CN111328077A - Pseudo base station short message identification method, base station short message encryption method and system - Google Patents

Pseudo base station short message identification method, base station short message encryption method and system Download PDF

Info

Publication number
CN111328077A
CN111328077A CN201811545214.1A CN201811545214A CN111328077A CN 111328077 A CN111328077 A CN 111328077A CN 201811545214 A CN201811545214 A CN 201811545214A CN 111328077 A CN111328077 A CN 111328077A
Authority
CN
China
Prior art keywords
short message
base station
information
digital watermark
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811545214.1A
Other languages
Chinese (zh)
Inventor
赵凯
乔辰龙
朱艳芬
许耀锦
李冠全
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Shandong Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Shandong Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Shandong Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201811545214.1A priority Critical patent/CN111328077A/en
Publication of CN111328077A publication Critical patent/CN111328077A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides a pseudo base station short message identification method, a base station short message encryption method and a system, wherein second digital watermark encryption information is generated according to short message information of a short message to be identified, the second digital watermark encryption information is compared with first digital watermark encryption information carried in the short message to be identified, whether the second digital watermark encryption information and the first digital watermark encryption information are consistent or not is judged, if so, the short message to be identified is determined to be a non-pseudo base station short message, and otherwise, the short message to be identified is a pseudo base station short message. The identification process is automatically authorized and verified by the mobile terminal, the user personal susceptibility information such as short message related content and the like cannot be reserved in the whole processing process, the short message content, the validity and timeliness of the issued pipeline can be verified, the risk of information leakage does not exist, and a self-service verification way is provided for the user.

Description

Pseudo base station short message identification method, base station short message encryption method and system
Technical Field
The embodiment of the invention relates to the technical field of mobile communication, in particular to a pseudo base station short message identification method, a base station short message encryption method and a system.
Background
The pseudo base station is a technology for monitoring various signaling processes in a mobile communication process by using a mobile signaling monitoring system to obtain current position information of a mobile terminal. When the pseudo base station works, the signal intensity of the pseudo base station is increased, a Mobile terminal in the coverage area of the pseudo base station is forced to select and reside in a pseudo base station cell, the pseudo base station enables the Mobile terminal to initiate location area updating by broadcasting a special location area identifier, the pseudo base station is simulated into a real base station in the location area updating stage, authentication interaction is carried out with the Mobile terminal, information such as an International Mobile Subscriber Identity (IMSI) and an International Mobile Equipment Identity (IMEI) of the Mobile terminal is obtained, and after the location area updating is completed, the pseudo base station utilizes the obtained IMSI to forcibly send short message information by a signaling of a Mobile signaling monitoring system.
As shown in fig. 1, normal communication is performed between a mobile terminal and a legitimate base station under normal conditions, but when a pseudo base station exists, the pseudo base station transmits a signal with high power, and a system message location area is different from that of an existing network. And the mobile terminal in the coverage range of the pseudo base station is resided in the cell of the pseudo base station, and the pseudo base station is reselected. The mobile terminal sends a location area updating request to the pseudo base station, the pseudo base station requires the mobile terminal to report the information of IMSI/IMEI and the like, and the mobile terminal reports the information of IMSI/IMEI and the like according to the indication of the pseudo base station. And finally, the pseudo base station sends the junk short message to the mobile terminal according to the IMEI information.
In recent years, some lawbreakers have used the characteristics of the pseudo base station to forcibly send short messages such as fraud, advertising promotion and the like to the mobile terminal by using any number in order to obtain improper benefits, thereby seriously harming the benefits of users. Therefore, how to effectively identify and intercept the short message sent by the pseudo base station has important significance.
At present, the method for filtering the pseudo base station short message mainly includes the following three methods:
1) based on data analysis, the short message processing mode is to upload the user short message to the platform, analyze the short message content by using a big data analysis mode such as sensitive words and the like, and judge whether the short message content contains fraud information characteristics such as false websites and the like and a false base station short message. For example: the characteristics of the pseudo base station short messages can be defined by combining linguistic rules with statistical methods, and the pseudo base station short messages can be accurately identified from mass data.
2) The method includes the steps of detecting on-site based on network characteristics of a telecommunication operator, for example, combining base station data and a short message center number of the operator, and judging whether short messages sent by a pseudo base station are the short messages or not and filtering by detecting the data legality of Location Area Code (LAC) data before and after position switching and the legality of short message center number data carried by short message signaling at a mobile terminal.
3) The short message content is added with the verification information method through an operator, namely, the short message sending process of the operator network is modified, the user identification information is added in the short message content, and the verification is carried out at the short message receiving end. For example, in the prior art, a secret phrase is reserved in a gateway established in advance by a user and indicates that a third-party platform must carry the secret phrase when sending a short message to a mobile terminal every time, so that the third-party platform first requests the secret phrase matched with the user from the gateway and adds the secret phrase into the short message sent by the third-party platform to the user when sending the short message to the user every time, when the mobile terminal receives the short message sent by the third-party platform, the secret phrase in the short message is detected, and when the short message does not contain the secret phrase, the short message is judged to be sent by the pseudo base station as the third-party platform.
The existing pseudo base station short message filtering method has the following defects:
1) the method for intercepting the pseudo base station short messages based on data analysis and identification needs the mobile terminal to pre-install client software corresponding to a platform, local client software needs to be updated in time, or the mobile terminal needs to keep data connection frequently and can be protected well by depending on a cloud end; the short message of the user needs to be uploaded, and the risk of revealing the privacy of the user exists; the method adopts sensitive words and other analysis modes, and cannot deal with novel short messages or fishing short messages.
2) The method for identifying the pseudo base station short message based on the telecommunication operator network characteristics for on-site detection needs a large amount of manpower, material resources and time, and the prevention and control cost for the pseudo base station short message in a large geographical range is too high. Moreover, aiming at the positioning of the sending source of the pseudo base station, which lags behind the receiving of the short message by the user and may cause adverse effect, the automatic detection and interception scheme needs to be greatly changed on the wireless side, and the related network characteristics also have the possibility of being utilized by the pseudo base station.
3) The pseudo base station short message is identified by a method of adding check information to the short message content by an operator, a user needs to set respective interactive secret words, the method needs to require that all Service Providers (SP) need to be modified, and the CMPP/SMGP/SGIP protocol of the operator is modified and used for transmitting the secret words when the SP sends the short message, and the method is very difficult to realize.
In conclusion, the problems of user personal information leakage risk, small prevention and control investment in a large range, high implementation difficulty and the like exist in the prior art. Therefore, it is urgently needed to provide a pseudo base station short message identification method, a base station short message encryption method and a system, so as to solve the problems in the prior art.
Disclosure of Invention
In order to overcome the above problems or at least partially solve the above problems, embodiments of the present invention provide a pseudo base station short message identification method, a base station short message encryption method, and a system.
In a first aspect, an embodiment of the present invention provides a pseudo base station short message identification method, including:
acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information;
generating second digital watermark encryption information based on the short message information;
if the first digital watermark encryption information is judged to be consistent with the second digital watermark encryption information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
In a second aspect, an embodiment of the present invention provides a method for encrypting a short message of a base station, including:
acquiring a short message encryption request for encrypting a short message to be encrypted;
encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information;
and sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
In a third aspect, an embodiment of the present invention provides a pseudo base station short message identification system, including:
the acquisition module is used for acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information;
the encrypted information generating module is used for generating second digital watermark encrypted information based on the short message information;
the judging module is used for judging whether the first digital watermark encryption information is consistent with the second digital watermark encryption information or not, if so, the short message to be identified is a non-pseudo base station short message, and if not, the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
In a fourth aspect, an embodiment of the present invention provides a system for encrypting a short message of a base station, including:
the request acquisition module is used for acquiring a short message encryption request for encrypting a short message to be encrypted;
the encryption module is used for encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information;
and the sending module is used for sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
In a fifth aspect, an embodiment of the present invention provides an electronic device, including:
at least one processor, at least one memory, a communication interface, and a bus; wherein the content of the first and second substances,
the processor, the memory and the communication interface complete mutual communication through the bus;
the memory stores program instructions executable by the processor, and the processor calls the program instructions to execute the pseudo base station short message identification method provided by the first aspect or the base station short message encryption method provided by the second aspect.
In a sixth aspect, an embodiment of the present invention provides a non-transitory computer-readable storage medium, which stores computer instructions, where the computer instructions cause the computer to execute the method for identifying a pseudo base station short message provided in the first aspect or the method for encrypting a base station short message provided in the second aspect.
The embodiment of the invention provides a pseudo base station short message identification method, a base station short message encryption method and a system, wherein second digital watermark encryption information is generated according to short message information of a short message to be identified, the second digital watermark encryption information is compared with first digital watermark encryption information carried in the short message to be identified, whether the second digital watermark encryption information is consistent with the first digital watermark encryption information carried in the short message to be identified is judged, if so, the short message to be identified is determined to be a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message. The identification process is automatically authorized and verified by the mobile terminal, the user personal susceptibility information such as short message related content and the like cannot be reserved in the whole processing process, the short message content, the validity and timeliness of the issued pipeline can be verified, the risk of information leakage does not exist, and a self-service verification way is provided for the user. The method adopts a preset encryption algorithm to encrypt the short message to be encrypted to generate the first digital watermark encryption information, so that the false base station can be prevented from tampering the short message content of the short message to be encrypted. Meanwhile, an effective and quick identification method is provided for judging whether the short message is a pseudo base station short message or not.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of an interaction relationship among a mobile terminal, a pseudo base station, and a legal base station provided in the prior art;
fig. 2 is a schematic flow chart of a pseudo base station short message identification method according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a method for encrypting a short message of a base station according to an embodiment of the present invention;
fig. 4 is an interaction diagram of a mobile terminal, a short message gateway, a pseudo base station short message identification system, a base station short message encryption system and a base station according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a pseudo base station short message identification system according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a base station short message encryption system according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the embodiments of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience in describing the embodiments of the present invention and simplifying the description, but do not indicate or imply that the referred devices or elements must have specific orientations, be configured in specific orientations, and operate, and thus, should not be construed as limiting the embodiments of the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the embodiments of the present invention, it should be noted that, unless explicitly stated or limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. Specific meanings of the above terms in the embodiments of the present invention can be understood in specific cases by those of ordinary skill in the art.
As shown in fig. 2, an embodiment of the present invention provides a pseudo base station short message identification method, including:
s21, acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information;
s22, generating second digital watermark encryption information based on the short message information;
s23, if the first digital watermark encryption information is judged to be consistent with the second digital watermark encryption information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
Specifically, the embodiment of the invention provides a pseudo base station short message identification method, which is mainly applied to the condition that a mobile terminal user has a requirement of identifying whether a received short message is a pseudo base station short message or not. When the mobile terminal has an identification requirement, the pseudo base station short message identification system triggers the pseudo base station short message identification method provided by the embodiment of the invention, firstly, the short message information of the short message to be identified is received, wherein the short message information of the short message to be identified can be sent by the mobile terminal, and the short message information specifically comprises a sender number, a receiver number, short message content, receiving time and the like of the short message to be identified.
It should be noted that the short message to be identified in the embodiment of the present invention carries first digital watermark encryption information, and the first digital watermark encryption information requests the base station short message encryption system to implement encryption to obtain encrypted information after receiving the short message to be identified by the short message gateway.
After the short message information of the short message to be identified is acquired, second digital watermark encryption information is generated according to the short message information, and it should be noted that the encryption algorithm used by the pseudo base station short message identification system for generating the second digital watermark encryption information is the same as the encryption algorithm used by the base station short message encryption system for generating the first digital watermark encryption information, and the encryption algorithms are both preset encryption algorithms. The preset encryption algorithm can specifically generate digital watermark encryption information of the short message to be identified according to the short message information through a digest algorithm.
And judging whether the first digital watermark encryption information is consistent with the second digital watermark encryption information, if so, indicating that the information to be identified is not added by a pseudo base station in the transmission process, and the information to be identified is information sent by a legal base station and is not pseudo base station information. If the first digital watermark encryption information is inconsistent with the second digital watermark encryption information, the information to be identified is pseudo base station information, namely a short message sent by the pseudo base station.
The pseudo base station short message identification method provided by the embodiment of the invention generates second digital watermark encryption information according to the short message information of the short message to be identified, compares the second digital watermark encryption information with the first digital watermark encryption information carried in the short message to be identified, judges whether the second digital watermark encryption information and the first digital watermark encryption information are consistent, determines that the short message to be identified is a non-pseudo base station short message if the second digital watermark encryption information and the first digital watermark encryption information are consistent, and otherwise determines that the short message to be identified is a pseudo base station short message. The identification process is automatically authorized and verified by the mobile terminal, the user personal susceptibility information such as short message related content and the like cannot be reserved in the whole processing process, the short message content, the validity and timeliness of the issued pipeline can be verified, the risk of information leakage does not exist, and a self-service verification way is provided for the user.
On the basis of the above embodiment, in the pseudo base station short message identification method provided in the embodiment of the present invention, the length of the short message to be identified meets the requirement of the sending length.
Before the short message information of the short message to be identified is acquired and in the transmission process of the short message to be identified, the short message gateway requests the base station short message encryption system to encrypt the short message to be identified after receiving the short message to be identified, so that the short message to be identified carries the first digital watermark encryption information, the base station short message encryption system returns the short message to be identified carrying the first digital watermark encryption information to the short message gateway, when the length of the short message to be identified carrying the first digital watermark encryption information is longer than the sending length requirement of the short message, the short message gateway needs to split the returned short message to be identified carrying the first digital watermark encryption information into a plurality of short messages with the length meeting the sending length requirement and sends the short messages to the mobile terminal, corresponding short message headers need to be arranged for the plurality of split short messages, and the total number of the short message headers, the current number of the short messages.
On the basis of the foregoing embodiment, in the pseudo base station short message identification method provided in the embodiment of the present invention, before generating second digital watermark encryption information based on the short message information, the method further includes:
if the short message information is judged and known to have the matched user characteristic information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message.
Specifically, the method for identifying a pseudo base station short message provided in the embodiment of the present invention may first determine whether the short message to be identified is pseudo base station information preliminarily by determining whether there is matching user characteristic information in the short message information. And if the short message information has matched user characteristic information, preliminarily determining the short message to be identified as a non-pseudo base station short message, and if the short message information does not have the matched user characteristic information or the existing user characteristic information is not matched with the short message to be identified, preliminarily determining the short message to be identified as a pseudo base station short message. When the short message to be identified is preliminarily judged to be the pseudo base station short message, the short message to be identified can be directly determined to be the pseudo base station short message, deleted and reported. At this time, accurate judgment through the digital watermark encryption information is not needed.
It should be noted that, in the embodiment of the present invention, the user characteristic information is added to the short message to be identified by the short message gateway when the short message to be identified is transmitted to the short message gateway. The user characteristic information is a user personal identification, and specifically may include a user name, an ID for identifying a personal identity, a mobile terminal number or a part number, a personalized signature configured by the user, and the like.
On the basis of the above embodiment, in the pseudo base station short message identification method provided in the embodiment of the present invention, the length of the short message to be identified, to which the user characteristic information is added, meets the transmission length requirement.
Before the short message information of the short message to be identified is acquired and in the transmission process of the short message to be identified, the short message gateway adds the user characteristic information to the short message to be identified after receiving the short message to be identified. When the length of the short message to be identified added with the user characteristic information is longer than the requirement of the sending length of the short message, the short message gateway needs to split the short message to be identified added with the user characteristic information into a plurality of short messages with the length meeting the requirement of the sending length and send the short messages to the mobile terminal, the split plurality of short messages need to be provided with corresponding short message headers, and the short message headers can comprise the total number, the current number and the like.
After receiving the short message to be identified, the short message gateway in the embodiment of the invention can firstly analyze the short message to be identified to analyze the content of the short message, add the user characteristic information to the front part, the middle part or the tail part of the content of the short message, assemble the user characteristic information and the original short message content into a new short message, and then send the new short message to the terminal user. When the length of the assembled new short message is longer than the requirement of the sending length of the short message, the short message gateway needs to split the short message to be identified, which is added with the user characteristic information, into a plurality of short messages with the length meeting the requirement of the sending length and send the short messages to the mobile terminal, and the split plurality of short messages need to be provided with corresponding short message headers.
It should be noted that, when the user characteristic information is added to the short message to be identified, the user characteristic information in the corresponding coding format can be submitted to the original short message content according to the short message contents in different coding formats, so that the experience of the user for receiving the short message is not affected. When the short messages to be recognized are single different short messages and the user characteristic information is added and the requirement of the short message sending length is exceeded, each short message to be recognized is split into a plurality of short messages to be sent, the split plurality of short messages are provided with corresponding short message headers, and the short message headers can contain the total number and the current number. When the short message to be identified is a plurality of long short messages (namely, the short message with the length longer than the sending length requirement of the short message), a long short message is added, and the added long short message is added to the head or the tail of the short message to be identified, and the corresponding head of the short message is modified, so that the head of the short message comprises an ID, the total number, the current number and the like.
In the embodiment of the invention, when the short message gateway splits the short message (hereinafter referred to as long short message) with the length longer than the short message sending length requirement, the method is specifically realized as follows.
Because the short message sent by the legal base station is generally an ultra-long short message, and the long short message is split before being sent, the embodiment of the invention firstly combines the long short message, adds the user characteristic information or the first digital watermark encryption information, and then splits the long short message added with the user characteristic information or the first digital watermark encryption information. In the embodiment of the invention, a DrMsg module is added in the short message gateway, and when an ECagent module in the short message gateway distributes short messages, long short messages are sent to the DrMsg module. And recording the short message content of the long short message through the DrMsg module, and distributing the long short message to the unified Smserver module for processing. And the long short message processed by the Smserver module is sent to the DrMsg module for authentication, and the integrity of the long short message is checked by the DrMsg module. The Smserver module supports that a plurality of long short messages are spliced into a long short message and sent to the DrMsg module for authentication. The Smserver module supports that the long short message is sent to the DrMsg module for authentication before the long short message is sent to a lower short message gateway or a short message center in a downlink mode so as to check the integrity of the long short message. The short message caching time of the Smserver module is defaulted to 3 minutes.
As shown in fig. 3, on the basis of the above embodiment, an embodiment of the present invention provides a method for encrypting a short message of a base station, including:
s31, acquiring a short message encryption request for encrypting a short message to be encrypted;
s32, encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information;
and S33, sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
Specifically, the execution subject in the embodiment of the invention is a base station short message encryption system, and the base station short message encryption method is realized through interaction between the base station short message encryption system and a short message gateway. Firstly, the short message gateway sends a short message encryption request for encrypting a short message to be encrypted to a base station short message encryption system, wherein the short message encryption request can comprise: the number of the sender, the number of the receiver, the content of the short message and the receiving time of the short message to be encrypted. The base station short message encryption system acquires a short message encryption request, encrypts a to-be-encrypted short message through a preset encryption algorithm according to the short message encryption request, and generates first digital watermark encryption information. And finally, sending the generated first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway. After receiving the first digital watermark encryption information and the ID of the short message to be encrypted, the short message gateway calls the short message content of the short message to be encrypted according to the ID of the short message to be encrypted, combines the called short message content with the first digital watermark encryption information and sends the combined short message content and the first digital watermark encryption information to the mobile terminal, and then the legal base station sends the short message.
The digital watermark encryption information generation suite interface adopted in the embodiment of the invention is defined as follows:
and returning a value: 0 indicates success, 1-100 are error codes, and other values are reserved and not used.
Figure BDA0001909166730000101
Figure BDA0001909166730000111
The generation algorithm of the digital watermark encryption information adopts a summary algorithm, and the method specifically comprises the following steps:
computing sha256 hash value by opennssl
Unsigned char hash[SHA256_DIGEST_LENGTH];
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256,SHASTR.c_str(),SHASTR.size());
SHA256_Final(hash,&sha256);
Converting the sha256 hash value into text using the BASE64 algorithm;
the text converted by the BASE64 algorithm is truncated by using the length of Summary Len and then output to pSummary.
And finally, the pcontent + szDestAddr + current date (YYYYMMDD, year, month and day form) + pKey form the digital watermark encryption information of the information to be encrypted.
The specific representation form of the digital watermark encryption information can be shown in table 1:
TABLE 1 digital watermarking encryption information
Figure BDA0001909166730000112
The digital watermark encryption information ID is hexadecimal (i.e., Hex), and occupies one byte.
The base station short message encryption method provided by the embodiment of the invention adopts the preset encryption algorithm to encrypt the short message to be encrypted to generate the first digital watermark encryption information, so that the false base station can be prevented from tampering the short message content of the short message to be encrypted. Meanwhile, an effective and quick identification method is provided for judging whether the short message is a pseudo base station short message or not.
On the basis of the above embodiment, in the method for encrypting a short message of a base station provided in the embodiment of the present invention, the short message to be encrypted carries user characteristic information;
and the user characteristic information is added to the short message to be encrypted by the short message gateway.
Specifically, in the base station short message encryption method provided in the embodiment of the present invention, before the short message encryption request is obtained, the short message to be encrypted also carries user characteristic information, where the carried user characteristic information is added to the short message to be encrypted through a short message gateway. The purpose of adding the user characteristic information is to primarily encrypt the short message to be encrypted so as to preliminarily identify whether the short message is a pseudo base station short message or not.
On the basis of the above embodiments, the pseudo base station short message identification method and the base station short message encryption method provided in the embodiments of the present invention are both implemented by adding a pseudo base station short message identification system and a base station short message encryption system on the short message gateway side. Fig. 4 is a schematic diagram of interaction among a mobile terminal, a short message gateway, a pseudo base station short message identification system, a base station short message encryption system, and a base station provided in the embodiment of the present invention. As can be seen from fig. 4, for the short message issuing process: s41, the Service Provider (SP) user short message platform submits the short message to be sent to the short message gateway through the base station; and S42, after receiving the short message, the short message gateway analyzes the short message and adds the user characteristic information into the content of the short message, completes various authentication, combination and split processes of long short messages, and sends a short message encryption request for the processed short message to a base station short message encryption system, wherein the processed short message is used as a short message to be encrypted. And requesting the base station short message encryption system to add first digital watermark encryption information to the short message to be encrypted. And S43, after the base station short message encryption system generates the first digital watermark encryption information, the first digital watermark encryption information and the ID of the short message to be encrypted are returned to the short message gateway together. S44, after receiving the first digital watermark encryption information and the ID of the Short message to be encrypted, the Short message gateway calls the Short message content of the Short message to be encrypted according to the ID of the Short message to be encrypted, combines the called Short message content and the first digital watermark encryption information and goes through a normal sending process, and finishes sending the Short message to be encrypted through a Short Message Service Center (SMSC). And S45, the mobile terminal returns a short message receiving status report to the short message gateway. And S46, after receiving the short message receiving state report, the short message gateway returns the short message receiving state report to the SP user short message platform through the base station. For the short message identification process: s47, after the mobile terminal receives the short message, if the short message needs to be identified to determine whether the received short message is a pseudo base station short message, the mobile terminal can log in a website through a login mobile phone number and an authentication code to activate a pseudo base station short message identification system, paste the content of the short message and the receiving time on the website, and the number of a receiver of the short message (namely the login mobile phone number) and the number of a sender can be acquired by the pseudo base station short message identification system when logging in. And S48, the pseudo base station short message identification system identifies the short message, generates second digital watermark encryption information through the content and the receiving time of the pasted short message and the number of the actively acquired receiver and sender, compares the first digital watermark encryption information and the second digital watermark encryption information in the short message, and determines that the short message is a non-pseudo base station short message if the comparison result is consistent, and conforms the legitimacy and the timeliness of the short message content and the issuing pipeline to finish the short message identification. And S49, feeding back the recognition result to the mobile terminal.
It should be noted that, the base station short message encryption system at the short message gateway side encrypts the short message, and the generated first digital watermark encryption information is encrypted by a private key. After the mobile terminal receives the short message, if the authenticity of the short message needs to be identified, the content of the short message can be copied, then a pseudo base station short message identification system is accessed, the content of the short message and the receiving time of the short message are pasted in the pseudo base station short message identification system, and the pseudo base station short message identification system automatically judges whether the short message is a pseudo base station short message or not.
The base station short message encryption system and the pseudo base station short message identification system are both applied to the same encryption algorithm to encrypt the short message so as to respectively generate first digital watermark encryption information and second digital watermark encryption information. The concrete expressions of the first digital watermarking encryption information and the second digital watermarking encryption information can be shown in table 1.
The pseudo base station short message identification system in the embodiment of the invention mainly comprises the following components: the system comprises a personal mobile terminal user authentication module, an enterprise EC user authentication module and a background management module. The personal mobile terminal user authentication module and the enterprise EC user authentication module are used by foreground users, the background management module is used by administrators, and different directories under the same domain name can be used for login in a distinguished mode.
According to the method provided by the embodiment of the invention, the digital watermark encryption information is spliced on the short message gateway side, so that all SPs are not required to be modified, whether the function is opened or not can be freely selected through a service opening mode according to the requirements of the SPs, and the method is easier to popularize and use on the operator side. In addition, the base station short message encryption system and the pseudo base station short message identification system only carry out the interaction of digital watermark encryption information, do not need to change the short message and signaling control flow, and only need to carry out decoupling modification on a short message gateway, so that the change of network elements is minimum. The base station short message encryption system and the pseudo base station short message identification system are independent from each other, the identification process is authenticated by the user independently, the user personal susceptibility information such as short message related content is not reserved in the whole processing process, short message content, issuing pipelines and timeliness authentication can be realized, and the risk of information leakage does not exist.
As shown in fig. 5, on the basis of the above embodiment, an embodiment of the present invention provides a pseudo base station short message identification system, including: an acquisition module 51, an encryption information generation module 52 and a judgment module 53. Wherein the content of the first and second substances,
the acquiring module 51 is configured to acquire short message information of a short message to be identified, where the short message to be identified carries first digital watermark encryption information;
the encrypted information generating module 52 is configured to generate second digital watermark encrypted information based on the short message information;
the judging module 53 is configured to determine that the short message to be identified is a non-pseudo base station short message if it is determined that the first digital watermark encryption information is consistent with the second digital watermark encryption information, and otherwise determine that the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
Specifically, the functions of the modules in the pseudo base station short message identification system provided in the embodiment of the present invention correspond to the processing flows of the steps in the pseudo base station short message identification method provided in the above method embodiments one to one, and the achieved effects are also consistent, which is not specifically limited in the embodiment of the present invention.
As shown in fig. 6, on the basis of the above embodiment, an embodiment of the present invention provides a base station short message encryption system, including: a request acquisition module 61, an encryption module 62 and a sending module 63. Wherein the content of the first and second substances,
the request acquisition module 61 is used for acquiring a short message encryption request for encrypting a short message to be encrypted;
the encryption module 62 is configured to encrypt the short message to be encrypted by using a preset encryption algorithm based on the short message encryption request, so as to generate first digital watermark encryption information;
the sending module 63 is configured to send the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
Specifically, the functions of the modules in the base station short message encryption system provided in the embodiment of the present invention correspond to the processing flows of the steps in the base station short message encryption method provided in the above method embodiments one to one, and the achieved effects are also consistent, which is not specifically limited in the embodiment of the present invention.
As shown in fig. 7, on the basis of the above embodiment, an embodiment of the present invention provides an electronic device, including: a processor (processor)701, a memory (memory)702, a communication interface (communications interface)703, and a bus 704; the processor 701, the memory 702, and the communication interface 703 complete communication with each other through the bus 704. The memory 702 stores program instructions executable by the processor 701, and the processor 701 is configured to call the program instructions in the memory 702 to perform the method provided by the above-mentioned method embodiments, for example, including: s21, acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information; s22, generating second digital watermark encryption information based on the short message information; s23, if the first digital watermark encryption information is judged to be consistent with the second digital watermark encryption information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message; and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm. Or comprises the following steps: s31, acquiring a short message encryption request for encrypting a short message to be encrypted; s32, encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information; and S33, sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
The logic instructions in memory 702 may be implemented in software functional units and stored in a computer readable storage medium when sold or used as a stand-alone article of manufacture. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
On the basis of the foregoing embodiments, an embodiment of the present invention provides a non-transitory computer-readable storage medium storing computer instructions, which cause the computer to execute the method provided by the foregoing method embodiments, for example, including: s21, acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information; s22, generating second digital watermark encryption information based on the short message information; s23, if the first digital watermark encryption information is judged to be consistent with the second digital watermark encryption information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message; and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm. Or comprises the following steps: s31, acquiring a short message encryption request for encrypting a short message to be encrypted; s32, encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information; and S33, sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A pseudo base station short message identification method is characterized by comprising the following steps:
acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information;
generating second digital watermark encryption information based on the short message information;
if the first digital watermark encryption information is judged to be consistent with the second digital watermark encryption information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
2. The pseudo base station short message identification method according to claim 1, wherein the short message information specifically includes: and the number of the sender, the number of the receiver, the content of the short message and the receiving time of the short message to be identified.
3. The method for identifying the pseudo base station short message according to claim 1, wherein before generating the second digital watermark encryption information based on the short message information, the method further comprises:
if the short message information is judged and known to have the matched user characteristic information, the short message to be identified is a non-pseudo base station short message, otherwise, the short message to be identified is a pseudo base station short message.
4. A method for encrypting a short message of a base station is characterized by comprising the following steps:
acquiring a short message encryption request for encrypting a short message to be encrypted;
encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information;
and sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
5. The base station short message encryption method of claim 4, wherein the short message to be encrypted carries user characteristic information;
and the user characteristic information is added to the short message to be encrypted by the short message gateway.
6. The base station short message encryption method of claim 4, wherein the short message encryption request comprises: the number of the sender, the number of the receiver, the content of the short message and the receiving time of the short message to be encrypted.
7. A pseudo base station short message identification system, comprising:
the acquisition module is used for acquiring short message information of a short message to be identified, wherein the short message to be identified carries first digital watermark encryption information;
the encrypted information generating module is used for generating second digital watermark encrypted information based on the short message information;
the judging module is used for judging whether the first digital watermark encryption information is consistent with the second digital watermark encryption information or not, if so, the short message to be identified is a non-pseudo base station short message, and if not, the short message to be identified is a pseudo base station short message;
and the first digital watermark encryption information and the second digital watermark encryption information are both generated through a preset encryption algorithm.
8. A base station short message encryption system is characterized by comprising:
the request acquisition module is used for acquiring a short message encryption request for encrypting a short message to be encrypted;
the encryption module is used for encrypting the short message to be encrypted through a preset encryption algorithm based on the short message encryption request to generate first digital watermark encryption information;
and the sending module is used for sending the first digital watermark encryption information and the ID of the short message to be encrypted to a short message gateway.
9. An electronic device, comprising:
at least one processor, at least one memory, a communication interface, and a bus; wherein the content of the first and second substances,
the processor, the memory and the communication interface complete mutual communication through the bus;
the memory stores program instructions executable by the processor, and the processor calls the program instructions to execute the pseudo base station short message identification method according to any one of claims 1 to 3 or execute the base station short message encryption method according to any one of claims 4 to 6.
10. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method for identifying pseudo base station sms according to any one of claims 1 to 3 or the method for encrypting bs sms according to any one of claims 4 to 6.
CN201811545214.1A 2018-12-17 2018-12-17 Pseudo base station short message identification method, base station short message encryption method and system Pending CN111328077A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811545214.1A CN111328077A (en) 2018-12-17 2018-12-17 Pseudo base station short message identification method, base station short message encryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811545214.1A CN111328077A (en) 2018-12-17 2018-12-17 Pseudo base station short message identification method, base station short message encryption method and system

Publications (1)

Publication Number Publication Date
CN111328077A true CN111328077A (en) 2020-06-23

Family

ID=71164933

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811545214.1A Pending CN111328077A (en) 2018-12-17 2018-12-17 Pseudo base station short message identification method, base station short message encryption method and system

Country Status (1)

Country Link
CN (1) CN111328077A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111859036A (en) * 2020-08-19 2020-10-30 深圳市富之富信息科技有限公司 Short message data detection method and device, computer equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105142136A (en) * 2014-06-03 2015-12-09 展讯通信(上海)有限公司 Method for preventing counterfeit base attack
CN106899948A (en) * 2015-12-21 2017-06-27 中国移动通信集团公司 Pseudo-base station finds method, system, terminal and server
CN106911661A (en) * 2016-09-23 2017-06-30 阿里巴巴集团控股有限公司 A kind of short-message verification method, device, client, server and system
US20170347249A1 (en) * 2016-05-24 2017-11-30 Beijing Xiaomi Mobile Software Co., Ltd. Method and device for identifying short messages from pseudo base stations
CN108174360A (en) * 2018-03-26 2018-06-15 北京奇艺世纪科技有限公司 A kind of note transmission method and device, short-message verification method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105142136A (en) * 2014-06-03 2015-12-09 展讯通信(上海)有限公司 Method for preventing counterfeit base attack
CN106899948A (en) * 2015-12-21 2017-06-27 中国移动通信集团公司 Pseudo-base station finds method, system, terminal and server
US20170347249A1 (en) * 2016-05-24 2017-11-30 Beijing Xiaomi Mobile Software Co., Ltd. Method and device for identifying short messages from pseudo base stations
CN106911661A (en) * 2016-09-23 2017-06-30 阿里巴巴集团控股有限公司 A kind of short-message verification method, device, client, server and system
CN108174360A (en) * 2018-03-26 2018-06-15 北京奇艺世纪科技有限公司 A kind of note transmission method and device, short-message verification method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111859036A (en) * 2020-08-19 2020-10-30 深圳市富之富信息科技有限公司 Short message data detection method and device, computer equipment and storage medium
CN111859036B (en) * 2020-08-19 2024-02-13 深圳市富之富信息科技有限公司 Short message data detection method and device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
CN107770182B (en) Data storage method of home gateway and home gateway
CN107046544B (en) Method and device for identifying illegal access request to website
KR102255366B1 (en) Apparatus and method for Mobile Trusted Module based security of Short Message Service
CN109714370B (en) HTTP (hyper text transport protocol) -based cloud security communication implementation method
CN109889469B (en) Short message verification method, device, storage medium, short message verification system and terminal
CN105516135B (en) Method and device for account login
US20080150753A1 (en) Secure Data Transfer In A Communication System Including Portable Meters
CN105447715A (en) Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party
CN105554760A (en) Wireless access point authentication method, device and system
CN112311769B (en) Method, system, electronic device and medium for security authentication
CN108769743B (en) Video playing control method, system, node and computer storage medium
CN111224834A (en) Simulation test method, simulation test device, server and storage medium
CN111328077A (en) Pseudo base station short message identification method, base station short message encryption method and system
KR20150065083A (en) Message transmission apparatus, message server and message receipt appratus
US20220345466A1 (en) Provision of data from a service provider network
CN103297464B (en) The acquisition methods of programme information and device
CN115694865A (en) Method and device for processing extranet access
US11461478B2 (en) Mobile network core component for managing security keys
CN107809646B (en) Material return method and device
CN111224918A (en) Real-time networking security control platform and access authentication method
CN114826692B (en) Information login system, method, electronic device and storage medium
US20240129108A1 (en) Data processing methods and apparatuses based on blockchain, electronic device, computer-readable storage medium, and computer program product
WO2019129128A1 (en) Mms authentication method, server, mobile terminal and storage medium
CN110532741B (en) Personal information authorization method, authentication center and service provider
WO2024078108A1 (en) Blockchain-based data processing method and apparatus, electronic device, computer-readable storage medium, and computer program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200623