A personalized privacy communication protection method

By constructing personalized privacy profiles for users and analyzing real-time communication contexts, differentiated privacy protection strategies are dynamically generated. This addresses the shortcomings of existing privacy protection schemes in terms of intelligence and personalization, achieving multiple protections for highly sensitive communications and convenience in low-risk scenarios, while optimizing communication process efficiency and user experience.

CN122160098APending Publication Date: 2026-06-05CHINA INFOMRAITON CONSULTING & DESIGNING INST CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CHINA INFOMRAITON CONSULTING & DESIGNING INST CO LTD
Filing Date
2026-01-29
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

Existing communication privacy protection schemes lack real-time perception and comprehensive analysis of individual user preferences and dynamically changing communication contexts, resulting in the inability to achieve intelligent and personalized privacy protection. This poses a risk of communication with low privacy sensitivity damaging user experience or insufficient protection of highly sensitive information.

Method used

We construct personalized privacy profiles for users, combine real-time communication context information, and dynamically generate differentiated privacy protection policies through a policy decision engine. We adopt pluggable, modular privacy protection technology modules, including encryption/decryption, anonymization, and access control, and perform real-time analysis and optimization based on BERT and LightGBM models.

Benefits of technology

It achieves multiple layers of protection in highly sensitive communication scenarios while avoiding over-protection in low-risk scenarios, optimizes communication process efficiency and user experience, dynamically adapts to changes in user behavior and scenarios, and achieves a balance between privacy protection and convenience.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122160098A_ABST
    Figure CN122160098A_ABST
Patent Text Reader

Abstract

The application relates to the technical field of communication security, in particular to a personalized privacy communication protection method.The method comprises the following steps: constructing and maintaining a personalized privacy portrait of a user; monitoring and analyzing context information of a current communication session in real time; based on the privacy portrait and the real-time communication context information, a differentiated privacy protection strategy suitable for the current communication session is dynamically generated through a strategy decision engine, the differentiated privacy protection strategy defines specific data protection actions for the current session and trigger conditions thereof; in the current communication session, a corresponding privacy protection technology module is called to implement the dynamically generated differentiated privacy protection strategy.The application provides a personalized privacy communication protection method, which dynamically generates and implements differentiated privacy protection strategies by constructing a user privacy portrait and analyzing real-time communication context, so as to solve the conflict between privacy protection and user experience.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of communication security technology, and in particular to a method for personalized privacy communication protection. Background Technology

[0002] In today's digital age, communication applications have become an indispensable part of people's daily lives and work. Consequently, user privacy and data security issues have become increasingly prominent. To protect communication content from unauthorized access and leakage, various encryption and privacy protection technologies (such as end-to-end encryption using the AES-256 algorithm and k-anonymity-based anonymization) are widely adopted. The goal of these technologies is to ensure that only the communicating parties can access the communication content, thereby building a privacy and security barrier at the technical level.

[0003] However, a key challenge lies in how to intelligently deploy these technologies in practical applications to effectively protect privacy without compromising the convenience of communication and user experience. Most existing communication privacy protection solutions adopt a static or uniform strategy, applying the same level of protection to all users and all communication scenarios. For example, an application might default to end-to-end encryption of all chat content using the AES-128 algorithm, without differentiating based on the identity of the chat partner or the importance of the chat content.

[0004] This "one-size-fits-all" approach has significant drawbacks: for everyday communications with low privacy sensitivity requirements, it may introduce unnecessary operational complexity and performance overhead (such as increased encryption and decryption time), harming the user experience; while when handling highly sensitive information or in high-risk network environments, it may pose a risk of leakage due to insufficient protection strength (such as inadequate security level of encryption algorithms) or a single dimension. Furthermore, existing solutions lack the ability to perceive and comprehensively analyze individual user preferences and dynamically changing communication contexts (such as content sensitivity and network environment) in real time—for example, when using CNN models for content classification in existing technologies, the input is not explicitly defined as word vectors after text segmentation, and the output is not defined as sensitive category labels, leading to insufficient implementability—failing to achieve truly intelligent and personalized privacy protection, resulting in an irreconcilable conflict between user privacy protection needs and communication experience. Summary of the Invention

[0005] Purpose of the invention: The technical problem to be solved by the present invention is to provide a personalized privacy communication protection method to address the shortcomings of the existing technology.

[0006] To address the aforementioned technical problems, this invention discloses a personalized privacy communication protection method.

