CN105813084B - Illegal user's hold-up interception method and system based on PLMN identification - Google Patents
Illegal user's hold-up interception method and system based on PLMN identification Download PDFInfo
- Publication number
- CN105813084B CN105813084B CN201410841186.3A CN201410841186A CN105813084B CN 105813084 B CN105813084 B CN 105813084B CN 201410841186 A CN201410841186 A CN 201410841186A CN 105813084 B CN105813084 B CN 105813084B
- Authority
- CN
- China
- Prior art keywords
- plmn
- information
- plmn information
- user terminal
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention discloses a kind of illegal user's hold-up interception method and system based on PLMN identification.Wherein in the illegal user's hold-up interception method identified based on PLMN, MME extracts PLMN information from request message, judges whether PLMN information is legal when receiving the request message of user terminal transmission, if PLMN information is legal, interacted with core-network side equipment;If PLMN information is illegal, request failure response is sent to user terminal, to intercept illegal user.By effectively intercepting the demand signalling of illegal user, consumption of these signalings to core network system resource is reduced.In addition, being directed to this network termination, the dedicated network selection mode based on Home Network PLMN that the present invention also provides a kind of can be effectively reduced the probability that this network termination accesses his net core net, promote the access perception of this network users.
Description
Technical field
It is the present invention relates to the communications field, in particular to a kind of based on PLMN (Public Land Mobile Network, public affairs
Altogether land mobile network) identification illegal user's hold-up interception method and system.
Background technique
On December 4th, 2013, industry issue TD- to China Mobile, China Telecom and China Unicom Corporation with informationization portion
LTE (Time Division Long Term Evolution, time-division long term evolution) licence plate, so far Chinese wireless telecommunications are formal
Into the 4G commercial epoch.On June 27th, 2014, industry have issued FDD-LTE to China Telecom and China Unicom with informationization portion
(Frequency Division Duplexing Long Term Evolution, frequency division duplex long term evolution) licence plate, and batch
16 China Telecom FDD-LTE including quasi- Nanjing try commercial city, and so far China Telecom starts formally externally to sell 4G cell phone
Terminal and set meal, China Telecom have started new era of 4G commercialization large-scale promotion.
4G can reach 100,000,000 on wireless bandwidth, can carry all mobile Internet business, and big data can be unfolded
Using the application of, wired home and Internet of Things and the application of new technology, these past 2G the 3G epoch be difficult to realize.?
Under the promotion of 4G new technology, under the trend of mobile Internet, the development of 4G business will change domestic Mobile Communications Market just
The market trend gradually to tend to be balanced.4G epoch, flow will become the main revenue source of operator, user's perception and pipe
Road construction will change the traditional marketing model of operator and O&M mode.Focus on wireless coverage, promotes wireless access performance;Rationally
Using policy control technology, intelligent pipeline of running business big and strong will become the emphasis of 4G epoch operator work.
Due to the identity of domestic each operator 4G network formats and 4G terminal, in the place that the network coverage is poor, 4G is whole
End may select him to net base station access, this will lead to user terminal access failure, seriously affect user's perception.Simultaneously in core
Net side is full of the demand signalling of his a large amount of illegal users, serious to consume core network system resource.It promotes user and accesses perception, drop
Influence of the low illegal user's demand signalling to core net has become urgent problem to be solved.
Home Network cell can be selected to access for example, he nets illegal user, and send demand signalling, request letter to Home Network core net
Enable mainly include the following types:
(1) attach request
If that carry in the attach request that his net illegal terminal reports is IMSI (International Mobile
Subscriber Identification Number, international mobile subscriber identity), then MME (Mobility
Management Entity, mobility management entity) can by authentication request by DRA (Diameter Routing Agent,
Route agent's node) it is sent to HSS (Home Subscriber Server, user attaching server).If DRA is not configured
The routing of PLMN number section in IMSI, the then authentication request that MME is sent will receive the inaccessible response of Diameter link, signaling flow
Journey is as shown in Figure 1.
If that carry in the attach request that his net illegal terminal reports is GUTI (Globally Unique
Temporary UE Identity, the unique interim UE mark in the whole world), then MME can construct storage illegal terminal authentication according to GUTI
He of information nets the FQDN (Fully Qualified Domain Name, fully qualified domain name) of MME, and to this province EPC's
DNS (Domain Name System, domain name system) sends NAPTR, and (Naming Authority Pointer, Naming Authority refer to
Needle) inquiry request.This province EPC DNS can not be parsed, and inquiry request can be sent to group ROOT DNS, group ROOT DNS
It can not parse, return to DNS query failure response, signaling process is as shown in Figure 2.Current this inquiry request accounts for EPC DNS and looks into
Ask the 25% of request.
(2) service request
Terminal is eated dishes without rice or wine after release, if terminal has service request, can select cell and establish to eat dishes without rice or wine link, and to MME
It sends service request (Service Request).If he has selected Home Network cell by net illegal terminal, can be sent out to Home Network MME
Service Request is sent, S-TMSI can be carried in message, MME identification S-TMSI is not oneself distribution, can be initiated to terminal
Authorizing procedure, terminal can report IMSI after receiving authentication request in authentication response message.Terminal when process and attachment later
Report the process of IMSI consistent, signaling process is as shown in Figure 3.
Therefore, it is necessary to reduce consumption of these signalings to core network system resource.
Summary of the invention
The embodiment of the present invention provides a kind of illegal user's hold-up interception method and system based on PLMN identification.By effectively intercepting
The demand signalling of illegal user, to reduce consumption of these signalings to core network system resource.
According to an aspect of the present invention, a kind of illegal user's hold-up interception method based on PLMN identification is provided, comprising:
MME extracts PLMN information when receiving the request message of user terminal transmission from request message;
Judge whether PLMN information is legal;
If PLMN information is legal, interacted with core-network side equipment;
If PLMN information is illegal, request failure response is sent to user terminal, to intercept illegal user.
In one embodiment, MME is extracted from request message when receiving the request message of user terminal transmission
The step of PLMN information includes:
Whether MME judges in attach request to include IMSI information when receiving the attach request of user terminal transmission;
If including IMSI information in attach request, PLMN information is extracted from IMSI information.
In one embodiment, if PLMN information is legal, the step of interacting with core-network side equipment, includes:
If PLMN information is legal, MME sends authentication request to core-network side equipment, to test user terminal
Card.
In one embodiment, if including GUTI information in attach request, PLMN information is extracted from GUTI information.
In one embodiment, if PLMN information is legal, the step of interacting with core-network side equipment, includes:
If PLMN information is legal, MME sends DNS query request to core-network side equipment, to obtain dns resolution knot
Fruit.
In one embodiment, MME is extracted from request message when receiving the request message of user terminal transmission
The step of PLMN information includes:
MME sends identity request information when receiving the service request of user terminal transmission, to user terminal;
User terminal sends identity request response after receiving identity request information, to MME, and wherein identity request responds
IMSI information including carrying PLMN information;
MME extracts PLMN information in the identity request response for receiving user terminal transmission from IMSI information.
In one embodiment, user terminal judges the network selection mode currently set when accessing network;
If network selection mode is dedicated network selection mode, preset PLMN information is selected to be registered;
If network selection mode is international roaming network selection mode, the PLMN information for prompting user to manually select signing is infused
Volume;
If network selection mode is domestic network selection mode, successively PLMN is selected to believe according to the sequence of PLMN priority from high to low
Breath is registered.
In one embodiment, PLMN information is successively selected to be registered according to the sequence of PLMN priority from high to low
Step includes:
Selection local plmn information or the equivalent local plmn information of highest priority are registered;
If failing to complete registration, the PLMN in subscriber identification module in the PLMN selector data file of user's control
In information, according to priority sequential selection PLMN information from big to small is registered;
If the PLMN information selected in the PLMN selector data file of the user's control fails to complete registration,
In the PLMN information in PLMN selector data file that operator controls in subscriber identification module, from big to small according to priority
Sequential selection PLMN information registered;
If the PLMN information selected in the PLMN selector data file of operator control fails to complete registration,
Then in current set to be selected, corresponding PLMN letter is randomly choosed in the PLMN or access technology combination that high quality receives signal
Breath is registered, and wherein signal receiving quality is greater than predetermined threshold;
If randomly selected PLMN information fails to complete registration, in the set to be selected of current residual, connect by signal
The corresponding PLMN signal of sequential selection of quality from big to small is received to be registered.
According to another aspect of the present invention, a kind of illegal user's intercepting system based on PLMN identification, including user are provided
Terminal and MME, in which:
User terminal, for sending request message to MME;
MME, for extracting PLMN information from request message when receiving the request message of user terminal transmission,
Judge whether PLMN information is legal, if PLMN information is legal, is interacted with core-network side equipment;If PLMN information is illegal,
Request failure response then is sent to user terminal, to intercept illegal user.
In one embodiment, MME judges in attach request specifically when receiving the attach request of user terminal transmission
It whether include IMSI information;If including IMSI information in attach request, PLMN information is extracted from IMSI information.
In one embodiment, MME is also used to when PLMN information is legal, sends authentication request to core-network side equipment,
To be verified to user terminal.
In one embodiment, it when MME is also used in attach request including GUTI information, is extracted from GUTI information
PLMN information.
In one embodiment, MME is also used to when PLMN information is legal, is sent DNS query to core-network side equipment and is asked
It asks, to obtain dns resolution result.
In one embodiment, MME is also used to send out when receiving the service request of user terminal transmission to user terminal
Send identity request information;In the identity request response for receiving user terminal transmission, PLMN letter is extracted from IMSI information
Breath;
User terminal is also used to after receiving identity request information, sends identity request response to MME, wherein identity is asked
Asking response includes carrying the IMSI information of PLMN information.
In one embodiment, user terminal is also used to when accessing network, judges the network selection mode currently set;If choosing
Net mode is dedicated network selection mode, then preset PLMN information is selected to be registered;If network selection mode is international roaming choosing
Net mode, then the PLMN information for prompting user to manually select signing are registered;If network selection mode is domestic network selection mode, press
PLMN information is successively selected to be registered according to the sequence of PLMN priority from high to low.
In one embodiment, user terminal selects local plmn information or highest excellent specifically at home under network selection mode
The first equivalent local plmn information of grade is registered;If failing to complete registration, the PLMN of user's control in subscriber identification module
In PLMN information in selector data file, according to priority sequential selection PLMN information from big to small is registered;If
The PLMN information selected in the PLMN selector data file of the user's control fails to complete registration, then identifies mould in user
In PLMN information in the PLMN selector data file of Kuai Zhong operator control, according to priority sequential selection from big to small
PLMN information is registered;If the PLMN information selected in the PLMN selector data file of operator control fails
Registration is completed, then in current set to be selected, randomly chooses phase in the PLMN or access technology combination that high quality receives signal
The PLMN information answered is registered, and wherein signal receiving quality is greater than predetermined threshold;If randomly selected PLMN information fails
Registration is completed, then in the set to be selected of current residual, by the corresponding PLMN of the sequential selection of signal receiving quality from big to small
Signal is registered.
The present invention judges whether PLMN information is legal by extracting PLMN information from the request message received, if
PLMN information is illegal, then request failure response is sent to user terminal, to intercept illegal user.By effectively intercepting illegal use
The demand signalling at family, to reduce consumption of these signalings to core network system resource.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention without any creative labor, may be used also for those of ordinary skill in the art
To obtain other drawings based on these drawings.
Fig. 1 is DRA link unreachable signaling process when attach request carries IMSI in the prior art.
Fig. 2 is dns resolution failed signaling process when attach request carries GUTI in the prior art.
Fig. 3 is DRA link unreachable signaling process when service request authenticates IMSI in the prior art.
Fig. 4 is that the present invention is based on the schematic diagrames of PLMN illegal user's hold-up interception method one embodiment identified.
Fig. 5 is that the present invention is based on the schematic diagrames of the PLMN another embodiment of illegal user's hold-up interception method identified.
Fig. 6 is that the present invention is based on the schematic diagrames of the PLMN another embodiment of illegal user's hold-up interception method identified.
Fig. 7 is that the present invention is based on the schematic diagrames of the PLMN another embodiment of illegal user's hold-up interception method identified.
Fig. 8 is the schematic diagram of terminal network selection one embodiment of the present invention.
Fig. 9 is the schematic diagram of the domestic network selection mode one embodiment of the present invention.
Figure 10 is that the present invention is based on the schematic diagrames of PLMN illegal user's intercepting system one embodiment identified.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Below
Description only actually at least one exemplary embodiment be it is illustrative, never as to the present invention and its application or make
Any restrictions.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Under every other embodiment obtained, shall fall within the protection scope of the present invention.
Unless specifically stated otherwise, positioned opposite, the digital table of the component and step that otherwise illustrate in these embodiments
It is not limited the scope of the invention up to formula and numerical value.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality
Proportionate relationship draw.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as authorizing part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Fig. 4 is that the present invention is based on the schematic diagrames of PLMN illegal user's hold-up interception method one embodiment identified.Such as Fig. 4 institute
Show, the method and step of the present embodiment is as follows:
Step 401, MME extracts PLMN letter when receiving the request message of user terminal transmission from request message
Breath.
Step 402, judge whether PLMN information is legal.If PLMN information is legal, 403 are thened follow the steps;If PLMN information
Illegally, 404 are thened follow the steps.
Step 403, MME is interacted with core-network side equipment.Later, other steps of the present embodiment are no longer executed.
Step 404, request failure response is sent to user terminal, to intercept illegal user.
Based on illegal user's hold-up interception method based on PLMN identification that the above embodiment of the present invention provides, by effectively intercepting
The demand signalling of illegal user, to reduce consumption of these signalings to core network system resource.
Separately below in attach request include IMSI, GUTI, and in service request by authentication report IMSI this
Several situations are illustrated respectively.
Situation when including IMSI in attach request is as shown in Figure 5.Wherein:
Step 501, user terminal sends attach request to MME.
Step 502, MME judges to include IMSI information or GUTI information in attach request.
Step 503, if including IMSI information in attach request, PLMN information is extracted from IMSI information.
Step 504, MME judges whether PLMN information is legal.If PLMN information is legal, 505 are thened follow the steps;If PLMN believes
Breath is illegal, thens follow the steps 506.
Step 505, MME sends authentication request to core-network side equipment DRA, to verify to user terminal.Later,
No longer execute other steps of the present embodiment.
Step 506, request failure response is sent to user terminal, to intercept illegal user.
Situation when including GUTI in attach request is as shown in Figure 6.Wherein:
Step 601, user terminal sends attach request to MME.
Step 602, MME judges to include IMSI information or GUTI information in attach request.
Step 603, if including GUTI information in attach request, PLMN information is extracted from GUTI information.
Step 604, MME judges whether PLMN information is legal.If PLMN information is legal, 605 are thened follow the steps;If PLMN believes
Breath is illegal, thens follow the steps 606.
Step 605, MME sends DNS query request to core-network side equipment DNS, to obtain dns resolution result.Later,
No longer execute other steps of the present embodiment.
Step 606, request failure response is sent to user terminal, to intercept illegal user.
Situation when reporting IMSI by authenticating in service request is as shown in Figure 7.Due in business request information not
Including PLMN, therefore the IMSI that can only pass through terminal authentication when reports goes to extract PLMN, and does the legitimacy verifies of PLMN.
Step 701, user terminal sends service request to MME.
Step 702, MME sends identity request information to user terminal.
Step 703, user terminal sends identity request response to MME, and wherein identity request response includes carrying PLMN letter
The IMSI information of breath.
Step 704, MME extracts PLMN information from IMSI information.
Step 705, MME judges whether PLMN information is legal.If PLMN information is legal, 706 are thened follow the steps;If PLMN believes
Breath is illegal, thens follow the steps 707.
Step 706, MME sends authentication request to core-network side equipment DRA, to verify to user terminal.Later,
No longer execute other steps of the present embodiment.
Step 707, request failure response is sent to user terminal, to intercept illegal user.
In addition, it is also noted that at LTE commercial initial stage, the rule that each operator does not customize terminal network selection process
Fixed, terminal network selection is mainly carried out according to process as defined in agreement at present, this will lead to this network termination and accesses in his net cell, is hung
Extremely under his net cell.
Wherein, in the prior art, terminal first searches for cell on the frequency point of last time attachment, if searching when cell accesses
Rope to the frequency point signal, and signal RSRP (Reference Signal Receiving Power, reference signal receive function
Rate) for value greater than -110dBm, then terminal can be resident in the cell, and completes normal down-going synchronous, and it then carries out system message and connects
It receives, uplink synchronous, sends demand signalling to core net.
But if the RSRP value of the terminal frequency point signal that booting or terminal last use for the first time is less than -110dBm, then
Terminal will scan all frequency ranges in its frequency range that can be supported, and acquisition can use PLMN.On each carrier, terminal
Search peak signal cell simultaneously reads its system message, to find the affiliated PLMN of cell.If terminal can be in peak signal cell
Read one or several PLMN, each PLMN can be reported by NAS message (not including RSRP value) as high quality P LMN, should
Also it is necessary to meet following condition for cell: the RSRP measured value of cell is greater than or equal to -110dBm.After terminal searching to PLMN, then
It carries out PLMN and selects process.The selection of PLMN can use automatic mode and manual mode.
Process is selected based on the above PLMN, now network termination following phenomenon occurs when cell accesses at present:
(1) for user in initial attachment, what it is due to terminal default unlatching is that PLMN automatically selects mode.It is searched in full range
Afterwards, since Home Network PLMN cell RSRP is less than -110dBm, terminal can net PLMN at him and cell of the RSRP greater than -110dBm is stayed
It stays, and initiates attach request.But the attach request can be netted MME refusal, terminal display display no signal access by him.
(2) terminal is after release of eating dishes without rice or wine, because of service request, terminal is initiated to establish and eats dishes without rice or wine to connect.If terminal was in last time
The signal of the condition of satisfaction is searched on the frequency point used, then terminal also can search for according to the above process cell and select PLMN, if
Terminal selects him to net PLMN, then will lead to terminal access failure, and customer service is interrupted.
The above phenomenon mainly appears on that the covering of Home Network cell signal is poor and his net cell signal covers preferable area
Domain.
(3) if his net cell is configured with the frequency point of Home Network cell, and signal quality is better than the Home Network cell with region, then
This network termination also can preferentially select his net cell access, this also results in terminal access failure.
For this purpose, the present invention proposes a kind of improved terminal PLMN selection mechanism, it is poor in the network coverage to promote user
The access in region perceives.It is as shown in Figure 8:
Step 801, user terminal judges the network selection mode currently set when accessing network.
Step 802, if network selection mode is dedicated network selection mode, preset PLMN information is selected to be registered.It
Afterwards, other steps of the present embodiment are no longer executed.
For example, due to there was only user signing contract information in 4G UIM card, not designed in the dedicated network selection mode of China Telecom
PLMN list, therefore search C net PLMN can be jumped directly to.If request failure, recycles execution search routine.
Step 803, if network selection mode is international roaming network selection mode, user is prompted to manually select the PLMN information of signing
It is registered.Later, other steps of the present embodiment are no longer executed.
Step 804, it if network selection mode is domestic network selection mode, is successively selected according to the sequence of PLMN priority from high to low
PLMN information is selected to be registered.
Wherein at home under network selection mode, the method that selection is successively carried out according to priority orders can be as shown in Figure 9.
Step 901, local plmn information or the equivalent local plmn information of highest priority is selected to be registered.
Step 902, if failing to complete registration, the PLMN selector data file of user's control in subscriber identification module
On PLMN information in, according to priority sequential selection PLMN information from big to small is registered.
Step 903, if the PLMN information selected in the PLMN selector data file of the user's control has failed
At registration, then in the PLMN information in PLMN selector data file that operator controls in subscriber identification module, by preferential
The sequential selection PLMN information of grade from big to small is registered.
Step 904, if the PLMN information selected in the PLMN selector data file of operator control fails
Registration is completed, then in current set to be selected, randomly chooses phase in the PLMN or access technology combination that high quality receives signal
The PLMN information answered is registered, and wherein signal receiving quality is greater than predetermined threshold.
Step 905, if randomly selected PLMN information fails to complete registration, in the set to be selected of current residual,
It is registered by the corresponding PLMN signal of the sequential selection of signal receiving quality from big to small.
It is, successively decreasing in failing other PLMN or access technology combination that high quality receives signal by signal quality
Mode selected.
By above-mentioned processing, the network insertion perception of user can be promoted.For supporting the terminal of FDD-LTE and TD-LTE,
User by it is domestic he net 4G card and be put into terminal and selected in use, PLMN can be normally completed.
Figure 10 is that the present invention is based on the schematic diagrames of PLMN illegal user's intercepting system one embodiment identified.Such as Figure 10 institute
Show, which may include user terminal 1001 and MME 1002.Wherein:
User terminal 1001, for sending request message to MME 1002.
MME 1002, for extracting PLMN from request message when receiving the request message of user terminal transmission
Information judges whether PLMN information is legal, if PLMN information is legal, interacts with core-network side equipment;If PLMN information
Illegally, then request failure response is sent to user terminal, to intercept illegal user.
For brevity, a user terminal is illustrated only in figure.Those skilled in the art are it will be appreciated that system
In may include multiple user terminals.
In one embodiment, MME 1002 judges specifically when receiving the attach request of the transmission of user terminal 1001
It whether include IMSI information in attach request;If including IMSI information in attach request, PLMN is extracted from IMSI information
Information.
MME 1002 is also used to when PLMN information is legal, authentication request is sent to core-network side equipment, so as to user
Terminal is verified.
In another embodiment, when MME 1002 is also used in attach request including GUTI information, from GUTI information
Extract PLMN information.
MME 1002 is also used to when PLMN information is legal, DNS query request is sent to core-network side equipment, to obtain
Dns resolution result.
In one embodiment, MME 1002 is also used to when receiving the service request of user terminal transmission, to user
Terminal 1001 sends identity request information;In the identity request response for receiving the transmission of user terminal 1001, from IMSI information
In extract PLMN information.
User terminal 1001 is also used to after receiving identity request information, sends identity request response to MME 1002,
Wherein identity request response includes carrying the IMSI information of PLMN information.
In one embodiment, user terminal 1001 is also used to when accessing network, judges the network selection mode currently set;
If network selection mode is dedicated network selection mode, preset PLMN information is selected to be registered;If network selection mode is international unrestrained
Network selection mode is swum, then the PLMN information for prompting user to manually select signing is registered;If network selection mode is domestic network selection mode,
Then PLMN information is successively selected to be registered according to the sequence of PLMN priority from high to low.
Preferably, under the specific network selection mode at home of user terminal 1001, local plmn information or highest priority are selected
Equivalent local plmn information is registered;If failing to complete registration, the PLMN selection of user's control in subscriber identification module
In PLMN information in device data file, according to priority sequential selection PLMN information from big to small is registered;If described
The PLMN information selected in the PLMN selector data file of user's control fails to complete registration, then in subscriber identification module
In PLMN information in the PLMN selector data file of operator's control, according to priority sequential selection PLMN from big to small believes
Breath is registered;If the PLMN information selected in the PLMN selector data file of operator control fails to complete note
Volume, then in the PLMN signal that received signal quality is greater than predetermined threshold, random selection PLMN signal is registered;If random
The PLMN signal of selection fails to complete registration, then in the PLMN signal that received signal quality is less than predetermined threshold, according to
The sequential selection PLMN signal of received signal quality from big to small is registered.
By applying the present invention, it is available following the utility model has the advantages that
1, the present invention provides a kind of network selection modes based on PLMN of customization, promote user network access perception.
2, the invention proposes it is a kind of based on PLMN verification illegal user's Interception Technology, effectively it is lower he net illegal user
Consumption of the demand signalling to resources of core network.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
Description of the invention is given for the purpose of illustration and description, and is not exhaustively or will be of the invention
It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches
It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage
The solution present invention is to design various embodiments suitable for specific applications with various modifications.
Claims (14)
1. a kind of illegal user's hold-up interception method based on PLMN identification characterized by comprising
MME extracts PLMN information when receiving the request message of user terminal transmission from request message;
Judge whether PLMN information is legal;
If PLMN information is legal, interacted with core-network side equipment;
If PLMN information is illegal, request failure response is sent to user terminal, to intercept illegal user;
Wherein, if PLMN information is legal, the step of interacting with core-network side equipment, includes:
If PLMN information is legal, MME sends authentication request to core-network side equipment, to verify to user terminal.
2. the method according to claim 1, wherein
When receiving the request message of user terminal transmission, the step of PLMN information is extracted from request message includes: MME
Whether MME judges in attach request to include IMSI information when receiving the attach request of user terminal transmission;
If including IMSI information in attach request, PLMN information is extracted from IMSI information.
3. according to the method described in claim 2, it is characterized in that,
If including GUTI information in attach request, PLMN information is extracted from GUTI information.
4. according to the method described in claim 3, it is characterized in that,
If PLMN information is legal, the step of interacting with core-network side equipment, includes:
If PLMN information is legal, MME sends DNS query request to core-network side equipment, to obtain dns resolution result.
5. the method according to claim 1, wherein
When receiving the request message of user terminal transmission, the step of PLMN information is extracted from request message includes: MME
MME sends identity request information when receiving the service request of user terminal transmission, to user terminal;
User terminal sends identity request response after receiving identity request information, to MME, and wherein identity request response includes
Carry the IMSI information of PLMN information;
MME extracts PLMN information in the identity request response for receiving user terminal transmission from IMSI information.
6. method according to any one of claims 1-5, which is characterized in that further include:
User terminal judges the network selection mode currently set when accessing network;
If network selection mode is dedicated network selection mode, preset PLMN information is selected to be registered;
If network selection mode is international roaming network selection mode, the PLMN information for prompting user to manually select signing is registered;
If network selection mode is domestic network selection mode, according to the sequence of PLMN priority from high to low successively select PLMN information into
Row registration.
7. according to the method described in claim 6, it is characterized in that,
The step of successively selecting PLMN information to be registered according to the sequence of PLMN priority from high to low include:
Selection local plmn information or the equivalent local plmn information of highest priority are registered;
If failing to complete registration, the PLMN information in subscriber identification module in the PLMN selector data file of user's control
In, according to priority sequential selection PLMN information from big to small is registered;
If the PLMN information selected in the PLMN selector data file of the user's control fail complete registration, with
In the PLMN information in PLMN selector data file that operator controls in the identification module of family, according to priority from big to small suitable
Sequence selection PLMN information is registered;
If the PLMN information selected in the PLMN selector data file of operator control fails to complete registration,
In current set to be selected, randomly choosed in the PLMN or access technology combination that high quality receives signal corresponding PLMN information into
Row registration, wherein signal receiving quality is greater than predetermined threshold;
If randomly selected PLMN information fails to complete registration, in the set to be selected of current residual, matter is received by signal
The corresponding PLMN signal of sequential selection of amount from big to small is registered.
8. a kind of illegal user's intercepting system based on PLMN identification, which is characterized in that including user terminal and MME, in which:
User terminal, for sending request message to MME;
MME judges for extracting PLMN information from request message when receiving the request message of user terminal transmission
Whether PLMN information is legal, if PLMN information is legal, interacts with core-network side equipment, wherein legal in PLMN information
When, authentication request is sent to core-network side equipment, to verify to user terminal;If PLMN information is illegal, to user
Terminal sends request failure response, to intercept illegal user.
9. system according to claim 8, which is characterized in that
Whether MME specifically when receiving the attach request of user terminal transmission, judges in attach request to include IMSI information;If
Include IMSI information in attach request, then extracts PLMN information from IMSI information.
10. system according to claim 8, which is characterized in that
When MME is also used in attach request including GUTI information, PLMN information is extracted from GUTI information.
11. system according to claim 10, which is characterized in that
MME is also used to when PLMN information is legal, DNS query request is sent to core-network side equipment, to obtain dns resolution knot
Fruit.
12. system according to claim 8, which is characterized in that
MME is also used to send identity request information to user terminal when receiving the service request of user terminal transmission;It is connecing
When receiving the identity request response of user terminal transmission, PLMN information is extracted from IMSI information;
User terminal is also used to after receiving identity request information, sends identity request response to MME, wherein identity request is rung
It should include the IMSI information for carrying PLMN information.
13. the system according to any one of claim 8-12, which is characterized in that
User terminal is also used to when accessing network, judges the network selection mode currently set;If network selection mode is dedicated network selection mould
Formula then selects preset PLMN information to be registered;If network selection mode is international roaming network selection mode, user hand is prompted
The PLMN information of dynamic selection signing is registered;If network selection mode is domestic network selection mode, according to PLMN priority from height to
Low sequence successively selects PLMN information to be registered.
14. system according to claim 13, which is characterized in that
User terminal specifically at home under network selection mode, selects local plmn information or the equivalent local plmn information of highest priority
It is registered;If failing to complete registration, in subscriber identification module in the PLMN selector data file of user's control
In PLMN information, according to priority sequential selection PLMN information from big to small is registered;If in the PLMN of the user's control
The PLMN information selected in selector data file fails to complete registration, then operator's control in subscriber identification module
In PLMN information in PLMN selector data file, according to priority sequential selection PLMN information from big to small is registered;
If the PLMN information selected in the PLMN selector data file of operator control fails to complete registration, current
In set to be selected, corresponding PLMN information is randomly choosed in the PLMN or access technology combination that high quality receives signal and is infused
Volume, wherein signal receiving quality is greater than predetermined threshold;If randomly selected PLMN information fails to complete registration, remained currently
In remaining set to be selected, registered by the corresponding PLMN signal of the sequential selection of signal receiving quality from big to small.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410841186.3A CN105813084B (en) | 2014-12-30 | 2014-12-30 | Illegal user's hold-up interception method and system based on PLMN identification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410841186.3A CN105813084B (en) | 2014-12-30 | 2014-12-30 | Illegal user's hold-up interception method and system based on PLMN identification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105813084A CN105813084A (en) | 2016-07-27 |
| CN105813084B true CN105813084B (en) | 2019-04-05 |
Family
ID=56980168
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410841186.3A Active CN105813084B (en) | 2014-12-30 | 2014-12-30 | Illegal user's hold-up interception method and system based on PLMN identification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105813084B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106878974A (en) * | 2017-01-18 | 2017-06-20 | 努比亚技术有限公司 | A kind of network attached method, user equipment and mobile management entity |
| CN110035433B (en) | 2018-01-11 | 2024-03-19 | 华为技术有限公司 | Verification method and device adopting shared secret key, public key and private key |
| CN109699031B (en) | 2018-01-11 | 2020-03-20 | 华为技术有限公司 | Verification method and device adopting shared secret key, public key and private key |
| CN115243267B (en) * | 2022-07-26 | 2023-07-04 | 上海欣诺通信技术股份有限公司 | 5G network pseudo base station detection positioning method based on DPI technology and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20000031133A (en) * | 1998-11-03 | 2000-06-05 | 윤종용 | Method for preventing illegal transmission in roaming restricted area |
| CN1867186A (en) * | 2006-02-14 | 2006-11-22 | 华为技术有限公司 | Method and apparatus for realizing user admittance control in wireless communication system |
| CN101022672A (en) * | 2007-02-16 | 2007-08-22 | 华为技术有限公司 | Method and system for testing mobile user legality |
| CN101389060A (en) * | 2007-09-14 | 2009-03-18 | 华为技术有限公司 | Implementing method and system for binding access point and operator |
| CN101754177A (en) * | 2009-12-30 | 2010-06-23 | 杭州华三通信技术有限公司 | Method, system and device for binding ESN and IMSI numbers of mobile terminal |
| CN102026328A (en) * | 2009-09-21 | 2011-04-20 | 华为技术有限公司 | Method, device and system for sharing network |
-
2014
- 2014-12-30 CN CN201410841186.3A patent/CN105813084B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20000031133A (en) * | 1998-11-03 | 2000-06-05 | 윤종용 | Method for preventing illegal transmission in roaming restricted area |
| CN1867186A (en) * | 2006-02-14 | 2006-11-22 | 华为技术有限公司 | Method and apparatus for realizing user admittance control in wireless communication system |
| CN101022672A (en) * | 2007-02-16 | 2007-08-22 | 华为技术有限公司 | Method and system for testing mobile user legality |
| CN101389060A (en) * | 2007-09-14 | 2009-03-18 | 华为技术有限公司 | Implementing method and system for binding access point and operator |
| CN102026328A (en) * | 2009-09-21 | 2011-04-20 | 华为技术有限公司 | Method, device and system for sharing network |
| CN101754177A (en) * | 2009-12-30 | 2010-06-23 | 杭州华三通信技术有限公司 | Method, system and device for binding ESN and IMSI numbers of mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105813084A (en) | 2016-07-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104980993B (en) | Network access method, mobile communication terminal, network server and network access system | |
| US20190021047A1 (en) | Method and System for Selecting Network Slice | |
| CN104969589B (en) | A kind of method, equipment and the communication system of the access processing of communication equipment | |
| CN102474808B (en) | Communication system, mobile station apparatus, connection destination evaluation method and base station apparatus | |
| CN105813084B (en) | Illegal user's hold-up interception method and system based on PLMN identification | |
| CN104883712B (en) | Cell switching method and system | |
| CN108476406A (en) | For the access control in the network including network fragment | |
| CN109155908A (en) | The emergency services of non-cellular wireless access are supported | |
| CN105210421B (en) | Method for operating terminal in multi-carrier systems | |
| CN105959954A (en) | Pseudo base station identification method, pseudo base station identification device, and terminal | |
| CN109792712A (en) | Paging method, the network equipment and terminal device | |
| CN106572508B (en) | A kind of method, apparatus and base station that terminal device is switched to Target cell | |
| CN109275162A (en) | Connection control method, base station, user equipment and mobile management entity | |
| CN104244355A (en) | Multi-card terminal and network accessing method thereof | |
| CN113286332B (en) | Information transmission method and equipment | |
| CN105940755B (en) | The terminal of the D2D operating method and use this method that are executed in a wireless communication system by terminal | |
| CN106067880A (en) | A kind of source tracing method of IP address based on 4G network | |
| CN104159262A (en) | Method of accessing long term evolution (LTE) network again, and device of accessing LTE network again | |
| CN112367625A (en) | Virtual card network-residing method and system, server, mobile terminal and storage medium | |
| CN109818769A (en) | The method and apparatus for sending information | |
| WO2020088478A1 (en) | User terminal access method, initial mobility management entity, and base station | |
| CN109565774A (en) | Data transmission method and device | |
| CN102104603A (en) | Method, system and device for registering mobile terminal in WEB server | |
| CN108934006A (en) | Method for network access, device, user equipment and base station | |
| CN109195203A (en) | Method for parameter configuration, device, terminal and the storage medium of WLAN |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |