A method for detecting proximity of a drone for privacy protection and related devices

Abstract

The application discloses a kind of unmanned aerial vehicle privacy protection proximity detection method and related equipment, unmanned aerial vehicle obtains current security area first, by space prefix coding, multiple hash mapping and frequency statistics, get real index set and frequency mapping, again do privacy protection confusion processing and generate mixed index set, according to this generate upload token and send to multiple mutually incomprehensible cloud server, server updates index position on local share count bloom filter;Then, unmanned aerial vehicle obtains to be detected position, by position coding, multiple hash mapping and deduplication, get real detection index set and establish mapping relationship, again do privacy protection confusion processing and generate detection token and send to cloud server, server queries and returns share response value;Finally, unmanned aerial vehicle synthesis reconstructs response value, checks position prefix, determines proximity hit.The application solves the high-density fleet scene scalability bottleneck, reduces communication round and computing overhead, meets real-time response requirement, avoids cloud server to deduce track feature.

Description

Technical Field

[0001] This invention belongs to the field of low-altitude intelligent network and cyberspace security, specifically relating to a method and related equipment for proximity detection to protect the privacy of unmanned aerial vehicles. Background Technology

[0002] With the rapid development of low-altitude intelligent networks, the deployment of drones in scenarios such as logistics delivery, inspection and mapping, emergency rescue, and urban governance is constantly expanding. In dense airspace, drones need to perceive each other's positions in real time and complete proximity detection and collision warning to ensure operational safety and improve airspace utilization efficiency. This has become one of the core capabilities of low-altitude operation management.

[0003] Currently, proximity detection for drones primarily employs two technical approaches. One is sensor-based local obstacle avoidance, where the drone perceives its surroundings using onboard cameras, radar, or ultrasonic sensors and avoids obstacles upon detection. This approach relies on sensor line-of-sight and perception range, making it susceptible to interference from environmental factors such as rain, fog, and lighting conditions. It also suffers from issues like line-of-sight obstruction and reflection interference. Furthermore, limitations in the drone's payload's computing power and energy consumption make it difficult to achieve large-scale collaborative perception in complex airspace. The other approach is communication-based collaborative collision avoidance, where the drone periodically broadcasts its position, speed, and flight path, or aggregates data via ground stations or cloud control platforms for centralized decision-making. This approach can cover a wider airspace, but requires the drone to report precise position and trajectory data, increasing the risk of information such as operational scope, task preferences, inspection targets, and even the location of sensitive infrastructure being inferred, stolen, or misused.

[0004] To mitigate location privacy issues, some studies have attempted to introduce privacy-preserving computation techniques such as homomorphic encryption, secure multi-party computation, or private set intersection, enabling drones to perform collision detection without exposing their plaintext locations. In a typical scheme, each drone encrypts its own location and uploads it to a cloud server. The cloud server then calculates proximity relationships in the encrypted state and returns the encrypted results to the drones. While this approach theoretically protects location privacy, it faces scalability bottlenecks in high-density drone swarm scenarios. The number of communication rounds and computational overhead associated with encrypted computation and encrypted interaction often increase linearly or even superlinearly with the number of drones. When drones continuously move, causing frequent changes in the safe zone, the update overhead and end-to-end latency are further amplified, making it difficult to meet the millisecond to second-level real-time response requirements for collision warnings. Furthermore, in multi-drone collaborative scenarios, the cloud server can observe the upload and query behavior of each drone. Even if it cannot directly decrypt the location data, it may still infer the drone's flight path characteristics and operational hotspots from the access patterns. Summary of the Invention

[0005] To address the problems existing in the prior art, this invention provides a privacy-preserving proximity detection method and related equipment for unmanned aerial vehicles (UAVs). Its purpose is to solve the scalability bottleneck of existing communication-based cooperative collision avoidance schemes in high-density swarm scenarios while ensuring UAV location privacy. It reduces the number of communication rounds and computational overhead for encrypted computing and encrypted text interaction, reduces update overhead and end-to-end latency, meets the millisecond to second-level real-time response requirements for collision warning, and prevents cloud servers from inferring UAV trajectory characteristics and operational hotspots from access patterns. This enhances the UAV's ability to conduct large-scale cooperative perception in complex airspace, ensuring operational safety and improving airspace utilization efficiency.

[0006] To solve the above-mentioned technical problems, the present invention is achieved through the following technical solution: According to a first aspect of the present invention, a method for proximity detection for privacy protection of unmanned aerial vehicles is provided, comprising: The drone acquires the current safe area, performs spatial prefix encoding on the safe area to obtain a spatial prefix encoding set, and performs multi-hash mapping and frequency statistics processing on each spatial prefix in the spatial prefix encoding set to obtain a real index set and the corresponding frequency mapping; The drone generates a hybrid index set by performing privacy-preserving obfuscation processing on the real index set, generates an upload token based on the hybrid index set and the frequency corresponding to each real index, and sends the upload token to multiple independent cloud servers, so that each cloud server performs a share-level update on each index position indicated by the upload token on the share count Bloom filter stored locally. The drone acquires the location to be detected, performs location encoding on the location to be detected to obtain a set of location prefixes, performs multi-hash mapping and deduplication on each location prefix in the set of location prefixes to obtain a set of real detection indexes, and establishes a prefix-index mapping relationship. The drone generates a detection token by performing privacy-preserving obfuscation processing based on the real detection index set, and sends the detection token to each of the cloud servers respectively, so that each cloud server performs a query on the share count Bloom filter for each index position indicated by the detection token and returns the corresponding share response value; The drone receives the share response values ​​returned by each of the cloud servers, performs a synthesis and reconstruction process on the share response values ​​to obtain the reconstruction count of each index, and performs a consistency check on each of the position prefixes based on the prefix-index mapping relationship. If any of the position prefixes passes the check, it is determined that a neighbor hit has occurred.

[0007] In one possible implementation of the first aspect, the spatial prefix coding process performed on the security region to obtain a spatial prefix code set specifically includes: The UAV operating space is discretized in three dimensions to construct a three-dimensional grid coordinate system. The safe area is represented as a set of grid points, and each grid point is mapped to the corresponding Z-order code value to obtain the Z-order code set. The Z-order encoding set is regarded as the set of leaf nodes on the prefix tree. The leaf nodes that meet the merging conditions are subjected to bottom-up prefix merging and compression to obtain the spatial prefix encoding set covering the security area.

[0008] In one possible implementation of the first aspect, the step of performing position encoding processing on the location to be detected to obtain a set of position prefixes specifically includes: The position to be detected is quantized into integer coordinates, and bit interleaving is performed on the integer coordinates to obtain the Z-order encoded value; Based on the octree level depth, starting from the high-order bits of the Z-order encoding value, a preset number of bits are extracted at each level to obtain the spatial prefixes of the position to be detected at different levels, thus forming the position prefix set.

[0009] In one possible implementation of the first aspect, the step of generating a hybrid index set by performing privacy-preserving obfuscation processing based on the real index set specifically includes: The drone randomly determines the number of false indexes, such that the number of false indexes and the number of elements in the real index set satisfy a preset multiple relationship; A fake index set is constructed by randomly selecting multiple indices that do not overlap with the real index set within the index domain of the counting Bloom filter. The real index set and the fake index set are merged to obtain the hybrid index set.

[0010] In one possible implementation of the first aspect, generating the upload token based on the hybrid index set and the frequency corresponding to each real index specifically includes: The drone has a module of On the finite ring, share upload tokens are generated for each of the cloud servers, specifically as follows: For any real index in the hybrid index set, a random index is generated based on the frequency corresponding to the real index. The share increment, making the The sum of the increments of the shares Equal to the frequency; For any spurious index in the hybrid index set, a random index is generated. The share increment, making the The sum of the increments of the shares Equals 0; in, The number of cloud servers.

[0011] In one possible implementation of the first aspect, the consistency check of each position prefix based on the prefix-index mapping relationship specifically includes: For any of the position prefixes, obtain the set of indices corresponding to that position prefix in the prefix-index mapping relationship; Traverse each index in the index set. If there is any index whose reconstruction count is 0, then the prefix verification at that position is determined to be unsuccessful. If the reconstruction count for all indexes in the index set is not 0, then the prefix check at that position is considered to have passed.

[0012] One possible implementation of the first aspect also includes a safe zone removal step: The drone acquires the real index set and frequency mapping corresponding to the security area to be revoked, and performs privacy protection obfuscation processing based on the real index set corresponding to the security area to be revoked to generate a hybrid revocation index set. Based on the hybrid revocation index set and the frequency corresponding to each real index, a negative update token is generated, and the negative update token is sent to each of the cloud servers, so that each cloud server performs a share-level reduction update on each index position indicated by the negative update token on the share count Bloom filter.

[0013] In one possible implementation of the first aspect, the synthesis and reconstruction processing of the share response values ​​to obtain the reconstruction counts of each index specifically includes: The number of cloud servers obtained by the drone ; For each index in the detection token, the drone obtains information from... A cloud server Each share of the response value, will be the Individual share response value at modulus of The reconstruction count of the index is obtained by summing the results over a finite ring.

[0014] According to a second aspect of the present invention, a computer device is provided, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the computer program, implements the aforementioned drone privacy-preserving proximity detection method.

[0015] According to a third aspect of the present invention, a computer-readable storage medium is provided, the computer-readable storage medium storing a computer program, which, when executed by a processor, implements the aforementioned drone privacy-preserving proximity detection method.

[0016] According to a fourth aspect of the present invention, a computer program product is provided that, when executed by a processor, implements the aforementioned drone privacy-preserving proximity detection method.

[0017] Compared with the prior art, the present invention has at least the following beneficial effects: This invention employs a multi-cloud secret sharing mechanism to distribute the storage of the count Bloom filter. When the UAV uploads to the secure area, it generates an upload token based on the hybrid index set and the frequency corresponding to each real index, and sends the upload token to multiple independent cloud servers. Each cloud server only performs share-level updates on its locally stored share count Bloom filter. During the proximity detection phase, the UAV sends the detection token to each cloud server, and each cloud server returns a share response value. The UAV then performs a synthesis and reconstruction process on the share response values ​​to obtain the reconstructed count for each index. Through this design, a single cloud server only holds the share information of the count Bloom filter and cannot recover the global count and spatial distribution; even if a cloud server is compromised, the attacker cannot obtain any meaningful spatial location information from it, significantly improving the resistance to single-point attacks.

[0018] When a drone uploads data within a secure area, a hybrid index set is generated based on the real index set, containing both real and fake indexes. During proximity detection, a detection token is generated based on the real detection index set, containing both real and fake detection indexes. This design ensures that the update and query operations observed by the cloud server contain a large amount of noise unrelated to real data, making it impossible to distinguish between real and fake access locations. Furthermore, it makes it difficult to infer the drone's flight path, operating area, and proximity relationships from the scale, distribution, and repetition characteristics of access patterns, effectively mitigating side-channel attacks based on access patterns.

[0019] The cloud server only needs to perform a share-level query on the index in the detection token and return the share value, without involving complex encryption operations or ciphertext interaction. The drone completes the synthesis, reconstruction, and consistency verification of the share response value locally. The cloud server and the drone only communicate in a single round during the entire detection process. Since the cloud server's operation is only related to the number of indexes in the detection token and not to the total number of drones in the entire fleet, it can maintain stable detection latency even in high-density fleet scenarios, meeting the millisecond to second-level real-time response requirements for collision warning.

[0020] This invention compresses secure regions through spatial prefix encoding and converts the spatial prefixes into index positions in a count Bloom filter using multi-hash mapping. The UAV performs spatial prefix encoding on the secure region to obtain a set of spatial prefix codes. Then, it performs multi-hash mapping and frequency statistics on each spatial prefix in this set to obtain a true index set and frequency mapping. Similarly, it performs position encoding on the location to be detected to obtain a set of position prefixes. Finally, it performs multi-hash mapping and deduplication on each position prefix in this set to obtain a true detection index set. This processing method converts arbitrarily shaped 3D secure regions into a fixed number of index sets, significantly reducing the number of indexes required for subsequent cloud processing while maintaining coverage semantics, thus lowering the communication overhead of the UAV and the computational load on the cloud server.

[0021] The drone synthesizes and reconstructs share response values ​​from multiple cloud servers, restoring the global count of each index in the original count Bloom filter. Based on this, it utilizes the prefix-index mapping relationship in local storage to perform consistency checks on all indexes corresponding to each position prefix. A hit is only determined when the reconstruction counts for all indexes are non-zero. This verification method effectively filters out false positives that may be introduced by hash collisions, accurately selecting truly relevant detection results from the obfuscated query set, thus improving the reliability of proximity detection. Attached Figure Description

[0022] To more clearly illustrate the technical solutions in the specific embodiments of the present invention, the drawings used in the description of the specific embodiments will be briefly introduced below. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.

[0023] Figure 1 This is a flowchart of a proximity detection method for protecting the privacy of unmanned aerial vehicles (UAVs) according to the present invention.

[0024] Figure 2 This is a schematic diagram of a scenario for a drone privacy protection proximity detection method according to the present invention.