[0007] Step 1: Construct and maintain a personalized privacy profile for each user. The privacy profile includes at least the user's privacy sensitivity preferences, identity attribute information, and a trust relationship graph with other communication parties. Privacy sensitivity preferences are quantified using a score of 0-10 and calibrated through an initial questionnaire and dynamic behavioral feedback. The trust relationship graph is quantified using a score of 0-10. The data sources for constructing the privacy profile include user-filled questionnaire data, historical communication behavior data, and manually set trust levels. The update frequency is triggered after each communication session is completed.

[0008] Step 2: Monitor and parse the context information of the current communication session in real time. The context information includes at least the sensitivity of the communication content, the identity of the communication peer, the current network environment security level, and the type of communication application. The sensitivity of the communication content is classified into three levels: low, medium, and high. Real-time analysis is achieved by integrating a BERT (Bidirectional Encoder Representations from Transformers) pre-trained model and a domain-sensitive keyword library. The BERT pre-trained model is used for semantic understanding, and the domain-sensitive keyword library covers fields such as finance, law, and privacy, and supports regular updates. The current network environment security level is classified into three levels: low, medium, and high.

[0009] Step 3: Based on the privacy profile and real-time communication context information, a differentiated privacy protection strategy suitable for the current communication session is dynamically generated through the policy decision engine. The differentiated privacy protection strategy defines specific data protection actions and their triggering conditions for the current session. The policy decision engine adopts a hybrid model that combines a rule-based engine with the LightGBM (LightGradient Boosting Machine) machine learning model. The input factors are all quantized to 0-10 points. Enhanced protection is triggered when the comprehensive score is ≥7 points, regular protection is triggered when the score is 3-6 points, and basic protection is triggered when the score is ≤2 points.

[0010] Step 4: In the current communication session, invoke the corresponding privacy protection technology module to implement the dynamically generated differentiated privacy protection strategy; the privacy protection technology module is a pluggable component set, including an encryption / decryption module, an anonymization module, a content filtering module, and an access control module. The encryption / decryption module uses the AES-256-GCM algorithm, the anonymization module uses the k-anonymity algorithm with k value ≥ 5, the content filtering module matches sensitive content based on regular expressions, and the access control module is used to control screen capture / screen recording permissions, dynamically invoking one or more of them according to policy instructions;

[0011] Step 5: After the communication session ends, based on the feedback from the effect of this policy execution and the user's manual adjustment instructions, iteratively optimize and update the user's privacy profile and the decision logic of the policy decision engine; the feedback includes encryption success rate, access control effectiveness, and user operation feedback; calibrate the user's privacy profile quantization value using the gradient descent algorithm, and iteratively optimize and update the weight parameters of the LightGBM model.

[0012] As a further improvement of the present invention, the identity attribute information includes, but is not limited to, the user's occupation, social role, organization, and geographical location information. The geographical location information is obtained through device location permissions, and the accuracy is controlled at the city level.

[0013] As a further improvement of the present invention, the trust relationship graph is dynamically constructed using the KNN clustering algorithm based on the user's historical communication records, social network associations, and manually set trust levels. It is used to quantify the degree of trust between the user and different communication counterparts. The historical communication records include communication frequency, interaction duration, and content similarity. The social network associations include friend hierarchy relationships. The clustering distance threshold of the KNN clustering algorithm is set to 0.3.

[0014] As a further improvement of the present invention, the analysis process for the sensitivity of the communication content is as follows: first, the voice communication is converted into text using a speech-to-text tool, which employs the Whisper model; then, the communication text and metadata are combined, and semantic features are extracted using the BERT model, matched with a sensitive keyword database, and the sensitivity level is determined by combining the results of both. The metadata includes message sending time, file type, and attachment size.

[0015] As a further improvement of the present invention, the determination of the current network environment security level is based on factors including but not limited to network type, whether VPN is enabled, and whether there are known network attack risks. Network type includes public Wi-Fi, private Wi-Fi, and cellular network. Known network attack risks are obtained by calling the network security monitoring interface to obtain real-time risk data. The determination adopts a weighted scoring method, with network type weighting 0.4, VPN enabled status weighting 0.3, and attack risk weighting 0.3.

[0016] As a further improvement of the present invention, in the hybrid model of the policy decision engine, the rule-based engine presets three types of core rules, and the training data of the machine learning model includes historical communication scenario data, policy execution effect data, and user feedback data. The number of training iterations is ≥1000 times, and the model accuracy is ≥85%. Its decision logic is to take high privacy sensitivity preference, low trust relationship, high content sensitivity, and insecure network environment as the core input factors to enhance privacy protection measures. High privacy sensitivity preference corresponds to a quantitative score of ≥7 points, low trust relationship corresponds to a quantitative score of ≤3 points, high content sensitivity corresponds to "high" in the three-level classification, and insecure network environment corresponds to "low" in the three-level classification.

[0017] As a further improvement of the present invention, the specific data protection actions defined in the differentiated privacy protection strategy include, but are not limited to, end-to-end encryption of communication content, anonymization of metadata, limiting the readable duration of messages, blocking screen capture and recording functions, and selectively hiding part of the communication content; end-to-end encryption adopts the AES-256-GCM algorithm, and the key is negotiated through asymmetric encryption; metadata anonymization includes hiding the device model and precise geographical location, retaining only city-level information; the readable duration of messages is configurable from 1 to 30 minutes, and the local cache is automatically deleted after the timeout; the screen capture and recording blocking function intercepts screen capture / recording commands through system permissions; selectively hiding part of the communication content is based on regular expression matching of sensitive fields, replacing sensitive fields with "*".

[0018] As a further improvement of the present invention, the componentized interface of the privacy protection technology module adopts the RESTful specification, the module call response time is ≤100ms, it supports hot-swappable updates, and new protection modules can be expanded according to business needs. The new protection modules include a watermark addition module.

[0019] Beneficial effects:

[0020] This invention constructs a dynamically updated user privacy profile, combines it with real-time communication context analysis, and uses an intelligent policy engine to generate adaptive differentiated protection strategies. This achieves precise protection of highly sensitive communication security while avoiding over-protection of low-risk scenarios. As a result, it significantly optimizes the efficiency of communication processes and user experience while improving the targeting and strength of privacy protection, truly resolving the inherent contradiction between privacy protection and convenience. Attached Figure Description

[0021] Figure 1 This is a flowchart of a personalized privacy communication protection method according to the present invention. Detailed Implementation

[0022] This invention provides a personalized privacy communication protection method, comprising the following steps:

[0023] Step 1: Construct and maintain a personalized privacy profile for each user. The privacy profile includes at least the user's privacy sensitivity preferences, identity attribute information, and a trust relationship graph with other communication parties. Privacy sensitivity preferences are quantified using a score of 0-10 and calibrated through an initial questionnaire and dynamic behavioral feedback. The trust relationship graph is quantified using a score of 0-10. The data sources for constructing the privacy profile include user-filled questionnaire data, historical communication behavior data, and manually set trust levels. The update frequency is triggered after each communication session is completed.

[0024] Step 2: Monitor and parse the context information of the current communication session in real time. The context information includes at least the sensitivity of the communication content, the identity of the communication peer, the current network environment security level, and the type of communication application. The sensitivity of the communication content is classified into three levels: low, medium, and high. Real-time analysis is achieved by integrating a BERT pre-trained model and a domain-sensitive keyword library. The BERT pre-trained model is used for semantic understanding, and the domain-sensitive keyword library covers fields such as finance, law, and privacy, and supports regular updates. The current network environment security level is classified into three levels: low, medium, and high.

[0025] Step 3: Based on the privacy profile and real-time communication context information, a differentiated privacy protection strategy suitable for the current communication session is dynamically generated through the policy decision engine. The differentiated privacy protection strategy defines specific data protection actions and their triggering conditions for the current session. The policy decision engine adopts a hybrid model that combines a rule-based engine with the LightGBM machine learning model. The input factors are all quantized into scores of 0-10. Enhanced protection is triggered when the comprehensive score is ≥7, regular protection is triggered when the score is 3-6, and basic protection is triggered when the score is ≤2.

[0026] Step 4: In the current communication session, invoke the corresponding privacy protection technology module to implement the dynamically generated differentiated privacy protection strategy; the privacy protection technology module is a pluggable component set, including an encryption / decryption module, an anonymization module, a content filtering module, and an access control module. The encryption / decryption module uses the AES-256-GCM algorithm, the anonymization module uses the k-anonymity algorithm with k value ≥ 5, the content filtering module matches sensitive content based on regular expressions, and the access control module is used to control screen capture / screen recording permissions, dynamically invoking one or more of them according to policy instructions;

[0027] Step 5: After the communication session ends, based on the feedback from the effect of this policy execution and the user's manual adjustment instructions, iteratively optimize and update the user's privacy profile and the decision logic of the policy decision engine; the feedback includes encryption success rate, access control effectiveness, and user operation feedback; calibrate the user's privacy profile quantization value using the gradient descent algorithm, and iteratively optimize and update the weight parameters of the LightGBM model.

[0028] The identity attribute information mentioned in this invention includes, but is not limited to, the user's occupation, social role, organization, and geographical location information. The geographical location information is obtained through device location permissions, and the accuracy is controlled at the city level.

[0029] The trust relationship graph described in this invention is dynamically constructed using the KNN clustering algorithm based on the user's historical communication records, social network associations, and manually set trust levels. It is used to quantify the degree of trust between the user and different communication counterparts. Historical communication records include communication frequency, interaction duration, and content similarity. Social network associations include friend hierarchy relationships. The clustering distance threshold of the KNN clustering algorithm is set to 0.3.

[0030] The sensitivity analysis process of communication content described in this invention is as follows: First, the voice communication is converted into text using a speech-to-text tool. The speech-to-text tool uses the Whisper model. Then, the semantic features are extracted using the BERT model and combined with the communication text and metadata. These features are matched with a sensitive keyword database, and the sensitivity level is determined by combining the results of both. The metadata includes message sending time, file type, and attachment size.

[0031] The criteria for determining the current network environment security level described in this invention include, but are not limited to, network type, whether VPN (Virtual Private Network) is enabled, and whether there are known network attack risks. Network types include public Wi-Fi, private Wi-Fi, and cellular networks. Known network attack risks are identified by calling the network security monitoring interface to obtain real-time risk data. The determination adopts a weighted scoring method, with network type weighting 0.4, VPN enabling status weighting 0.3, and attack risk weighting 0.3.

[0032] In the hybrid model of the strategy decision engine described in this invention, the rule-based engine presets three types of core rules. The training data of the machine learning model includes historical communication scenario data, strategy execution effect data, and user feedback data. The number of training iterations is ≥1000, and the model accuracy is ≥85%. Its decision logic is to take high privacy sensitivity preference, low trust relationship, high content sensitivity, and insecure network environment as core input factors to enhance privacy protection measures. High privacy sensitivity preference corresponds to a quantitative score of ≥7 points, low trust relationship corresponds to a quantitative score of ≤3 points, high content sensitivity corresponds to "high" in the three-level classification, and insecure network environment corresponds to "low" in the three-level classification.

[0033] The specific data protection actions defined in the differentiated privacy protection strategy described in this invention include, but are not limited to, end-to-end encryption of communication content, anonymization of metadata, limiting message readability, blocking screen capture and recording functions, and selectively hiding parts of communication content. End-to-end encryption uses the AES-256-GCM algorithm, and the key is negotiated through asymmetric encryption. Metadata anonymization includes hiding the device model and precise geographical location, retaining only city-level information. The message readability is configurable from 1 to 30 minutes, and the local cache is automatically deleted after the timeout. Blocking screen capture and recording functions intercepts screen capture / recording commands through system permissions. Selectively hiding parts of communication content is based on regular expression matching of sensitive fields, replacing sensitive fields with "*".

[0034] The componentized interface of the privacy protection technology module described in this invention adopts the RESTful specification, the module call response time is ≤100ms, it supports hot-swappable updates, and new protection modules can be expanded according to business needs. The new protection modules include a watermark addition module.

[0035] Example:

[0036] The personalized privacy communication protection method provided by this invention can be widely applied to various communication scenarios such as instant messaging, office collaboration, and social interaction. The following uses a cross-platform instant messaging application as an example to elaborate on the complete implementation process of this method, with all technical parameters and execution logic clearly defined to the point of direct reproducibility.

[0037] (a) Implementation prerequisites and environmental configuration

[0038] Hardware environment: The server side uses an 8-core cloud server with 16GB of memory to support parallel data processing; the client supports Android 10.0 and above, iOS 14.0 and above, and the terminal device must have basic location permission (optional), network access permission and storage permission.

[0039] Software environment: The server-side deployment includes a Python 3.9 runtime environment, integrating the TensorFlow 2.8 deep learning framework (for model training and inference) and a Redis cache database (for storing real-time user privacy profile data); the client-side integration includes the Whisper speech-to-text tool, the AES-256-GCM encryption algorithm library, and a RESTful API call component.

[0040] Pre-built resources: A sensitive keyword library covering 6 major fields including finance, law, privacy, and medical care has been built, containing 5,000+ core sensitive words, and supporting automatic monthly synchronization of new industry words; a trained LightGBM machine learning model (trained for 1,200 iterations, with a test set accuracy of 88%), and 3 types of core decision rules are stored in the rule engine.

[0041] (II) Detailed Implementation Steps

[0042] Step 1: Building a User Privacy Profile

[0043] (1) Initial data collection: When user A registers and logs into the application for the first time, the system pops up a guided questionnaire containing 6 scenario-based questions (such as "whether you are willing to disclose your workplace to strangers" and "whether you need additional encryption when transmitting financial information"). The user selects the corresponding option according to their own needs, and the system generates an initial privacy sensitivity preference quantification value of 8 points (out of 10) based on the preset scoring rules. At the same time, the user actively fills in identity attribute information, including occupation as corporate finance, organization as a manufacturing company, and geographical location authorization as Guangzhou (city-level precision).

[0044] (2) Trust Relationship Graph Construction: The system continuously collects communication behavior data of user A, including historical communication records, social network associations, and manual trust settings. During the three-month usage period, the system found that user A communicated with contact B (a company colleague) more than 15 times per week, with an average interaction time of 40 minutes. The communication content was mostly work documents such as expense vouchers and payroll sheets; with contact C (a business partner), they communicated 3-5 times per month, mainly about cooperation needs; and with contact D (a stranger added as a user), there was only one initial greeting communication. User A manually set the trust level of contact B to 9 points, contact C to 6 points, and contact D to 1 point. The system used the KNN clustering algorithm to process the above data, set the clustering distance threshold to 0.3, and set the communication frequency, interaction time, and content similarity weights to 0.4, 0.3, and 0.3, respectively, to dynamically generate a trust relationship graph. After quantification and calibration with the user's manually set values, the final results were determined as follows: B (9 points), C (6 points), and D (1 point).

[0045] (3) Dynamic updates of the profile: The update of the privacy profile is triggered after each communication session is completed. The system synchronizes the policy execution effect of this session (such as whether encryption is triggered, whether the user adjusts the protection strength) and the user's manual adjustment instructions (such as modifying the trust level) to the Redis database, and updates the privacy profile of user A through the data synchronization interface to ensure that the profile data matches the user's actual needs in real time.

[0046] Step 2, Real-time communication context resolution:

[0047] User A initiates an instant text message communication with contact D, and the system starts a real-time context monitoring and parsing process:

[0048] (1) Identity recognition of the communication peer: The system quickly identifies contact D as a low-trust object by matching the trust relationship graph with the user ID (1 point).

[0049] (2) Sensitivity determination of communication content: User A input the text "Second Quarter 2024 Procurement Budget Table No. CGB202406, involving an amount of RMB 8.6 million, and the payment account is the company's basic account 6228XXXX1975". First, the system confirmed that the communication type was text communication with no voice content, and directly extracted the text and metadata (sent time 2024-06-15 14:30, file type plain text, no attachments); then, the BERT pre-trained model was called to extract semantic features from the text, and the semantic matching degree related to "financial budget" and "payment account" was calculated to be 82%; at the same time, it was matched with the sensitive keyword library, and the three sensitive words "procurement budget", "amount", and "payment account" were matched. Combining the two results, the system determined that the sensitivity of this communication content was high.

[0050] (3) Network environment security level determination: The system detects that the current client is connected to a public Wi-Fi network (provided by the shopping mall) and VPN is not enabled. By calling a third-party network security monitoring interface, the system obtains real-time risk data of the Wi-Fi network and finds two warnings: "weak password risk" and "ARP spoofing risk". The security level score is calculated using a weighted scoring method: 2 points for network type (public Wi-Fi) (out of 10), 0 points for VPN not enabled, and 1 point for attack risk. The total score after weighting is (2×0.4+0×0.3+1×0.3)=1.1 points, which is determined to be a low security level.

[0051] (4) Communication application type confirmation: This session is an instant text communication without additional functions such as attachment transmission or voice call. The system records the application type as "basic text communication".

[0052] Step 3, Dynamic Strategy Generation:

[0053] The strategy decision engine simultaneously receives privacy profiles and context parsing results, initiating a hybrid model decision-making process:

[0054] (1) Input factor quantification: User A’s privacy sensitivity preference (8 points), trust relationship with D (1 point), communication content sensitivity (9 points for high level), and network environment security level (1 point for low level) are uniformly standardized into input factors of 0-10 points.

[0055] (2) Hybrid Model Calculation: The rule engine adopts a rule table mechanism based on the condition-action (IF–THEN) structure, specifically including: Rule condition unit: composed of multiple input factors and their threshold ranges. Rule priority unit: used to determine the priority triggering order when multiple rules are satisfied simultaneously. Rule action unit: corresponding to the specific policy recommendation level or the protection level directly triggered. Rules are stored in the policy database or in-memory rule pool in the form of structured rule tables, and saved in JSON / table structure for easy dynamic addition, deletion and updating. Receives a set of structured input factors from the privacy profiling module and the context parsing module; matches the conditions in the rule table one by one according to the rule priority order; when all conditions of a rule are satisfied, the corresponding rule is immediately marked as "hit state"; if the hit is a high-priority rule (enhanced protection rule), the policy level suggestion is directly output and the result is passed to the hybrid model fusion module.

[0056] The rule engine matched the core rule of "high privacy sensitivity + low trust relationship + high content sensitivity + low network security", directly triggering the enhanced protection recommendation. The LightGBM model performed a weighted calculation on the four input factors (with weights of 0.3, 0.2, 0.3, and 0.2 respectively) and obtained a comprehensive score of (8×0.3+1×0.2+9×0.3+1×0.2)=6.3 points. Combined with the result of the rule engine, the enhanced protection strategy was finally determined to be triggered.

[0057] (3) Policy Instruction Generation: Once the hybrid model ultimately determines the "Enhanced Protection Policy," the policy generation process is as follows: The engine calls the "Enhanced Protection Policy Template" based on the policy level. The template predefines enhanced protection, including at least the following action types: content-level protection, metadata-level protection, client behavior control, and lifecycle control. The engine combines the context parameters of the current session to populate the parameters of the actions in the template, including: encryption range (text only / text + attachment); readable duration: mapped to a 5–10 minute range based on content sensitivity; and access control duration: during the session. Finally, the output is a set of structured policy instructions, and each instruction includes at least: action type, triggering condition, and execution parameters.

[0058] Through the rule engine and policy template-driven policy generation mechanism described above, the policy decision engine can automatically transform abstract risk assessment results into differentiated privacy protection policies with clear execution actions and triggering conditions without human intervention, ensuring that the policy generation process is deterministic, reproducible, and engineering-feasible.

[0059] The differentiated privacy protection strategy generated by the engine includes four specific actions and triggering conditions: ① End-to-end encryption of all text content in this session, triggered before the message is sent; ② Anonymization of session metadata, triggered when the metadata is stored; ③ Enabling the screenshot and screen recording blocking function, triggered during the session; ④ Setting the message readable duration to 8 minutes, triggered after the message is delivered to the receiving end.

[0060] Step 4, Strategy Implementation:

[0061] The system calls the corresponding privacy protection technology module through a RESTful interface. The entire implementation process has a response time of ≤80ms and requires no manual user intervention.

[0062] (1) Encryption and decryption module call: The encryption and decryption module adopts the AES-256-GCM algorithm. The sending end generates a random key and negotiates the key with the receiving end through RSA asymmetric encryption. The text input by user A is encrypted and transmitted. The receiving end decrypts and displays it normally. The encryption success rate is 100%.

[0063] (2) Anonymization module call: The anonymization module uses the k-anonymity algorithm (k value is set to 5) to process the metadata of this session: the sending time is accurate to the hour (14:00 on June 15, 2024), the device model is hidden (unified as “mobile device”), the geographical location is retained as Guangzhou City, and traceable information such as device IMEI code and IP address is deleted.

[0064] (3) Access Control Module Call: The access control module disables the function by intercepting the system's screenshot and screen recording commands. When user D attempts to take a screenshot of the session interface, the client pops up a message saying "The current session is a highly sensitive communication and screenshot and screen recording are prohibited", and the server records the interception log at the same time.

[0065] (4) Content control module call: The content control module sets an 8-minute countdown. The countdown starts after the message is delivered to user D. After the timeout, the message content cached locally by both clients is automatically deleted. The server only retains the anonymized metadata and does not store the original message content.

[0066] (5) User interface prompts: The top of the conversation interface of users A and D displays a red lock icon (indicating the end-to-end encryption status), and the bottom displays a countdown prompt that "the message will be automatically destroyed in 8 minutes", which intuitively informs users of the current protection status.

