CN117634501B - A computer file confidentiality checking method and system - Google Patents

Abstract

The invention relates to the technical field of code security measures, in particular to a computer file confidentiality checking method and system, comprising the following steps: based on deep learning, a transformer algorithm and a convolutional neural network are adopted to conduct deep semantic analysis and key feature extraction on text and image content, and feature data integration is conducted to generate text and image feature data. According to the invention, through deep learning, a converter algorithm and an image processing technology, deep semantic analysis and key feature extraction of texts and images are realized, the accuracy of judging secret information in the files is improved by combining natural language processing and an image recognition algorithm, the false alarm rate and the missing rate are reduced, an anti-network simulation mechanism is generated, the early warning capability of potential security holes and attack behaviors of the system is enhanced, the monitoring and prevention effects of data leakage are improved by a data flow analysis method, the file integrity verification is carried out by combining a blockchain technology, and the file security and the non-tamper modification are increased.

Description

A computer file confidentiality checking method and system

Technical Field

The present invention relates to the technical field of code security measures, and in particular to a computer file confidentiality checking method and system.

Background technique

The field of code security measures technology is an important branch of information security, focusing on ensuring the security of software, applications, and computer systems. It covers a range of measures and technologies to prevent potential threat actors (including hackers, malware, internal threats, etc.) from gaining unauthorized access, information, or control from code, applications, or systems. This field covers multiple aspects, including authentication, authorization, encryption, vulnerability analysis, auditing, code analysis, and file confidentiality.

Computer file confidentiality inspection methods are part of the field of code security measures technology. They are a set of techniques and procedures used to inspect and protect computer files, including application source code, configuration files, data files, etc. The main task of these methods is to ensure that these files are not accessed, viewed, copied or modified by unauthorized users or systems. Its purpose includes protecting risk information, intellectual property, reducing legal and business risks, and ensuring compliance. These methods achieve their effects by implementing access control, code auditing, encryption, secure development practices, and monitoring alerts, thereby ensuring the confidentiality of computer files, reducing potential threats and risks, and protecting information security and compliance. This is particularly important in today's context of increasing cyber threats and regulatory requirements.

Most of the existing computer file confidentiality inspection methods are based on traditional text and image analysis technologies, which are often limited in extracting complex and deep semantic information, resulting in large false positives or omissions in the determination of confidential information. At the same time, many methods are not combined with generative adversarial networks to simulate system vulnerabilities, making the identification and response to potential threats not fast enough. In addition, data flow analysis is still at a relatively early stage in many existing methods, and there is no comprehensive monitoring of the entire chain of data flow, which increases the risk of data leakage. File integrity verification usually does not use distributed technologies such as blockchain, which is vulnerable to threats from centralized servers, reducing the reliability of integrity verification.

Summary of the invention

The purpose of the present invention is to solve the shortcomings in the prior art and to propose a computer file confidentiality checking method and system.

In order to achieve the above object, the present invention adopts the following technical solution: a computer file confidentiality checking method, comprising the following steps:

S1: Based on deep learning, it uses transformer algorithm and convolutional neural network to perform deep semantic analysis and key feature extraction on text and image content, integrate feature data, and generate text and image feature data;

S2: Based on the text and image feature data, natural language processing technology and image recognition algorithm are used to determine the confidential information of the text and images in the file, and classification processing is performed to generate a confidential information report;

S3: Based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the early warning mechanism of the system, and integrate vulnerability data to generate security vulnerability simulation data;

S4: Based on the security vulnerability simulation data, a data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, and integrate data flows to generate a data flow analysis report;

S5: Based on the original data of the file, the SHA-256 hash algorithm is used to perform integrity verification on the file, and the hash value is compared with the hash value stored on the blockchain to determine the integrity of the file and generate an integrity verification record;

S6: Based on the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set to generate access control and encryption policies;

The transformer algorithm is specifically a BERT and GPT series model, which is used for semantic understanding of text content. The convolutional neural network is used to extract key features from images. The natural language processing technology is used to identify text-based confidential information including private API keys and passwords. The image recognition algorithm is used to identify confidential content in images. The data flow analysis algorithm is specifically used to track the flow and storage path of confidential data in the system and identify attempts at illegal access or tampering. The dynamic encryption technology includes AES to encrypt files and uses RSA to manage AES keys.

As a further solution of the present invention, based on deep learning, a transformer algorithm and a convolutional neural network are used to perform deep semantic analysis and key feature extraction on text and image content, and feature data integration. The steps of generating text and image feature data are specifically as follows:

S101: Based on the deep learning framework, the transformer algorithm is used to perform preliminary text processing, convert it into an intermediate vector representation, and perform feature extraction to generate a text intermediate vector;

S102: Based on the text intermediate vector, a BERT model is used for deep learning training to extract deep semantic features of the text and generate a text deep feature vector;

S103: using a convolutional neural network to extract primary features of the image content, converting the image into a preliminary feature matrix, and generating a primary feature matrix of the image;

S104: Based on the text deep feature vector and the image primary feature matrix, an autoencoder is used to perform feature fusion, integrate key features of the text and the image, and generate text and image feature data;

The text intermediate vector is specifically a vectorized expression of the text content, the text deep feature vector specifically refers to the deep learning feature representation of the original text, the image primary feature matrix is specifically a feature representation of the image content, and the text and image feature data includes a fused feature vector representation of the text and image.

As a further solution of the present invention, based on the text and image feature data, natural language processing technology and image recognition algorithm are used to determine the confidential information of the text and images in the file, and classify them, and the steps of generating a confidential information report are specifically as follows:

S201: Based on the text and image feature data, natural language processing technology is used to mark potential risk information in the text content to generate a preliminary text confidentiality report;

S202: Based on the text and image feature data, an image recognition algorithm is used to mark potential risk information in the image content, and a preliminary image confidentiality report is generated;

S203: Based on the text confidentiality preliminary report and the image confidentiality preliminary report, a clustering algorithm is used to summarize similar confidential information to generate confidential information classification data;

S204: Based on the classified data of confidential information, a statistical method is used to integrate the information to form an overview and details of confidential information and generate a confidential information report;

The text confidentiality preliminary report specifically includes the location and content of potential risk words, sentences or paragraphs, the image confidentiality preliminary report specifically indicates potential risk areas or objects in the image, and the confidential information classification data specifically includes confidential information classified by type, source or importance.

