WO2018000787A1 - Terminal, and method and system for identifying pseudo base station - Google Patents
Terminal, and method and system for identifying pseudo base station Download PDFInfo
- Publication number
- WO2018000787A1 WO2018000787A1 PCT/CN2016/113380 CN2016113380W WO2018000787A1 WO 2018000787 A1 WO2018000787 A1 WO 2018000787A1 CN 2016113380 W CN2016113380 W CN 2016113380W WO 2018000787 A1 WO2018000787 A1 WO 2018000787A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- base station
- station cell
- cell
- terminal
- pseudo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Definitions
- the present invention relates to the field of GSM communication technologies, and in particular, to a pseudo base station identification method and system.
- the invention also relates to a terminal.
- the pseudo base station is a public mobile operator base station forged by criminals.
- the pseudo base station absorbs some mobile phone users by forging part of the network parameters and increasing its own transmission power.
- the pseudo base station can acquire the mobile phone user.
- Figure 1 is a flow chart of the process of the current pseudo base station operation.
- the existing GSM (Global System for Mobile Communication) mobile communication system has the defect of one-way authentication, that is, only the network authenticates the terminal, and the terminal cannot identify the legality of the network identity, because the pseudo is not recognized.
- the base station has low security when the user connects to the network and is vulnerable to the intrusion of the pseudo base station.
- An object of the present invention is to provide a method and system for identifying a pseudo base station, which not only can identify a pseudo base station, but also avoids information leakage of the terminal user in the identification process, thereby greatly ensuring network security of the terminal user.
- Another object of the present invention is to provide a terminal having the above effects.
- the present invention provides a pseudo base station identification method for a terminal, including:
- Step s101 After the base station cell reselection occurs on the terminal, receive system information sent by the base station cell after reselection;
- Step s102 Send a location update request to the base station cell
- Step s103 determining, according to the system information, whether the base station cell satisfies a pseudo base station determination criterion, and if yes, proceeding to step s104;
- Step s104 After receiving the identity request information sent by the base station cell, send the fake identity information to the base station cell.
- Step s105 Determine whether to continue receiving the identity request information sent by the base station cell, and if yes, mark the address of the base station cell as a pseudo base station; and the terminal reselects into another base station cell.
- the method further includes:
- the address of the base station cell is written into the list of forbidden access cells stored in the terminal.
- the system information includes a location area code and a periodic location update time
- the base station cell satisfies the pseudo base station determining criterion, and the base station cell does not satisfy the pseudo base station determining criterion.
- the method further includes:
- the base station cell does not satisfy the pseudo base station determining criterion, after receiving the identity request information sent by the base station cell, sending the real identity information to the base station cell;
- the address of the base station cell is marked as a true base station cell, and the terminal is reselected into the base station cell.
- the method further includes:
- the identity request information sent by the base station cell is not continuously received, determining whether the location update rejection information sent by the base station cell is received, and if yes, resending the location update request to the base station cell;
- the address of the base station cell is marked as a true base station cell, and the terminal is reselected into the base station cell.
- the method further includes:
- the address of the base station cell is written into the list of allowed access cells stored in the terminal.
- the base station information receiving module is configured to: after the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell, and trigger a location update request sending module;
- the first determining module is configured to determine, according to the system information, whether the base station cell satisfies a pseudo base station determining criterion, and if yes, triggering the first identity information sending module;
- the first identity information sending module is configured to: after receiving the identity request information sent by the base station cell, send the fake identity information to the base station cell;
- the second determining module is configured to determine whether to continue receiving the identity request information sent by the base station cell, and if yes, mark the address of the base station cell as a pseudo base station; and the terminal reselects into another base station cell.
- the method further comprises:
- the pseudo base station write module is configured to, when the address of the base station cell is marked as a pseudo base station, write the address of the base station cell into the list of forbidden access cells stored in the terminal.
- the system information includes a location area code and a periodic location update time, determining whether the increased value of the received signal within a preset time exceeds a preset signal threshold when the terminal performs cell reselection of the base station, and Whether the location area code of the base station cell exceeds a preset area code range, and whether the periodic location update time of the base station cell is less than a preset period, and if yes, the base station cell satisfies the pseudo base station determination Standard, triggering the first identity information sending module; otherwise, the base station cell does not satisfy the pseudo base station determining criterion.
- the method further comprises:
- the second identity information sending module is configured to: after receiving the identity request information sent by the base station cell, send the real identity information to the base station cell, and after the location update, trigger the true base station marking module; wherein, when the first When the determining module determines that the base station cell does not meet the pseudo base station determining criterion, triggering the second identity information sending module;
- the true base station marking module is configured to mark that the address of the base station cell is a true base station cell.
- the method further comprises:
- the second identity information sending module is triggered.
- the method further comprises:
- the present invention also provides a terminal, comprising the pseudo base station identification system according to any of the above.
- the processor invokes the pseudo base station identification system in the memory to perform a pseudo base station identification operation through the bus.
- FIG. 4 is a schematic structural diagram of a pseudo base station identification system according to the present invention.
- FIG. 5 is a schematic structural diagram of a terminal provided by the present invention.
- the core of the present invention is to provide a pseudo base station identification method and system, which can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user.
- Another core of the present invention is to provide a terminal having the above effects.
- Step s101 After the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell;
- Step s102 Send a location update request to the base station cell
- Step s104 After receiving the identity request information sent by the base station cell, sending the fake identity information to the base station cell;
- Step s105 Determine whether to continue receiving the identity request information sent by the base station cell. If yes, the address of the marked base station cell is a pseudo base station; and the terminal reselects the other base station cell.
- the present invention provides a pseudo base station identification method. Since the purpose of the pseudo base station is to obtain the identity information of the terminal user for illegal information transmission, in the present invention, after the terminal performs cell reselection of the base station, it is first determined whether the base station cell is It may be a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion). If possible, the terminal sends the false identity information to test the base station cell. If the base station cell continues to send the identity request information, it indicates that the base station cell is a pseudo base station. (The true base station cell will send location update reject information). Therefore, the present invention can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user.
- FIG. 3 is a flowchart of a process of another pseudo base station identification method according to the present invention; the method includes:
- Step s101 After the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell;
- Step s102 Send a location update request to the base station cell
- Step s103 judging whether the base station cell satisfies the pseudo base station determination criterion according to the system information, if yes, proceeding to step s104; if not, proceeding to step s111;
- the system information includes a location area code (LAC) and a periodic location update time T3212;
- LAC location area code
- T3212 periodic location update time
- the transmission power is suddenly increased, that is, the transmission signal of the pseudo base station is stronger than the transmission signal of the real base station cell, and the transmission signal of the pseudo base station usually appears suddenly, thereby causing
- the signal received by the terminal will suddenly increase in a short period of time, so a short preset time (for example, a few seconds) can be set, and it is judged whether the signal received by the terminal increases in the preset time.
- the preset signal threshold is exceeded to initially determine whether the base station cell is a pseudo base station.
- Step s104 After receiving the identity request information sent by the base station cell, sending the fake identity information to the base station cell;
- the identity request information refers to the base station cell used to request the IMSI (International Mobile Subscriber Identification Number), TMSI (Temporary Mobile Subscriber Identity), and IMEI (International).
- Mobile Equipment Identity information such as the International Mobile Equipment Identity is used to authenticate to verify whether the identity of the end user can access the network.
- the fake identity information is sent to test the base station cell, which further avoids leakage of user identity information and improves network security.
- Step s106 marking the address of the base station cell as a pseudo base station
- Step s108 the terminal reselects into another base station cell
- Step s109 determining whether the location update rejection information sent by the base station cell is received, and if yes, proceeding to step s110;
- Step s110 Resending the location update request to the base station cell
- Step s111 After receiving the identity request information sent by the base station cell, sending the real identity information to the base station cell;
- Step s112 After the location update succeeds, the address of the marked base station cell is a true base station cell;
- Step s113 Write the address of the base station cell into the list of allowed access cells stored in the terminal;
- the operation enables the terminal to discover in time when re-selecting the cell into the real base station, and does not need to perform the foregoing determining operation, thereby improving the efficiency of the terminal accessing the base station cell.