[0067] Step 5, Iterative Optimization:

[0068] (1) Effect feedback collection: After the session ended, the system recorded the policy execution log: there were no abnormalities in encrypted transmission, two screenshot attempts were successfully blocked, user A did not adjust the message readability duration, and user D did not initiate an extended viewing request. The overall execution effect met expectations.

[0069] (2) Privacy profile calibration: The system calibrates the privacy profile quantification value of user A through gradient descent algorithm. Since there is no negative feedback in this policy execution, the privacy sensitivity preference remains at 8 points, and the trust level of contact D remains at 1 point, without adjustment.

[0070] (3) Decision Logic Optimization: The system adds the scenario data of this session (quantified input factor values, execution results, and user feedback) to the model training dataset, and optimizes the weight parameters of the LightGBM model using the random forest algorithm. The combined weight of "low trust relationship + high content sensitivity" is adjusted from 0.5 to 0.55, improving the triggering accuracy of the enhanced protection strategy in this type of scenario. Subsequently, when user A transmits highly sensitive content to other low-trust contacts, the response speed and accuracy of the strategy decision will be further improved.

[0071] (III) Verification of Implementation Results

[0072] Through the above implementation process, this method achieves the following effects in the instant messaging application: (1) Targeted privacy protection: In high-risk scenarios (low-trust peers + highly sensitive content + insecure network), multiple protection actions are combined to ensure that there is no risk of leakage of communication content; in low-risk scenarios (high-trust peers + daily communication + secure network), only basic encryption is enabled, the communication process has no additional delay, and the user experience is not affected. (2) Feasibility: All technical links adopt mature algorithms and tools, and the parameter settings are clear. Those skilled in the art can directly deploy and reproduce based on the above description without additional technical innovation. (3) Dynamic adaptability: Through iterative updates of privacy profiles and optimization of decision models, the system can continuously adapt to changes in user behavior habits, and the fit of protection strategies gradually improves with the duration of use.

[0073] As can be seen from the above embodiments, the present invention, by clearly defining the technical implementation details, parameter configurations, and execution processes of each stage, completely solves the problems of "insufficient disclosure and lack of implementability" in existing solutions. Simultaneously, through the dynamic generation and implementation of differentiated protection strategies, it achieves a balance between privacy and communication convenience, truly achieving the goal of personalized and intelligent privacy communication protection.

[0074] In summary, the personalized privacy communication protection method of this invention, centered on users' personalized needs, constructs an intelligent and differentiated privacy communication protection system through a closed-loop logic of "profile construction - context parsing - policy generation - policy implementation - iterative optimization." Its core innovation lies in breaking away from the existing "one-size-fits-all" static protection model, deeply integrating individual characteristics such as user privacy sensitivity preferences and trust relationships with dynamic scenario factors such as communication content sensitivity and network environment security levels. Through clear algorithm selection, quantitative standards, and execution procedures, it ensures the full disclosure and direct implementability of the technical solution.

[0075] This invention organically integrates mature technologies such as the BERT pre-trained model, the LightGBM machine learning model, and the AES-256-GCM encryption algorithm, along with the precise application of algorithms like KNN clustering and gradient descent. This achieves both multi-layered, high-strength protection in high-risk scenarios and avoids the impact of over-protection on communication convenience in low-risk scenarios, perfectly balancing the core contradiction between privacy and user experience. Furthermore, through continuous post-session profile calibration and model optimization, the protection strategy dynamically adapts to user behavior and scenario changes, exhibiting exceptional flexibility and adaptability. This method can be widely applied to various communication scenarios, including instant messaging, office collaboration, and social interaction, and can be directly deployed without additional technological innovation, providing customized privacy protection solutions for individual users, enterprise organizations, and other groups. It not only addresses the technical pain points of existing privacy protection solutions' lack of specificity and implementation, but also promotes the development of communication security technology towards "personalization, intelligence, and scenario-based application," possessing significant practical application value and technological promotion significance.

[0076] This invention provides a personalized privacy communication protection method. Many methods and approaches exist for implementing this technical solution; the above description is merely a preferred embodiment of the invention. It should be noted that those skilled in the art can make various improvements and modifications without departing from the principles of this invention, and these improvements and modifications should also be considered within the scope of protection of this invention. All components not explicitly stated in this embodiment can be implemented using existing technologies.