As a further solution of the present invention, based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the early warning mechanism of the system, and integrate vulnerability data. The specific steps of generating security vulnerability simulation data are as follows:

S301: Based on the confidential information report, using a generative adversarial network to simulate potential security vulnerabilities and generate potential security vulnerability simulation scenarios;

S302: Based on the potential security vulnerability simulation scenario, using reinforcement learning to simulate attacker behavior and generate simulated attack behavior data;

S303: Based on the simulated attack behavior data, pattern recognition is used to identify system vulnerabilities, and system vulnerability and weakness identification results are generated;

S304: Based on the system vulnerability and weakness identification results, perform data integration, optimize the early warning mechanism, and generate an optimized early warning mechanism and vulnerability assessment report;

The generative adversarial network specifically uses a generator and a discriminator to capture data distribution for simulating attack scenarios. The pattern recognition specifically uses a support vector machine and a decision tree algorithm to automatically identify and classify attack patterns. The optimized early warning mechanism and vulnerability assessment report include a description of the identified vulnerability, an impact assessment, and recommended protective measures.

As a further solution of the present invention, based on the security vulnerability simulation data, a data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, and integrate data flows. The specific steps of generating a data flow analysis report are as follows:

S401: Based on the optimized early warning mechanism and vulnerability assessment report, a data flow analysis algorithm is used to dynamically monitor file operations in the system and generate dynamic file operation monitoring data;

S402: Based on the dynamic file operation monitoring data, continue to use the data flow analysis algorithm to perform static analysis of system behavior and generate system behavior static analysis data;

S403: statically analyzing the data based on the system behavior, marking potential data leakage points, and generating potential data leakage point marks;

S404: Based on the potential data leakage point mark, perform data flow integration, evaluate the data security risk of the overall system, and generate a data flow analysis report;

The data flow analysis algorithm specifically analyzes the behavioral patterns of the data flow within the system. The system behavior static analysis data specifically refers to analyzing the system behavior without external input through static methods. The potential data leakage point marker is specifically the risk area that may lead to information leakage in the system behavior. The data flow analysis report includes the overall distribution of the data flow, the marked leakage points and the recommended repair measures.

As a further solution of the present invention, based on the original data of the file, the SHA-256 hash algorithm is used to perform integrity verification on the file, and the hash value is compared with the hash value stored on the blockchain to determine the integrity of the file, and the steps of generating an integrity verification record are specifically as follows:

S501: Based on the file data, a binary reading method is used to extract the file content, and format it to generate an original data extraction report;

S502: Based on the original data extraction report, the SHA-256 hash algorithm is used to perform file hash calculation and format the hash value to generate a file hash value;

S503: Based on the blockchain network interface, a hash search method is used to perform a search associated with the hash value of the file, and a hash value comparison preparation is performed to generate a blockchain hash value;

S504: Based on the file hash value and the blockchain hash value, a hash comparison method is used to confirm the integrity of the file, perform an integrity check, and generate an integrity check record;

The original data extraction report is specifically in the form of a byte stream of the file, the file hash value is specifically a string consisting of 64-bit characters, the blockchain hash value is specifically a hash record of the file stored on the blockchain, and the integrity check record specifically indicates whether the file has been tampered with or damaged.

As a further solution of the present invention, in combination with the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set. The steps of generating access control and encryption policies are specifically as follows:

S601: Based on the integrity check record, a role analysis method is used to define the file role, set permissions, and generate a role definition and permission allocation table;

S602: Based on the role definition and the permission allocation table, a role-based access control algorithm is used to allocate access rights, set access policies, and generate a file access control policy;

S603: Based on the file access control policy, the AES dynamic encryption method is used to encrypt the file, and the encrypted data is integrated to generate encrypted file data;

S604: Based on the encrypted file data and the file access control policy, a policy integration method is used to formulate a secure storage policy for the file, and the policy is confirmed to generate an access control and encryption policy;

The role definition and permission allocation table includes role name, role description and access rights. The file access control policy specifically refers to the role and its access rights level. The encrypted file data specifically refers to the byte stream after the original file data is encrypted. The access control and encryption policy specifically refers to the complete strategy and method for accessing and decrypting the file.

A computer file confidentiality checking system is used to execute the above-mentioned computer file confidentiality checking method. The system includes a feature extraction and fusion module, a risk information labeling module, a risk vulnerability simulation module, a system behavior analysis module, a file content extraction module, a file integrity verification module, and a security policy formulation module.

As a further solution of the present invention, the feature extraction and fusion module is based on a deep learning framework, uses a transformer algorithm and a BERT model to process text and generate a text deep feature vector, and simultaneously uses a convolutional neural network to extract image features, and performs autoencoder fusion with text features to generate text and image feature data;

The risk information annotation module annotates risk information based on the generated text and image feature data through natural language processing and image recognition technology, summarizes and integrates it using statistical methods, and generates a confidential information report;

The risk vulnerability simulation module uses a generative adversarial network to simulate potential risks based on the generated confidential information report, and confirms system weaknesses through pattern recognition, optimizes the early warning mechanism, and generates an optimized early warning mechanism and vulnerability assessment report;

The system behavior analysis module uses a data flow analysis algorithm to statically analyze system behavior, mark potential data leakage points, evaluate security risks, and generate a data flow analysis report based on the optimized early warning mechanism and vulnerability assessment report;

The file content extraction module formats the file data using a binary reading method to generate a raw data extraction report;

The file integrity verification module calculates the file hash value based on the generated original data extraction report using the SHA-256 hash algorithm, compares the file hash value with the blockchain hash value to ensure file integrity, and generates an integrity verification record;

The security policy formulation module defines the file role and sets permissions based on the extracted integrity check record, encrypts the file using the AES dynamic encryption method, formulates a secure storage strategy for the file, and generates access control and encryption strategies.

As a further solution of the present invention, the feature extraction and fusion module includes a text processing submodule, an image feature extraction submodule, and a feature fusion submodule;

The risk information labeling module includes a risk information labeling submodule, a confidential information classification submodule, and an information integration submodule;

The risk vulnerability simulation module includes a security vulnerability simulation submodule, an attacker behavior simulation submodule, a system weakness identification submodule, and an early warning mechanism optimization submodule;

The system behavior analysis module includes a file operation monitoring submodule, a system behavior analysis submodule, a data leakage point marking submodule, and a data flow integration submodule;

The file content extraction module includes a data reading submodule and a data formatting submodule;

The file integrity verification module includes a hash calculation submodule, a hash retrieval submodule, and an integrity confirmation submodule;

The security policy formulation module includes a file role definition submodule, an access permission setting submodule, a file encryption submodule, and a policy confirmation submodule.

Compared with the prior art, the advantages and positive effects of the present invention are:

In the present invention, through deep learning technology, transformer algorithm, and image processing technology, it is possible to ensure that the deep semantic analysis and key feature extraction of text and images are more accurate. Combining natural language processing and image recognition algorithms, the judgment of confidential information in files is more accurate, reducing the false alarm rate and omission rate. By generating a simulation mechanism of adversarial networks, there is a higher level of early warning of potential security vulnerabilities and attack behaviors in the system, and the ability to identify and respond to external threats is enhanced. The method based on data flow analysis makes the system more comprehensive in monitoring and preventing data leakage. In addition, the integrity check of files is carried out in combination with blockchain technology, which improves the security and non-tamperability of files.

BRIEF DESCRIPTION OF THE DRAWINGS

Fig. 1 is a schematic diagram of the workflow of the present invention;

FIG2 is a flow chart of the refinement of S1 of the present invention;

FIG3 is a flow chart of the refinement of S2 of the present invention;

FIG4 is a flow chart of the refinement of S3 of the present invention;

FIG5 is a flow chart of the refinement of S4 of the present invention;

FIG6 is a flow chart of the refinement of S5 of the present invention;

FIG7 is a detailed flow chart of S6 of the present invention;

FIG8 is a system flow chart of the present invention;

FIG. 9 is a schematic diagram of a system framework of the present invention.

Detailed ways

In order to make the purpose, technical solution and advantages of the present invention more clearly understood, the present invention is further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention and are not intended to limit the present invention.

In the description of the present invention, it should be understood that the terms "length", "width", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inside", "outside" and the like indicate positions or positional relationships based on the positions or positional relationships shown in the drawings, and are only for the convenience of describing the present invention and simplifying the description, rather than indicating or implying that the device or element referred to must have a specific orientation, be constructed and operated in a specific orientation, and therefore cannot be understood as limiting the present invention. In addition, in the description of the present invention, "plurality" means two or more, unless otherwise clearly and specifically defined.

Example

Please refer to FIG1 , the present invention provides a technical solution: a computer file confidentiality checking method, comprising the following steps:

S1: Based on deep learning, it uses transformer algorithm and convolutional neural network to perform deep semantic analysis and key feature extraction on text and image content, integrate feature data, and generate text and image feature data;

S2: Based on text and image feature data, natural language processing technology and image recognition algorithms are used to determine and classify the text and images in the file to generate a confidential information report;

S3: Based on confidential information reports, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the system's early warning mechanism, and integrate vulnerability data to generate security vulnerability simulation data;

S4: Based on the security vulnerability simulation data, the data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, integrate data flows, and generate data flow analysis reports;

S5: Based on the original data of the file, the SHA-256 hash algorithm is used to perform integrity verification on the file, and the hash value is compared with the hash value stored on the blockchain to determine the integrity of the file and generate an integrity verification record;

S6: Combined with the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set to generate access control and encryption policies;

The transformer algorithms are specifically BERT and GPT series models, which are used for semantic understanding of text content. Convolutional neural networks are used to extract key features from images. Natural language processing technology is used to identify text-based confidential information including private API keys and passwords. Image recognition algorithms are used to identify confidential content in images. Data flow analysis algorithms are specifically used to track the flow and storage path of confidential data in the system and identify attempts at illegal access or tampering. Dynamic encryption technology includes AES to encrypt files and uses RSA to manage AES keys.

The text and image analysis technology based on deep learning uses transformer algorithms and convolutional neural networks to perform deep semantic analysis and extract key features, which can effectively identify confidential information in files. Through natural language processing technology and image recognition algorithms, confidential information judgment and classification are performed on text and images in files, and confidential information reports are generated, which helps to timely discover and protect sensitive information.

The application of generative adversarial networks can simulate potential security vulnerabilities and attack behaviors and enhance the system's early warning mechanism. Through dynamic monitoring and static analysis of file operations and system behaviors, potential data leakage points can be found, and data flow integration and data flow analysis reports can be generated, which helps to discover and prevent security risks in advance.

The SHA-256 hash algorithm is used to verify the integrity of the file, comparing the hash value with the hash value on the blockchain to determine the integrity of the file and generate an integrity verification record. This helps ensure that the file has not been tampered with or damaged during transmission and storage.

The combination of role-based access control and dynamic encryption technology can achieve access control and encryption processing for files, set access rights, and generate access control and encryption policies. This helps to protect the security and privacy of files and prevent unauthorized access and leakage.

Please refer to Figure 2. Based on deep learning, the transformer algorithm and convolutional neural network are used to perform deep semantic analysis and key feature extraction on the text and image content, and integrate feature data. The specific steps for generating text and image feature data are as follows:

S101: Based on the deep learning framework, the transformer algorithm is used to perform preliminary text processing, convert it into an intermediate vector representation, and perform feature extraction to generate a text intermediate vector;

S102: Based on the text intermediate vector, the BERT model is used for deep learning training to extract the deep semantic features of the text and generate a text deep feature vector;

S103: using a convolutional neural network to extract primary features of the image content, converting the image into a preliminary feature matrix, and generating an image primary feature matrix;

S104: Based on the text deep feature vector and the image primary feature matrix, an autoencoder is used to perform feature fusion, integrate the key features of the text and the image, and generate text and image feature data;

The text intermediate vector is specifically the vectorized expression of the text content, the text deep feature vector specifically refers to the deep learning feature representation of the original text, the image primary feature matrix is specifically the feature representation of the image content, and the text and image feature data includes the fused feature vector representation of the text and image.

In S101, a deep learning framework such as TensorFlow or PyTorch is used to convert raw text into vectorized representation using a transformer algorithm (e.g., Word2Vec or FastText).

