CN117728972B - Network transmission security method and system based on multimedia content - Google Patents
Network transmission security method and system based on multimedia content Download PDFInfo
- Publication number
- CN117728972B CN117728972B CN202311434758.1A CN202311434758A CN117728972B CN 117728972 B CN117728972 B CN 117728972B CN 202311434758 A CN202311434758 A CN 202311434758A CN 117728972 B CN117728972 B CN 117728972B
- Authority
- CN
- China
- Prior art keywords
- transmission
- encryption algorithm
- complexity
- multimedia information
- initial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network transmission safety method and system based on multimedia content, which relate to the technical field of network transmission and comprise the steps of determining the real-time requirement and the safety requirement of transmission according to multimedia information; screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission; screening a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening a unique communication protocol according to the overhead and the complexity of the initial communication protocol; setting the key length in the digital signature, carrying out digital signature on the multimedia information, and embedding a digital watermark in the multimedia information; in the process of multimedia information transmission, establishing a flow base line according to multimedia information, analyzing abnormal flow, and implementing safety protection measures for the abnormal flow; and the CDN and the accelerator are controlled to give consideration to the performance and the safety of the multimedia information transmission. The network transmission safety is improved, and the real-time performance, the safety and the transmission performance are considered.
Description
Technical Field
The application relates to the technical field of network transmission, in particular to a network transmission safety method and system based on multimedia content.
Background
Background technologies for multimedia content based network transport security include digital watermarking, digital signature and encryption, secure transport protocols, digital Rights Management (DRM), content encryption and digital digest, security codecs, network layer security policies, and real-time encryption and security protocols. The comprehensive application of the technology can protect the security of multimedia data such as audio, images and video in network transmission and prevent unauthorized access, tampering and copying. Trade-offs and decisions need to be made when selecting and deploying these technologies according to the specific application scenario and security requirements.
In the prior art, when the multimedia content is transmitted through a network, the single-sided bias is carried out in the aspects of instantaneity, safety and transmission performance, and the requirements of instantaneity, safety and transmission performance cannot be met, so that the network transmission safety is lower and the quality of the transmitted multimedia content is poorer.
Therefore, how to consider real-time performance, security and transmission performance during multimedia content transmission is a technical problem to be solved at present.
Disclosure of Invention
The invention provides a network transmission safety method based on multimedia content, which is used for solving the technical problem that the real-time performance, the safety and the transmission performance cannot be considered when the multimedia content is transmitted in the prior art. The method comprises the following steps:
determining the real-time requirement and the safety requirement of transmission according to the multimedia information;
Screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission;
Screening a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening a unique communication protocol according to the overhead and the complexity of the initial communication protocol;
Simultaneously setting the key length in the digital signature, carrying out digital signature on the multimedia information, and embedding a digital watermark into the multimedia information so as to carry out multimedia information transmission;
In the process of multimedia information transmission, establishing a flow base line according to multimedia information, analyzing abnormal flow, and implementing safety protection measures for the abnormal flow;
And the CDN and the accelerator are controlled to give consideration to the performance and the safety of the multimedia information transmission.
In some embodiments of the present application, the filtering of the unique encryption algorithm according to the complexity of the initial encryption algorithm includes:
Defining basic operation steps and specific operation steps in an initial encryption algorithm;
determining the calculation complexity of the basic operation steps and the specific operation steps through the maximum operand of each operation step;
Giving different weights to the basic operation steps and the special operation steps according to the operation frequencies of the basic operation steps and the special operation steps and the calculation complexity of the basic operation steps and the special operation steps, and calculating the overall complexity of each initial encryption algorithm;
ordering the initial encryption algorithms according to the overall complexity, and determining the delay amount and the security level of each initial encryption algorithm based on the overall complexity;
and screening out an initial encryption algorithm of which the delay amount meets the real-time requirement of transmission and the security level meets the security requirement of transmission.
