiveness of security analysis. Current technologies lack sufficient multi-source data fusion capabilities and cannot dynamically adjust privacy protection measures based on data privacy sensitivities, resulting in privacy blind spots and reduced accuracy of analysis results.
[0005] Therefore, how to provide a secure data analysis and privacy protection method based on artificial intelligence is a problem that urgently needs to be solved by those skilled in the art. Summary of the Invention
[0006] One objective of this invention is to propose a secure data analysis and privacy protection method based on artificial intelligence. This invention fully utilizes multi-source data acquisition, decision trees, an improved DPFL algorithm, an improved DeepES model, and an intelligent response mechanism. It details the implementation methods for data privacy sensitivity assessment, distributed data analysis, abnormal behavior identification, and dynamic optimization of privacy protection strategies. This method possesses advantages such as strong privacy protection, high data analysis accuracy, strong dynamic protection capabilities, and strong real-time adjustment capabilities.
[0007] A method for secure data analysis and privacy protection based on artificial intelligence according to an embodiment of the present invention includes the following steps: Collect data from multiple sources and preprocess it to generate a preprocessed dataset; Privacy sensitivity assessment of the preprocessed dataset is performed using a decision tree. Based on the assessment results, the dataset is divided into highly sensitive data and low-sensitivity data. A differential privacy mechanism is applied to protect the highly sensitive data and then merged with the low-sensitivity data to obtain a privacy-protected dataset. Based on a privacy-preserving dataset, an improved DPFL algorithm is applied for distributed data analysis to generate a global model; The improved DeepES model is used to identify potential security threats or anomalous behaviors on privacy-preserving datasets and generate security analysis results. A multi-dimensional security risk report is generated based on the global model and security analysis results, including the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions. Based on multi-dimensional security risk reports, privacy protection strategies are adjusted in real time, and privacy protection and security measures are automatically optimized through intelligent response mechanisms.
[0008] Optionally, the step of collecting multi-source data and preprocessing it to generate a preprocessed dataset specifically includes: Collect multi-source data from multiple data sources, including sensor data, user behavior data, device data, and transaction data; Unified preprocessing of collected multi-source data includes: Data cleaning algorithms were used to remove duplicate, missing, and outlier values. Missing values were imputed using the mean imputation method, and outliers were detected using a standard deviation-based method. Kalman filtering or mean filtering algorithms are used to remove irrelevant or interfering data from multi-source data. For numerical data, Z-score standardization or min-max standardization methods are used to convert values with different units and dimensions into a uniform scale. The preprocessed multi-source data are merged to generate a preprocessed dataset.
[0009] Optionally, the preprocessed dataset is subjected to privacy sensitivity assessment using a decision tree. Based on the assessment results, it is divided into highly sensitive data and low-sensitivity data. A differential privacy mechanism is applied to protect the highly sensitive data, which is then merged with the low-sensitivity data to obtain a privacy-protected dataset. Specifically, this includes: The training dataset is trained using a decision tree model, which contains samples labeled as high-sensitivity data and low-sensitivity data. Decision tree models are based on data features. They select the best splitting features by calculating information gain or Gini index and recursively construct decision trees. The preprocessed dataset is classified using a trained decision tree model, and divided into high-sensitivity data and low-sensitivity data based on data characteristics. Differential privacy mechanism is applied to protect the portion of data classified as highly sensitive, and then merged with the low-sensitivity data to obtain a privacy-protected dataset. The classification accuracy of the decision tree model is evaluated. Cross-validation is used to verify the stability of the decision tree model on different data partitions. The performance of the decision tree model is evaluated by precision, recall and F1 score. If the decision tree model fails to meet the predetermined standards based on the performance evaluation results, the decision tree model will be optimized and adjusted.
[0010] Optionally, the step of applying an improved DPFL algorithm to perform distributed data analysis based on a privacy-preserving dataset to generate a global model specifically includes: An improved DPFL algorithm is constructed, which includes a data segmentation module, a local training module, a privacy-preserving local computation module, a global model aggregation module, and a model optimization module. The privacy-preserving dataset is input into the data segmentation module, which divides the dataset using an adaptive clustering segmentation algorithm. The adaptive clustering segmentation algorithm extracts key features through principal component analysis, performs preliminary clustering of the key features using the K-means clustering algorithm, calculates the similarity between data based on Euclidean distance, and divides the data into multiple clusters. Through an adaptive clustering adjustment mechanism, the size and structure of each cluster are dynamically adjusted according to the privacy sensitivity and data quality of the data. Each subset of the dataset is then encrypted using homomorphic encryption. Each subset of the dataset is distributed to different computing nodes. The local training module receives the subset of the dataset from each computing node and performs local training using a support vector machine. An adaptive noise mechanism is used to dynamically adjust the noise level of the training data. The adaptive noise mechanism is adaptively adjusted according to the data sensitivity and privacy requirements of each node. The training results of all computing nodes are aggregated through a global model aggregation module. The global model aggregation module uses a gradient fusion algorithm to dynamically adjust the weights of each node's model by combining the data quality, training effect, and privacy protection strength of each computing node, thereby generating a global model. The global model is input into the model optimization module, which uses an adaptive learning rate adjustment algorithm and a maximum entropy strategy to optimize the global model. The generated global model is evaluated, including privacy protection effectiveness analysis and data analysis capability evaluation, using precision, recall and F1 score indicators, and privacy leakage analysis to ensure that privacy protection measures are implemented during data processing and that no information is leaked. Based on the evaluation results, if the global model performance does not meet expectations, the process returns to the local training module for adjustment, retrains the support vector machine, and aggregates it until the global model's privacy protection and data analysis capabilities meet expectations.
