55 results about "Conditional entropy" patented technology

The invention concerns a data anonymity measuring device for selectively transmitting an anonymised database to a third party comprising: calculation means (402) coupled to at least one memory, the memory storing an original database (204) and said anonymized database (206), said calculation means arranged to calculate the conditional entropy for each entry in said anonymized database based on entries in said original database; comparing means (406) arranged to compare at least one of said conditional entropies with a threshold value; and output means (410) arranged to transmit said anonymized database based on the result of said comparison.

A method and system provide for secure sharing of arbitrary data between users with limited mutual trust. A user can encode its information by using a Slepian-Wolf code at a rate which enables a second user to correctly decode only if the side-information it has satisfies a conditional entropy constraint. The key advantages are as follows. Firstly, it is very flexible, in that it enables secure sharing for general data including multimedia data. Secondly, by appropriate Slepian-Wolf code selection, it enables compression in conjunction with security. Thirdly, it can be used for the case where the data model is imperfectly known and trust is to be built up incrementally.

The invention discloses a radio frequency stealth datalink emitting state acquiring method based on maximum conditional entropy. A prior environmental threat factor x and a prior datalink emitting state y in historic radio frequency stealth data serve as sample spaces. Firstly, the probability density function of the sample space x, the joint probability density function of the sample space x and the sample space y and the characteristic functions of the sample space x and the sample space y are respectively worked out; secondly, a maximum conditional entropy distribution function expression is worked out by building a Lagrange function; thirdly, unknown coefficients in the maximum conditional entropy distribution function expression are worked out, and a maximum conditional entropy distribution function is acquired; fourthly, environment thread factors acquired by situation awareness equipment are input into the maximum conditional entropy distribution function, and a datalink emitting state with the largest uncertainty is acquired.

The invention discloses a distributed denial of service attack detection method based on a C4.5 decision tree algorithm in software defined network environment, and the method comprises the followingsteps: collecting flow table information returned back by an OpenFlow switch through an OpenFlow protocol; extracting field information related to a DDoS attack from the flow table information, converting the extracted information into parameters capable of analyzing network flow distribution variation and taking the parameters as attributes, and forming a training set of a decision tree; classifying flows with the C4.5 decision tree algorithm, calculating class information entropy according to training set data classes; orderly calculating conditional entropy of the attributes, gain of information, information entropy of the attributes and information gain ratio of the attributes; selecting the attribute with the highest information gain ratio as a root node of the decision tree, and selecting the attributes with highest information gain ratio from the residual attributes as a fork node, and repeating the steps above until forming the decision tree; and using the finally formed decision tree to perform classification operation for the new network flow, and detecting whether the DDoS attack exists. The method can detect the DDoS attack more accurately.

Shannon's equivocation, the conditional entropy of key or message with respect to a specific ciphertext, is the primary indicator of the security of any secrecy system, in that when key equivocation H E (K) or message equivocation H E (M) attain log 0 (or 1) under a brute-force attack, the system is compromised and has no security. We propose a simplistic equivocation definition of security which distinguishes between “secure / unsolvable” and “insecure / solvable” encipherments. Whilst equivocation may be used practically in a passive manner to cryptanalyse finite-length key “insecure / solvable” secrecy systems to determine the length of ciphertext required to compromise the secrecy system, the invention in this patent offers a cryptographic design framework which allows for the equivocation of finite-length key systems to be actively engineered using equivocation augmentation, such that the residual key and message equivocation of any cryptosystem may be continuously augmented at a faster rate than it is lost, effectively ensuring that equivocation can never attain log 0. In short, it allows for the encryption of any length of message with any finite length key into a ciphertext with “secure / unsolvable” security characteristics. Alternatively, it allows for the cryptographic engineering of information theoretic security in all finite length key systems. The invention is primarily aimed at solving two major problems: (a) a viable practical security solution against future quantum computing / artificial intelligence threats (the QC / AI problem), and (b) a viable practical security solution to the privacy / national interest dichotomy problem, in that it allows for the engineering of security systems which are capable of simultaneously supporting both the absolute privacy of individual users and the security interests of the user group at large. Various methods, apparatuses, and systems are described which allow for the implementation of a “secure / unsolvable” secrecy system which is fast, extensible, simple to implement in hardware and software, and able to be incorporated by or with any existing security solution or cryptographic primitives.