In some embodiments of the present application, the method for screening out a unique encryption algorithm according to complexity of an initial encryption algorithm further includes:
If the delay amount meets the real-time requirement of transmission and the security level meets the unique initial encryption algorithm of the security requirement of transmission, the initial encryption algorithm is used as a unique encryption algorithm for screening out;
If the delay amount meets the real-time requirement of transmission and the security level meets the initial encryption algorithm of the security requirement of transmission, comparing the encryption algorithms, and taking the encryption algorithm with the minimum overall complexity as the unique encryption algorithm.
In some embodiments of the present application, screening a unique communication protocol based on the overhead and complexity of the initial communication protocol includes:
acquiring a previous data packet in an initial communication protocol, analyzing the format of the data packet to obtain head and tail information, analyzing additional information, and determining additional overhead according to the additional information;
and determining the complexity according to the basic information of the initial communication protocol, determining the delay amount according to the overhead and the complexity, and taking the initial communication protocol with the delay amount closest to the real-time requirement of transmission as the screened unique communication protocol.
In some embodiments of the present application, setting the key length in the digital signature at the same time includes:
Evaluating performance requirements of multimedia information transmission, and determining a first key length interval based on the performance requirements;
determining a second key length interval and a third key length interval respectively based on the real-time requirement and the security requirement of the transmission;
recording an intersection interval of the first key length interval, the second key length interval and the third key length interval as a fourth key length interval;
and selecting a key length from the intermediate length interval in the fourth key length interval as the key length in the digital signature.
In some embodiments of the present application, the embedding of the digital watermark in the multimedia information includes:
Determining a target frequency region according to the multimedia information, and selecting a position with the best robustness in the target frequency region as a watermark embedding position;
evaluating perceptibility of the watermark through a perception model, thereby adjusting the watermark and controlling the watermark strength;
predicting the false alarm rate and the missing report rate of the standard watermark detection threshold, and adjusting the standard watermark detection threshold according to the false alarm rate and the missing report rate to obtain a target watermark detection threshold;
and monitoring the transmission environment parameters, and periodically adjusting the watermark strength and the target watermark detection threshold according to the transmission environment parameters.
In some embodiments of the present application, establishing a flow baseline according to multimedia information, analyzing abnormal flow, and implementing a safety measure for the abnormal flow, including:
Determining a flow standard baseline according to the multimedia information and the communication protocol, and expanding the flow standard baseline according to the network bandwidth and the network topology structure to obtain a flow fluctuation baseline;
analyzing a user behavior mode, determining a user access period, and dividing the user access period according to the user access flow to obtain a plurality of sub-periods;
Determining a sub-flow fluctuation baseline corresponding to each sub-period according to the flow fluctuation baselines, and analyzing abnormal flow through the time periods and the sub-flow fluctuation baselines so as to implement safety measures for the abnormal flow.
In some embodiments of the present application, the performance and the security of the multimedia information transmission are considered by controlling the CDN and the accelerator, including:
the CDN and the accelerator are controlled to perform content caching and distribution, load balancing, edge computing, distributed defense, DDoS protection, security detection and filtering.
Correspondingly, the application also provides a network transmission safety system based on the multimedia content, which comprises:
The first module is used for determining the real-time requirement and the safety requirement of transmission according to the multimedia information;
The second module is used for screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission;
the third module is used for screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm and screening out a unique communication protocol according to the overhead and the complexity of the initial communication protocol;
A fourth module, configured to set a key length in the digital signature at the same time, digitally sign the multimedia information, and embed a digital watermark in the multimedia information, so as to perform multimedia information transmission;
A fifth module, configured to establish a flow baseline according to the multimedia information and analyze abnormal flow during the transmission of the multimedia information, and implement a safety measure for the abnormal flow;
and the sixth module is used for taking the performance and the safety of the multimedia information transmission into consideration by controlling the CDN and the accelerator.
By applying the technical scheme, the real-time requirement and the safety requirement of transmission are determined according to the multimedia information; screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission; screening a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening a unique communication protocol according to the overhead and the complexity of the initial communication protocol; simultaneously setting the key length in the digital signature, carrying out digital signature on the multimedia information, and embedding a digital watermark into the multimedia information so as to carry out multimedia information transmission; in the process of multimedia information transmission, establishing a flow base line according to multimedia information, analyzing abnormal flow, and implementing safety protection measures for the abnormal flow; and the CDN and the accelerator are controlled to give consideration to the performance and the safety of the multimedia information transmission. The application improves the security of network transmission by screening encryption algorithm, communication protocol, setting digital signature key length and the like, and gives consideration to real-time performance, security and transmission performance.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a network transmission security method based on multimedia content according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a network transmission security system based on multimedia content according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The embodiment of the application provides a network transmission security method based on multimedia content, as shown in fig. 1, comprising the following steps:
Step S101, determining real-time requirements and security requirements of transmission according to the multimedia information.
In this embodiment, the multimedia information includes information of different types of media elements (e.g., text, image, audio, video, etc.). These media elements may be combined to convey more rich and comprehensive information. A basic real-time and security requirement for the transmission is determined based on the content.
Step S102, a plurality of initial encryption algorithms and communication protocols are screened based on the real-time requirements and the security requirements of the transmission.
In this embodiment, first, according to the real-time requirement and the security requirement of the transmission, the encryption algorithm and the communication protocol are initially screened, and the data meeting the requirements are screened out. Most encryption algorithms and communication protocols can meet the real-time and security requirements of transmission.
Step S103, screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening out a unique communication protocol according to the overhead and the complexity of the initial communication protocol.
In this embodiment, the complexity of the encryption algorithm is defined, so that a suitable encryption algorithm is screened out.
In some embodiments of the present application, the filtering of the unique encryption algorithm according to the complexity of the initial encryption algorithm includes:
Defining basic operation steps and specific operation steps in an initial encryption algorithm;
determining the calculation complexity of the basic operation steps and the specific operation steps through the maximum operand of each operation step;
Giving different weights to the basic operation steps and the special operation steps according to the operation frequencies of the basic operation steps and the special operation steps and the calculation complexity of the basic operation steps and the special operation steps, and calculating the overall complexity of each initial encryption algorithm;
ordering the initial encryption algorithms according to the overall complexity, and determining the delay amount and the security level of each initial encryption algorithm based on the overall complexity;
and screening out an initial encryption algorithm of which the delay amount meets the real-time requirement of transmission and the security level meets the security requirement of transmission.
In this embodiment, the basic operation steps are common to different algorithms, such as bit operation, modulo operation, exclusive-or operation, etc. These basic operations are the core steps of the algorithm execution. The specific operation steps are operation steps which are not available in other algorithms. The computational complexity of the basic and the specific operating steps is determined by the maximum operand of each operating step (taking into account the worst case required operand for each step). Different operand pairs have different computational complexity and the two steps are different.
In this embodiment, the overall complexity is converted into the amount of delay for each initial encryption algorithm, as well as the security level.
In some embodiments of the present application, the method for screening out a unique encryption algorithm according to complexity of an initial encryption algorithm further includes:
If the delay amount meets the real-time requirement of transmission and the security level meets the unique initial encryption algorithm of the security requirement of transmission, the initial encryption algorithm is used as a unique encryption algorithm for screening out;
If the delay amount meets the real-time requirement of transmission and the security level meets the initial encryption algorithm of the security requirement of transmission, comparing the encryption algorithms, and taking the encryption algorithm with the minimum overall complexity as the unique encryption algorithm.
In this embodiment, the selected initial encryption algorithm is not unique, and the encryption algorithm with the minimum overall complexity is selected, which is more beneficial to the encryption process and the decryption process.
In some embodiments of the present application, screening a unique communication protocol based on the overhead and complexity of the initial communication protocol includes:
acquiring a previous data packet in an initial communication protocol, analyzing the format of the data packet to obtain head and tail information, analyzing additional information, and determining additional overhead according to the additional information;
and determining the complexity according to the basic information of the initial communication protocol, determining the delay amount according to the overhead and the complexity, and taking the initial communication protocol with the delay amount closest to the real-time requirement of transmission as the screened unique communication protocol.
In this embodiment, some protocols may add additional header and trailer information to the data packet, which increases the overhead of communication and affects the real-time performance.
In this embodiment, the additional overhead may cause an increase in delay, and the complexity may also affect the delay amount, and the delay amount is determined according to the additional overhead and the complexity.