Code example:

# Import the corresponding libraries and models

from gensim.models import Word2Vec

import nltk

# Tokenization and preprocessing text

text = "Your input text here."

tokens = nltk.word_tokenize(text)

# Train the Word2Vec model

model = Word2Vec(tokens, vector_size=100, window=5, min_count=1, sg=0)

# Get text vector

text_vector = model.wv['your_word']

In S102, a pre-trained BERT model, such as Hugging Face's Transformers library, is used to perform deep learning training on text to extract deep semantic features.

Code example:

from transformers import BertTokenizer, BertModel

import torch

tokenizer = BertTokenizer.from_pretrained('bert-base-uncased')

model = BertModel.from_pretrained('bert-base-uncased')

text = "Your input text here."

input_ids = tokenizer(text, return_tensors='pt').input_ids

outputs = model(input_ids)

# Get deep semantic features

text_embeddings = outputs.last_hidden_state.mean(dim=1)

In S103, a convolutional neural network (CNN) model is created using a deep learning framework, such as PyTorch or TensorFlow, to extract primary features of the image.

Code example:

import torch

import torch.nn as nn

import torchvision.models as models

# Load the pre-trained CNN model

cnn_model = models.resnet50(pretrained=True)

cnn_model = nn.Sequential(*list(cnn_model.children())[:-2]) # Remove the last fully connected layer

# Image preprocessing and feature extraction

image = load_image("your_image.jpg") # Load image

image = preprocess_image(image) # Preprocess image

image_features = cnn_model(image) # Extract primary features

In S104, an autoencoder model is created, and the deep semantic features of the text and the primary features of the image are input into the autoencoder to generate fused text and image feature data.

Code example:

import torch

import torch.nn as nn

class AutoEncoder(nn.Module):

def __init__(self, text_feature_size, image_feature_size, latent_size):

super(AutoEncoder, self).__init()

self.text_encoder = nn.Linear(text_feature_size, latent_size)

self.image_encoder = nn.Linear(image_feature_size, latent_size)

self.decoder = nn.Linear(latent_size, text_feature_size +image_feature_size)

def forward(self, text_features, image_features):

text_latent = self.text_encoder(text_features)

image_latent = self.image_encoder(image_features)

combined_latent = torch.cat((text_latent, image_latent), dim=1)

reconstructed_features = self.decoder(combined_latent)

return reconstructed_features

# Initialize and train the autoencoder

autoencoder = AutoEncoder(text_feature_size, image_feature_size,latent_size)

loss_fn = nn.MSELoss()

optimizer = torch.optim.Adam(autoencoder.parameters(), lr=learning_rate)

# Train the autoencoder

for epoch in range(num_epochs):

optimizer.zero_grad()

outputs = autoencoder(text_features, image_features)

loss = loss_fn(outputs, torch.cat((text_features, image_features), dim=1))

loss.backward()

optimizer.step()

Please refer to Figure 3. Based on the text and image feature data, natural language processing technology and image recognition algorithm are used to determine the confidential information of the text and images in the file, and then classify them. The specific steps for generating a confidential information report are as follows:

S201: Based on text and image feature data, natural language processing technology is used to annotate potential risk information in text content and generate a preliminary text confidentiality report;

S202: Based on the text and image feature data, an image recognition algorithm is used to mark the potential risk information in the image content and generate a preliminary image confidentiality report;

S203: Based on the text confidentiality preliminary report and the image confidentiality preliminary report, a clustering algorithm is used to summarize similar confidential information to generate confidential information classification data;

S204: Based on the classified data of confidential information, a statistical method is used to integrate the information, form an overview and details of the confidential information, and generate a confidential information report;

The text confidentiality preliminary report specifically includes the location and content of potential risk words, sentences or paragraphs. The image confidentiality preliminary report specifically indicates the potential risk areas or objects in the image. The confidential information classification data specifically includes confidential information classified by type, source or importance.

Based on text and image feature data, natural language processing technology is used to annotate potential risk information in text content. This includes using text analysis algorithms to identify potential sensitive words, phrases, or sentences and marking them as potential risk information. At the same time, the location and content of this potential risk information in the text also need to be recorded.

Next, based on the text and image feature data, image recognition algorithms are used to annotate potential risk information in the image content. This can be done by using image recognition technology to detect specific areas or objects in the image and mark them as potential risk information. For example, it can be detected if someone is displaying a device or document that is prohibited from being photographed in the image.

After generating the preliminary text confidentiality report and the preliminary image confidentiality report, it is necessary to summarize and classify the potential risk information in these reports. To this end, a clustering algorithm can be used to group similar confidential information to form confidential information classification data. These classifications can be divided according to criteria such as type, source or importance.

Finally, based on the classified data of confidential information, statistical methods are used to integrate the information, form an overview and details of confidential information, and generate a confidential information report. This includes statistical data analysis of various types of confidential information, as well as descriptions and explanations of detailed information for each category.

Please refer to Figure 4. Based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the system's early warning mechanism, and integrate vulnerability data. The specific steps for generating security vulnerability simulation data are as follows:

S301: Based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and generate potential security vulnerability simulation scenarios;

S302: Based on the potential security vulnerability simulation scenario, reinforcement learning is used to simulate the attacker's behavior and generate simulated attack behavior data;

S303: Based on the simulated attack behavior data, pattern recognition is used to identify system weaknesses, and system vulnerability and weakness identification results are generated;

S304: Based on the system vulnerability and weakness identification results, perform data integration, optimize the early warning mechanism, and generate an optimized early warning mechanism and vulnerability assessment report;

Generative adversarial networks specifically use generators and discriminators to capture data distribution for simulating attack scenarios. Pattern recognition specifically uses support vector machines and decision tree algorithms to automatically identify and classify attack patterns. The optimized early warning mechanism and vulnerability assessment report include descriptions of identified vulnerabilities, impact assessments, and recommended protective measures.

In S301, a generative adversarial network model, including a generator and a discriminator, is used to simulate potential security vulnerability scenarios. A dataset is prepared, including descriptions and contextual information of potential security vulnerabilities identified in confidential information reports. Samples of potential security vulnerability scenarios are generated using a generator model. The generator receives random noise as input and generates scenarios similar to actual vulnerabilities.