[0025] Figure 3 This is a schematic diagram of Z-sequence encoding.

[0026] Figure 4 This is a schematic diagram of spatial prefix encoding. Detailed Implementation

[0027] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0028] Combination Figure 1 and Figure 2 As shown, this invention provides a drone privacy-preserving proximity detection method, which is executed interactively between the drone, the service provider, and multiple cloud servers.

[0029] After the service provider completes system initialization during the initialization phase, each UAV can independently execute the proximity detection process. Relevant parameters during the initialization phase include the count Bloom filter length parameter. Number of hash functions Hash function set and modulus Each hash function The definition of is: That is, input a binary string of any length and output a string between 0 and 1. Integers between [a, b]. Used to limit the length of the counting array and the range of the index field. Used to determine the number of multi-hash mappings, modulus This is used to constrain the value range of the counting unit and support share operations on the modular domain, thereby providing a unified algebraic structure for subsequent share-level updates and compositional reconstruction. The service provider constructs an initially empty counting Bloom filter. ,Should Include Each counting unit records... The value of each counting unit belongs to the modulus of finite rings Initially, all count units are set to zero to indicate that no security area contribution has been written yet. The service provider will... Split into an additive secret sharing mechanism Share filter They are stored separately in mutually independent locations. cloud server This makes it possible for any index satisfy: In subsequent operations, all share-level operations are performed modulo... The following will proceed.

[0030] The drone privacy protection proximity detection method specifically includes the following steps: S1. The UAV acquires the current safe area, performs spatial prefix encoding on the safe area to obtain a spatial prefix encoding set, and performs multi-hash mapping and frequency statistics processing on each spatial prefix in the spatial prefix encoding set to obtain a real index set and the corresponding frequency mapping.

[0031] Specifically, the drone first acquires its current safe zone. This safe zone is the three-dimensional spatial area that the drone wishes to protect, typically represented as a cube centered on the drone's current location. The drone then performs spatial prefix coding on this safe zone, converting it into a set of spatial prefix codes. Spatial prefix coding is a technique that compresses a three-dimensional spatial region into several binary prefixes, each prefix corresponding to a node in an octree, capable of covering a portion of the safe zone.

[0032] Next, the UAV encodes each spatial prefix in the spatial prefix encoding set using a preset... Perform hash mapping using hash functions to obtain There are several index values. Since different spatial prefixes may map to the same index, the UAV further performs frequency statistics on all mapped indices, counting the number of times each index appears and removing duplicates, ultimately obtaining the true index set and the frequency mapping corresponding to each true index. Each index in the true index set corresponds to a position in the count Bloom filter, and the frequency represents the count value that needs to be increased at that position.

[0033] S2. The drone generates a hybrid index set by performing privacy-preserving obfuscation processing on the real index set, generates an upload token based on the frequency corresponding to the hybrid index set and each real index, and sends the upload token to multiple independent cloud servers, so that each cloud server performs a share-level update on each index position indicated by the upload token on the share count Bloom filter stored locally.

[0034] In other words, to conceal the distribution characteristics of the real indexes, the drone performs privacy-preserving obfuscation on the real index set to generate a hybrid index set. This hybrid index set includes not only real indexes but also randomly generated fake indexes. Based on the hybrid index set and the frequencies corresponding to each real index obtained from previous statistics, the drone generates an upload token for each cloud server. In the upload token, for real indexes, the sum of the incremental allocations to each cloud server equals the frequency of that index; for fake indexes, the sum of the incremental allocations to each cloud server is zero.

[0035] The drone will send multiple generated upload tokens to separate, non-colluding entities. Each cloud server receives an upload token and, upon receiving it, performs a share-level update on each index position indicated in the upload token in its locally stored share count Bloom filter. This involves adding the existing share value at that position to the corresponding share increment in the token and then adjusting the modulus. Modulo operation. Because each cloud server holds only a share of the counting Bloom filter, and different cloud servers do not communicate with each other, a single cloud server cannot know the true distribution of the index or the global count at each location.

[0036] S3. The UAV acquires the location to be detected, performs location encoding processing on the location to be detected to obtain a set of location prefixes, performs multi-hash mapping and deduplication processing on each location prefix in the set of location prefixes to obtain a set of real detection indexes, and establishes a prefix-index mapping relationship.

[0037] Specifically, when a drone needs to detect whether there are nearby risks at its current location, the drone acquires the location to be detected, performs location encoding on that location, and obtains a set of location prefixes. The set of location prefixes represents the spatial prefixes of that location at different octree levels. The drone then processes each location prefix in the set using a preset... Perform hash mapping using hash functions to obtain The system generates a set of indexes, and after summing and deduplicating all the mapped indexes, obtains the actual detection index set. Simultaneously, the UAV establishes and stores prefix-index mapping relationships, recording the prefix of each location and its mapped index. The correspondence between the indices.

[0038] S4. The UAV generates a detection token by performing privacy-preserving obfuscation processing based on the real detection index set, and sends the detection token to each of the cloud servers respectively, so that each cloud server performs a query on the share count Bloom filter for each index position indicated by the detection token and returns the corresponding share response value.

[0039] Similarly, to conceal the distribution of the real detection indexes, the drone performs privacy-preserving obfuscation processing again based on the real detection index set to generate a detection token. The detection token also contains both real detection indexes and randomly generated fake detection indexes. The drone sends the detection tokens to various cloud servers. Upon receiving the detection token, each cloud server performs a query on its locally stored share count Bloom filter for each index position indicated in the detection token, retrieves the share value at that position, and returns these share values ​​as share response values ​​to the drone.

[0040] S5. The UAV receives the share response value returned by each of the cloud servers, performs a synthesis and reconstruction process on the share response value to obtain the reconstruction count of each index, and performs a consistency check on each of the position prefixes based on the prefix-index mapping relationship. If any of the position prefixes passes the check, it is determined that a neighbor hit has occurred.

[0041] In other words, after receiving the share response values ​​returned by each cloud server, the drone performs a synthesis and reconstruction process on the share response values. For each index in the detection token, the drone modulates the share values ​​received from each cloud server. The reconstruction count of the index is obtained by summing the values ​​over a finite ring. Since different cloud servers store different shares of the same global count, the sum of these shares is the global count of the index in the original count Bloom filter.

[0042] Based on the previously established prefix-index mapping, the drone performs consistency checks on each location prefix in the location prefix set. For a given location prefix, the drone retrieves the corresponding set of indices and checks if all of these indices have non-zero reconstruction counts. If the reconstruction counts of all indices corresponding to a location prefix are non-zero, the location prefix is ​​considered to have passed the check. As long as at least one location prefix passes the check, the drone determines that a proximity hit has occurred, meaning that other drones are present near the location to be detected.