Step S104, the key length in the digital signature is set at the same time, the digital signature is carried out on the multimedia information, and the digital watermark is embedded in the multimedia information, so that the multimedia information is transmitted.
In this embodiment, digital signature (Digital Signature):
the purpose is as follows: the method is mainly used for verifying the authenticity and the integrity of the digital document and authenticating the identity of the sender.
The implementation mode is as follows: the signature is verified by encrypting the file using the sender's private key and then the receiver decrypts the file using the sender's public key.
Digital watermark (DIGITAL WATERMARKING):
The purpose is as follows: is primarily used to embed information in digital media to provide additional features without affecting the primary content.
The implementation mode is as follows: an invisible or imperceptible message, such as an image, audio or video, is embedded in the digital media file to provide an identification of the owner or producer of the content.
In some embodiments of the present application, setting the key length in the digital signature at the same time includes:
Evaluating performance requirements of multimedia information transmission, and determining a first key length interval based on the performance requirements;
determining a second key length interval and a third key length interval respectively based on the real-time requirement and the security requirement of the transmission;
recording an intersection interval of the first key length interval, the second key length interval and the third key length interval as a fourth key length interval;
and selecting a key length from the intermediate length interval in the fourth key length interval as the key length in the digital signature.
In this embodiment, different key lengths may affect performance requirements, real-time requirements and security requirements, and in order to balance the three, a proper key length is selected.
In some embodiments of the present application, the embedding of the digital watermark in the multimedia information includes:
Determining a target frequency region according to the multimedia information, and selecting a position with the best robustness in the target frequency region as a watermark embedding position;
evaluating perceptibility of the watermark through a perception model, thereby adjusting the watermark and controlling the watermark strength;
predicting the false alarm rate and the missing report rate of the standard watermark detection threshold, and adjusting the standard watermark detection threshold according to the false alarm rate and the missing report rate to obtain a target watermark detection threshold;
and monitoring the transmission environment parameters, and periodically adjusting the watermark strength and the target watermark detection threshold according to the transmission environment parameters.
In this embodiment, the frequency choices corresponding to different multimedia information are different. Perception model: perceptual models are used to evaluate the perceptibility of the watermark to ensure that the watermark is imperceptible in the image or audio. Quantitative intensity: the watermark strength is quantized, typically in the range of 0 to 1, 0 representing no watermark and 1 representing maximum strength. An appropriate range is selected according to the application requirements.
In this embodiment, the standard watermark detection threshold is adjusted according to the false alarm rate and the false alarm rate, so as to reduce and balance the false alarm rate and the false alarm rate.
In this embodiment, the watermark strength and the target watermark detection threshold are periodically adjusted according to the transmission environment parameter. The transmission environment parameters comprise noise, compression degree, transmission delay bandwidth and the like, when the fluctuation of the transmission environment parameters exceeds a reasonable interval, the watermark strength and the target watermark detection threshold value are adjusted, adjustment coefficients are corresponding to the differences between different transmission environment parameters and the original transmission environment parameters, and the adjustment is completed by the adjustment coefficients, namely the watermark strength and the target watermark detection threshold value.
Step S105, in the process of multimedia information transmission, a flow base line is established according to the multimedia information, abnormal flow is analyzed, and safety protection measures are implemented for the abnormal flow.
In some embodiments of the present application, establishing a flow baseline according to multimedia information, analyzing abnormal flow, and implementing a safety measure for the abnormal flow, including:
Determining a flow standard baseline according to the multimedia information and the communication protocol, and expanding the flow standard baseline according to the network bandwidth and the network topology structure to obtain a flow fluctuation baseline;
analyzing a user behavior mode, determining a user access period, and dividing the user access period according to the user access flow to obtain a plurality of sub-periods;
Determining a sub-flow fluctuation baseline corresponding to each sub-period according to the flow fluctuation baselines, and analyzing abnormal flow through the time periods and the sub-flow fluctuation baselines so as to implement safety measures for the abnormal flow.
In this embodiment, whether the abnormal flow is determined by the deviation degree of the flow and the sub-flow fluctuation baseline in the period, and the safety protection measures include the following:
Flow filtration and plugging:
The network device and firewall are configured to filter out abnormal traffic.