# Code Example: Generator Model

generator = create_generator_model()

generator.compile(loss='binary_crossentropy', optimizer='adam')

generator.fit(random_noise, simulated_vulnerability_scenarios, epochs=100)

The discriminator is trained to distinguish between generated vulnerability scenarios and real vulnerability scenarios. This helps improve the performance of the generator.

# Code Example: Discriminator Model

discriminator = create_discriminator_model()

discriminator.compile(loss='binary_crossentropy', optimizer='adam')

discriminator.fit(scenarios, real_vs_generated_labels, epochs=100)

The generator and discriminator are combined into a GAN and trained alternately to improve the quality of the generated vulnerability scenarios.

# Code Example: GAN Model

gan = create_gan(generator, discriminator)

gan.compile(loss='binary_crossentropy', optimizer='adam')

gan.fit(random_noise, real_labels, epochs=100)

In S302, a reinforcement learning model is used to simulate the attacker's behavior. The potential security vulnerability scenario is used as an environment to establish a mapping of state, action, and reward. A reinforcement learning model, such as a deep reinforcement learning model (DRL), is trained to simulate the attacker's behavior.

# Code Example: Reinforcement Learning Training

rl_agent = create_reinforcement_learning_agent()

rl_agent.train(environment, num_episodes=1000)

After training, the reinforcement learning model is used to simulate the attacker's behavior and generate attack behavior data.

# Code example: Generate simulated attack behavior data

simulated_attack_data = rl_agent.simulate_attacks(num_samples=1000)

In S303, a pattern recognition algorithm, such as a support vector machine or a decision tree, is used to automatically identify system vulnerabilities and weaknesses. Simulated attack behavior data and related system data are collated. Features are extracted and the data is converted into a form that can be used for pattern recognition. A support vector machine, decision tree, or other model is trained to identify attack patterns and system weaknesses.

# Code Example: Pattern Recognition Model Training

pattern_recognition_model = create_pattern_recognition_model()

pattern_recognition_model.fit(features, labels)

Identify weaknesses: Use pattern recognition models to identify weaknesses in the system.

# Code Example: Identifying Weaknesses in a System

vulnerability_identification = pattern_recognition_model.predict(system_data)

In S304, the identification results of system vulnerabilities and weak points are integrated with the previous confidential information report data. Based on the identification results of vulnerabilities and weaknesses, the early warning mechanism of the system is optimized to increase the alertness to potential threats. A vulnerability assessment report including vulnerability description, impact assessment and recommended protection measures is generated.

# Code Example: Generating a Vulnerability Assessment Report

vulnerability_report = generate_vulnerability_report(vulnerability_identification)

Please refer to Figure 5. Based on the security vulnerability simulation data, the data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, and integrate data flows. The specific steps for generating a data flow analysis report are as follows:

S401: Based on the optimized early warning mechanism and vulnerability assessment report, a data flow analysis algorithm is used to dynamically monitor file operations in the system and generate dynamic file operation monitoring data;

S402: Based on the dynamic file operation monitoring data, continue to use the data flow analysis algorithm to perform static analysis of the system behavior and generate system behavior static analysis data;

S403: statically analyzing data based on system behavior, marking potential data leakage points, and generating potential data leakage point markers;

S404: Based on the potential data leakage point markers, data flow integration is performed to assess the data security risk of the overall system and generate a data flow analysis report;

The data flow analysis algorithm specifically analyzes the behavioral patterns of the system's internal data flows. The system behavior static analysis data specifically refers to analyzing the system's behavior without external input through static methods. The potential data leakage point marking is specifically the risk area that may lead to information leakage in the system behavior. The data flow analysis report includes the overall distribution of the data flow, marked leakage points and recommended repair measures.

Based on the optimized early warning mechanism and vulnerability assessment report, the data flow analysis algorithm is used to dynamically monitor the file operations in the system. This includes collecting and analyzing the file operation logs in the system, identifying security-related operations, and generating dynamic file operation monitoring data.

Next, based on the dynamic file operation monitoring data, the data flow analysis algorithm is used to perform static analysis on the system behavior. This can identify risk areas that may lead to information leakage by analyzing the system behavior without external input, and generate static analysis data on the system behavior.

After generating static analysis data of system behavior, it is necessary to mark potential data leakage points in these data. This can be achieved by analyzing abnormal patterns in system behavior or operations related to known vulnerabilities. The purpose of marking potential data leakage points is to distinguish them from other normal behaviors for subsequent analysis and processing.

Finally, based on the marking results of potential data leakage points, data flow integration is performed to assess the data security risks of the overall system and generate a data flow analysis report. This includes analyzing the overall distribution of each data flow in the system and providing corresponding repair suggestions and measures for the marked leakage points.

Please refer to Figure 6. Based on the original data of the file, the SHA-256 hash algorithm is used to perform integrity verification on the file, and the hash value is compared with the hash value stored on the blockchain to determine the integrity of the file and generate the integrity verification record. The specific steps are:

S501: Based on the file data, a binary reading method is used to extract the file content, and format it to generate an original data extraction report;

S502: Based on the original data extraction report, the SHA-256 hash algorithm is used to perform file hash calculation, and the hash value is formatted to generate a file hash value;

S503: Based on the blockchain network interface, a hash search method is used to perform a search associated with the file hash value, and a hash value comparison is performed to generate a blockchain hash value;

S504: Based on the file hash value and the blockchain hash value, the file integrity is confirmed and checked by using a hash comparison method, and an integrity check record is generated;

The original data extraction report is in the form of a byte stream of the file, the file hash value is a string consisting of 64-bit characters, the blockchain hash value is a hash record of the file stored on the blockchain, and the integrity check record specifically indicates whether the file has been tampered with or damaged.

Read the original data of the file. You can use the binary reading method to read the data in the file and format it. Make sure that the file content is extracted in the form of a byte stream. Next, use the SHA-256 hash algorithm to hash the file content. SHA-256 is a commonly used hash algorithm that can map data of any length to a fixed-length (64-bit) hash value. By inputting the byte stream of the file into the SHA-256 algorithm, you can get a unique string representation of the file hash value.

After the file hash is generated, it is necessary to use the blockchain network interface to retrieve the file hash associated with it. This can be achieved by querying the file hash record stored on the blockchain. Based on the name or other identification information of the file, find the corresponding blockchain hash record. Prepare to compare the generated file hash with the hash record on the blockchain. Ensure that the length and format of the two hash values are consistent for subsequent comparison operations.

