short essay
Big data security and privacy protection
Keywords: data security privacy cryptography
Abstract:
This paper describes the challenges and opportunities of network security lessons learned by the Big Data, Big Data Strategies brings network security and user privacy and network security and user privacy issues brought about big data. In addition, the course also describes some knowledge about cryptography, I refer to the online lecture notes and knowledge are summarized.
Overview:
This paper describes the first part of the first large analysis of data mining value and opportunity, with reference to the large data security and challenge the status quo. Also in the second section describes the characteristics of big data and network security and user privacy issues formed. Section III lists the various types of countermeasures based on the method of big data, and the data for the future development of large made. In the second part, the complaint about the basic concepts and requirements of cryptography. The second part of the second complaint about the development and characteristics of classical cryptography, while also complaint about the incident on behalf of and direction of modern cryptography. Section complaint about the four types of cryptanalysis attacks and argued that the complexity of cryptographic algorithms and security standards attack. The last part, the focus of complaint about the DH key exchange protocol and RSA algorithms.
The first part of the
first
large analysis of data mining value is unknown practice can be predicted and analyzed by law of large numbers in probability theory referred to. With the rapid development of technology, the rapid growth of non-linear data, while giving large data led to the development of strategic opportunities. Among them, 2015 is the peak period of the development of big data, the state announced a strategic behavior of large data development. Because big data represent the direction of advanced productive forces, it has become an irresistible trend. But the current situation is not very good big data security, many hackers access to government, corporate and personal data privacy through a variety of means, there are many big or small the issue of privacy in recent years.
With mobile Internet, the development of cloud services, network perimeter is dead, security measures traditional defensive, detection type has been inadequate, and ushered in the big data security challenges. At present the main difficulty is that it is difficult to apply for access to users in an efficient way and difficult to detect and control the behavior of developers.
Section
This section describes the network security and user privacy issues brought about big data. ① Due to the large data relying on non-relational databases lack of data security, data dispersed state of the enterprise is difficult to locate and protect all confidential data. ② criminals use social engineering to carry out fraud. Social engineering attacks mainly through psychological weakness, human instinct reflects the characteristics of curiosity, trust and greed, deception designed to trap the victims, damage, theft, interests seek. The technology is not technical, low cost and high efficiency. Its main method steps are:
1) to inject malicious hackers the URL of
2) user access to relatively good reputation Site
3) the user is relocated to a malicious Web site
4) a malicious site to inject malicious software with the user system and browser vulnerabilities
5 ) malicious software is automatically downloaded and installed
6) malicious software to send private information to the hacker victims
③ software there may be reserved for the production of process listening back door. Backdoor is the soft underbelly of big data security, software needs to have self-control of information security testing program to detect software backdoor reserved listener. ④ large data file security is a very important part of security. File is the core data processing and run it often contains a lot of departments or individuals sensitive information. However, because modern operating system is too large, there is inevitably a security vulnerability, which itself is difficult to guarantee the security of all, not to mention privacy inside the operating system files. ⑤ large data storage security problem. Because the non-linear growth of data concurrently running multiple applications and has frequently disorderly usage, data categories may be classified error, which resulted in confusion data storage management, resulting in a sub-standard for information security management. ⑥ search large data security challenges and problems. Among them, including the size of the pan is not visible in the search entity Things security and privacy protection package, inverted index table data privacy, control access to private data security, remote security database search protocol. ⑦ find technical challenges of large data-based threats. The main discovery technology to discover potentially dangerous situation by collecting data, but because of the large collection of data is difficult to achieve due to lack of comprehensive and big data analysis capabilities, it will affect the accuracy of the results of the analysis. ⑧ difficult to deal with high-level sustainable attacks big data challenges brought about. Because the value of the low density of large data, hacker attacks can be hidden in large data, analyze it very difficult to manufacture security service provider. ⑨ because applications and databases are deployed in a non-fully trusted third-party service provider side, the cloud environment, data security and privacy protection is difficult to achieve. ⑩ large data analysis and forecasting challenges of privacy, because the analysis and prediction of large data undoubtedly caused a person's privacy against a certain degree. Can not be a hundred percent harmonious development between ○ 11 security, privacy and convenience to absolute security and privacy can not be more convenient occur. ○ 12 security guarantees when large data sharing, can guarantee privacy on a shared channel safe from abuse? ○ 13 big data access problems the default role more difficult, so it is not well known for large amounts of data and users, conducted on behalf of the scenes role, the big data analysis more difficult. ○ 14 large credibility is difficult to guarantee data, data falsified data network, for example, the sensor collected. ○ 15 application security challenges large data traceability technology and so on.
Section
This section describes countermeasures big data brings network security and user privacy issues.
Currently based big data more fire several applications are based on the threat of big data discovery technology, big data-based authentication technology, based on the data analysis of large data authenticity. Which, based on the threat of big data discovery technology requirements are:
the scope of analysis ① ② content greater analysis of the content of a longer time span
③ ④ predictive detection of unknown threats against the threat of attack
and authentication technology based on the characteristics of big data has :
① difficult for attackers to simulate user behavior characteristics to pass certification, and therefore more secure
② reduce the burden on the user, collecting, storing and analyzing user behavior and behavioral characteristics of the device data is completed by the authentication system
③ can better support unified authentication mechanism of each system, the entire network space to adopt
Finally, based on the data analysis of large data authenticity is widely regarded as the most effective methods of data analysis. Because
① the introduction of big data analysis can achieve higher recognition accuracy ② can find spam more new features
but the technology still faces some difficulties, such as building model definition and analysis of false information.
Some countermeasures for future large data security and privacy protection:
① assessment study large data infrastructure security capabilities and enhanced security technologies in big data framework
② self-control to promote information security, to promote "trusted computing", that is, white instead blacklist list control
③ around security and privacy issues outstanding big data, data security management system to build the whole life cycle
④ risk adaptive access control
based password authentication, anti-power, risk control in big data environment, development ⑤ , integrated circuit design and other safety information security technology
⑥ legislation to protect large data
The second part
first
to introduce the basic concepts of cryptography: sender, receiver, message, encrypted, plaintext and ciphertext and the like. Sender and receiver can look as mailers and recipients, the envelope is a message content, while the envelope is called the encryption, the ciphertext becomes plaintext message encrypted message. Cryptographic algorithm, also known as the password that is used to encrypt and decrypt mathematical functions, cryptographic algorithm and system consists of all possible plaintext, ciphertext and key components. The basic requirements of modern information security are:
① confidentiality Confidentiality of Information: prevent information leakage to unauthorized people
integrity Integrity ② information: information to prevent unauthorized tampering
③ certification of Authentication: ensure the correct transmission of information from who
④ repudiation Non-repudiation: to ensure that the sender can not deny that they have sent a message
Section
classical cryptography has replaced a password (scramble) and substitution cipher (replacement), after also appeared to prevent the crack method: More than homonyms or replace passwords (mapped to-many), and more letters instead of the password (each alphabet substitution on the N hidden letters or homogenized natural frequency, resistance for frequency analysis), multi-table instead of the password (the plaintext into a plurality of parts, there are a number of substitution table, according to the sequence sequentially replacing substituting In other sequence).
Classical cryptography features:
1) low computational intensity
2) occurs before DES (Digital Encryption Standard, private systems are widely applied)
Security 3) based on data secrecy algorithm
4) to the main encryption target alphabet
5) substitutions, and alterations technology
6) cryptanalysis based on the frequency characteristics of letters and letter combinations and plain text readability
Modern cryptography Three events: ① 1976 Nian Diffie and Hellman proposed the idea of public key cryptography system
② the US National Bureau of Standards adopted in 1977, the Data Encryption Standard DES ③ 1978 Year a public key algorithm RSA algorithm
modern cryptography there are three main direction: a private key password (symmetric cryptography), public key cryptography (asymmetric cryptography), security protocol.
Symmetric key encryption algorithms are able to predict the decryption key out, and vice versa. Symmetric algorithms can be divided into two categories: the sequence (corresponding to a single bit) algorithm grouping algorithm (a set of bits corresponding to). Asymmetric algorithms (public key): used as an encryption key different from the key used to decrypt. Wherein the encryption key is called the public key, the decryption key is called the private key. Zero-knowledge protocol security protocol and multi-joint settlement agreement.
Section
This section discusses cryptanalysis. Cryptanalysis is, without knowing the key to restore the plaintext science.
Cryptanalysis attacks can be divided into four categories (plaintext, ciphertext, key threats) (assuming that each type cryptanalyst can know the full knowledge of the encryption algorithm):
a)
① ciphertext-only attack: know the ciphertext thrust reversers plaintext and the key.
② chosen ciphertext attacks: selecting different encrypted ciphertext and plaintext can track the corresponding decryption.
Two)
① known-plaintext attack: Some known plaintext and ciphertext, the encryption algorithm can be deduced, for any use of the algorithm to decrypt ciphertext.
② chosen-plaintext attack: know some of the same message ciphertext and plaintext can also select the message to encrypt, the algorithm and the key may be derived.
③ adaptive chosen-plaintext attack: select special circumstances plaintext attack, you can fix this encryption selected based on previous results.
C) Select the key attack: The cryptanalyst has knowledge about the relationship between different keys.
D) Ruanmoyingpao attack: through threats, blackmail, torture someone and get the key.
Standard cryptographic algorithms grade security:
1) All decipher: cryptanalyst find key
2) to derive overall: cryptanalyst find a replacement algorithm, in case I do not know the key to launch the relationship between the ciphertext and plaintext
3) examples of derivation : cryptanalyst intercepts find the plaintext from the ciphertext
4) information is derived: cryptanalyst to get some information about the key and plaintext
Standard measure of the complexity of the attack:
1) complexity of the data: the amount of data needed to attack the input
2) processing complexity: the attack time is required to complete
3) storage requirements: storing an amount required to attack
a third section
introduces the DH key exchange protocol and RSA algorithms.
DH key exchange protocol is mainly to solve the problem of key distribution is the beginning of a public key cryptography, and its security is based on the calculation of the intractability of Diffie-Hellman problem (given tuple (g, g of a time square, g, b th), g is calculated power ab difficult).
RSA algorithm is the first public-key cryptographic algorithm, and the first digital signature algorithm, with the same state of multiplication.
Conclusion In
this course, I have a certain understanding of big data security and privacy protection of the status quo and methods, but also learned some fur rough knowledge of cryptography, learned DH key exchange protocol and RSA algorithms.