[0011] Optionally, the step of using the improved DeepES model to identify potential security threats or anomalous behaviors on the privacy-preserving dataset and generating security analysis results specifically includes: An improved DeepES model is constructed, comprising an input layer, an improved feature extraction layer, an anomaly detection layer, a regression prediction layer, and an output layer; The privacy-preserving dataset is input into the input layer, which preprocesses the data from different sources using a multidimensional data fusion algorithm, which includes standardization and normalization processes, to obtain the input data. The input data is transmitted to an improved feature extraction layer, which uses a convolutional neural network to extract features from the input data. The convolutional neural network uses dilated convolution and residual network structures, and the extracted data generates a feature representation vector. The feature representation vector is fed into the anomaly detection layer, which identifies potential security threats and abnormal behaviors through an anomaly detection algorithm based on self-supervised learning, and obtains anomaly detection results. The anomaly detection algorithm is implemented through an improved deep clustering network. Through an adaptive clustering algorithm, the number of clusters and the density of clusters are automatically selected according to changes in data density, and the threshold is dynamically adjusted. The anomaly detection results are input into the regression prediction layer, which uses an improved XGBoost regression model to analyze the anomaly detection results and predicts possible future security events based on historical data to obtain security threat prediction results. The security threat prediction results are output to the output layer, which classifies the results according to the severity of the security threats and generates security analysis results, including potential security threat identification, abnormal behavior trend prediction, and risk assessment.
[0012] Optionally, the improved XGBoost regression model specifically includes: The improved XGBoost regression model is based on the traditional gradient boosting algorithm and introduces local weighted regression and feature selection mechanisms. Local weighted regression is used to weight the data points, and the weight of each data point relative to the current sample is calculated. The weight is calculated based on the cosine similarity between the data point and the sample. The weighted data is then input into the improved XGBoost regression model for training. Feature selection mechanisms calculate the correlation between each feature and the target variable, and select the feature most relevant to the target variable for training. Methods used include mutual information, Pearson correlation coefficient, and tree-based feature selection.
[0013] Optionally, the multi-dimensional security risk report generated based on the global model and security analysis results includes privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions, specifically including: By combining the global model with security analysis results, the effectiveness of privacy protection implementation can be evaluated by comparing the data differences before and after privacy protection, the privacy leakage rate, and the effectiveness of protection technologies. Based on the abnormal behaviors and potential security threats identified in the security analysis results, the risk of the data is assessed, and a data risk assessment score is generated. By combining the security threat prediction results output by the global model and regression prediction layer with historical data, future security events are predicted, generating future risk prediction results. Based on the effectiveness of privacy protection implementation, data risk assessment, and future risk prediction, dynamic optimization suggestions are generated, and optimization strategies for privacy protection technologies and security measures are proposed. The report summarizes the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions to generate a security risk report.
[0014] Optionally, the step of adjusting the privacy protection strategy in real time based on multi-dimensional security risk reports and automatically optimizing privacy and security protection measures through an intelligent response mechanism specifically includes: The intelligent response mechanism adjusts privacy protection strategies and security measures in real time based on the privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions in the dimensional security risk report. Based on the effectiveness of privacy protection implementation, the intelligent response mechanism evaluates the actual effectiveness of privacy protection technology implementation and determines whether the privacy protection strategy needs to be enhanced or adjusted. If the implementation effect does not meet expectations, the intelligent response mechanism will automatically increase the strength of privacy protection. Based on the results of the data risk assessment, the intelligent response mechanism analyzes the risk level faced by the data and automatically adjusts the protection measures according to the risk level. If the data risk is high, it will automatically increase the data protection strength, increase the encryption level, restrict data access permissions, or enhance data access control. Based on future risk predictions, the intelligent response mechanism identifies potential security threats in advance and adjusts protection strategies. By analyzing future security risk predictions, it automatically adjusts protection measures and enhances security protection methods. Based on dynamic optimization suggestions, the intelligent response mechanism optimizes privacy protection strategies and security measures, automatically adjusting privacy protection technologies and security protection strategies.