[0043] In this implementation, the amount of data to be processed is effectively compressed by encoding the secure region as a set of spatial prefixes and mapping it to multiple indices in the counting Bloom filter. Through a multi-cloud secret sharing mechanism, the counting Bloom filter is distributed and stored on multiple non-communicating cloud servers, making it impossible for any single cloud to recover the global counting information, thus improving resistance to single-point attacks. By introducing spoofed indexes and using zero-sum shares when generating upload and detection tokens, the cloud servers cannot distinguish between real and spoofed access, effectively reducing the risk of inferring UAV tracks, operating areas, and proximity relationships from access patterns. Throughout the detection process, the cloud servers only perform simple modulo addition and query operations at the share level, while the UAV completes the synthesis reconstruction and consistency verification locally. The computational overhead is weakly correlated with the cluster size, meeting the real-time detection requirements in high-density cluster scenarios.

[0044] In one possible implementation, the safe area is spatially prefix encoded to obtain a spatial prefix encoding set. Specifically, this includes: performing three-dimensional discretization processing on the UAV operating space to construct a three-dimensional grid coordinate system, representing the safe area as a set of grid points, and mapping each grid point to a corresponding Z-order encoding value to obtain a Z-order encoding set; treating the Z-order encoding set as a set of leaf nodes on a prefix tree, and performing bottom-up prefix merging and compression on the leaf nodes that meet the merging conditions to obtain a spatial prefix encoding set covering the safe area.

[0045] In detail, the UAV performs three-dimensional discretization of the operating space, constructing a three-dimensional grid coordinate system, and plotting any three-dimensional position point... Quantified as Bit integer coordinates, where:

[0046] That is, the value range of each coordinate is 0 to... .

[0047] For safe zone The drone represents it as a set of grid points. That is, the set of all discrete grid points contained in the safe zone.

[0048] For each grid point in the grid set The UAV performs bit interleaving operations, mapping its three-dimensional coordinates to a Z-order encoded value. Specifically, for grid point coordinates... ,Will The binary representation is interleaved bit by bit to form a length of The binary sequence, which is the Z-order code value of that lattice point. = ,in Indicates interleaving bit by bit The binary bits form a length of The binary sequence. Z-order encoding has the property of preserving spatial proximity, that is, points that are close in three-dimensional space tend to be close in Z-order encoding, such as... Figure 3 As shown.

[0049] The drone collects the Z-order encoded values ​​of all grid points corresponding to the safe area, forming a Z-order encoded set. The Z-order encoding set is considered as a set of leaf nodes on a prefix tree, which corresponds to an octree hierarchical path in three-dimensional space. The UAV starts from a leaf node and checks from the bottom up for nodes that meet the merging condition. The merging condition is that all child nodes under a given node are in the Z-order encoding set; in this case, these child nodes can be merged into the node itself, i.e., multiple longer binary prefixes are merged into a shorter binary prefix. By repeatedly performing this bottom-up prefix merging compression, a smaller spatial prefix encoding set that completely covers the original security region is finally obtained. .in, This indicates that a prefix merging compression operation is performed on the Z-order encoded leaf set to generate a smaller size that covers the security region. The set of spatial prefix codes, such as Figure 4 As shown, prefix merging compression can reduce the number of indexes for subsequent writes / queries while maintaining coverage semantics, thereby reducing communication and computational overhead.

[0050] In other words, each element in the spatial prefix coding set is a binary prefix, representing a node in an octree. The spatial region covered by this node is completely contained within the original secure region, such as... Figure 4 As shown. This prefix merging compression reduces the number of indexes that need to be processed later while maintaining the coverage semantics, thereby reducing the communication overhead of the drone and the computing load of the cloud server.

[0051] In one possible implementation, multiple hash mapping and frequency statistics processing are performed on each spatial prefix in the spatial prefix encoding set to obtain a true index set and a corresponding frequency mapping. Specifically, this includes: the UAV acquiring a preset set of hash functions, the hash function set containing... Each hash function has an output field that is the index field of the count Bloom filter; for each spatial prefix in the spatial prefix encoding set, it is respectively processed by the hash function... Mapping using hash functions yields... A set of indexes is formed by mapping all spatial prefixes to form an index multiset. The frequency of each index in the index multiset is counted to obtain the frequency of each index. The index multiset is then deduplicated to obtain the real index set and the correspondence between each real index and its frequency.

[0052] Specifically, the drone acquires a preset set of hash functions. The set contains There are hash functions, denoted as . Each hash function The input is a binary string, and the output is an integer within the index field of the counting Bloom filter, i.e., the output range is 0 to 1. The specific definitions are as described in the initialization phase: The set of hash functions is generated and published by the service provider during the system initialization phase. All drones use the same set of hash functions to ensure the consistency of the index mapping.

[0053] The UAV acquires the spatial prefix code set generated in step S1. Spatial prefix coding set It contains several binary prefixes, each prefix corresponding to a spatial coding unit of the secure region. (UAV) Each prefix in Use in sequence Mapping using hash functions yields an index set. These index values ​​are collected to form an index multiset. , as the set of write locations for the count Bloom filter, where the symbol This represents the union of multiple sets, which means that the number of times the same element appears is retained.

[0054] for All prefixes in the data, the drone merges all mapped indices into This forms the final multiset of indices. Since different prefixes may map to the same index, therefore... The same index may appear multiple times.

[0055] Drones on indexed multisets Perform statistical processing. Each index appearing in Statistics on its The total number of times it appears in the text is denoted as . After the statistics were completed, the drones... Perform deduplication to extract all unique indexes, forming the actual index set. Meanwhile, the drone saves each real index. and The correspondence between them, i.e., frequency mapping. Indicates the number of elements in the set. Indicates index In multisets Frequency of occurrence in This is the set of true indexes after deduplication.

[0056] The drone locally stores the real index set and frequency mapping to generate accurate negative update tokens during the subsequent revocation phase, ensuring consistency in dynamic maintenance. Frequency statistics processing accurately records the count value that needs to be added at each index position, avoiding the loss of count information that might occur with simple deduplication.

[0057] In one possible implementation, a hybrid index set is generated by performing privacy-preserving obfuscation processing based on the real index set. Specifically, this includes: the UAV randomly determining the number of fake indexes such that the number of fake indexes and the number of elements in the real index set satisfy a preset multiple relationship; randomly selecting multiple indices that do not overlap with the real index set within the index domain of the counting Bloom filter to construct a fake index set; and merging the real index set and the fake index set to obtain the hybrid index set.