And (3) implementing plugging measures, and putting the source address of the abnormal traffic into a blacklist to prevent the source address from further accessing.
Bandwidth control and speed limiting:
a bandwidth control policy is implemented that limits the traffic rate of individual users or IP addresses.
And using QoS (Quality of Service) technology to treat normal traffic preferentially and reduce the priority of abnormal traffic.
Step S106, the performance and the safety of the multimedia information transmission are considered by controlling the CDN and the accelerator.
In some embodiments of the present application, the performance and the security of the multimedia information transmission are considered by controlling the CDN and the accelerator, including:
the CDN and the accelerator are controlled to perform content caching and distribution, load balancing, edge computing, distributed defense, DDoS protection, security detection and filtering.
In this embodiment, the CDN and accelerator are utilized to improve performance:
content caching and distribution:
CDN: the multimedia content is cached on the distributed CDN servers, so that the transmission distance from the source server to the terminal user is reduced, and the content transmission speed is improved.
An accelerator: the accelerator is used for optimizing network transmission, reducing delay and improving data transmission speed.
Load balancing:
CDN: the CDN distributes the user requests to a plurality of servers through a load balancing technology, so that overload of a single server is avoided, and the response speed is improved.
An accelerator: the accelerators can also optimize network performance through load balancing, ensuring uniform resource allocation.
Edge calculation:
CDN: the CDN can support edge computing, and push computing tasks to edge nodes closer to the user, so that response time is reduced.
An accelerator: the accelerator may also support edge computation to some extent, optimizing the location of computation and data processing.
Reducing the chance of an attacker to attack with high capacity transmissions:
Distributed defenses:
CDN: CDNs are typically provided with a distributed architecture that can defend against distributed denial of service (DDoS) attacks by distributing nodes throughout the world.
An accelerator: global deployment of accelerators can also provide the advantage of distributed defenses.
DDoS protection:
CDN: the CDN provides special DDoS protection service, can filter malicious traffic and ensures normal user access.
An accelerator: the accelerator may also contain DDoS protection functions to help defend against large-scale attacks.
Safety detection and filtration:
CDN: CDNs may detect and filter out possible malicious requests by integrating security detection and filtering mechanisms.
An accelerator: the accelerator may also include security detection functionality to ensure that the transmitted content does not contain malicious elements.
By applying the technical scheme, the real-time requirement and the safety requirement of transmission are determined according to the multimedia information; screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission; screening a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening a unique communication protocol according to the overhead and the complexity of the initial communication protocol; simultaneously setting the key length in the digital signature, carrying out digital signature on the multimedia information, and embedding a digital watermark into the multimedia information so as to carry out multimedia information transmission; in the process of multimedia information transmission, establishing a flow base line according to multimedia information, analyzing abnormal flow, and implementing safety protection measures for the abnormal flow; and the CDN and the accelerator are controlled to give consideration to the performance and the safety of the multimedia information transmission. The application improves the security of network transmission by screening encryption algorithm, communication protocol, setting digital signature key length and the like, and gives consideration to real-time performance, security and transmission performance.
From the above description of the embodiments, it will be clear to those skilled in the art that the present invention may be implemented in hardware, or may be implemented by means of software plus necessary general hardware platforms. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.), and includes several instructions for causing a computer device (may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective implementation scenario of the present invention.
In order to further explain the technical idea of the invention, the technical scheme of the invention is described with specific application scenarios.
Correspondingly, the application also provides a network transmission security system based on the multimedia content, as shown in fig. 2, the system comprises:
A first module 201, configured to determine a real-time requirement and a security requirement of the transmission according to the multimedia information;
A second module 202, configured to screen a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and security requirements of the transmission;
a third module 203, configured to screen out a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screen out a unique communication protocol according to the overhead and complexity of the initial communication protocol;
a fourth module 204, configured to set a key length in the digital signature at the same time, digitally sign the multimedia information, and embed a digital watermark in the multimedia information, so as to perform multimedia information transmission;
A fifth module 205, configured to establish a flow baseline according to the multimedia information and analyze an abnormal flow during the transmission of the multimedia information, and implement a safety protection measure for the abnormal flow;
a sixth module 206, configured to compromise performance and security of multimedia information transmission by controlling the CDN and the accelerator.