[0015] The beneficial effects of this invention are: This invention proposes a method based on multi-source data analysis and privacy protection by introducing artificial intelligence technology, effectively addressing the shortcomings of existing technologies in privacy and security protection. Compared to traditional encryption techniques and static security measures, this invention provides a more flexible and intelligent privacy protection strategy through real-time analysis, dynamic optimization, and multi-dimensional fusion of privacy-protected datasets. Particularly in areas such as privacy sensitivity assessment, distributed data analysis, abnormal behavior identification, and security threat prediction, improved algorithms and adaptive mechanisms are employed, resulting in high accuracy and strong adaptability to multi-source data processing and complex environments. By introducing an intelligent response mechanism, the system can dynamically adjust privacy protection measures based on security risk reports, ensuring that privacy and security protection are always maintained at their optimal state. This method significantly improves the efficiency and security of data privacy protection, offering higher real-time performance, automation, and scalability, and is suitable for various complex privacy protection and data security needs. Attached Figure Description
[0016] The accompanying drawings are provided to further illustrate the invention and form part of the specification. They are used in conjunction with embodiments of the invention to explain the invention and do not constitute a limitation thereof. In the drawings: Figure 1 This is a flowchart of a secure data analysis and privacy protection method based on artificial intelligence proposed in this invention; Figure 2 This is a framework diagram of the improved DPFL algorithm in the artificial intelligence-based secure data analysis and privacy protection method proposed in this invention; Figure 3 This is a framework diagram of the DeepES model in the AI-based secure data analysis and privacy protection method proposed in this invention. Detailed Implementation
[0017] The present invention will now be described in further detail with reference to the accompanying drawings. These drawings are simplified schematic diagrams, illustrating only the basic structure of the invention, and therefore only show the components relevant to the invention.
[0018] refer to Figure 1-3 A secure data analysis and privacy protection method based on artificial intelligence includes the following steps: Collect data from multiple sources and preprocess it to generate a preprocessed dataset; Privacy sensitivity assessment of the preprocessed dataset is performed using a decision tree. Based on the assessment results, the dataset is divided into highly sensitive data and low-sensitivity data. A differential privacy mechanism is applied to protect the highly sensitive data and then merged with the low-sensitivity data to obtain a privacy-protected dataset. Based on a privacy-preserving dataset, an improved DPFL algorithm is applied for distributed data analysis to generate a global model; The improved DeepES model is used to identify potential security threats or anomalous behaviors on privacy-preserving datasets and generate security analysis results. A multi-dimensional security risk report is generated based on the global model and security analysis results, including the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions. Based on multi-dimensional security risk reports, privacy protection strategies are adjusted in real time, and privacy protection and security measures are automatically optimized through intelligent response mechanisms.
[0019] In this embodiment, the step of collecting multi-source data and preprocessing it to generate a preprocessed dataset specifically includes: Collect multi-source data from multiple data sources, including sensor data, user behavior data, device data, and transaction data; Unified preprocessing of collected multi-source data includes: Data cleaning algorithms were used to remove duplicate, missing, and outlier values. Missing values were imputed using the mean imputation method, and outliers were detected using a standard deviation-based method. Kalman filtering or mean filtering algorithms are used to remove irrelevant or interfering data from multi-source data. For numerical data, Z-score standardization or min-max standardization methods are used to convert values with different units and dimensions into a uniform scale. The preprocessed multi-source data are merged to generate a preprocessed dataset.
[0020] In this embodiment, the privacy sensitivity assessment of the preprocessed dataset using a decision tree, the data divided into highly sensitive and low-sensitive data based on the assessment results, the application of a differential privacy mechanism to protect the highly sensitive data, and the merging of the highly sensitive data with the low-sensitive data to obtain a privacy-protected dataset, specifically includes: The training dataset is trained using a decision tree model, which contains samples labeled as high-sensitivity data and low-sensitivity data. Decision tree models are based on data features. They select the best splitting features by calculating information gain or Gini index and recursively construct decision trees. The preprocessed dataset is classified using a trained decision tree model, and divided into high-sensitivity data and low-sensitivity data based on data characteristics. Differential privacy mechanism is applied to protect the portion of data classified as highly sensitive data to ensure the privacy of highly sensitive data, while low-sensitivity data does not require protection and is merged with low-sensitivity data to obtain a privacy-protected dataset. The classification accuracy of the decision tree model is evaluated. Cross-validation is used to verify the stability of the decision tree model on different data partitions. The performance of the decision tree model is evaluated by precision, recall and F1 score. If the decision tree model fails to meet the predetermined standards based on the performance evaluation results, the decision tree model will be optimized and adjusted to improve classification accuracy and ensure that highly sensitive data can be accurately identified and differential privacy protection can be applied.
[0021] In this embodiment, the step of applying the improved DPFL algorithm to perform distributed data analysis based on a privacy-preserving dataset to generate a global model specifically includes: An improved DPFL algorithm is constructed, which includes a data segmentation module, a local training module, a privacy-preserving local computation module, a global model aggregation module, and a model optimization module. The privacy-preserving dataset is input into the data segmentation module, which divides the dataset using an adaptive clustering segmentation algorithm. This algorithm extracts key features through principal component analysis, reduces data dimensionality, and retains the most important features. It then uses K-means clustering to perform preliminary clustering of the key features and calculates the similarity between data points based on Euclidean distance, dividing the data into multiple clusters. Through an adaptive clustering adjustment mechanism, the size and structure of each cluster are dynamically adjusted according to the privacy sensitivity and data quality of the data, ensuring that privacy-sensitive data is strictly protected. Furthermore, each subset of the dataset is encrypted using homomorphic encryption to ensure that the data remains encrypted after being distributed to the computing nodes. Each subset of the dataset is distributed to different computing nodes. The local training module receives the subset of the dataset from each computing node and performs local training using a support vector machine. An adaptive noise mechanism is used to dynamically adjust the noise level of the training data. The adaptive noise mechanism is adjusted according to the data sensitivity and privacy requirements of each node to ensure a balance between privacy protection and training efficiency. The training results of all computing nodes are aggregated through a global model aggregation module. The global model aggregation module adopts a gradient fusion algorithm, which dynamically adjusts the weights of each node's model based on the data quality, training effect, and privacy protection strength of each computing node to generate a global model. Under the premise of privacy protection, the aggregation process uses a gradient fusion algorithm to weight the local models, ensuring that the contribution of each node can be effectively merged into the global model. The global model is input into the model optimization module, which uses an adaptive learning rate adjustment algorithm and a maximum entropy strategy to optimize the global model, ensuring that the classification accuracy and generalization ability of the model are improved while protecting privacy. The generated global model is evaluated, including privacy protection effectiveness analysis and data analysis capability evaluation. The evaluation is conducted through precision, recall and F1 score indicators, and privacy leakage analysis is used to ensure that privacy protection measures are implemented during data processing without information leakage. During the evaluation process, privacy utility analysis is used to test the utility of the global model under privacy protection to ensure that privacy protection does not significantly reduce the performance of the model. Based on the evaluation results, if the global model performance does not meet expectations, the process returns to the local training module for adjustment, retrains the support vector machine, and aggregates it until the global model's privacy protection and data analysis capabilities meet expectations.
[0022] In this embodiment, the step of using the improved DeepES model to identify potential security threats or abnormal behaviors on a privacy-preserving dataset and generating security analysis results specifically includes: An improved DeepES model is constructed, comprising an input layer, an improved feature extraction layer, an anomaly detection layer, a regression prediction layer, and an output layer; The privacy-preserving dataset is input into the input layer, which preprocesses the data from different sources using a multidimensional data fusion algorithm, including standardization and normalization, to obtain the input data, ensuring that different types of data from multiple data sources are compatible and unified to the same scale. The input data is transmitted to an improved feature extraction layer, which uses a convolutional neural network to extract features from the input data. The convolutional neural network uses dilated convolution and residual network structures, which can effectively handle the extraction of long-term dependencies and deep features. Dilated convolution can expand the receptive field of the convolutional kernel, enabling the network to capture dependencies over a longer time range. The residual network solves the gradient vanishing problem in deep networks through skip connections, optimizing the training process. The extracted data generates feature representation vectors. The feature representation vector is fed into the anomaly detection layer, which uses a self-supervised learning-based anomaly detection algorithm to identify potential security threats and abnormal behaviors, and obtain anomaly detection results. The anomaly detection algorithm is implemented through an improved deep clustering network. The deep clustering network can learn normal behavior patterns from unlabeled data through self-supervised learning, and identify abnormal points that deviate from the normal pattern based on these patterns. Through an adaptive clustering algorithm, the number of clusters and the density of clusters are automatically selected according to changes in data density, and the threshold is dynamically adjusted, thereby effectively identifying abnormal behaviors and potential security threats in the data. The anomaly detection results are input into the regression prediction layer, which uses an improved XGBoost regression model to analyze the anomaly detection results and predicts possible future security events based on historical data to obtain security threat prediction results. The security threat prediction results are output to the output layer, which classifies the results according to the severity of the security threats and generates security analysis results, including potential security threat identification, abnormal behavior trend prediction, and risk assessment.
[0023] In this embodiment, the improved XGBoost regression model specifically includes: The improved XGBoost regression model is based on the traditional gradient boosting algorithm and introduces local weighted regression and feature selection mechanisms. Local weighted regression is used to weight the data points, and the weight of each data point relative to the current sample is calculated. The weight is calculated based on the cosine similarity between the data point and the sample. The weighted data is then input into the improved XGBoost regression model for training. This method assigns higher weights to anomalous data points during training, thereby improving the sensitivity to predicting anomalous behavior and enhancing the ability to identify potential security threats. The feature selection mechanism calculates the correlation between each feature and the target variable, and selects the feature most relevant to the target variable for training. The methods used include mutual information, Pearson correlation coefficient, and tree-based feature selection. This mechanism can reduce the impact of redundant features on the training of the improved XGBoost regression model, reduce the risk of overfitting, and improve the computational efficiency of the model.
[0024] In this embodiment, the generation of a multi-dimensional security risk report based on the global model and security analysis results, which includes privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions, specifically includes: By combining the global model with security analysis results, the effectiveness of privacy protection implementation can be evaluated by comparing the data differences before and after privacy protection, the privacy leakage rate, and the effectiveness of protection technologies. Based on the abnormal behaviors and potential security threats identified in the security analysis results, the risk of the data is assessed, and a data risk assessment score is generated. By combining the security threat prediction results output by the global model and regression prediction layer with historical data, future security events are predicted, generating future risk prediction results. Based on the effectiveness of privacy protection implementation, data risk assessment, and future risk prediction, dynamic optimization suggestions are generated, and optimization strategies for privacy protection technologies and security measures are proposed. The report summarizes the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions to generate a security risk report.
[0025] In this embodiment, the step of adjusting the privacy protection strategy in real time based on multi-dimensional security risk reports and automatically optimizing privacy and security protection measures through an intelligent response mechanism specifically includes: The intelligent response mechanism adjusts privacy protection strategies and security measures in real time based on the privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions in the dimensional security risk report. Based on the effectiveness of privacy protection implementation, the intelligent response mechanism evaluates the actual effectiveness of privacy protection technology implementation and determines whether the privacy protection strategy needs to be enhanced or adjusted. If the implementation effect does not meet expectations, the intelligent response mechanism will automatically increase the strength of privacy protection. Based on the results of the data risk assessment, the intelligent response mechanism analyzes the risk level faced by the data and automatically adjusts the protection measures according to the risk level. If the data risk is high, it will automatically increase the data protection strength, increase the encryption level, restrict data access permissions, or enhance data access control. Based on future risk predictions, the intelligent response mechanism identifies potential security threats in advance and adjusts protection strategies. By analyzing future security risk predictions, it automatically adjusts protection measures and enhances security protection methods. Based on dynamic optimization suggestions, the intelligent response mechanism optimizes privacy protection strategies and security measures, automatically adjusting privacy protection technologies and security protection strategies.
[0026] Example 1: To verify the feasibility of this invention in practice, it was applied to an integrated public transportation and payment platform in a city. This platform consists of a mobile application, gate edge devices, clearing and settlement services, and risk control and auditing services. Its long-term operation generates multi-source data, including QR code entry / exit logs, edge device telemetry, payment transaction records, and customer service interaction records. To meet the dual goals of privacy compliance and risk governance, the process follows the claims of this invention to complete data collection and preprocessing, privacy sensitivity assessment and differential privacy protection, global model training based on improved distributed federated learning, security analysis based on improved deep anomaly analysis, generation of multi-dimensional security risk reports, and policy closed-loop optimization based on these reports through an intelligent response mechanism.
[0027] First, in the data collection and preprocessing stage, nearly three months of operational data were aggregated into a preprocessed dataset. After timestamp alignment, duplicates, null values, and out-of-bounds records were eliminated. Kalman filtering was used to correct pulse jitter in some edge devices. The numerical domain was Z-score standardized, and the categorical domain was uniformly encoded. Subsequently, a privacy sensitivity assessment was performed based on a decision tree: samples containing features such as identity identifiers, bank card number suffixes, and permanent location were classified as high-sensitivity data, while data related to device health, entry time, and passenger flow intensity were classified as low-sensitivity data. Differential privacy perturbations were applied to the high-sensitivity data, with ε and δ set according to the data domain, and the dataset was merged with the low-sensitivity data to obtain a privacy-protected dataset. Table 1 shows the key statistics and privacy parameters. Table 1 Data Partitioning and Differential Privacy Parameters
[0028] In the distributed data analysis phase, local models are trained locally on edge nodes of twenty geographical and business partitions based on a privacy-preserving dataset, and an improved DPFL algorithm is used for cross-node collaboration. After data partitioning via adaptive clustering, the subsets participate in weighted gradient aggregation using homomorphic encryption. Support vector machines are used as the local learner, combined with an adaptive noise mechanism that reduces node sensitivity to minimize leakage risk. At the aggregation end, gradient fusion and maximum entropy strategies are used to optimize the learning rate to obtain the global model. Parallel training is performed on a rolling basis during off-peak hours at night, with each round of communication controlled to be completed within a few minutes. To measure effectiveness, the performance and security metrics of the single-center training baseline and the proposed solution are compared within the same time window.
[0029] Table 2 Comparison of Training and Safety Analysis Performance
[0030] In the security analysis phase, an improved DeepES model is used to process the privacy-preserving dataset: an improved convolutional network extracts multi-scale features of gate sequences and transaction sequences using dilated convolutions and residual structures; the anomaly detection layer forms normal trajectory clusters based on a self-supervised deep clustering network and identifies deviation points using adaptive density thresholds; for risks requiring advance planning in handling and resource orchestration, an improved XGBoost is used for trend extrapolation in the regression prediction layer, local weighted regression highlights recent real fluctuations, and feature selection reduces redundancy. The corresponding output is used as part of the security analysis results. This data, along with the global model, is input into the report generation process to automatically generate privacy-preserving performance assessments, data risk evaluations, future risk predictions, and dynamic optimization suggestions.
[0031] Core metrics were selected for seven consecutive days to compare changes in false alarm rate, average repair time, and next-day alarm status before and after intelligent response. Table 3 lists the daily abnormal alarms, false alarm rate, risk index, predicted risk, and a summary of the strategy adjustments taken that day, as well as the changes in alarms the following day, to reflect the time lag and magnitude of the strategy's effectiveness.
[0032] Table 3. Operational data for the seven days before and after intelligent response.
[0033] As shown in Table 1, the overall high-sensitivity percentage after privacy sensitivity classification is 0.28. Differential privacy parameters are set for different data domains. A smaller ε is set for transaction and clearing logs to balance availability and protection strength, while a stricter ε and δ combination is set for identity and account association domains, significantly reducing the readability score of the model inversion. Table 2 shows that under the same number of communication rounds, the classification accuracy, F1, and AUC of this invention are all superior to the single-center baseline. The precision and recall of anomaly detection are simultaneously improved, indicating that the improved DeepES can still extract an effective structure under privacy perturbation. The predicted MAPE decreases to 7.8%, meeting the resource pre-configuration requirements of the scheduling side. In the security attack simulation, the success rate of member inference attacks decreased from 14.2% to 5.1%, and the model inversion readability score decreased to 0.18, confirming the effectiveness of privacy protection. Table 3 reveals the effectiveness of the strategy closed loop: the false alarm rate steadily decreased from 18.6% to 9.1% within seven days, the average repair time decreased from 46 minutes to 26 minutes, the risk index declined day by day, and the number of "abnormal alarms the next day" was basically lower than the "predicted risk", indicating that an effective negative feedback was formed between regression prediction and strategy execution.
[0034] In terms of operational processing, after the implementation of this invention, the number of stations with concentrated abnormal sequences for fare evasion during peak periods decreased from nine to five per day, saving approximately 23% in manpower allocation for the handling team; the reduction in false alarms caused by equipment degradation at night reduced the maintenance work order cancellation rate by nearly half; and the number of customer complaints about "false alarms blocked by risk control" decreased by approximately 36% compared to before the pilot program. Regarding data availability, the domain-based allocation of differential privacy parameters ensures that risk control features such as consecutive multi-station abnormal trips and frequent micro-amount transactions are still distinguishable, and the improved F1 score reflects the balance between feature effectiveness and privacy perturbation. In terms of computing power and latency, the single-round aggregation latency only increased by 0.7 seconds compared to the baseline, and the total training time increased by 0.5 hours, but this resulted in comprehensive privacy benefits and higher recognition accuracy, making the overall cost-effectiveness acceptable.
[0035] The generated multi-dimensional security risk report is produced synchronously after the nightly routine tasks. The privacy protection execution effect section provides the alignment of ε, δ, and error boundaries. The data risk assessment section quantifies the risk heatmap of sites and time windows. The future risk prediction section provides the risk ranking for resource scheduling the following day. The dynamic optimization suggestion section provides a combination recommendation of "raising the differential privacy lower limit," "refining the threshold," and "access control policies." The intelligent response mechanism maps the suggestions given in the report to the parameter and switch levels, forming an automated adjustment closed loop without changing the business process.
[0036] Based on the above embodiments, the following beneficial effects can be observed: Under strict differential privacy and distributed constraints, the recognition capability of the global model is enhanced rather than diminished; key indicators for anomaly detection and risk prediction are significantly improved; the risk of privacy leakage in attack simulations is greatly reduced; false alarms and response latency on the operational side continue to decrease; and privacy protection and security analysis no longer hinder each other but rather form a synergy. This embodiment demonstrates that the present invention can be implemented in real-world large-scale multi-source data scenarios, balancing privacy compliance, recognition accuracy, and operational efficiency, and possesses replicable and scalable engineering value.
[0037] The above description is only a preferred embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Any equivalent substitutions or modifications made by those skilled in the art within the scope of the technology disclosed in the present invention, based on the technical solution and inventive concept of the present invention, should be covered within the scope of protection of the present invention.
Claims
1. A method for secure data analysis and privacy protection based on artificial intelligence, characterized in that, Includes the following steps: Collect data from multiple sources and preprocess it to generate a preprocessed dataset; Privacy sensitivity assessment of the preprocessed dataset is performed using a decision tree. Based on the assessment results, the dataset is divided into highly sensitive data and low-sensitivity data. A differential privacy mechanism is applied to protect the highly sensitive data and then merged with the low-sensitivity data to obtain a privacy-protected dataset. Based on a privacy-preserving dataset, an improved DPFL algorithm is applied for distributed data analysis to generate a global model; The improved DeepES model is used to identify potential security threats or anomalous behaviors on privacy-preserving datasets and generate security analysis results. A multi-dimensional security risk report is generated based on the global model and security analysis results, including the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions. Based on multi-dimensional security risk reports, privacy protection strategies are adjusted in real time, and privacy protection and security measures are automatically optimized through intelligent response mechanisms.
2. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The process of collecting and preprocessing multi-source data to generate a preprocessed dataset specifically includes: Collect multi-source data from multiple data sources, including sensor data, user behavior data, device data, and transaction data; Unified preprocessing of collected multi-source data includes: Data cleaning algorithms were used to remove duplicate, missing, and outlier values. Missing values were imputed using the mean imputation method, and outliers were detected using a standard deviation-based method. Kalman filtering or mean filtering algorithms are used to remove irrelevant or interfering data from multi-source data. For numerical data, Z-score standardization or min-max standardization methods are used to convert values with different units and dimensions into a uniform scale. The preprocessed multi-source data are merged to generate a preprocessed dataset.
3. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The preprocessed dataset is evaluated for privacy sensitivity using a decision tree. Based on the evaluation results, it is divided into highly sensitive data and low-sensitivity data. A differential privacy mechanism is applied to protect the highly sensitive data, which is then merged with the low-sensitivity data to obtain a privacy-protected dataset. Specifically, this includes: The training dataset is trained using a decision tree model, which contains samples labeled as high-sensitivity data and low-sensitivity data. Decision tree models are based on data features. They select the best splitting features by calculating information gain or Gini index and recursively construct decision trees. The preprocessed dataset is classified using a trained decision tree model, and divided into high-sensitivity data and low-sensitivity data based on data characteristics. Differential privacy mechanism is applied to protect the portion of data classified as highly sensitive, and then merged with the low-sensitivity data to obtain a privacy-protected dataset. The classification accuracy of the decision tree model is evaluated. Cross-validation is used to verify the stability of the decision tree model on different data partitions. The performance of the decision tree model is evaluated by precision, recall and F1 score. If the decision tree model fails to meet the predetermined standards based on the performance evaluation results, the decision tree model will be optimized and adjusted.
4. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The process of using a privacy-preserving dataset and applying an improved DPFL algorithm for distributed data analysis to generate a global model specifically includes: An improved DPFL algorithm is constructed, which includes a data segmentation module, a local training module, a privacy-preserving local computation module, a global model aggregation module, and a model optimization module. The privacy-preserving dataset is input into the data segmentation module, which divides the dataset using an adaptive clustering segmentation algorithm. The adaptive clustering segmentation algorithm extracts key features through principal component analysis, performs preliminary clustering of the key features using the K-means clustering algorithm, calculates the similarity between data based on Euclidean distance, and divides the data into multiple clusters. Through an adaptive clustering adjustment mechanism, the size and structure of each cluster are dynamically adjusted according to the privacy sensitivity and data quality of the data. Each subset of the dataset is then encrypted using homomorphic encryption. Each subset of the dataset is distributed to different computing nodes. The local training module receives the subset of the dataset from each computing node and performs local training using a support vector machine. An adaptive noise mechanism is used to dynamically adjust the noise level of the training data. The adaptive noise mechanism is adaptively adjusted according to the data sensitivity and privacy requirements of each node. The training results of all computing nodes are aggregated through a global model aggregation module. The global model aggregation module uses a gradient fusion algorithm to dynamically adjust the weights of each node's model by combining the data quality, training effect, and privacy protection strength of each computing node, thereby generating a global model. The global model is input into the model optimization module, which uses an adaptive learning rate adjustment algorithm and a maximum entropy strategy to optimize the global model. The generated global model is evaluated, including privacy protection effectiveness analysis and data analysis capability evaluation, using precision, recall and F1 score indicators, and privacy leakage analysis to ensure that privacy protection measures are implemented during data processing and that no information is leaked. Based on the evaluation results, if the global model performance does not meet expectations, the process returns to the local training module for adjustment, retrains the support vector machine, and aggregates it until the global model's privacy protection and data analysis capabilities meet expectations.
5. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The process of using the improved DeepES model to identify potential security threats or anomalous behaviors on a privacy-preserving dataset and generating security analysis results specifically includes: An improved DeepES model is constructed, comprising an input layer, an improved feature extraction layer, an anomaly detection layer, a regression prediction layer, and an output layer; The privacy-preserving dataset is input into the input layer, which preprocesses the data from different sources using a multidimensional data fusion algorithm, which includes standardization and normalization processes, to obtain the input data. The input data is transmitted to an improved feature extraction layer, which uses a convolutional neural network to extract features from the input data. The convolutional neural network uses dilated convolution and residual network structures, and the extracted data generates a feature representation vector. The feature representation vector is fed into the anomaly detection layer, which identifies potential security threats and abnormal behaviors through an anomaly detection algorithm based on self-supervised learning, and obtains anomaly detection results. The anomaly detection algorithm is implemented through an improved deep clustering network. Through an adaptive clustering algorithm, the number of clusters and the density of clusters are automatically selected according to changes in data density, and the threshold is dynamically adjusted. The anomaly detection results are input into the regression prediction layer, which uses an improved XGBoost regression model to analyze the anomaly detection results and predicts possible future security events based on historical data to obtain security threat prediction results. The security threat prediction results are output to the output layer, which classifies the results according to the severity of the security threats and generates security analysis results, including potential security threat identification, abnormal behavior trend prediction, and risk assessment.
6. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The improved XGBoost regression model specifically includes: The improved XGBoost regression model is based on the traditional gradient boosting algorithm and introduces local weighted regression and feature selection mechanisms. Local weighted regression is used to weight the data points, and the weight of each data point relative to the current sample is calculated. The weight is calculated based on the cosine similarity between the data point and the sample. The weighted data is then input into the improved XGBoost regression model for training. Feature selection mechanisms calculate the correlation between each feature and the target variable, and select the feature most relevant to the target variable for training. Methods used include mutual information, Pearson correlation coefficient, and tree-based feature selection.
7. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The multi-dimensional security risk report, generated based on the global model and security analysis results, includes information on privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions. Specifically, it includes: By combining the global model with security analysis results, the effectiveness of privacy protection implementation can be evaluated by comparing the data differences before and after privacy protection, the privacy leakage rate, and the effectiveness of protection technologies. Based on the abnormal behaviors and potential security threats identified in the security analysis results, the risk of the data is assessed, and a data risk assessment score is generated. By combining the security threat prediction results output by the global model and regression prediction layer with historical data, future security events are predicted, generating future risk prediction results. Based on the effectiveness of privacy protection implementation, data risk assessment, and future risk prediction, dynamic optimization suggestions are generated, and optimization strategies for privacy protection technologies and security measures are proposed. The report summarizes the effectiveness of privacy protection implementation, data risk assessment, future risk prediction, and dynamic optimization suggestions to generate a security risk report.
8. The method for secure data analysis and privacy protection based on artificial intelligence according to claim 1, characterized in that, The aforementioned method adjusts privacy protection strategies in real time based on multi-dimensional security risk reports and automatically optimizes privacy and security protection measures through an intelligent response mechanism, specifically including: The intelligent response mechanism adjusts privacy protection strategies and security measures in real time based on the privacy protection implementation effectiveness, data risk assessment, future risk prediction, and dynamic optimization suggestions in the dimensional security risk report. Based on the effectiveness of privacy protection implementation, the intelligent response mechanism evaluates the actual effectiveness of privacy protection technology implementation and determines whether the privacy protection strategy needs to be enhanced or adjusted. If the implementation effect does not meet expectations, the intelligent response mechanism will automatically increase the strength of privacy protection. Based on the results of the data risk assessment, the intelligent response mechanism analyzes the risk level faced by the data and automatically adjusts the protection measures according to the risk level. If the data risk is high, it will automatically increase the data protection strength, increase the encryption level, restrict data access permissions, or enhance data access control. Based on future risk predictions, the intelligent response mechanism identifies potential security threats in advance and adjusts protection strategies. By analyzing future security risk predictions, it automatically adjusts protection measures and enhances security protection methods. Based on dynamic optimization suggestions, the intelligent response mechanism optimizes privacy protection strategies and security measures, automatically adjusting privacy protection technologies and security protection strategies.