[0058] Specifically, after the drone completes the mapping from the safe area to the real index set, it obtains the number of elements in the real index set, denoted as . The drone randomly determines a number of fake indexes. ,Should The value of is in arrive Between, that is By controlling the number of fake indexes to be within the same range as the number of real indexes, the size information and access sparsity of the real index set can be effectively masked, making it impossible for the cloud server to infer the complexity of the security zone from the number of indexes involved in each update.

[0059] The drone in the index field of the count Bloom filter random sampling These indexes constitute a set of fake indexes. During the extraction process, the drone ensures that there is no overlap between the dummy index set and the real index set, i.e. This constraint ensures that update operations on the real index will not be confused with spurious indexes, facilitating accurate synthesis and reconstruction locally afterwards.

[0060] The drone merges the real index set with the fake index set to obtain a hybrid index set. .

[0061] The hybrid index set contains both real and spoof indexes, both of similar size and indistinguishable in distribution. When generating upload tokens, every index in the hybrid set is processed, but the incremental generation rules for real and spoof indexes differ. Through this obfuscation, the cloud server, upon receiving the upload token, cannot distinguish which indexes correspond to genuine update operations and which correspond to spoof, noisy operations, thus effectively protecting the shape and spatial distribution of the security zone.

[0062] In one possible implementation, an upload token is generated based on the hybrid index set and the frequency corresponding to each real index, specifically including: the drone in a modulus of... On a finite ring, share upload tokens are generated for each of the cloud servers, specifically: for any real index in the hybrid index set, a share upload token is randomly generated based on the frequency corresponding to the real index. The share increment, making the The sum of the increments of the shares Equal to the frequency; for any spurious index in the mixed index set, randomly generated The share increment, making the The sum of the increments of the shares Equals 0; where, The number of cloud servers.

[0063] Specifically, the number of cloud servers acquired by drones The number of cloud servers is a preset integer greater than or equal to 2. That is, the number of cloud servers can be 2 or more, usually determined based on actual deployment needs and security requirements. A larger number of cloud servers reduces the risk of information leakage after a single point of attack, but it also increases communication overhead.

[0064] The drone generates share upload tokens for each cloud server. The details are as follows: For any real index The drone determines the count increment corresponding to the index:

[0065] For this real index In the modulus of finite rings Randomly generated Increase in share This satisfies the addition-shared refactoring relationship:

[0066] For any spurious index Drones are also in Randomly generated Increase in share To satisfy the zero-sum sharing relationship:

[0067] The drone will be the first Share upload token Send to the corresponding cloud server ,in ; cloud server Received the share upload token Then, for each index position indicated by the upload token Perform element-wise modulo-add update, specifically as follows:

[0068] As a preferred implementation method, the number of cloud servers is taken. That is, using dual cloud servers and In a dual-cloud secret shared storage structure, at this point: For the real index Randomly select Specifically:

[0069] For fake indexes Random selection Specifically:

[0070] Send to respectively , Then, perform the share-level module update as described above.

[0071] In this embodiment, by splitting the frequency of the real index into multiple random shares that satisfy an additive sharing relationship, and setting the share increment of the fake index to zero, it is ensured that the real update information is distributed to multiple cloud servers. No single cloud server can infer the real frequency information from the share increment. At the same time, the zero-sum characteristic of the fake index ensures that the fake update will not affect the global count.

[0072] In one possible implementation, the location to be detected is processed by position encoding to obtain a set of position prefixes, specifically including: quantizing the location to be detected into integer coordinates, performing bit interleaving operation on the integer coordinates to obtain a Z-order encoding value; and, based on the octree level depth, truncating from the high bit of the Z-order encoding value according to a preset number of bits per level to obtain spatial prefixes of the location to be detected at different levels, thus forming the set of position prefixes.

[0073] In detail, the drone will locate the three-dimensional position points. Quantified as Bit integer coordinates ,in:

[0074] Perform bit interleaving on the quantized integer coordinates to map the 3D coordinates to Z-order encoded values. The details are as follows:

[0075] Based on the octree level depth, from Starting from the high-order bits, truncate them into groups of 3 bits each to obtain the position. Sets of positional prefixes at different levels:

[0076] in, This indicates taking the first part of the corresponding Z-order encoded value. The bit is the th bit as the ... Layer prefix.

[0077] This set of location prefixes reflects the representation of the location to be detected at different spatial scales. Shorter hierarchical prefixes correspond to coarser-grained spatial ranges, while longer hierarchical prefixes correspond to finer-grained spatial ranges. By querying spatial prefixes at multiple levels simultaneously, both detection accuracy and efficiency can be balanced in proximity detection. This allows for the rapid location of potentially risky coarse-grained regions while accurately determining whether a collision has occurred at a fine-grained level.

[0078] In one possible implementation, multiple hash mapping and deduplication are performed on each position prefix in the position prefix set to obtain a true detection index set, and a prefix-index mapping relationship is established. Specifically, this includes: the UAV acquiring a preset set of hash functions, the hash function set containing... A hash function; for each position prefix in the set of position prefixes, respectively, through the hash function... Mapping using hash functions yields... Each index is used to assign a prefix to its corresponding index. The correspondence between the indexes is stored as the prefix-index mapping relationship; after summing the indexes obtained by mapping all positions using prefixes, deduplication is performed to obtain the set of real detection indexes.

[0079] Specifically, for the set of position prefix codes any prefix in Through a set of hash functions Mapping yields an index set Then, the sets of indexes corresponding to all prefixes are aggregated and deduplicated to obtain the actual detection index set. The details are as follows:

[0080] Location prefix encoding set any prefix in Record its prefix-index mapping and write it. The details are as follows:

[0081] Through mapping table This can transform spatial prefix hits into a consistency determination problem where the corresponding multi-hash index counts are simultaneously non-zero, thereby enabling local filtering and hit determination under a confused query set.

[0082] Through the processing described in this embodiment, the UAV simultaneously obtains both the true detection index set and the prefix-index mapping relationship. The true detection index set is used to generate detection tokens and send them to the cloud server for querying, while the prefix-index mapping relationship is used for local consistency verification after receiving the share response value. The combined use of these two allows the UAV to accurately filter out detection results relevant to its own location from the obfuscated query set.

[0083] In one possible implementation, a detection token is generated by performing privacy-preserving obfuscation processing based on the real detection index set. Specifically, this includes: the drone randomly determining the number of fake indexes such that the number of fake indexes and the number of elements in the real detection index set satisfy a preset multiple relationship; randomly selecting multiple indices that do not overlap with the real detection index set within the index domain of the counting Bloom filter to construct a fake detection index set; and merging the real detection index set and the fake detection index set to obtain the detection token.

[0084] Specifically, the drone randomly determines the number of fake indexes. To satisfy:

[0085] Drones in the index domain Randomly select a set of fake indexes And satisfy the condition that it does not overlap with the actual index set:

[0086] The drone merges the fake index set into the real index set and obtains the detection token:

[0087] The drone will detect the token. Send them separately to a set of independent cloud servers. Each cloud server in the network, each cloud server based on the received In its local share count Bloom filter Execute the query and return the query result mapping. For any cloud server For each index Returns the corresponding share value:

[0088] The cloud server maps the results. The returned data, obfuscated by fake detection indexes, reduces the risk of a single cloud server inferring the drone's real-time location and trajectory from a set of query access locations. In other words, because the detection token contains numerous fake indexes, the cloud server cannot distinguish which indexes correspond to queries about the drone's actual location and which are randomly generated noise, thus effectively protecting the drone's real-time location privacy and trajectory characteristics.

[0089] In one possible implementation, the share response value is synthesized and reconstructed to obtain the reconstruction count of each index, specifically including: the number of cloud servers acquired by the drone. For each index in the detection token, the drone obtains information from... A cloud server Each share of the response value, will be the Individual share response value at modulus of The reconstruction count of the index is obtained by summing the results over a finite ring.

[0090] Specifically, the drone receives data from a collection of independent cloud servers. Mapping of returned query results ,in Indicates cloud server Bloom filters in their local share count The above index The query returns share values, and each share value is defined in the module domain. Above, the drone performs a search on each queried index. Execution Module The synthesis and reconstruction yielded the following reconstruction results:

[0091] cloud server quantity At that time, the synthesis and reconstruction are specifically as follows:

[0092] Since the share count Bloom filters stored on each cloud server are obtained by splitting the same original count Bloom filter through additive secret sharing, and the share upload tokens also strictly follow the additive sharing relationship during updates, therefore this The sum of individual share values ​​modulo This is exactly equal to the global count at that index position in the original count Bloom filter. Through synthetic reconstruction, the UAV recovers the true index count in the global count Bloom filter.

[0093] In one possible implementation, consistency verification of each position prefix is ​​performed based on the prefix-index mapping relationship, specifically including: for any position prefix, obtaining the set of indices corresponding to the position prefix in the prefix-index mapping relationship; traversing each index in the index set, if any index has a reconstruction count of 0, then the position prefix verification is determined to fail; if the reconstruction counts corresponding to all indices in the index set are not 0, then the position prefix verification is determined to pass.

[0094] In detail, the drone is based on a prefix-index mapping table. (i.e., for any prefix) , ), for each prefix Perform a hit consistency check, specifically as follows: initialization Iterate through the set of indices corresponding to the prefix. If there exists any index that satisfies:

[0095] Then let And terminate the verification of that prefix, otherwise when All indexes in the middle satisfy At that time, keep ; If at least one prefix exists Make If the drone determines that a potential neighbor hit (or collision risk hit) has occurred, it outputs a hit conclusion. Through the consistency verification mechanism, it can filter the real relevant indexes in the confused query set by relying only on the local mapping relationship.

[0096] Through this consistency verification mechanism, drones can filter out truly relevant indexes in the confused query set by relying only on the prefix-index mapping relationship stored locally, avoiding the interference of noise introduced by false indexes on the detection results, thereby improving the reliability and noise resistance of the detection judgment.

[0097] In one possible implementation, the UAV privacy-preserving proximity detection method further includes a safe area revocation step: the UAV acquires a set of real indices and a frequency mapping corresponding to the safe area to be revoked; performs privacy-preserving obfuscation processing on the set of real indices corresponding to the safe area to be revoked to generate a hybrid revocation index set; generates a negative update token based on the hybrid revocation index set and the frequency corresponding to each real index; and sends the negative update token to each of the cloud servers, so that each of the cloud servers performs a share-level reduction update on each index position indicated by the negative update token on the share count Bloom filter.

[0098] In detail, when a drone flies away from a certain area and the old security domain corresponding to that area needs to be revoked, the drone obtains the real index set corresponding to the security area to be revoked. And frequency mappings. This information is already stored locally by the drone when the security zone is initially uploaded. The drone uses the retained index frequency mappings and the set of real indices as the basis for revocation. When it is necessary to revoke an old security zone, the drone generates a corresponding negative update token for each real index according to its frequency through privacy obfuscation.

[0099] Negative update token generation, specifically: The drone randomly determines the number of fake indexes based on the retained set of real indexes. To satisfy:

[0100] in The number of elements in the reserved set of real indices; The drone in the index field of the count Bloom filter random sampling A set of indexes is used to construct a fake index set. And it satisfies the constraint that it does not overlap with the actual index set, as follows:

[0101] The drone merges the real index set with the fake index set to obtain a hybrid index set, as follows:

[0102] By introducing spurious indexes during the revocation phase, the revocation access pattern can be obfuscated, preventing the cloud from inferring the old security domain boundaries and historical trajectories from the set of revocation locations.

[0103] The drone uses a preserved index frequency mapping to target the real index set corresponding to the old security domain to be revoked. For any real index Read its frequency count Specifically:

[0104] Furthermore, in a modulus of finite rings Randomly generated Increase in share This satisfies the addition-shared refactoring relationship:

[0105] Specifically, this ensures that the undoing of updates to the real index is equivalent to the precise offsetting of write contributions after synthetic reconstruction, thus ensuring dynamic maintenance of consistency. Furthermore, for any spurious index Drones are also in Randomly generated Increase in share To satisfy the zero-sum sharing relationship:

[0106] Furthermore, drones will... Share token Send to the corresponding cloud server ,in ; When the number of cloud servers is taken The negative update token generation specifically involves: For the real index Random selection Specifically:

[0107] For fake indexes Random selection Specifically:

[0108] After receiving the negative update token, each cloud server performs a share-level reduction update on the local share count Bloom filter according to the index position and share update amount indicated by the token, thereby realizing the revocation of the historical contributions of the old security domain.

[0109] In this embodiment, the share-level reduction update is specifically as follows: cloud server Received the share token Then, for each index position indicated by the token Perform element-wise modulo-add update, specifically as follows:

[0110] Through the negative update token mechanism, drones can precisely revert previously written secure areas while maintaining the same level of privacy protection. During the revocation process, the cloud only performs share-level updates and does not possess a global count or the actual revocation set, ensuring the same level of privacy protection as the writing phase. This allows the system to support dynamic maintenance in scenarios where drones are continuously moving.

[0111] This invention employs a multi-cloud secret sharing mechanism to store the count Bloom filter. The service provider splits the count Bloom filter into multiple shares through additive secret sharing, storing them separately on multiple independent cloud servers. When a drone uploads to a secure area, it generates share increments that satisfy the additive sharing relationship for the real index, thus distributing the real count information across multiple cloud servers. A single cloud server only holds share information and cannot recover the global count and spatial distribution. Even if a cloud server is compromised, the attacker cannot obtain any meaningful spatial location information from it, significantly improving the resistance to single-point attacks.

[0112] This invention incorporates privacy-preserving obfuscation processing in all three stages: secure zone upload, proximity detection query, and secure zone revocation. The drone randomly generates a similar number of fake indexes based on the real index set, constructing a hybrid index set. During the upload and revocation stages, share increments satisfying a zero-sum sharing relationship are generated for the fake indexes; during the detection stage, the detection token contains the fake indexes. Through this design, the update and query operations observed by the cloud server contain a large amount of noise unrelated to real data, making it impossible to distinguish between real and fake access locations. It also makes it difficult to infer the drone's flight path, operating area, and proximity relationships from the scale, distribution, and repetition characteristics of the access patterns, effectively resisting side-channel attacks based on access patterns.

[0113] This invention distributes the core computational load of proximity detection to both a cloud server and the local drone. The cloud server only needs to perform a share-level query on the index in the detection token and return the share value, without involving complex encryption operations or ciphertext interaction; the drone completes the synthesis, reconstruction, and consistency verification of the share response value locally. Throughout the entire detection process, the cloud server and the drone only communicate in a single round. Because the query overhead of the counting Bloom filter is related to the number of hash functions and the size of the prefix set, but not to the total number of drones in the entire fleet, this scheme can maintain stable detection latency even in high-density fleet scenarios, meeting the millisecond to second-level real-time response requirements for collision warning.

[0114] This invention compresses secure regions using spatial prefix encoding. Representing a secure region as a set of three-dimensional grid points, Z-order encoding and prefix merging compression transform arbitrarily shaped three-dimensional secure regions into smaller sets of spatial prefix codes. This encoding method exhibits good adaptability to complex-shaped secure regions, significantly reducing the number of indexes required for subsequent hash mapping and cloud processing while maintaining coverage semantics, thus lowering the communication overhead of drones and the computational load on cloud servers. Furthermore, when drone movement causes frequent changes in secure regions, a negative update token mechanism allows for precise revocation of old secure regions and continuous maintenance of new secure regions, ensuring system availability and data consistency in dynamic environments.

[0115] This invention employs a local decision-making mechanism that combines synthetic reconstruction with consistency verification. The drone modulo-adds the share response values ​​from multiple cloud servers to reconstruct the global count of each index in the original count Bloom filter. Based on this, the prefix-index mapping relationship stored locally is used to traverse and verify all hash indices corresponding to each position prefix. A hit is only determined when the reconstruction counts corresponding to all indices are non-zero. This verification method effectively filters out false alarms that may be introduced by hash collisions, accurately selecting truly relevant detection results from the confused query set, thus improving the reliability of proximity detection.

[0116] This invention provides a drone privacy-protecting proximity detection device, comprising: The spatial encoding module is used by the UAV to acquire the current safe area, perform spatial prefix encoding on the safe area to obtain a spatial prefix encoding set, and perform multi-hash mapping and frequency statistics processing on each spatial prefix in the spatial prefix encoding set to obtain a real index set and the corresponding frequency mapping.

[0117] An upload token generation module is used by the UAV to generate a hybrid index set by performing privacy-preserving obfuscation processing on the real index set, generate an upload token based on the hybrid index set and the frequency corresponding to each real index, and send the upload token to multiple independent cloud servers, so that each cloud server performs a share-level update on each index position indicated by the upload token on a share-count Bloom filter stored locally.

[0118] The location encoding module is used for the UAV to acquire the location to be detected, perform location encoding processing on the location to be detected to obtain a set of location prefixes, perform multi-hash mapping and deduplication processing on each location prefix in the set of location prefixes to obtain a set of real detection indexes, and establish a prefix-index mapping relationship. The detection token generation module is used by the UAV to generate a detection token by performing privacy protection obfuscation processing based on the real detection index set, and to send the detection token to each of the cloud servers respectively, so that each of the cloud servers performs a query on the share count Bloom filter for each index position indicated by the detection token and returns the corresponding share response value; The consistency verification module is used to receive the share response values ​​returned by each of the cloud servers from the UAV, perform synthesis and reconstruction processing on the share response values ​​to obtain the reconstruction count of each index, and perform consistency verification on each of the position prefixes based on the prefix-index mapping relationship. If any of the position prefixes passes the verification, it is determined that a neighbor hit has occurred.

[0119] All relevant content regarding the steps involved in the aforementioned embodiments of the UAV privacy-preserving proximity detection method can be referenced from the functional descriptions of the corresponding functional modules of the UAV privacy-preserving proximity detection device in the embodiments of this invention, and will not be repeated here. The module division in the embodiments of this invention is illustrative and is merely a logical functional division; in actual implementation, there may be other division methods. Furthermore, the functional modules in the various embodiments of this invention can be integrated into a processor, exist as separate physical entities, or have two or more modules integrated into one module. The integrated modules described above can be implemented in hardware or as software functional modules.

[0120] In another embodiment of the present invention, a computer device is provided, comprising a processor and a memory. The memory stores a computer program, which includes program instructions. The processor executes the program instructions stored in the computer storage medium. The processor may be a Central Processing Unit (CPU), or other general-purpose processors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. It is the computing and control core of the terminal, suitable for implementing one or more instructions, specifically suitable for loading and executing one or more instructions in the computer storage medium to achieve a corresponding method flow or corresponding function. The processor described in this embodiment of the present invention can be used for the operation of a proximity detection method for UAV privacy protection.

[0121] In another embodiment of the present invention, a storage medium is provided, specifically a computer-readable storage medium (Memory), which is a memory device in a computer device used to store programs and data. It is understood that the computer-readable storage medium here can include both the built-in storage medium in the computer device and extended storage media supported by the computer device. The computer-readable storage medium provides storage space that stores the terminal's operating system. Furthermore, the storage space also stores one or more instructions suitable for loading and execution by a processor. These instructions can be one or more computer programs (including program code). It should be noted that the computer-readable storage medium here can be Random Access Memory (RAM) or non-volatile memory, such as at least one disk storage device. The processor can load and execute one or more instructions stored in the computer-readable storage medium to implement the corresponding steps of the UAV privacy protection proximity detection method in the above embodiments.

[0122] Those skilled in the art will understand that embodiments of the present invention can be provided as methods, systems, or computer program products. Therefore, the present invention can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention can take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, etc.) containing computer-usable program code.

[0123] This invention is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart illustrations and / or block diagrams. Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0124] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0125] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.

[0126] This invention also provides a computer program product for executing any of the above-described UAV privacy-preserving proximity detection methods. Since the computer program product provided by this invention belongs to the same inventive concept as the UAV privacy-preserving proximity detection method described above, it possesses all the advantages of the aforementioned method. Therefore, the beneficial effects of the computer program product provided by this invention will not be elaborated upon here.

[0127] In this invention, the terms "one embodiment," "some embodiments," "example," "specific example," or "some examples," etc., refer to a specific feature, structure, material, or characteristic described in connection with that embodiment or example, which is included in at least one embodiment or example of the invention. In this specification, the illustrative expressions of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in one or more embodiments or examples. Moreover, without contradiction, those skilled in the art can combine and integrate the different embodiments or examples described in this specification, as well as the features of different embodiments or examples.

[0128] Finally, it should be noted that the above-described embodiments are merely specific implementations of the present invention, used to illustrate the technical solutions of the present invention, and not to limit them. The scope of protection of the present invention is not limited thereto. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that any person skilled in the art can still modify or easily conceive of changes to the technical solutions described in the foregoing embodiments within the scope of the technology disclosed in the present invention, or make equivalent substitutions for some of the technical features; and these modifications, changes, or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention, and should all be covered within the scope of protection of the present invention.

Claims

1. A method for proximity detection to protect the privacy of unmanned aerial vehicles (UAVs), characterized in that, include: The drone acquires the current safe area, performs spatial prefix encoding on the safe area to obtain a spatial prefix encoding set, and performs multi-hash mapping and frequency statistics processing on each spatial prefix in the spatial prefix encoding set to obtain a real index set and the corresponding frequency mapping; The drone generates a hybrid index set by performing privacy-preserving obfuscation processing on the real index set, generates an upload token based on the hybrid index set and the frequency corresponding to each real index, and sends the upload token to multiple independent cloud servers, so that each cloud server performs a share-level update on each index position indicated by the upload token on the share count Bloom filter stored locally. The drone acquires the location to be detected, performs location encoding on the location to be detected to obtain a set of location prefixes, performs multi-hash mapping and deduplication on each location prefix in the set of location prefixes to obtain a set of real detection indexes, and establishes a prefix-index mapping relationship. The drone generates a detection token by performing privacy-preserving obfuscation processing based on the real detection index set, and sends the detection token to each of the cloud servers respectively, so that each cloud server performs a query on the share count Bloom filter for each index position indicated by the detection token and returns the corresponding share response value; The drone receives the share response values ​​returned by each of the cloud servers, performs a synthesis and reconstruction process on the share response values ​​to obtain the reconstruction count of each index, and performs a consistency check on each of the position prefixes based on the prefix-index mapping relationship. If any of the position prefixes passes the check, it is determined that a neighbor hit has occurred.

2. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, The process of performing spatial prefix coding on the secure region to obtain a spatial prefix coding set specifically includes: The UAV operating space is discretized in three dimensions to construct a three-dimensional grid coordinate system. The safe area is represented as a set of grid points, and each grid point is mapped to the corresponding Z-order code value to obtain the Z-order code set. The Z-order encoding set is regarded as the set of leaf nodes on the prefix tree. The leaf nodes that meet the merging conditions are subjected to bottom-up prefix merging and compression to obtain the spatial prefix encoding set covering the security area.

3. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, The step of performing position encoding processing on the location to be detected to obtain a set of position prefixes specifically includes: The position to be detected is quantized into integer coordinates, and bit interleaving is performed on the integer coordinates to obtain the Z-order encoded value; Based on the octree level depth, starting from the high-order bits of the Z-order encoding value, a preset number of bits are extracted at each level to obtain the spatial prefixes of the position to be detected at different levels, thus forming the position prefix set.

4. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, The step of generating a hybrid index set by performing privacy-preserving obfuscation processing based on the real index set specifically includes: The drone randomly determines the number of false indexes, such that the number of false indexes and the number of elements in the real index set satisfy a preset multiple relationship; A fake index set is constructed by randomly selecting multiple indices that do not overlap with the real index set within the index domain of the counting Bloom filter. The real index set and the fake index set are merged to obtain the hybrid index set.

5. The drone privacy-preserving proximity detection method according to claim 4, characterized in that, The step of generating an upload token based on the hybrid index set and the frequency corresponding to each real index specifically includes: The drone has a module of On the finite ring, share upload tokens are generated for each of the cloud servers, specifically as follows: For any real index in the hybrid index set, a random index is generated based on the frequency corresponding to the real index. The share increment, making the The sum of the increments of the shares Equal to the frequency; For any spurious index in the hybrid index set, a random index is generated. The share increment, making the The sum of the increments of the shares Equals 0; in, The number of cloud servers.

6. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, The consistency check of each position prefix based on the prefix-index mapping relationship specifically includes: For any of the position prefixes, obtain the set of indices corresponding to that position prefix in the prefix-index mapping relationship; Traverse each index in the index set. If there is any index whose reconstruction count is 0, then the prefix verification at that position is determined to be unsuccessful. If the reconstruction count for all indexes in the index set is not 0, then the prefix check at that position is considered to have passed.

7. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, It also includes the safe zone removal procedure: The drone acquires the real index set and frequency mapping corresponding to the security area to be revoked, and performs privacy protection obfuscation processing based on the real index set corresponding to the security area to be revoked to generate a hybrid revocation index set. Based on the hybrid revocation index set and the frequency corresponding to each real index, a negative update token is generated, and the negative update token is sent to each of the cloud servers, so that each cloud server performs a share-level reduction update on each index position indicated by the negative update token on the share count Bloom filter.

8. The drone privacy-preserving proximity detection method according to claim 1, characterized in that, The process of synthesizing and reconstructing the share response values ​​to obtain the reconstruction counts of each index specifically includes: The number of cloud servers obtained by the drone ; For each index in the detection token, the drone obtains information from... A cloud server Each share of the response value, will be the Individual share response value at modulus of The reconstruction count of the index is obtained by summing the results over a finite ring.

9. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the computer program, it implements the drone privacy-preserving proximity detection method as described in any one of claims 1 to 8.

10. A computer-readable storage medium storing a computer program, characterized in that, When the computer program is executed by the processor, it implements the drone privacy-preserving proximity detection method as described in any one of claims 1 to 8.

Images