Those skilled in the art will appreciate that the modules in the system in the implementation scenario may be distributed in the system in the implementation scenario according to the implementation scenario description, or that corresponding changes may be located in one or more systems different from the implementation scenario. The modules of the implementation scenario may be combined into one module, or may be further split into a plurality of sub-modules.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be appreciated by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not drive the essence of the corresponding technical solutions to depart from the spirit and scope of the technical solutions of the embodiments of the present application.
Claims (6)
1. A method for secure network transmission based on multimedia content, the method comprising:
determining the real-time requirement and the safety requirement of transmission according to the multimedia information;
Screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission;
Screening a unique encryption algorithm according to the complexity of the initial encryption algorithm, and screening a unique communication protocol according to the overhead and the complexity of the initial communication protocol;
Simultaneously setting the key length in the digital signature, carrying out digital signature on the multimedia information, and embedding a digital watermark into the multimedia information so as to carry out multimedia information transmission;
In the process of multimedia information transmission, establishing a flow base line according to multimedia information, analyzing abnormal flow, and implementing safety protection measures for the abnormal flow;
The CDN and the accelerator are controlled to give consideration to the performance and the safety of the multimedia information transmission;
screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm, including:
Defining basic operation steps and specific operation steps in an initial encryption algorithm;
determining the calculation complexity of the basic operation steps and the specific operation steps through the maximum operand of each operation step;
Giving different weights to the basic operation steps and the special operation steps according to the operation frequencies of the basic operation steps and the special operation steps and the calculation complexity of the basic operation steps and the special operation steps, and calculating the overall complexity of each initial encryption algorithm;
ordering the initial encryption algorithms according to the overall complexity, and determining the delay amount and the security level of each initial encryption algorithm based on the overall complexity;
screening out an initial encryption algorithm of which the delay amount meets the real-time requirement of transmission and the security level meets the security requirement of transmission;
Screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm, and further comprising:
If the delay amount meets the real-time requirement of transmission and the security level meets the unique initial encryption algorithm of the security requirement of transmission, the initial encryption algorithm is used as a unique encryption algorithm for screening out;
if the delay amount meets the real-time requirement of transmission and the security level meets the initial encryption algorithm of the security requirement of transmission, comparing the encryption algorithms, and taking the encryption algorithm with the minimum overall complexity as a unique encryption algorithm;
Screening out a unique communication protocol based on the overhead and complexity of the initial communication protocol, including:
acquiring a previous data packet in an initial communication protocol, analyzing the format of the data packet to obtain head and tail information, analyzing additional information, and determining additional overhead according to the additional information;
and determining the complexity according to the basic information of the initial communication protocol, determining the delay amount according to the overhead and the complexity, and taking the initial communication protocol with the delay amount closest to the real-time requirement of transmission as the screened unique communication protocol.
2. The multimedia content based network transmission security method of claim 1, wherein simultaneously setting the key length in the digital signature comprises:
Evaluating performance requirements of multimedia information transmission, and determining a first key length interval based on the performance requirements;
determining a second key length interval and a third key length interval respectively based on the real-time requirement and the security requirement of the transmission;
recording an intersection interval of the first key length interval, the second key length interval and the third key length interval as a fourth key length interval;
and selecting a key length from the intermediate length interval in the fourth key length interval as the key length in the digital signature.
3. The network transmission security method based on multimedia contents according to claim 1, wherein the embedding of the digital watermark in the multimedia information comprises:
Determining a target frequency region according to the multimedia information, and selecting a position with the best robustness in the target frequency region as a watermark embedding position;
evaluating perceptibility of the watermark through a perception model, thereby adjusting the watermark and controlling the watermark strength;
predicting the false alarm rate and the missing report rate of the standard watermark detection threshold, and adjusting the standard watermark detection threshold according to the false alarm rate and the missing report rate to obtain a target watermark detection threshold;
and monitoring the transmission environment parameters, and periodically adjusting the watermark strength and the target watermark detection threshold according to the transmission environment parameters.