- Step s114 The terminal reselects into the base station cell.
- the embodiment further increases the step of transmitting the real identity information to the base station cell when determining that the base station cell is a true base station, so that the terminal normally accesses the real base station cell after the pseudo base station identification process is completed, thereby avoiding The pseudo base station identification process has an impact on the normal networking of the terminal; and in this embodiment, after the identification is completed, the address of the base station cell is correspondingly written into the list of the forbidden access cells stored in the terminal or allowed to access the cell list, so that the terminal is enabled. After reselecting to the base station cell, the type of the base station cell can be known in time without repeating the identification operation, thereby improving the working efficiency of the terminal accessing the base station cell.
- FIG. 4 is a schematic structural diagram of a pseudo base station identification system according to the present invention.
- the system includes:
- the base station information receiving module 11 is configured to receive the system information sent by the reselected base station cell after the base station cell reselection occurs, and trigger the location update request sending module 12;
- the location update request sending module 12 is configured to send a location update request to the base station cell
- the first determining module 13 is configured to determine, according to the system information, whether the base station cell satisfies the pseudo base station determining criterion, and if so, triggering the identity information sending module 14;
- the first identity information sending module 14 is configured to: after receiving the identity request information sent by the base station cell, send the fake identity information to the base station cell;
- the second judging module 15 is configured to determine whether to continue receiving the identity request information sent by the base station cell. If yes, the address of the marked base station cell is a pseudo base station; and the terminal reselects the other base station cell.
- the first judging module 13 here is specifically set as:
- the system information includes the location area code and the periodic location update time
- the system further comprises:
- the pseudo base station write module 16 is configured to write the address of the base station cell into the list of forbidden access cells stored in the terminal when the address of the marked base station cell is a pseudo base station.
- the system further comprises:
- the second identity information sending module 18 is configured to: after receiving the identity request information sent by the base station cell, send the real identity information to the base station cell, and after the location update, trigger the true base station marking module 19; wherein, when the first determining module 13 determines When the base station cell does not meet the pseudo base station determination criterion, the second identity information sending module 18 is triggered;
- the true base station marking module 19 is configured to mark the address of the base station cell as a true base station cell.
- system further includes:
- the third determining module 17 is configured to: when the second determining module 15 determines that the identity request information sent by the base station cell is not continuously received, determine whether the location update rejection information sent by the base station cell is received, and if yes, trigger the location update request sending module. 12 resending the location update request to the base station cell;
- the second identity information sending module 18 is triggered.
- the system further comprises:
- the true base station write module 20 is configured to write the address of the base station cell into the list of allowed access cells stored in the terminal when the address of the marked base station cell is a true base station cell.
- the present invention provides a pseudo base station identification system. Since the purpose of the pseudo base station is to obtain the identity information of the terminal user for illegal information transmission, in the present invention, after the base station cell reselection occurs in the terminal, it is first determined whether the base station cell is It may be a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion). If possible, the terminal sends the false identity information to test the base station cell. If the base station cell continues to send the identity request information, it indicates that the base station cell is a pseudo base station. (The true base station cell will send location update reject information). Therefore, the present invention can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user.
- the base station cell may be a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion). If possible, the terminal sends the false identity information to test the base station cell. If
- FIG. 5 is a schematic structural diagram of a terminal according to the present invention; the terminal includes the pseudo base station identification system.
- the terminal specifically includes a processor 31, an input device 35 and an output device 36 respectively connected to the processor 31 through the interface 32, and a memory 34 connected to the processor 31 via the bus 33;
- the pseudo base station identification system is stored in the memory
- the processor performs a pseudo base station identification operation by calling a pseudo base station identification system in the memory through the bus.
- terminal shown in FIG. 5 can be used to implement the method implemented by the embodiments of the present invention shown in FIG. 2 to FIG. 3, and for the convenience of description, only the parts related to the embodiments of the present invention are shown. For details not disclosed, please refer to the embodiments of the present invention shown in FIGS. 2 to 3.
- the memory 34 is used to store a pseudo base station identification system, which is a set of program codes.
- the processor 31 is configured to call the program code to perform the following operations:
- the system information sent by the reselected base station cell is received by the input device 35;
- the input device 35 It is judged whether the input device 35 continues to receive the identity request information sent by the base station cell, and if so, the address of the marked base station cell is a pseudo base station; the terminal reselects the other base station cell.
- the processor 31 is configured to invoke the program code, and is also used to perform the following operations:
- the address of the base station cell is written into the list of the forbidden access cells stored in the terminal.
- the processor 31 is configured to invoke the program code, and is also used to perform the following operations:
- the input device 35 receives the identity request information sent by the base station cell, and then sends the real identity information to the base station cell;
- the address of the marked base station cell is a true base station cell; the terminal is reselected into the base station cell.
- the processor 31 is configured to invoke the program code, and is also used to perform the following operations:
- the identity request information sent by the base station cell is not continuously received by the input device 35, it is determined whether the location update rejection information sent by the base station cell is received by the input device 35, and if so, the location update request is retransmitted by the output device 36 to the base station cell;
- the address of the marked base station cell is a true base station cell; the terminal is reselected into the base station cell.
- the processor 31 is configured to invoke the program code, and is also used to perform the following operations:
- the address of the base station cell is written into the list of allowed access cells stored in the terminal.
- the pseudo base station can be identified to prevent the terminal from accessing the pseudo base station, and the identified pseudo base station address can be stored in the access cell list in the terminal.
- ROM Read-Only Memory
- RAM Random Access Memory
- PROM Programmable Read-Only Memory
- EPROM Erasable Programmable Read Only Memory
- OTPROM One-time Programmable Read-Only Memory
- EEPROM Electronically-Erasable Programmable Read-Only Memory
- CD-ROM Compact Disc Read- Only Memory
- CD-ROM Compact Disc Read- Only Memory
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
本申请要求于2016年6月28日提交中国专利局,申请号为201610486479.3、发明名称为“一种终端、伪基站识别方法及系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to Chinese Patent Application No. 201610486479.3, entitled "A Terminal, Pseudo Base Station Identification Method and System", filed on June 28, 2016, the entire contents of which are incorporated by reference. In this application.
本发明涉及GSM通信技术领域,特别是涉及一种伪基站识别方法及系统。本发明还涉及一种终端。The present invention relates to the field of GSM communication technologies, and in particular, to a pseudo base station identification method and system. The invention also relates to a terminal.
伪基站是不法分子伪造的公共移动运营商基站,伪基站通过伪造部分网络参数和加大自身发射功率来吸收周围的手机用户,当手机用户成功驻留伪基站后,伪基站即可获取手机用户的身份信息,随后进行大容量的非法信息传递,进而从中获取非法盈利。参见图1所示,图1为目前的伪基站工作的过程的流程图。The pseudo base station is a public mobile operator base station forged by criminals. The pseudo base station absorbs some mobile phone users by forging part of the network parameters and increasing its own transmission power. When the mobile phone user successfully camps on the pseudo base station, the pseudo base station can acquire the mobile phone user. The identity information, followed by large-volume illegal information transmission, and then obtain illegal profits. Referring to Figure 1, Figure 1 is a flow chart of the process of the current pseudo base station operation.
而现有GSM(Global System for Mobile Communication,全球移动通信系统)移动通信系统存在单向鉴权的缺陷,即只有网络对终端进行鉴权,而终端无法识别网络身份的合法性,由于无法识别伪基站,用户连接网络时的安全性低,容易受到伪基站的侵扰。The existing GSM (Global System for Mobile Communication) mobile communication system has the defect of one-way authentication, that is, only the network authenticates the terminal, and the terminal cannot identify the legality of the network identity, because the pseudo is not recognized. The base station has low security when the user connects to the network and is vulnerable to the intrusion of the pseudo base station.
因此,如何提供一种能够提高用户的网络安全性的终端、伪基站识别方法及系统是本领域技术人员目前需要解决的问题。Therefore, how to provide a terminal, a pseudo base station identification method and system capable of improving user network security is a problem that a person skilled in the art needs to solve at present.
本发明的目的是提供一种伪基站识别方法及系统,不仅能够识别伪基站,同时在识别过程中也避免了终端用户的信息泄露,极大地保证了终端用户的网络安全性。本发明的另一目的是提供一种具有上述效果的终端。An object of the present invention is to provide a method and system for identifying a pseudo base station, which not only can identify a pseudo base station, but also avoids information leakage of the terminal user in the identification process, thereby greatly ensuring network security of the terminal user. Another object of the present invention is to provide a terminal having the above effects.
为解决上述技术问题,本发明提供了一种伪基站识别方法,用于终端,包括:To solve the above technical problem, the present invention provides a pseudo base station identification method for a terminal, including:
步骤s101:当所述终端发生基站小区重选后,接收重选后的所述基站小区发送的系统信息;Step s101: After the base station cell reselection occurs on the terminal, receive system information sent by the base station cell after reselection;
步骤s102:发送位置更新请求至所述基站小区;Step s102: Send a location update request to the base station cell;
步骤s103:根据所述系统信息判断所述基站小区是否满足伪基站判定标准,如果是,进入步骤s104;Step s103: determining, according to the system information, whether the base station cell satisfies a pseudo base station determination criterion, and if yes, proceeding to step s104;
步骤s104:接收所述基站小区发送的身份请求信息后,发送虚假身份信息至所述基站小区;Step s104: After receiving the identity request information sent by the base station cell, send the fake identity information to the base station cell.
步骤s105:判断是否继续收到所述基站小区发送的身份请求信息,如果是,标记所述基站小区的地址为伪基站;所述终端重选入其他基站小区。Step s105: Determine whether to continue receiving the identity request information sent by the base station cell, and if yes, mark the address of the base station cell as a pseudo base station; and the terminal reselects into another base station cell.
优选地,标记所述基站小区为伪基站后还包括:Preferably, after marking the base station cell as a pseudo base station, the method further includes:
将所述基站小区的地址写入所述终端内存储的禁止接入小区列表内。The address of the base station cell is written into the list of forbidden access cells stored in the terminal.
优选地,所述系统信息包括位置区码以及周期性位置更新时间;Preferably, the system information includes a location area code and a periodic location update time;
所述根据所述系统信息判断所述基站小区是否满足伪基站判定标准的过程具体为:The process of determining, according to the system information, whether the base station cell satisfies a pseudo base station determination criterion is specifically:
当所述终端发生基站小区重选时,若收到的信号在预设时间内的增大数值超出预设信号阈值;When the terminal performs cell reselection of the base station, if the received signal increases within a preset time, the value exceeds a preset signal threshold;
且所述基站小区的所述位置区码超出预设区码范围;And the location area code of the base station cell exceeds a preset area code range;
且所述基站小区的所述周期性位置更新时间小于预设周期,则所述基站小区满足所述伪基站判定标准,否则,所述基站小区不满足所述伪基站判定标准。And the base station cell satisfies the pseudo base station determining criterion, and the base station cell does not satisfy the pseudo base station determining criterion.
优选地,所述步骤s103后还包括:Preferably, after the step s103, the method further includes:
若所述基站小区不满足伪基站判定标准,接收所述基站小区发送的身份请求信息后,发送真实身份信息至所述基站小区;And if the base station cell does not satisfy the pseudo base station determining criterion, after receiving the identity request information sent by the base station cell, sending the real identity information to the base station cell;
位置更新成功后,标记所述基站小区的地址为真基站小区,所述终端重选入所述基站小区。After the location update succeeds, the address of the base station cell is marked as a true base station cell, and the terminal is reselected into the base station cell.
优选地,所述步骤s105后还包括:Preferably, after the step s105, the method further includes:
若未继续收到所述基站小区发送的身份请求信息,判断是否接收到所述基站小区发送的位置更新拒绝信息,如果是,重新发送位置更新请求至所述基站小区;If the identity request information sent by the base station cell is not continuously received, determining whether the location update rejection information sent by the base station cell is received, and if yes, resending the location update request to the base station cell;
接收所述基站小区发送的身份请求信息后,发送真实身份信息至所述基站小区;After receiving the identity request information sent by the base station cell, sending real identity information to the base station cell;
位置更新成功后,标记所述基站小区的地址为真基站小区,所述终端重选入所述基站小区。After the location update succeeds, the address of the base station cell is marked as a true base station cell, and the terminal is reselected into the base station cell.
优选地,所述标记所述基站小区的地址为真基站小区后还包括:Preferably, after the marking the address of the base station cell as a true base station cell, the method further includes:
将所述基站小区的地址写入所述终端内存储的允许接入小区列表内。The address of the base station cell is written into the list of allowed access cells stored in the terminal.
为解决上述技术问题,本发明还提供了一种伪基站识别系统,用于终端,包括:To solve the above technical problem, the present invention also provides a pseudo base station identification system, which is used for a terminal, and includes:
基站信息接收模块,设置为当所述终端发生基站小区重选后,接收重选后的所述基站小区发送的系统信息,并触发位置更新请求发送模块;The base station information receiving module is configured to: after the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell, and trigger a location update request sending module;
所述位置更新请求发送模块,设置为发送位置更新请求至所述基站小区;The location update request sending module is configured to send a location update request to the base station cell;
第一判断模块,设置为根据所述系统信息判断所述基站小区是否满足伪基站判定标准,如果是,触发第一身份信息发送模块;The first determining module is configured to determine, according to the system information, whether the base station cell satisfies a pseudo base station determining criterion, and if yes, triggering the first identity information sending module;
所述第一身份信息发送模块,设置为接收所述基站小区发送的身份请求信息后,发送虚假身份信息至所述基站小区;The first identity information sending module is configured to: after receiving the identity request information sent by the base station cell, send the fake identity information to the base station cell;
第二判断模块,设置为判断是否继续收到所述基站小区发送的身份请求信息,如果是,标记所述基站小区的地址为伪基站;所述终端重选入其他基站小区。The second determining module is configured to determine whether to continue receiving the identity request information sent by the base station cell, and if yes, mark the address of the base station cell as a pseudo base station; and the terminal reselects into another base station cell.
优选地,还包括:Preferably, the method further comprises:
伪基站写入模块,设置为当标记所述基站小区的地址为伪基站时,将所述基站小区的地址写入所述终端内存储的禁止接入小区列表内。The pseudo base station write module is configured to, when the address of the base station cell is marked as a pseudo base station, write the address of the base station cell into the list of forbidden access cells stored in the terminal.
优选地,所述第一判断模块具体设置为:Preferably, the first determining module is specifically configured to:
当所述系统信息包括位置区码以及周期性位置更新时间时,判断所述终端发生基站小区重选时,收到的信号在预设时间内的增大数值是否超出预设信号阈值,以及所述基站小区的所述位置区码是否超出预设区码范围,以及所述基站小区的所述周期性位置更新时间是否小于预设周期,如果是,则所述基站小区满足所述伪基站判定标准,触发所述第一身份信息发送模块;否则,所述基站小区不满足所述伪基站判定标准。When the system information includes a location area code and a periodic location update time, determining whether the increased value of the received signal within a preset time exceeds a preset signal threshold when the terminal performs cell reselection of the base station, and Whether the location area code of the base station cell exceeds a preset area code range, and whether the periodic location update time of the base station cell is less than a preset period, and if yes, the base station cell satisfies the pseudo base station determination Standard, triggering the first identity information sending module; otherwise, the base station cell does not satisfy the pseudo base station determining criterion.
优选地,还包括:Preferably, the method further comprises:
第二身份信息发送模块,设置为接收所述基站小区发送的身份请求信息后,发送真实身份信息至所述基站小区,并在位置更新后,触发真基站标记模块;其中,当所述第一判断模块判断所述基站小区不满足所述伪基站判定标准时,触发所述第二身份信息发送模块;The second identity information sending module is configured to: after receiving the identity request information sent by the base station cell, send the real identity information to the base station cell, and after the location update, trigger the true base station marking module; wherein, when the first When the determining module determines that the base station cell does not meet the pseudo base station determining criterion, triggering the second identity information sending module;
所述真基站标记模块,设置为标记所述基站小区的地址为真基站小区。The true base station marking module is configured to mark that the address of the base station cell is a true base station cell.
优选地,还包括:Preferably, the method further comprises:
第三判断模块,设置为当所述第二判断模块判断未继续收到所述基站小区发送的身份请求信息时,判断是否接收到所述基站小区发送的位置更新拒绝信息,如果是,触发所述位置更新请求发送模块重新发送位置更新请求至所述基站小区;The third determining module is configured to: when the second determining module determines that the identity request information sent by the base station cell is not continuously received, determine whether the location update rejection information sent by the base station cell is received, and if yes, trigger the location The location update request sending module resends the location update request to the base station cell;
所述位置更新请求发送模块重新发送所述位置更新请求并接收到所述基站小区发送的身份请求信息后,触发所述第二身份信息发送模块。After the location update request sending module resends the location update request and receives the identity request information sent by the base station cell, the second identity information sending module is triggered.
优选地,还包括:Preferably, the method further comprises:
真基站写入模块,设置为当标记所述基站小区的地址为真基站小区后,将所述基站小区的地址写入所述终端内存储的允许接入小区列表内。The real base station write module is configured to, after marking the address of the base station cell as a true base station cell, write the address of the base station cell into the list of allowed access cells stored in the terminal.
为解决上述技术问题,本发明还提供了一种终端,包括以上任一项所述的伪基站识别系统。In order to solve the above technical problem, the present invention also provides a terminal, comprising the pseudo base station identification system according to any of the above.
优选地,所述终端具体包括处理器、分别通过接口与所述处理器相连接的输入装置和输出装置以及通过总线与所述处理器相连接的存储器;Preferably, the terminal specifically includes a processor, an input device and an output device respectively connected to the processor through an interface, and a memory connected to the processor through a bus;
所述伪基站识别系统存储于所述存储器内;The pseudo base station identification system is stored in the memory;
所述处理器通过所述总线调用所述存储器内的所述伪基站识别系统进行伪基站识别操作。The processor invokes the pseudo base station identification system in the memory to perform a pseudo base station identification operation through the bus.
本发明提供了一种伪基站识别方法及系统,由于伪基站的目的是为了获取终端用户的身份信息来进行非法信息传递,故本发明中当终端发生基站小区重选后,首先判断一下该基站小区是否可能为伪基站(即基站小区是否满足伪基站判定标准),若可能是,则终端发送虚假身份信息来试探该基站小区,若基站小区仍继续发送身份请求信息,则表明该基站小区为伪基站(真基站小区会发送位置更新拒绝信息)。故本发明不仅能够识别伪基站,同时在识别过程中也避免了终端用户的信息泄露,极大地保证了终端用户的网络安全性。本发明还提供了一种终端,具有上述有益效果,在此不再赘述。The present invention provides a method and system for identifying a pseudo base station. Since the purpose of the pseudo base station is to obtain the identity information of the terminal user for illegal information transmission, in the present invention, after the base station cell reselection occurs in the terminal, the base station is first determined. Whether the cell is a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion), if possible, the terminal sends the false identity information to test the base station cell, and if the base station cell continues to send the identity request information, it indicates that the base station cell is The pseudo base station (the true base station cell will send location update reject information). Therefore, the present invention can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user. The present invention also provides a terminal, which has the above-mentioned beneficial effects, and details are not described herein again.
为了更清楚地说明本发明实施例中的技术方案,下面将对现有技术和实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the prior art and the embodiments will be briefly described below. Obviously, the drawings in the following description are only some of the present invention. For the embodiments, those skilled in the art can obtain other drawings according to the drawings without any creative work.
图1为目前的伪基站工作的过程的流程图;1 is a flow chart showing the process of the current pseudo base station operation;
图2为本发明提供的一种伪基站识别方法的过程的流程图;2 is a flowchart of a process of a pseudo base station identification method according to the present invention;
图3为本发明提供的另一种伪基站识别方法的过程的流程图;3 is a flowchart of a process of another pseudo base station identification method provided by the present invention;
图4为本发明提供的一种伪基站识别系统的结构示意图;4 is a schematic structural diagram of a pseudo base station identification system according to the present invention;
图5为本发明提供的一种终端的结构示意图。FIG. 5 is a schematic structural diagram of a terminal provided by the present invention.
本发明的核心是提供一种伪基站识别方法及系统,不仅能够识别伪基站,同时在识别过程中也避免了终端用户的信息泄露,极大地保证了终端用户的网络安全性。本发明的另一核心是提供一种具有上述效果的终端。The core of the present invention is to provide a pseudo base station identification method and system, which can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user. Another core of the present invention is to provide a terminal having the above effects.
为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
实施例一
本发明提供了一种伪基站识别方法,用于终端,参见图2所示,图2为本发明提供的一种伪基站识别方法的过程的流程图;该方法包括:The present invention provides a pseudo base station identification method for a terminal. Referring to FIG. 2, FIG. 2 is a flowchart of a process for identifying a pseudo base station according to the present invention. The method includes:
步骤s101:当终端发生基站小区重选后,接收重选后的基站小区发送的系统信息;Step s101: After the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell;
步骤s102:发送位置更新请求至基站小区;Step s102: Send a location update request to the base station cell;
步骤s103:根据系统信息判断基站小区是否满足伪基站判定标准,如果是,进入步骤s104;Step s103: judging whether the base station cell satisfies the pseudo base station determination criterion according to the system information, and if yes, proceeding to step s104;
步骤s104:接收基站小区发送的身份请求信息后,发送虚假身份信息至基站小区;Step s104: After receiving the identity request information sent by the base station cell, sending the fake identity information to the base station cell;
步骤s105:判断是否继续收到基站小区发送的身份请求信息,如果是,标记基站小区的地址为伪基站;终端重选入其他基站小区。Step s105: Determine whether to continue receiving the identity request information sent by the base station cell. If yes, the address of the marked base station cell is a pseudo base station; and the terminal reselects the other base station cell.
本发明提供了一种伪基站识别方法,由于伪基站的目的是为了获取终端用户的身份信息来进行非法信息传递,故本发明中当终端发生基站小区重选后,首先判断一下该基站小区是否可能为伪基站(即基站小区是否满足伪基站判定标准),若可能是,则终端发送虚假身份信息来试探该基站小区,若基站小区仍继续发送身份请求信息,则表明该基站小区为伪基站(真基站小区会发送位置更新拒绝信息)。故本发明不仅能够识别伪基站,同时在识别过程中也避免了终端用户的信息泄露,极大地保证了终端用户的网络安全性。The present invention provides a pseudo base station identification method. Since the purpose of the pseudo base station is to obtain the identity information of the terminal user for illegal information transmission, in the present invention, after the terminal performs cell reselection of the base station, it is first determined whether the base station cell is It may be a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion). If possible, the terminal sends the false identity information to test the base station cell. If the base station cell continues to send the identity request information, it indicates that the base station cell is a pseudo base station. (The true base station cell will send location update reject information). Therefore, the present invention can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user.
实施例二
基于实施例一的基础上,本发明还提供了另一种伪基站识别方法。参见图3所示,图3为本发明提供的另一种伪基站识别方法的过程的流程图;该方法包括:Based on the first embodiment, the present invention also provides another pseudo base station identification method. Referring to FIG. 3, FIG. 3 is a flowchart of a process of another pseudo base station identification method according to the present invention; the method includes:
步骤s101:当终端发生基站小区重选后,接收重选后的基站小区发送的系统信息;Step s101: After the base station cell reselection occurs in the terminal, receive system information sent by the reselected base station cell;
这里的终端为手机或平板电脑等,当然,本发明对此不作限定。The terminal here is a mobile phone or a tablet computer, and of course, the present invention does not limit this.
伪基站一般工作在GSM900频段,只有一个GSM频点,即仅包括一个基站小区,伪基站能将自身的频点更改为现网频点,同时可调整自身的发射功率。由于空闲状态下终端一直测量周边邻区信号,当邻区信号强度大于目前所位于的基站小区时就重选该邻区。故伪基站工作时,通过加大发射功率,即可迅速使周边空闲状态的终端重选到伪基站内。The pseudo base station generally works in the GSM900 frequency band, and has only one GSM frequency point, that is, only one base station cell is included, and the pseudo base station can change its own frequency point to the current network frequency point, and can adjust its own transmission power. Since the terminal always measures the neighboring neighboring cell signal in the idle state, the neighboring cell is reselected when the neighboring cell signal strength is greater than the currently located base station cell. Therefore, when the pseudo base station works, by increasing the transmission power, the terminal in the idle state can be quickly reselected into the pseudo base station.
步骤s102:发送位置更新请求至基站小区;Step s102: Send a location update request to the base station cell;
位置更新请求(Location update request)是当终端发现当前位置区改变时,向网络发送的、用以告知网络当前所在的位置的请求信息。The location update request is a request information sent to the network to inform the current location of the network when the terminal finds that the current location area changes.
步骤s103:根据系统信息判断基站小区是否满足伪基站判定标准,如果是,进入步骤s104;如果否,进入步骤s111;Step s103: judging whether the base station cell satisfies the pseudo base station determination criterion according to the system information, if yes, proceeding to step s104; if not, proceeding to step s111;
其中,系统信息包括位置区码(Location area code,LAC)以及周期性位置更新时间T3212;The system information includes a location area code (LAC) and a periodic location update time T3212;
本发明中根据系统信息判断基站小区是否满足伪基站判定标准的过程具体为:In the present invention, the process of determining whether the base station cell satisfies the pseudo base station determination criterion according to the system information is specifically:
当终端发生基站小区重选时,若收到的信号在预设时间内的增大数值超出预设信号阈值;When the base station cell reselection occurs in the terminal, if the received signal increases within a preset time, the value exceeds the preset signal threshold;
且基站小区的位置区码超出预设区码范围;And the location area code of the base station cell exceeds the preset area code range;
且基站小区的周期性位置更新时间小于预设周期,则基站小区满足伪基站判定标准,否则,基站小区不满足伪基站判定标准。If the periodic location update time of the base station cell is less than the preset period, the base station cell satisfies the pseudo base station determination criterion. Otherwise, the base station cell does not satisfy the pseudo base station determination criterion.
可以理解的是,每个基站小区都会有单独的位置区码,但是真基站小区的位置区码均位于一定的范围内(可将该范围设置为预设区码范围),而伪基站的位置区码通常不属于真基站小区的位置区码范围,故通过判断重选后的基站小区的位置区码是否位于预设区码范围,即可初步判断该基站小区是否可能为伪基站。It can be understood that each base station cell has a separate location area code, but the location area code of the true base station cell is located within a certain range (the range can be set as a preset area code range), and the location of the pseudo base station The area code usually does not belong to the location area code range of the real base station cell. Therefore, it can be determined whether the base station cell is a pseudo base station by determining whether the location area code of the base station cell after the reselection is located in the preset area code range.
另外,伪基站开始工作时,为吸引终端重选过去,会突然增大发射功率,即伪基站的发射信号要强于真基站小区的发射信号,且伪基站的发射信号通常为突然出现,从而导致终端接收到的信号会在较短的时间内突然增强,故可以设置一个较短的预设时间(例如几秒钟),并判断终端接收到的信号在该预设时间内的增大数值是否超出预设信号阈值,从而初步判断该基站小区是否可能为伪基站。In addition, when the pseudo base station starts to work, in order to attract the terminal to reselect the past, the transmission power is suddenly increased, that is, the transmission signal of the pseudo base station is stronger than the transmission signal of the real base station cell, and the transmission signal of the pseudo base station usually appears suddenly, thereby causing The signal received by the terminal will suddenly increase in a short period of time, so a short preset time (for example, a few seconds) can be set, and it is judged whether the signal received by the terminal increases in the preset time. The preset signal threshold is exceeded to initially determine whether the base station cell is a pseudo base station.
不同的基站小区会设置有不同的周期性位置更新时间,当终端位置更新后,即会启动终端所位于的基站小区内设置的T3212定时器,若终端一直位于该基站小区,T3212定时器一旦到达预定时间,则会控制终端向网络侧发送位置更新请求来报告当前位置,避免网络侧失去终端位置而无法与终端进行连接。一般真基站小区的周期性位置更新时间较长,例如为60分钟或120分钟。而由于终端接入伪基站后会导致终端无法正常使用运营商提供的服务,终端用户一般会暂时脱网,故为了避免用户发现异常,用户接入伪基站的时间一般较短,即伪基站的周期性位置更新时间较短(例如为6分钟),一旦T3212定时器的预定时间到达,伪基站则会释放终端,终端重新发送位置更新请求,重新驻留在真基站小区内。故通过判断重选后的基站小区的周期性位置更新时间,若其小于预设周期,则可初步判断该基站小区是否可能为伪基站。Different base station cells are set with different periodic location update times. When the terminal location is updated, the T3212 timer set in the base station cell where the terminal is located is started. If the terminal is always located in the base station cell, the T3212 timer arrives once. The predetermined time will control the terminal to send a location update request to the network side to report the current location, and avoid the network side losing the terminal location and unable to connect with the terminal. Generally, the periodic location update time of the true base station cell is long, for example, 60 minutes or 120 minutes. As the terminal accesses the pseudo base station, the terminal cannot normally use the service provided by the operator, and the terminal user is usually temporarily disconnected from the network. Therefore, in order to prevent the user from discovering an abnormality, the time for the user to access the pseudo base station is generally short, that is, the pseudo base station. The periodic location update time is short (for example, 6 minutes). Once the predetermined time of the T3212 timer arrives, the pseudo base station releases the terminal, and the terminal resends the location update request and re-resident in the real base station cell. Therefore, by determining the periodic location update time of the reselected base station cell, if it is less than the preset period, it may be initially determined whether the base station cell may be a pseudo base station.
为了提高伪基站判定标准的准确性,本发明只有在以上三种情况均出现的情况下才判定重选后的基站小区符合伪基站判定标准,进而启动后续流程。In order to improve the accuracy of the pseudo base station determination standard, the present invention determines that the reselected base station cell complies with the pseudo base station determination criterion only when the above three cases occur, and then starts the subsequent process.
另外,本发明不限定预设时间、预设信号阈值、预设区码范围以及预设周期的数值,工作人员可根据实际情况自行设定。In addition, the present invention does not limit the preset time, the preset signal threshold, the preset area code range, and the preset period value, and the staff can set it according to the actual situation.
步骤s104:接收基站小区发送的身份请求信息后,发送虚假身份信息至基站小区;Step s104: After receiving the identity request information sent by the base station cell, sending the fake identity information to the base station cell;
其中,这里的身份请求信息(Identity request)是指基站小区用来向终端索取IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)、TMSI(Temporary Mobile Subscriber Identity,临时识别码)、IMEI(International Mobile Equipment Identity,国际移动设备标识)等信息进行鉴权来核实终端用户的身份是否可以接入网络的一种请求信息。Here, the identity request information (Identity request) refers to the base station cell used to request the IMSI (International Mobile Subscriber Identification Number), TMSI (Temporary Mobile Subscriber Identity), and IMEI (International). Mobile Equipment Identity, information such as the International Mobile Equipment Identity) is used to authenticate to verify whether the identity of the end user can access the network.
可以理解的是,在该基站小区可能为伪基站的情况下,发送虚假身份信息来试探该基站小区,进一步避免了用户身份信息的泄露,提高了网络安全性。It can be understood that, in the case that the base station cell may be a pseudo base station, the fake identity information is sent to test the base station cell, which further avoids leakage of user identity information and improves network security.
步骤s105:判断是否继续收到基站小区发送的身份请求信息,如果是,进入步骤s106;如果否,进入步骤s109;Step s105: determining whether to continue receiving the identity request information sent by the base station cell, if yes, proceeding to step s106; if not, proceeding to step s109;
步骤s106:标记基站小区的地址为伪基站;Step s106: marking the address of the base station cell as a pseudo base station;
步骤s107:将基站小区的地址写入终端内存储的禁止接入小区列表内;Step s107: Write the address of the base station cell into the list of the forbidden access cells stored in the terminal;
该操作使终端在再次重选入该伪基站时,能够及时发现,断开连接,而不必再进行上述操作,提高了伪基站的识别效率。The operation enables the terminal to discover and disconnect in time when re-selecting the pseudo base station again, without performing the above operations, thereby improving the recognition efficiency of the pseudo base station.
步骤s108:终端重选入其他基站小区;Step s108: the terminal reselects into another base station cell;
步骤s109:判断是否接收到基站小区发送的位置更新拒绝信息,如果是,进入步骤s110;Step s109: determining whether the location update rejection information sent by the base station cell is received, and if yes, proceeding to step s110;
可以理解的是,真基站小区在接收到终端发送的身份信息后,若该信息为虚假身份信息,真基站小区会发送位置更新拒绝信息(Location update reject);若该信息为真实身份信息,真基站小区会发送位置更新接受信息(Location update accept),从而成功进行位置更新。It can be understood that after the real base station cell receives the identity information sent by the terminal, if the information is false identity information, the true base station cell sends a location update reject message (Location update reject); if the information is true identity information, true The base station cell will send a location update accept message (Location update accept) to successfully perform location update.
步骤s110:重新发送位置更新请求至基站小区;Step s110: Resending the location update request to the base station cell;
步骤s111:接收基站小区发送的身份请求信息后,发送真实身份信息至基站小区;Step s111: After receiving the identity request information sent by the base station cell, sending the real identity information to the base station cell;
步骤s112:位置更新成功后,标记基站小区的地址为真基站小区;Step s112: After the location update succeeds, the address of the marked base station cell is a true base station cell;
步骤s113:将基站小区的地址写入终端内存储的允许接入小区列表内;Step s113: Write the address of the base station cell into the list of allowed access cells stored in the terminal;
该操作使终端在再次重选入该真基站小区时,能够及时发现,而不必再进行上述判断操作,提高了终端接入基站小区的效率。The operation enables the terminal to discover in time when re-selecting the cell into the real base station, and does not need to perform the foregoing determining operation, thereby improving the efficiency of the terminal accessing the base station cell.
步骤s114:终端重选入基站小区。Step s114: The terminal reselects into the base station cell.
与实施例一相比,本实施例还增加了当判断基站小区为真基站时,发送真实身份信息至基站小区的步骤,使得终端在伪基站识别流程完成后正常接入真基站小区,避免了伪基站识别流程对终端正常联网的影响;且本实施例在识别完成后还增加了将该基站小区的地址对应写入终端内存储的禁止接入小区列表或允许接入小区列表内,使终端在再次重选至该基站小区后,能够及时了解该基站小区的类型,而不必再重复进行识别操作,提高了终端接入基站小区的工作效率。Compared with the first embodiment, the embodiment further increases the step of transmitting the real identity information to the base station cell when determining that the base station cell is a true base station, so that the terminal normally accesses the real base station cell after the pseudo base station identification process is completed, thereby avoiding The pseudo base station identification process has an impact on the normal networking of the terminal; and in this embodiment, after the identification is completed, the address of the base station cell is correspondingly written into the list of the forbidden access cells stored in the terminal or allowed to access the cell list, so that the terminal is enabled. After reselecting to the base station cell, the type of the base station cell can be known in time without repeating the identification operation, thereby improving the working efficiency of the terminal accessing the base station cell.
需要注意的是,本实施例中的各个步骤可以根据实际需要进行顺序调整、合并和删减。It should be noted that the steps in this embodiment may be sequentially adjusted, merged, and deleted according to actual needs.
本发明还提供了一种伪基站识别系统,用于终端,参见图4所示,图4为本发明提供的一种伪基站识别系统的结构示意图。该系统包括:The present invention also provides a pseudo base station identification system for a terminal. Referring to FIG. 4, FIG. 4 is a schematic structural diagram of a pseudo base station identification system according to the present invention. The system includes:
基站信息接收模块11,设置为当终端发生基站小区重选后,接收重选后的基站小区发送的系统信息,并触发位置更新请求发送模块12;The base station
位置更新请求发送模块12,设置为发送位置更新请求至基站小区;The location update
第一判断模块13,设置为根据系统信息判断基站小区是否满足伪基站判定标准,如果是,触发身份信息发送模块14;The first determining
第一身份信息发送模块14,设置为接收基站小区发送的身份请求信息后,发送虚假身份信息至基站小区;The first identity
第二判断模块15,设置为判断是否继续收到基站小区发送的身份请求信息,如果是,标记基站小区的地址为伪基站;终端重选入其他基站小区。The
其中,这里的第一判断模块13具体设置为:The first judging
当系统信息包括位置区码以及周期性位置更新时间时,判断终端发生基站小区重选时,收到的信号在预设时间内的增大数值是否超出预设信号阈值,以及基站小区的位置区码是否超出预设区码范围,以及基站小区的周期性位置更新时间是否小于预设周期,如果是,则基站小区满足伪基站判定标准,触发第一身份信息发送模块14;否则,基站小区不满足伪基站判定标准。When the system information includes the location area code and the periodic location update time, it is determined whether the increased value of the received signal within the preset time exceeds the preset signal threshold and the location area of the base station cell when the terminal performs cell reselection. Whether the code exceeds the preset area code range, and whether the periodic location update time of the base station cell is less than a preset period. If yes, the base station cell satisfies the pseudo base station determination criterion, triggering the first identity
作为优选地,该系统还包括:Preferably, the system further comprises:
伪基站写入模块16,设置为当标记基站小区的地址为伪基站时,将基站小区的地址写入终端内存储的禁止接入小区列表内。The pseudo base
作为优选地,该系统还包括:Preferably, the system further comprises:
第二身份信息发送模块18,设置为接收基站小区发送的身份请求信息后,发送真实身份信息至基站小区,并在位置更新后,触发真基站标记模块19;其中,当第一判断模块13判断基站小区不满足伪基站判定标准时,触发第二身份信息发送模块18;The second identity
真基站标记模块19,设置为标记基站小区的地址为真基站小区。The true base
进一步的,该系统还包括:Further, the system further includes:
第三判断模块17,设置为当第二判断模块15判断未继续收到基站小区发送的身份请求信息时,判断是否接收到基站小区发送的位置更新拒绝信息,如果是,触发位置更新请求发送模块12重新发送位置更新请求至基站小区;The third determining
位置更新请求发送模块12重新发送位置更新请求并接收到基站小区发送的身份请求信息后,触发第二身份信息发送模块18。After the location update
作为优选地,该系统还包括:Preferably, the system further comprises:
真基站写入模块20,设置为当标记基站小区的地址为真基站小区时,将基站小区的地址写入终端内存储的允许接入小区列表内。The true base
本发明提供了一种伪基站识别系统,由于伪基站的目的是为了获取终端用户的身份信息来进行非法信息传递,故本发明中当终端发生基站小区重选后,首先判断一下该基站小区是否可能为伪基站(即基站小区是否满足伪基站判定标准),若可能是,则终端发送虚假身份信息来试探该基站小区,若基站小区仍继续发送身份请求信息,则表明该基站小区为伪基站(真基站小区会发送位置更新拒绝信息)。故本发明不仅能够识别伪基站,同时在识别过程中也避免了终端用户的信息泄露,极大地保证了终端用户的网络安全性。The present invention provides a pseudo base station identification system. Since the purpose of the pseudo base station is to obtain the identity information of the terminal user for illegal information transmission, in the present invention, after the base station cell reselection occurs in the terminal, it is first determined whether the base station cell is It may be a pseudo base station (ie, whether the base station cell satisfies the pseudo base station determination criterion). If possible, the terminal sends the false identity information to test the base station cell. If the base station cell continues to send the identity request information, it indicates that the base station cell is a pseudo base station. (The true base station cell will send location update reject information). Therefore, the present invention can not only identify the pseudo base station, but also avoid the information leakage of the end user in the identification process, thereby greatly ensuring the network security of the end user.
需要注意的是,本发明实施例中的各个模块可以根据实际需要进行合并、划分和删减。It should be noted that each module in the embodiment of the present invention may be combined, divided, and deleted according to actual needs.
本发明还提供了一种终端,参见图5所示,图5为本发明提供的一种终端的结构示意图;该终端包括上述伪基站识别系统。The present invention further provides a terminal. Referring to FIG. 5, FIG. 5 is a schematic structural diagram of a terminal according to the present invention; the terminal includes the pseudo base station identification system.
其中,终端具体包括处理器31、分别通过接口32与处理器31相连接的输入装置35和输出装置36以及通过总线33与处理器31相连接的存储器34;The terminal specifically includes a
伪基站识别系统存储于存储器内;The pseudo base station identification system is stored in the memory;
处理器通过总线调用存储器内的伪基站识别系统进行伪基站识别操作。The processor performs a pseudo base station identification operation by calling a pseudo base station identification system in the memory through the bus.
可以理解的是,图5所示的终端可用于实施上述图2~图3所示的本发明各实施例实现的方法,为了便于说明,仅示出了与本发明各实施例相关的部分,具体技术细节未揭示的,请参照图2~图3所示的本发明各实施例。It can be understood that the terminal shown in FIG. 5 can be used to implement the method implemented by the embodiments of the present invention shown in FIG. 2 to FIG. 3, and for the convenience of description, only the parts related to the embodiments of the present invention are shown. For details not disclosed, please refer to the embodiments of the present invention shown in FIGS. 2 to 3.
其中,存储器34用于存储伪基站识别系统,该伪基站识别系统为一组程序代码。The
处理器31用于调用该程序代码,来执行以下操作:The
当终端发生基站小区重选后,通过输入装置35接收重选后的基站小区发送的系统信息;After the base station cell reselection occurs in the terminal, the system information sent by the reselected base station cell is received by the
通过输出装置36发送位置更新请求至基站小区;Sending a location update request to the base station cell by the
根据系统信息判断基站小区是否满足伪基站判定标准,如果是,通过输入装置35接收基站小区发送的身份请求信息后,通过输出装置36发送虚假身份信息至基站小区;Determining, according to the system information, whether the base station cell satisfies the pseudo base station determining criterion, and if yes, after receiving the identity request information sent by the base station cell by using the
判断输入装置35是否继续收到基站小区发送的身份请求信息,如果是,标记基站小区的地址为伪基站;终端重选入其他基站小区。It is judged whether the
作为一种可选的实施方式,处理器31用于调用该程序代码,还用于执行以下操作:As an optional implementation, the
当标记基站小区的地址为伪基站后,将基站小区的地址写入终端内存储的禁止接入小区列表内。After marking the address of the base station cell as a pseudo base station, the address of the base station cell is written into the list of the forbidden access cells stored in the terminal.
作为一种可选的实施方式,处理器31用于调用该程序代码,还用于执行以下操作:As an optional implementation, the
若判断基站小区不满足伪基站判定标准,通过输入装置35接收基站小区发送的身份请求信息后,发送真实身份信息至基站小区;If it is determined that the base station cell does not satisfy the pseudo base station determination criterion, the
位置更新成功后,标记基站小区的地址为真基站小区;终端重选入基站小区。After the location update succeeds, the address of the marked base station cell is a true base station cell; the terminal is reselected into the base station cell.
作为一种可选的实施方式,处理器31用于调用该程序代码,还用于执行以下操作:As an optional implementation, the
若通过输入装置35未继续收到基站小区发送的身份请求信息,判断通过输入装置35是否接收到基站小区发送的位置更新拒绝信息,如果是,通过输出装置36重新发送位置更新请求至基站小区;If the identity request information sent by the base station cell is not continuously received by the
通过输入装置35接收基站小区发送的身份请求信息后,发送真实身份信息至基站小区;After receiving the identity request information sent by the base station cell by using the
位置更新成功后,标记基站小区的地址为真基站小区;终端重选入基站小区。After the location update succeeds, the address of the marked base station cell is a true base station cell; the terminal is reselected into the base station cell.
作为一种可选的实施方式,处理器31用于调用该程序代码,还用于执行以下操作:As an optional implementation, the
当标记基站小区的地址为真基站小区后,将基站小区的地址写入终端内存储的允许接入小区列表内。After marking the address of the base station cell as a true base station cell, the address of the base station cell is written into the list of allowed access cells stored in the terminal.
可见,实施图5描述的终端,可以对伪基站进行识别,避免终端接入伪基站,还可以将识别出来的伪基站地址存入终端内的进行接入小区列表内。It can be seen that, by implementing the terminal described in FIG. 5, the pseudo base station can be identified to prevent the terminal from accessing the pseudo base station, and the identified pseudo base station address can be stored in the access cell list in the terminal.
本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参见即可。对于实施例公开的装置而言,由于其与实施例公开的方法相对应,所以描述的比较简单,相关之处参见方法部分说明即可。The various embodiments in the present specification are described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same similar parts between the various embodiments may be referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant parts can be referred to the method part.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序指令相关的硬件来完成,该程序可以存储于计算机可读存储介质中,存储介质包括只读存储器(Read-Only Memory,ROM)、随机存储器(Random Access Memory,RAM)、可编程只读存储器(Programmable Read-only Memory,PROM)、可擦除可编程只读存储器(Erasable Programmable Read Only Memory,EPROM)、一次可编程只读存储器(One-time Programmable Read-Only Memory,OTPROM)、电子擦除式可复写只读存储器(Electrically-Erasable Programmable Read-Only Memory,EEPROM)、只读光盘(Compact Disc Read-Only Memory,CD-ROM)或其他光盘存储器、磁盘存储器、磁带存储器、或者能够用于携带或存储数据的计算机可读的任何其他介质。A person of ordinary skill in the art may understand that all or part of the various methods of the above embodiments may be completed by program instruction related hardware, and the program may be stored in a computer readable storage medium, and the storage medium includes a read only memory ( Read-Only Memory (ROM), Random Access Memory (RAM), Programmable Read-Only Memory (PROM), Erasable Programmable Read Only Memory (EPROM) One-time Programmable Read-Only Memory (OTPROM), Electronically-Erasable Programmable Read-Only Memory (EEPROM), Read-Only Disc (Compact Disc Read- Only Memory (CD-ROM) or other optical disc storage, disk storage, magnetic tape storage, or any other medium readable by a computer that can be used to carry or store data.
还需要说明的是,在本说明书中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should also be noted that in the present specification, relational terms such as first and second, etc. are used merely to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply these entities or There is any such actual relationship or order between operations. Furthermore, the term "comprises" or "comprises" or "comprises" or any other variations thereof is intended to encompass a non-exclusive inclusion, such that a process, method, article, or device that comprises a plurality of elements includes not only those elements but also Other elements, or elements that are inherent to such a process, method, item, or device. An element that is defined by the phrase "comprising a ..." does not exclude the presence of additional equivalent elements in the process, method, item, or device that comprises the element.
对所公开的实施例的上述说明,使本领域专业技术人员能够实现或使用本发明。对这些实施例的多种修改对本领域的专业技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本发明的精神或范围的情况下,在其他实施例中实现。因此,本发明将不会被限制于本文所示的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。The above description of the disclosed embodiments enables those skilled in the art to make or use the invention. Various modifications to these embodiments are obvious to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the invention. Therefore, the present invention is not to be limited to the embodiments shown herein, but the scope of the invention is to be accorded
Claims (14)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610486479.3A CN106211167B (en) | 2016-06-28 | 2016-06-28 | A kind of terminal, pseudo-base station recognition methods and system |
| CN201610486479.3 | 2016-06-28 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2018000787A1 true WO2018000787A1 (en) | 2018-01-04 |
Family
ID=57461983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/CN2016/113380 Ceased WO2018000787A1 (en) | 2016-06-28 | 2016-12-30 | Terminal, and method and system for identifying pseudo base station |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106211167B (en) |
| WO (1) | WO2018000787A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112889315A (en) * | 2018-10-31 | 2021-06-01 | 深圳市欢太科技有限公司 | Cell information processing method and device, electronic equipment and readable storage medium |
| CN113068192A (en) * | 2021-03-17 | 2021-07-02 | Oppo广东移动通信有限公司 | Identification method and device, terminal and storage medium of pseudo base station |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107241721A (en) * | 2016-03-29 | 2017-10-10 | 努比亚技术有限公司 | Mobile terminal network gravity treatment control method and device |
| CN107241781A (en) * | 2016-03-29 | 2017-10-10 | 努比亚技术有限公司 | The method and device of start-up logging of mobile terminal network |
| CN106211167B (en) * | 2016-06-28 | 2019-08-02 | 宇龙计算机通信科技(深圳)有限公司 | A kind of terminal, pseudo-base station recognition methods and system |
| CN106792709B (en) * | 2017-01-13 | 2020-03-31 | 北京元心科技有限公司 | Method, device and terminal for preventing pseudo base station |
| CN109474932A (en) * | 2017-09-08 | 2019-03-15 | 华为技术有限公司 | A pseudo base station identification and defense method and terminal |
| WO2019047943A1 (en) * | 2017-09-08 | 2019-03-14 | 华为技术有限公司 | Method for pseudo base station identification and defense, and terminal |
| CN109495891B (en) * | 2017-09-13 | 2021-11-12 | 中兴通讯股份有限公司 | Pseudo base station identification method, apparatus and computer readable storage medium |
| CN107889112B (en) * | 2017-12-13 | 2019-11-26 | 维沃移动通信有限公司 | A kind of recognition methods of pseudo-base station and mobile terminal |
| CN110087243B (en) * | 2018-01-25 | 2020-12-04 | 大唐移动通信设备有限公司 | Pseudo base station judgment method and device |
| CN112272378A (en) * | 2020-10-23 | 2021-01-26 | 上海共进信息技术有限公司 | LTE pseudo base station identification method aiming at MME-free connection |
| CN112203283A (en) * | 2020-10-23 | 2021-01-08 | 上海共进信息技术有限公司 | LTE pseudo base station identification method aiming at TAU mode |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101959183A (en) * | 2010-09-21 | 2011-01-26 | 中国科学院软件研究所 | A Pseudonym-Based Mobile Subscriber Identifier IMSI Protection Method |
| CN104168568A (en) * | 2014-08-28 | 2014-11-26 | 中国联合网络通信集团有限公司 | Mobile terminal and method for cell identity authentication through same |
| CN104602241A (en) * | 2014-12-25 | 2015-05-06 | 中国科学院信息工程研究所 | Determination method of pseudo base station and mobile terminal |
| CN105101200A (en) * | 2014-05-23 | 2015-11-25 | 中国移动通信集团公司 | A pseudo base station identification method, device and terminal equipment |
| EP3035740A1 (en) * | 2014-12-19 | 2016-06-22 | Gemalto M2M GmbH | Method for operating a wireless communication device in a cellular network |
| CN106211167A (en) * | 2016-06-28 | 2016-12-07 | 宇龙计算机通信科技(深圳)有限公司 | A method and system for identifying a terminal and a pseudo-base station |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2003818B1 (en) * | 2007-06-13 | 2018-11-28 | EXFO Oy | A man-in-the-middle detector and a method using It |
| US8611410B2 (en) * | 2010-07-30 | 2013-12-17 | National Instruments Corporation | Variable modulus mechanism for performing equalization without a priori knowledge of modulation type or constellation order |
| CN103997757B (en) * | 2014-05-13 | 2018-04-24 | 电信科学技术研究院 | Pseudo-base station localization method, equipment and information uploading method, equipment |
| CN104661204B (en) * | 2015-01-05 | 2018-07-03 | 中国联合网络通信集团有限公司 | The localization method and device of a kind of pseudo-base station |
-
2016
- 2016-06-28 CN CN201610486479.3A patent/CN106211167B/en active Active
- 2016-12-30 WO PCT/CN2016/113380 patent/WO2018000787A1/en not_active Ceased
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101959183A (en) * | 2010-09-21 | 2011-01-26 | 中国科学院软件研究所 | A Pseudonym-Based Mobile Subscriber Identifier IMSI Protection Method |
| CN105101200A (en) * | 2014-05-23 | 2015-11-25 | 中国移动通信集团公司 | A pseudo base station identification method, device and terminal equipment |
| CN104168568A (en) * | 2014-08-28 | 2014-11-26 | 中国联合网络通信集团有限公司 | Mobile terminal and method for cell identity authentication through same |
| EP3035740A1 (en) * | 2014-12-19 | 2016-06-22 | Gemalto M2M GmbH | Method for operating a wireless communication device in a cellular network |
| CN104602241A (en) * | 2014-12-25 | 2015-05-06 | 中国科学院信息工程研究所 | Determination method of pseudo base station and mobile terminal |
| CN106211167A (en) * | 2016-06-28 | 2016-12-07 | 宇龙计算机通信科技(深圳)有限公司 | A method and system for identifying a terminal and a pseudo-base station |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112889315A (en) * | 2018-10-31 | 2021-06-01 | 深圳市欢太科技有限公司 | Cell information processing method and device, electronic equipment and readable storage medium |
| CN113068192A (en) * | 2021-03-17 | 2021-07-02 | Oppo广东移动通信有限公司 | Identification method and device, terminal and storage medium of pseudo base station |
| CN113068192B (en) * | 2021-03-17 | 2022-08-16 | Oppo广东移动通信有限公司 | Pseudo base station identification method and device, terminal and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106211167A (en) | 2016-12-07 |
| CN106211167B (en) | 2019-08-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2018000787A1 (en) | Terminal, and method and system for identifying pseudo base station | |
| WO2017206455A1 (en) | Method for identifying pseudo base station, and terminal | |
| WO2014200240A1 (en) | Method and apparatus for registering wireless device in wireless communication system | |
| WO2012141556A2 (en) | Machine-to-machine node erase procedure | |
| WO2019164325A1 (en) | Electronic device using plurality of subscriber identification modules, and method for providing communication service therefor | |
| WO2020042464A1 (en) | Data interaction method, apparatus and device, and readable storage medium | |
| WO2017091047A1 (en) | Method for blocking connection in wireless intrusion prevention system and device therefor | |
| WO2018149368A1 (en) | Vowifi call processing method of mobile terminal, system, and mobile terminal | |
| WO2021261843A1 (en) | Methods and systems for managing a voice over new radio call by a user equipment | |
| WO2012159458A1 (en) | Mobile communication terminal and incoming call management method thereof | |
| WO2021182667A1 (en) | Wireless intrusion prevention system, wireless network system comprising same, and method for operating wireless network system | |
| WO2011147323A1 (en) | Access authentication method of remote control terminal service, related device and communication system thereof | |
| EP2850881A1 (en) | Method and apparatus for supporting rlf reason detection or handover failure reason detection | |
| WO2011043561A2 (en) | Method and apparatus for configuring radio access functionality of a wireless communication unit | |
| EP3420752A1 (en) | Circuit switched fallback method and device | |
| WO2022039452A1 (en) | Method and user equipment for preventing call drop in a wireless network | |
| WO2016076472A1 (en) | Call control method and system | |
| WO2018076804A1 (en) | Safety alarm method and system thereof | |
| WO2016021978A1 (en) | A method and appartus for notifying authenticity information of caller identity in wireless access system | |
| WO2014204084A1 (en) | Application sharing service method and apparatus applied thereto | |
| WO2010147379A2 (en) | Method for authenticating a universal subscriber identity module and system thereof | |
| WO2017176071A1 (en) | Circuit switched fallback method and device | |
| WO2015020488A1 (en) | Method and apparatus for obtaining authentication information | |
| WO2017196014A1 (en) | Method and apparatus for providing next generation network service in heterogeneous network environment | |
| WO2013022259A2 (en) | Method and apparatus for utilizing callee information and location before call establishment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16907174 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 16907174 Country of ref document: EP Kind code of ref document: A1 |