Claims

1. A personalized privacy communication protection method, characterized in that, Includes the following steps: Step 1: Construct and maintain a personalized privacy profile for each user, which includes the user's privacy sensitivity preferences, identity attribute information, and trust relationship graph with other communication parties; Step 2: Monitor and parse the context information of the current communication session in real time. The context information includes the sensitivity of the communication content, the identity of the communication peer, the security level of the current network environment, and the type of communication application. Step 3: Based on the privacy profile and real-time communication context information, dynamically generate differentiated privacy protection policies suitable for the current communication session through the policy decision engine; Step 4: In the current communication session, invoke the corresponding privacy protection technology module to implement the dynamically generated differentiated privacy protection strategy; Step 5: After the communication session ends, based on the feedback on the effectiveness of this differentiated privacy protection implementation and the user's manual adjustment instructions, iteratively optimize and update the user's privacy profile and the decision logic of the policy decision engine.

2. The personalized privacy communication protection method according to claim 1, characterized in that, In step 1, the privacy sensitivity preference is quantified using a score of 0-10 and calibrated through an initial questionnaire and dynamic behavior feedback; the trust relationship graph is quantified using a score of 0-10; the data sources for constructing the privacy profile include user-filled questionnaire data, historical communication behavior data, and manually set trust levels, with an update frequency triggered after each communication session is completed; the identity attribute information includes: the user's occupation, social role, affiliated organization, and geographical location information, with geographical location information obtained through device location permissions and accuracy controlled at the city level.

3. The personalized privacy communication protection method according to claim 2, characterized in that, The trust relationship graph is dynamically constructed using the KNN clustering algorithm based on the user's historical communication records, social network associations, and manually set trust levels. It is used to quantify the degree of trust between the user and different communication counterparts. Historical communication records include communication frequency, interaction duration, and content similarity, while social network associations include friend hierarchy relationships.

4. The personalized privacy communication protection method according to claim 1, characterized in that, The sensitivity of the communication content mentioned in step 2 is classified into three levels: low, medium, and high. Real-time analysis is achieved by integrating the BERT pre-trained model and the domain-sensitive keyword library. The current network environment security level is classified into three levels: low, medium, and high.

5. A personalized privacy communication protection method according to claim 4, characterized in that, The process for analyzing the sensitivity of the communication content is as follows: First, the voice communication is converted into text using a speech-to-text tool. Then, the semantic features are extracted using the BERT model, combined with the communication text and metadata, and matched with a sensitive keyword database. The sensitivity level is determined by combining the results of both. The metadata includes message sending time, file type, and attachment size.

6. The personalized privacy communication protection method according to claim 1, characterized in that, The differentiated privacy protection strategy described in step 4 defines specific data protection actions and their triggering conditions for the current session; the policy decision engine adopts a hybrid model that combines a rule-based engine with the LightGBM machine learning model.

7. A personalized privacy communication protection method according to claim 6, characterized in that, In the hybrid model of the strategy decision engine, the rule-based engine presets n types of core rules, and the training data of the machine learning model includes historical communication scenario data, strategy execution effect data, and user feedback data. Its decision-making logic is to take high privacy sensitivity preference, low trust relationship, high content sensitivity, and insecure network environment as the core input factors for enhancing privacy protection measures; high privacy sensitivity preference corresponds to a quantitative score ≥ the first score threshold, low trust relationship corresponds to a quantitative score ≤ the second score threshold, high content sensitivity corresponds to "high" in the three-level classification, and insecure network environment corresponds to "low" in the three-level classification.

8. A personalized privacy communication protection method according to claim 4, characterized in that, The criteria for determining the current network environment security level include network type, whether VPN is enabled, and whether there are known network attack risks. Network types include public Wi-Fi, private Wi-Fi, and cellular networks. Known network attack risks are identified by calling the network security monitoring interface to obtain real-time risk data. The determination is made using a weighted scoring method.

9. A personalized privacy communication protection method according to claim 6, characterized in that, The privacy protection technology module mentioned in step 4 is a pluggable, modular collection, including an encryption / decryption module, an anonymization module, a content filtering module, and an access control module. The encryption / decryption module uses the AES-256-GCM algorithm, the anonymization module uses the k-anonymity algorithm, the content filtering module matches sensitive content based on regular expressions, and the access control module is used to control screen capture / screen recording permissions, dynamically calling one or more of them according to policy instructions.

10. A personalized privacy communication protection method according to claim 1, characterized in that, The feedback in step 5 includes encryption success rate, access control effectiveness, and user operation feedback; the user's privacy profile quantification value is calibrated using the gradient descent algorithm, and the weight parameters of the LightGBM model are iteratively optimized and updated.