4. The multimedia content based network transmission security method of claim 1, wherein establishing a traffic baseline from the multimedia information and analyzing the abnormal traffic, implementing security protection measures for the abnormal traffic, comprises:
Determining a flow standard baseline according to the multimedia information and the communication protocol, and expanding the flow standard baseline according to the network bandwidth and the network topology structure to obtain a flow fluctuation baseline;
analyzing a user behavior mode, determining a user access period, and dividing the user access period according to the user access flow to obtain a plurality of sub-periods;
Determining a sub-flow fluctuation baseline corresponding to each sub-period according to the flow fluctuation baselines, and analyzing abnormal flow through the time periods and the sub-flow fluctuation baselines so as to implement safety measures for the abnormal flow.
5. The method for secure network transmission of multimedia content according to claim 1, wherein the performance and security of the transmission of the multimedia information are compromised by controlling the CDN and the accelerator, comprising:
the CDN and the accelerator are controlled to perform content caching and distribution, load balancing, edge computing, distributed defense, DDoS protection, security detection and filtering.
6. A multimedia content based network transmission security system, the system comprising:
The first module is used for determining the real-time requirement and the safety requirement of transmission according to the multimedia information;
The second module is used for screening a plurality of initial encryption algorithms and communication protocols based on the real-time requirements and the security requirements of the transmission;
the third module is used for screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm and screening out a unique communication protocol according to the overhead and the complexity of the initial communication protocol;
A fourth module, configured to set a key length in the digital signature at the same time, digitally sign the multimedia information, and embed a digital watermark in the multimedia information, so as to perform multimedia information transmission;
A fifth module, configured to establish a flow baseline according to the multimedia information and analyze abnormal flow during the transmission of the multimedia information, and implement a safety measure for the abnormal flow;
A sixth module, configured to compromise performance and security of multimedia information transmission by controlling the CDN and the accelerator;
screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm, including:
Defining basic operation steps and specific operation steps in an initial encryption algorithm;
determining the calculation complexity of the basic operation steps and the specific operation steps through the maximum operand of each operation step;
Giving different weights to the basic operation steps and the special operation steps according to the operation frequencies of the basic operation steps and the special operation steps and the calculation complexity of the basic operation steps and the special operation steps, and calculating the overall complexity of each initial encryption algorithm;
ordering the initial encryption algorithms according to the overall complexity, and determining the delay amount and the security level of each initial encryption algorithm based on the overall complexity;
screening out an initial encryption algorithm of which the delay amount meets the real-time requirement of transmission and the security level meets the security requirement of transmission;
Screening out a unique encryption algorithm according to the complexity of the initial encryption algorithm, and further comprising:
If the delay amount meets the real-time requirement of transmission and the security level meets the unique initial encryption algorithm of the security requirement of transmission, the initial encryption algorithm is used as a unique encryption algorithm for screening out;
if the delay amount meets the real-time requirement of transmission and the security level meets the initial encryption algorithm of the security requirement of transmission, comparing the encryption algorithms, and taking the encryption algorithm with the minimum overall complexity as a unique encryption algorithm;
Screening out a unique communication protocol based on the overhead and complexity of the initial communication protocol, including:
acquiring a previous data packet in an initial communication protocol, analyzing the format of the data packet to obtain head and tail information, analyzing additional information, and determining additional overhead according to the additional information;