Finally, the hash comparison method is used to confirm the integrity of the file. Compare the two hash values to see if they are the same. If they are the same, the integrity of the file is guaranteed; if they are different, there may be an integrity problem. Generate an integrity check record based on the comparison results to indicate whether the file has been tampered with or damaged.

Please refer to FIG. 7. In combination with the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set. The specific steps for generating access control and encryption policies are as follows:

S601: Based on the integrity check record, the role analysis method is used to define the file role, set the authority, and generate a role definition and authority allocation table;

S602: Based on the role definition and the permission allocation table, a role-based access control algorithm is used to allocate access rights, set access policies, and generate a file access control policy;

S603: Based on the file access control policy, the AES dynamic encryption method is used to encrypt the file, and the encrypted data is integrated to generate encrypted file data;

S604: Based on the encrypted file data and the file access control policy, a policy integration method is used to formulate a secure storage policy for the file, and the policy is confirmed to generate an access control and encryption policy;

The role definition and permission allocation table includes the role name, role description and access rights. The file access control policy specifically refers to the role and its access rights level. The encrypted file data specifically refers to the byte stream after the original file data is encrypted. The access control and encryption policy specifically refers to the complete strategy and method for accessing and decrypting the file.

In S601, different roles of the file are determined based on the integrity check record. Appropriate access rights, such as read, write or execute rights, are then assigned to each role. Finally, a role definition and permission allocation table is generated, which lists the role name, role description and specific access rights associated with each role.

In S602, the access rights to the file are allocated according to the previously generated role definition and permission allocation table by using a role-based access control algorithm. At the same time, a file access policy is set to determine which roles can access the file with which permissions, and which roles' access should be denied.

In S603, the AES dynamic encryption method is used to encrypt the file. This usually involves using AES or other suitable encryption algorithms to protect the security of the file. The encrypted file data will be integrated into a byte stream or other binary data format to ensure data security storage.

In S604, a secure storage strategy for the file is formulated based on the encrypted file data and the file access control strategy through the policy integration method. This includes determining the physical storage location of the file, formulating a backup strategy, and planning access audits. Finally, an access control and encryption strategy is generated to ensure the confidentiality and integrity of the file.

Please refer to Figure 8, a computer file confidentiality inspection system, the computer file confidentiality inspection system is used to execute the above-mentioned computer file confidentiality inspection method, the system includes a feature extraction and fusion module, a risk information labeling module, a risk vulnerability simulation module, a system behavior analysis module, a file content extraction module, a file integrity verification module, and a security policy formulation module.

The feature extraction and fusion module is based on a deep learning framework. It uses the transformer algorithm and BERT model to process text and generate text deep feature vectors. It also uses a convolutional neural network to extract image features and autoencodes them with text features to generate text and image feature data.

The risk information annotation module uses natural language processing and image recognition technology to annotate risk information based on the generated text and image feature data, summarizes and integrates it using statistical methods, and generates a confidential information report;

The risk vulnerability simulation module uses generative adversarial networks to simulate potential risks based on the generated confidential information reports, and confirms system weaknesses through pattern recognition, optimizes the early warning mechanism, and generates optimized early warning mechanisms and vulnerability assessment reports;

The system behavior analysis module uses data flow analysis algorithms to statically analyze system behavior, mark potential data leakage points, evaluate security risks, and generate data flow analysis reports based on the optimized early warning mechanism and vulnerability assessment report.

The file content extraction module uses binary reading method to format the file data and generate the original data extraction report;

The file integrity verification module uses the SHA-256 hash algorithm to calculate the file hash value based on the generated raw data extraction report, compares the file hash value with the blockchain hash value to ensure file integrity, and generates an integrity verification record;

The security policy formulation module defines the file role and sets permissions based on the extracted integrity check records, encrypts the file using the AES dynamic encryption method, formulates a secure storage strategy for the file, and generates access control and encryption strategies.

Thanks to the use of deep learning and multiple advanced algorithms, the system is able to accurately extract and fuse text and image features. This deep feature extraction ensures the security of information during transmission, storage and processing, thereby greatly reducing security risks caused by information leakage, tampering or loss.

The system's built-in risk information annotation and vulnerability simulation modules allow potential security risks to be identified and warned in advance. This early identification and response strategy helps to take corresponding measures before the problem deteriorates further.

Through the combination of SHA-256 hash algorithm and blockchain technology, the system has high reliability in ensuring file integrity. The introduction of blockchain technology increases resistance to file tampering, thereby increasing file security.

The system not only focuses on data security, but also on effective data management. From feature extraction to risk assessment to file integrity verification, each step is to ensure the accuracy and integrity of the data, thereby improving the efficiency of the entire data management process.

The introduction of the security policy formulation module makes file permission management more clear and strict. According to the role and importance of the file, the system can dynamically assign permissions to it to ensure that only authorized users can access relevant information.

From text processing, image feature extraction, to file integrity and access control, the system provides a comprehensive data protection strategy. Each module provides an additional barrier for data security, ensuring that data is best protected in any environment and conditions.

Please refer to FIG9 , the feature extraction and fusion module includes a text processing submodule, an image feature extraction submodule, and a feature fusion submodule;

The risk information labeling module includes a risk information labeling submodule, a confidential information classification submodule, and an information integration submodule;

The risk vulnerability simulation module includes a security vulnerability simulation submodule, an attacker behavior simulation submodule, a system weakness identification submodule, and an early warning mechanism optimization submodule;

The system behavior analysis module includes a file operation monitoring submodule, a system behavior analysis submodule, a data leakage point marking submodule, and a data flow integration submodule;

The file content extraction module includes a data reading submodule and a data formatting submodule;

The file integrity verification module includes a hash calculation submodule, a hash retrieval submodule, and an integrity confirmation submodule;

The security policy formulation module includes a file role definition submodule, an access permission setting submodule, a file encryption submodule, and a policy confirmation submodule.

In the feature extraction and fusion module, the text processing submodule uses the deep learning framework, the transformer algorithm and the BERT model to process the text and generate a text deep feature vector. The image feature extraction submodule uses a convolutional neural network to extract image features. The feature fusion submodule fuses text features and image features through an autoencoder to generate text and image feature data.

In the risk information annotation module, the risk information annotation submodule annotates risk information based on the generated text and image feature data through natural language processing and image recognition technology. The confidential information classification submodule uses statistical methods to summarize and integrate the annotated risk information to generate a confidential information report. The information integration submodule integrates the confidential information report to generate the final confidential information report.

In the risk vulnerability simulation module, the security vulnerability simulation submodule uses a generative adversarial network to simulate potential risks based on the generated confidential information report. The attacker behavior simulation submodule simulates the attacker's behavior pattern. The system weakness identification submodule confirms the system's weaknesses through pattern recognition. The early warning mechanism optimization submodule optimizes the early warning mechanism based on the simulation results and generates an optimized early warning mechanism and vulnerability assessment report.

In the system behavior analysis module, the file operation monitoring submodule monitors the file operations of the system. The system behavior analysis submodule analyzes the behavior of the system when there is no external input. The data leakage point marking submodule marks potential data leakage points. The data flow integration submodule integrates the analysis results and generates a data flow analysis report.

In the file content extraction module, the data reading submodule uses a binary reading method to read the file data. The data formatting submodule formats the read data and generates an original data extraction report.

In the file integrity verification module, the hash calculation submodule uses the SHA-256 hash algorithm to calculate the hash value of the file based on the generated raw data extraction report. The hash retrieval submodule compares the file hash value with the hash value on the blockchain to ensure the integrity of the file. The integrity confirmation submodule confirms the integrity of the file based on the comparison results and generates an integrity verification record.

In the security policy formulation module, the file role definition submodule defines the role of the file. The access permission setting submodule sets the access permission of the file. The file encryption submodule uses AES dynamic encryption to encrypt the file. The policy confirmation submodule confirms the formulated policy and generates access control and encryption policies.

The above are only preferred embodiments of the present invention and are not intended to limit the present invention in other forms. Any technician familiar with the profession may use the technical contents disclosed above to change or modify them into equivalent embodiments with equivalent changes and apply them to other fields. However, any simple modification, equivalent change and modification made to the above embodiments based on the technical essence of the present invention without departing from the technical solution of the present invention still falls within the protection scope of the technical solution of the present invention.

Claims (9)

1. A computer file confidentiality checking method, characterized in that it comprises the following steps: Based on deep learning, transformer algorithms and convolutional neural networks are used to perform deep semantic analysis and key feature extraction on text and image content, and integrate feature data to generate text and image feature data; Based on the text and image feature data, natural language processing technology and image recognition algorithms are used to determine the confidential information of the text and images in the file, and classification processing is performed to generate a confidential information report; Based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the system's early warning mechanism, and integrate vulnerability data to generate security vulnerability simulation data; Based on the security vulnerability simulation data, a data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, and integrate data flows to generate a data flow analysis report; Based on the original data of the file, the SHA-256 hash algorithm is used to check the integrity of the file, and the hash value is compared with the hash value stored on the blockchain to determine the integrity of the file and generate an integrity check record; In combination with the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set to generate access control and encryption policies; The transformer algorithm is specifically a BERT and GPT series model for semantic understanding of text content, the convolutional neural network is used to extract key features from images, the natural language processing technology is used to identify text-based confidential information including private API keys and passwords, the image recognition algorithm is used to identify confidential content in images, the data flow analysis algorithm is specifically used to track the flow and storage path of confidential data in the system, and identify attempts at illegal access or tampering, and the dynamic encryption technology includes AES to encrypt files and use RSA to manage AES keys; Based on the security vulnerability simulation data, the data flow analysis algorithm is used to dynamically monitor and statically analyze file operations and system behaviors, find potential data leakage points, and integrate data flows. The specific steps for generating a data flow analysis report are as follows: Based on the optimized early warning mechanism and vulnerability assessment report, a data flow analysis algorithm is used to dynamically monitor file operations in the system and generate dynamic file operation monitoring data; Based on the dynamic file operation monitoring data, continue to use the data flow analysis algorithm to perform static analysis of system behavior and generate system behavior static analysis data; Static analysis of the data based on the system behavior, marking potential data leakage points, and generating potential data leakage point markers; Based on the potential data leakage point markers, data flow integration is performed to evaluate the data security risks of the overall system and generate a data flow analysis report; The data flow analysis algorithm specifically analyzes the behavioral patterns of the data flow within the system. The system behavior static analysis data specifically refers to analyzing the system behavior without external input through static methods. The potential data leakage point marker is specifically the risk area that may lead to information leakage in the system behavior. The data flow analysis report includes the overall distribution of the data flow, the marked leakage points and the recommended repair measures. 2. The computer file confidentiality inspection method according to claim 1 is characterized in that, based on deep learning, a transformer algorithm and a convolutional neural network are used to perform deep semantic analysis and key feature extraction on text and image content, and feature data integration is performed, and the steps of generating text and image feature data are specifically as follows: Based on the deep learning framework, the transformer algorithm is used to perform preliminary text processing, convert it into an intermediate vector representation, and perform feature extraction to generate a text intermediate vector; Based on the text intermediate vector, a BERT model is used for deep learning training to extract the deep semantic features of the text and generate a text deep feature vector; Use convolutional neural network to extract primary features of image content, convert the image into a preliminary feature matrix, and generate the primary feature matrix of the image; Based on the text deep feature vector and the image primary feature matrix, an autoencoder is used to perform feature fusion, integrate key features of the text and the image, and generate text and image feature data; The text intermediate vector is specifically a vectorized expression of the text content, the text deep feature vector specifically refers to the deep learning feature representation of the original text, the image primary feature matrix is specifically a feature representation of the image content, and the text and image feature data includes a fused feature vector representation of the text and image. 3. The computer file confidentiality inspection method according to claim 1 is characterized in that, based on the text and image feature data, natural language processing technology and image recognition algorithm are used to determine the confidentiality information of the text and image in the file, and classification processing is performed, and the steps of generating a confidentiality information report are specifically as follows: Based on the text and image feature data, natural language processing technology is used to annotate potential risk information in the text content to generate a preliminary text confidentiality report; Based on the text and image feature data, an image recognition algorithm is used to mark potential risk information in the image content and generate a preliminary image confidentiality report; Based on the text confidentiality preliminary report and the image confidentiality preliminary report, a clustering algorithm is used to summarize similar confidential information to generate confidential information classification data; Based on the classified data of confidential information, statistical methods are used to integrate the information, form an overview and details of confidential information, and generate a confidential information report; The text confidentiality preliminary report specifically includes the location and content of potential risk words, sentences or paragraphs, the image confidentiality preliminary report specifically indicates potential risk areas or objects in the image, and the confidential information classification data specifically includes confidential information classified by type, source or importance. 4. The computer file confidentiality inspection method according to claim 1 is characterized in that, based on the confidential information report, a generative adversarial network is used to simulate potential security vulnerabilities and attack behaviors, enhance the early warning mechanism of the system, and integrate vulnerability data. The steps of generating security vulnerability simulation data are specifically as follows: Based on the confidential information report, using a generative adversarial network to simulate potential security vulnerabilities and generate potential security vulnerability simulation scenarios; Based on the potential security vulnerability simulation scenario, reinforcement learning is used to simulate attacker behavior and generate simulated attack behavior data; Based on the simulated attack behavior data, pattern recognition is used to identify system weaknesses and generate system vulnerability and weakness identification results; Based on the system vulnerability and weakness identification results, data integration is performed to optimize the early warning mechanism, and an optimized early warning mechanism and vulnerability assessment report is generated; The generative adversarial network specifically uses a generator and a discriminator to capture data distribution for simulating attack scenarios. The pattern recognition specifically uses a support vector machine and a decision tree algorithm to automatically identify and classify attack patterns. The optimized early warning mechanism and vulnerability assessment report include a description of the identified vulnerability, an impact assessment, and recommended protective measures. 5. The computer file confidentiality check method according to claim 1 is characterized in that the steps of performing integrity check on the file based on the original data of the file using the SHA-256 hash algorithm, and comparing the hash value with the hash value stored on the blockchain to determine the integrity of the file, and generating an integrity check record are specifically as follows: Based on the file data, the binary reading method is used to extract the file content, format it, and generate a raw data extraction report; Based on the original data extraction report, the SHA-256 hash algorithm is used to perform file hash calculation and format the hash value to generate a file hash value; Based on the blockchain network interface, a hash search method is used to perform a search associated with the hash value of the file, and a hash value comparison is performed to generate a blockchain hash value; Based on the file hash value and the blockchain hash value, a hash comparison method is used to confirm the integrity of the file, perform integrity verification, and generate an integrity verification record; The original data extraction report is specifically in the form of a byte stream of the file, the file hash value is specifically a string consisting of 64-bit characters, the blockchain hash value is specifically a hash record of the file stored on the blockchain, and the integrity check record specifically indicates whether the file has been tampered with or damaged. 6. The computer file confidentiality check method according to claim 1 is characterized in that, in combination with the integrity check record, role-based access control and dynamic encryption technology are used to perform access control and encryption processing on the file, and access rights are set, and the steps of generating access control and encryption strategies are specifically as follows: Based on the integrity check record, a role analysis method is used to define the file role, set permissions, and generate a role definition and permission allocation table; Based on the role definition and the permission allocation table, a role-based access control algorithm is used to allocate access rights, set access policies, and generate a file access control policy; Based on the file access control strategy, the AES dynamic encryption method is used to encrypt the file, and the encrypted data is integrated to generate encrypted file data; Based on the encrypted file data and file access control policy, a policy integration method is used to formulate a secure storage policy for the file, confirm the policy, and generate an access control and encryption policy; The role definition and permission allocation table includes role name, role description and access rights. The file access control policy specifically refers to the role and its access rights level. The encrypted file data specifically refers to the byte stream after the original file data is encrypted. The access control and encryption policy specifically refers to the complete strategy and method for accessing and decrypting the file. 7. A computer file confidentiality inspection system, characterized in that, according to the computer file confidentiality inspection method according to any one of claims 1-6, the system includes a feature extraction and fusion module, a risk information labeling module, a risk vulnerability simulation module, a system behavior analysis module, a file content extraction module, a file integrity verification module, and a security policy formulation module. 8. The computer file confidentiality inspection system according to claim 7 is characterized in that the feature extraction and fusion module is based on a deep learning framework, uses a transformer algorithm and a BERT model to process text and generate a text deep feature vector, and simultaneously uses a convolutional neural network to extract image features, and performs autoencoder fusion with text features to generate text and image feature data; The risk information annotation module annotates risk information based on the generated text and image feature data through natural language processing and image recognition technology, summarizes and integrates it using statistical methods, and generates a confidential information report; The risk vulnerability simulation module uses a generative adversarial network to simulate potential risks based on the generated confidential information report, and confirms system weaknesses through pattern recognition, optimizes the early warning mechanism, and generates an optimized early warning mechanism and vulnerability assessment report; The system behavior analysis module uses a data flow analysis algorithm to statically analyze system behavior, mark potential data leakage points, evaluate security risks, and generate a data flow analysis report based on the optimized early warning mechanism and vulnerability assessment report; The file content extraction module formats the file data using a binary reading method to generate a raw data extraction report; The file integrity verification module calculates the file hash value based on the generated original data extraction report using the SHA-256 hash algorithm, compares the file hash value with the blockchain hash value to ensure file integrity, and generates an integrity verification record; The security policy formulation module defines the file role and sets permissions based on the extracted integrity check record, encrypts the file using the AES dynamic encryption method, formulates a secure storage strategy for the file, and generates access control and encryption strategies. 9. The computer file confidentiality inspection system according to claim 7, characterized in that the feature extraction and fusion module includes a text processing submodule, an image feature extraction submodule, and a feature fusion submodule; The risk information labeling module includes a risk information labeling submodule, a confidential information classification submodule, and an information integration submodule; The risk vulnerability simulation module includes a security vulnerability simulation submodule, an attacker behavior simulation submodule, a system weakness identification submodule, and an early warning mechanism optimization submodule; The system behavior analysis module includes a file operation monitoring submodule, a system behavior analysis submodule, a data leakage point marking submodule, and a data flow integration submodule; The file content extraction module includes a data reading submodule and a data formatting submodule; The file integrity verification module includes a hash calculation submodule, a hash retrieval submodule, and an integrity confirmation submodule; The security policy formulation module includes a file role definition submodule, an access permission setting submodule, a file encryption submodule, and a policy confirmation submodule.