and determining the complexity according to the basic information of the initial communication protocol, determining the delay amount according to the overhead and the complexity, and taking the initial communication protocol with the delay amount closest to the real-time requirement of transmission as the screened unique communication protocol.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311434758.1A CN117728972B (en) | 2023-10-31 | 2023-10-31 | Network transmission security method and system based on multimedia content |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311434758.1A CN117728972B (en) | 2023-10-31 | 2023-10-31 | Network transmission security method and system based on multimedia content |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117728972A CN117728972A (en) | 2024-03-19 |
| CN117728972B true CN117728972B (en) | 2024-10-15 |
Family
ID=90207609
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311434758.1A Active CN117728972B (en) | 2023-10-31 | 2023-10-31 | Network transmission security method and system based on multimedia content |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117728972B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119420705B (en) * | 2025-01-03 | 2025-07-04 | 天津市滨海新区气象局(天津市滨海新区气象预警中心) | Meteorological data compression and transmission intelligent control system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN204463175U (en) * | 2015-01-23 | 2015-07-08 | 圣达通宇科技(北京)有限公司 | A kind of read-write equipment of radio frequency smart card |
| CN105684365A (en) * | 2013-02-12 | 2016-06-15 | 慧与发展有限责任合伙企业 | Network control using software defined flow mapping and virtualized network functions |
| CN116055138A (en) * | 2022-12-23 | 2023-05-02 | 南京南瑞信息通信科技有限公司 | A lightweight data security monitoring and blocking method, device and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102504850B1 (en) * | 2016-05-12 | 2023-03-02 | 인터디지탈 패튼 홀딩스, 인크 | Connecting to virtualized mobile core networks |
| CN106210019A (en) * | 2016-07-04 | 2016-12-07 | 安徽天达网络科技有限公司 | A kind of large-scale height concurrent WEB application system |
| CN108810008B (en) * | 2018-06-28 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Transmission control protocol flow filtering method, device, server and storage medium |
| CN113190866B (en) * | 2021-05-26 | 2022-07-08 | 江苏方天电力技术有限公司 | Power plant data safety credible transmission method for enhancing digital watermarking technology |
-
2023
- 2023-10-31 CN CN202311434758.1A patent/CN117728972B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105684365A (en) * | 2013-02-12 | 2016-06-15 | 慧与发展有限责任合伙企业 | Network control using software defined flow mapping and virtualized network functions |
| CN204463175U (en) * | 2015-01-23 | 2015-07-08 | 圣达通宇科技(北京)有限公司 | A kind of read-write equipment of radio frequency smart card |
| CN116055138A (en) * | 2022-12-23 | 2023-05-02 | 南京南瑞信息通信科技有限公司 | A lightweight data security monitoring and blocking method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117728972A (en) | 2024-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Alharbi | Deployment of blockchain technology in software defined networks: A survey | |
| US7864959B2 (en) | Methods and apparatus for multi-level dynamic security system | |
| CN100425025C (en) | Security system and method for application server security law and network security law | |
| Durcekova et al. | Sophisticated denial of service attacks aimed at application layer | |
| EP3149582B1 (en) | Method and apparatus for a scoring service for security threat management | |
| US20090313682A1 (en) | Enterprise Multi-interceptor Based Security and Auditing Method and Apparatus | |
| CN104967610B (en) | A kind of timeslot-based watermark hopping communication means | |
| CN113872944A (en) | Block chain-oriented zero-trust security architecture and cluster deployment framework thereof | |
| CN117978522B (en) | Network communication method, system and device based on virtual link enhanced confusion | |
| CN117728972B (en) | Network transmission security method and system based on multimedia content | |
| US20250211449A1 (en) | Dynamic orchestration-based audio-video security protection method, device and system | |
| CN104852914A (en) | Watermark hopping communication method based on data packet interval | |
| CN114915972A (en) | A network slicing security architecture and trust measurement method | |
| KR20130085473A (en) | Encryption system for intrusion detection system of cloud computing service | |
| CN118590216B (en) | Data security sharing and content management and control method, device and system based on zero trust | |
| CN119135375A (en) | A data access method and device based on software-defined boundaries | |
| Wang et al. | An effective approach for stepping-stone intrusion detection using packet crossover | |
| US20220014501A1 (en) | Method and device for monitoring data output by a server | |
| CN117938962A (en) | Network request scheduling method, device, equipment and medium for CDN | |
| KR102020986B1 (en) | Trust network system based block-chain | |
| KR101400062B1 (en) | System of security management for iptv set top box | |
| CN117201077A (en) | Internet of things access scene identity modeling and trust evaluation method | |
| CN115297481A (en) | 5G MEC security assessment system and method | |
| CN118250090B (en) | Internet of Things Platform Information Processing Method and Device | |
| CN115473737B (en) | Anonymous anti-tracing method and system based on blockchain networking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |