CN106921570B - Diameter signaling sending method and device - Google Patents
Diameter signaling sending method and device Download PDFInfo
- Publication number
- CN106921570B CN106921570B CN201510992477.7A CN201510992477A CN106921570B CN 106921570 B CN106921570 B CN 106921570B CN 201510992477 A CN201510992477 A CN 201510992477A CN 106921570 B CN106921570 B CN 106921570B
- Authority
- CN
- China
- Prior art keywords
- diameter signaling
- dra
- country
- information
- diameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/24—Multipath
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2466—Traffic characterised by specific attributes, e.g. priority or QoS using signalling traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
Abstract
The invention provides a Diameter signaling sending method and device. Wherein, the method comprises the following steps: DRA receives Diameter signaling; DRA judges whether the last hop node of the Diameter signaling is a service node; if the judgment result is yes, the DRA removes the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling; the DRA sends Diameter signaling. The invention solves the problem of low security of the Diameter signaling network caused by forging the Diameter signaling, and improves the security of the Diameter signaling network.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a Diameter signaling sending method and apparatus.
Background
Diameter Signaling is a new generation technology of Signaling System #7(Signaling System #7, SS7 for short) (Mobile Application Part (MAP) protocol) Signaling, and is widely applied to networks related to fourth generation Mobile communication technology (4G). Fig. 1 is a schematic diagram of an Evolved Packet Core (EPC), an IP Multimedia Subsystem (IMS), and Policy Charging Control (PCC), according to the related art, where fig. 1 shows a part of related network elements of EPC, IMS, PCC, and a Diameter signaling interface (a dotted line in fig. 1 represents a Diameter signaling interface). Although 4G core networks are changed greatly, basic services are similar, technical principles are similar, and attack ways of second generation mobile communication technology (2G)/third generation mobile communication technology (3G) networks can be widely pushed to 4G networks.
Various network attack means exist for MAP signaling of 2G/3G Mobile networks, and the Global System for Mobile Communications association (GSMA) summarizes the following 5 types of attack means in the specification:
a: tracking to obtain the current position information of the user; b: intercepting a call and a short message of a user; c: DoS attacks, which cause the failure of normal services of users or networks; d: spoofing; e: and (4) garbage advertisement.
For MAP signaling security, the defense measure given by GSMA is to define 3 types of messages:
the first category, messages that are only delivered at the home network, for example: SendRoutenginfo, SendRoutenginfofor GPRS, SendRoutenginfo for LCS, SendIMSI, AnyTimeIntermation, AnyTimeSubscriberIntermation, AnyTimeModification, SendIdentification;
second, messages sent only from the home network to the roaming network, such as: insertSubscriberData, DeleteSubscriberData, Reset, ForwardeckSSIndication, ProvideSubscriberInfo, NotesubscrimberdaModified, ActivateTraceMode, ProvideRoamingNumber, SetRecortingState, RemoteUserFree, ISTommand, AlertServiceCentre, Cancellocation;
third, messages sent only from the roaming network to the home network, such as: RegisterSS, locationUpdate, ForwardSM, processUnstructuredSS.
The defense measures may be performed at an end office, and the GSMA is more preferably performed at a Signaling Transfer Point (STP).
For MAP signaling, "roaming Network" and "home Network" related to GSMA technology are mainly determined by a Global Title (GT) of a MAP message and/or an International Mobile Subscriber Identity (IMSI) of a user/International Integrated Services Digital Network (ISDN) of a Mobile station/Public Switched Telephone Network (PSTN) Identification number (MSISDN for short) Identification of the user.
During the research, the defense mode has the following defects: a defense failure may result if the identity of the calling/called GT and/or the IMSI/MSISDN of the subscriber is forged and the STP cannot identify it as genuine.
For a 4G core network, a Diameter Routing Agent (DRA) is equivalent to an STP in a signaling network # seven. GSMA technology can be implemented in Diameter signaling networks, but the problem of preventing hackers from forging signaling content still needs to be solved.
At present, other security measures of Diameter signaling networks are: black and white lists. In the research process, the attack points are difficult to predict and are inexhaustible, so the blacklist effect is poor; white-list defense may also fail when an attacker masquerades a message as a white-list message.
Disclosure of Invention
The invention provides a Diameter signaling sending method and a device, which at least solve the problem of low network security of Diameter signaling caused by forging of the Diameter signaling in the related technology.
According to an aspect of the present invention, a Diameter signaling method is provided, including: DRA receives Diameter signaling; the DRA judges whether a last hop node of the Diameter signaling is a service node; if the judgment result is yes, the DRA removes first path information in the Diameter signaling, and adds second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling; the DRA sends the Diameter signaling.
Optionally, after the DRA determines whether the previous hop node of the Diameter signaling is the service node, the method further includes: if the judgment result is negative, the DRA reserves the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling; the DRA sends the Diameter signaling.
Optionally, when the DRA is a ground DRA, the sending, by the DRA, the Diameter signaling includes: the DRA judges whether the Diameter signaling meets a preset condition or not according to the second path information and a message set to which the Diameter signaling belongs, wherein the message set comprises one of the following parts: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country; and if the judgment result is yes, the DRA sends the Diameter signaling.
Optionally, in a case that the message set to which the Diameter signaling belongs is a message set sent from a home country to a roaming country, the predetermined condition includes at least one of: the country operator inquired according to the IMSI of the Diameter signaling is a first country operator; a source host of the Diameter signaling and a first country operator inquired according to the IMSI form a trust relationship; the second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA information is gateway DRA information of a first country operator inquired according to IMSI; the second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located; and the second path information of the Diameter signaling at most comprises gateway DRA information of two countries.
Optionally, in a case that the message set to which the Diameter signaling belongs is a message set sent by a roaming country to a home country, the predetermined condition includes at least one of: the country operator inquired according to the IMSI of the Diameter signaling is a second country operator, wherein the second country operator is the operator of the country where the DRA is located; the country operator inquired according to the source host of the Diameter signaling is a first country operator; the second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA is gateway DRA information of a first country operator inquired according to a source host; the second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located; and the second path information of the Diameter signaling at most comprises gateway DRA information of two countries.
Optionally, in a case that the message set to which the Diameter signaling belongs is a message set sent only in a home country, the predetermined condition includes at least one of: the country operator inquired according to the IMSI or the MSISDN of the Diameter signaling is a second country operator; the country operator inquired according to the source host of the Diameter signaling is a second country operator; the second path information of the Diameter signaling only comprises gateway DRA information of a second country operator; wherein the second country operator is an operator of the country where the DRA is located.
According to an aspect of the present invention, a Diameter signaling method is provided, including: the service node generates a Diameter signaling; adding third path information to the Diameter signaling by the service node, wherein the third path information is gateway DRA information of other countries except a home country operator of the Diameter signaling and gateway DRA information of a roaming country operator of the Diameter signaling; the service node sends the Diameter signaling.
Optionally, after the service node generates the Diameter signaling, the method further includes: the service node judges whether a first DRA has the capacity of clearing first path information in the Diameter signaling, wherein the first DRA is a next hop DRA of the Diameter message; wherein the adding, by the service node, third path information to the Diameter signaling includes: and if the judgment result is negative, the service node adds the third path information to the Diameter signaling.
Optionally, after the service node sends the Diameter signaling, the method further includes: the landing DRA receives the Diameter signaling; and the ground DRA determines the path of the Diameter signaling as a forged path according to the third path information.
According to an aspect of the present invention, there is provided a Diameter signaling transmission apparatus, applied to DRA, including: a receiving module, configured to receive a Diameter signaling; the judging module is used for judging whether a previous hop node of the Diameter signaling is a service node; a first processing module, configured to, if the determination result is yes, clear first path information in the Diameter signaling, and add second path information to the Diameter signaling, where the second path information includes: identification information of a previous hop node of the Diameter signaling; the first sending module is used for sending the Diameter signaling.
Optionally, the apparatus further comprises: the second processing module is used for reserving the first path information in the Diameter signaling and adding the second path information to the Diameter signaling under the condition that the judgment result is negative; and the second sending module is used for sending the Diameter signaling.
Optionally, the first sending module or the second sending module respectively includes: a determining unit, configured to determine, when the DRA is a ground DRA, whether the Diameter signaling meets a predetermined condition according to the second path information and a message set to which the Diameter signaling belongs, where the message set includes one of: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country; and the sending unit is used for sending the Diameter signaling under the condition that the judgment result is yes.
According to an aspect of the present invention, there is provided a Diameter signaling sending apparatus, applied to a service node, including: a generation module for generating a Diameter signaling; the processing module is used for adding third path information into the Diameter signaling, wherein the third path information is gateway DRA information of other countries except a home country operator of the Diameter signaling and gateway DRA information of a roaming country operator of the Diameter signaling; and the sending module is used for sending the Diameter signaling.
Optionally, the apparatus further comprises: a judging module, configured to judge whether a first DRA has a capability of clearing first path information in the Diameter signaling, where the first DRA is a next hop DRA of the Diameter message; wherein the processing module is configured to: and adding the third path information to the Diameter signaling under the condition that the judgment result of the judgment module is negative.
According to the invention, DRA is adopted to receive Diameter signaling; DRA judges whether the last hop node of the Diameter signaling is a service node; if the judgment result is yes, the DRA removes the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling; the method for sending the Diameter signaling by the DRA solves the problem of low security of the Diameter signaling network caused by forging the Diameter signaling, and improves the security of the Diameter signaling network.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 is a schematic diagram of core packet network evolved EPC, IMS, PCC according to the related art;
figure 2 is a first flow diagram of Diameter signaling according to an embodiment of the present invention;
figure 3 is a flow chart two of a Diameter signaling method according to an embodiment of the present invention;
figure 4 is a block diagram of a Diameter signaling apparatus according to an embodiment of the present invention;
figure 5 is a block diagram of an alternative configuration of a Diameter signaling apparatus according to an embodiment of the present invention;
figure 6 is a block diagram of the structure of a Diameter signaling apparatus according to an embodiment of the present invention;
fig. 7 is a schematic illustration of message classification for MAP signaling in accordance with an alternative embodiment of the present invention;
figure 8 is a schematic diagram of a Diameter signaling network in accordance with an alternative embodiment of the present invention;
FIG. 9 is a flow diagram of an inspection of messages sent by a home country to a roaming country in accordance with an alternative embodiment of the invention;
FIG. 10 is a flow diagram of an inspection of messages sent by a roaming country to a home country in accordance with an alternative embodiment of the present invention;
FIG. 11 is a flowchart for a check of messages sent domestically only, according to an alternative embodiment of the present invention;
fig. 12 is a flow chart of DRA-regulated service node messages according to an alternative embodiment of the invention.
Detailed Description
The invention will be described in detail hereinafter with reference to the accompanying drawings in conjunction with embodiments. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
In this embodiment, a Diameter signaling sending method is provided, and fig. 2 is a first flowchart of Diameter signaling sending according to an embodiment of the present invention, as shown in fig. 2, the flowchart includes the following steps:
step S202, receiving Diameter signaling by DRA;
step S204, DRA judges whether the last hop node of the Diameter signaling is a service node;
step S206, if the judgment result is yes, the DRA removes the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling;
step S208, the DRA sends Diameter signaling.
Through the steps, after the Diameter signaling is received from the service node, the first path information in the Diameter signaling is removed, and the DRA adds the identification information of the previous hop node as the second path information in the Diameter signaling to the Diameter signaling. By the method, the service node can be prevented from forging the path information in the Diameter signaling, the problem of low security of the Diameter signaling network caused by forging the Diameter signaling is solved, and the security of the Diameter signaling network is improved.
If the previous hop of the Diameter signaling is not a service node, that is, if the determination result in step S204 is negative, the DRA reserves the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling. In this way, the DRA not directly connected to the service node sequentially adds the identification information of the previous hop node of the DRA to the Diameter signaling, so that a complete path chain is formed in the Diameter signaling, and the path information of all nodes passed by the Diameter signaling is indicated.
In a Diameter signaling network, a service node is an initiating node or a receiving node of Diameter signaling; the service node referred to in the step S204 is an initiating node of the Diameter signaling, for example, Mobility Management Entity, abbreviated as MME).
Optionally, when the DRA is a ground DRA and the DRA sends the Diameter signaling, the DRA judges whether the Diameter signaling meets a predetermined condition according to the second path information and a message set to which the Diameter signaling belongs; and if the judgment result is yes, the DRA sends Diameter signaling. Wherein the set of messages includes one of: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country. Different preset conditions can be set through different message sets of the Diameter signaling, and forged signaling can be further identified through judging path information in the Diameter signaling.
The landing DRA refers to the last DRA on the path from the initiating end to the receiving end of the Diameter signaling, and after receiving the Diameter signaling, the DRA sends the Diameter signaling to a service node located at the Diameter receiving end.
The predetermined condition described above may be set as needed.
For example, in the case that the message set to which the Diameter signaling belongs is a message set sent from the home country to the roaming country, the predetermined condition includes, but is not limited to, at least one of: the country operator inquired according to the IMSI of the Diameter signaling is a first country operator; a source host of the Diameter signaling and a first country operator inquired according to the IMSI form a trust relationship; second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA information is gateway DRA information of a first country operator inquired according to the IMSI; second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located; the second path information of the Diameter signaling contains gateway DRA information of at most two countries.
For example, in the case where the message set to which Diameter signaling belongs is a message set sent by a roaming country to a home country, the predetermined condition includes, but is not limited to, at least one of: the country operator inquired according to the IMSI of the Diameter signaling is a second country operator, wherein the second country operator is an operator of the country where the DRA is located; the country operator inquired according to the source host of the Diameter signaling is a first country operator; the second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA is the gateway DRA information of a first country operator inquired according to a source host; second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located; the second path information of the Diameter signaling contains gateway DRA information of at most two countries.
For example, in the case that the message set to which the Diameter signaling belongs is a message set transmitted only within the home country, the predetermined condition includes, but is not limited to, at least one of: the country operator inquired according to the IMSI or the MSISDN of the Diameter signaling is a second country operator; the country operator inquired according to the source host of the Diameter signaling is a second country operator; the second path information of the Diameter signaling only comprises gateway DRA information of a second country operator; wherein the second country operator is the operator of the country where the DRA is located.
The message set to which the Diameter signaling belongs may be determined according to a Command Code (Command Code) and/or an application interface of the Diameter signaling. In addition, when determining whether the Diameter signaling satisfies the predetermined condition, the determination order of the plurality of predetermined conditions is not limited in the embodiment of the present invention.
The path information in the embodiment of the invention is added into an Attribute-Value Pair (AVP for short) of a Route Record (Route-Record) of a Diameter signaling.
An embodiment of the present invention further provides a Diameter signaling sending method, and fig. 3 is a flowchart of a second method for sending Diameter signaling according to an embodiment of the present invention, where as shown in fig. 3, the method includes the following steps:
step S302, a service node generates a Diameter signaling;
step S304, adding third path information to the Diameter signaling by the service node, wherein the third path information is gateway DRA information of other countries except the gateway DRA information of the home country operator of the Diameter signaling and the gateway DRA information of the roaming country operator of the Diameter signaling;
step S306, the service node sends a Diameter signaling.
Through the above steps, the service node adds gateway DRA information of the third country (i.e., the above other countries) in the generated Diameter signaling as path information. If the incoming DRA does not have the capacity of clearing path information in the Diameter signaling sent by the service node, the path information of the Diameter signaling received by the landing DRA simultaneously has gateway DRA information of three countries, and the gateway DRA information of the three countries in the Diameter signaling also belongs to illegal path information in the existing Diameter signaling network.
The method for sending Diameter signaling shown in fig. 2 is to clear path information in Diameter signaling by DRA of an originating country that needs Diameter signaling; however, considering that some countries may not allow DRA of the country to clear path information in the Diameter signaling, the Diameter signaling transmission method shown in fig. 3 may be adopted, and third path information is added to the Diameter signaling by the service node, so that the Diameter signaling does not conform to the protocol specification of the current Diameter signaling network. After the ground DRA receives the Diameter signaling; and the ground DRA can determine that the path of the Diameter signaling is a forged path according to the third path information.
Optionally, after step S302, the service node may further determine whether the first DRA has a capability of removing the first path information in the Diameter signaling, where the first DRA is a next hop DRA of the Diameter message; correspondingly, in step S304, if the determination result is negative, the service node adds the third path information to the Diameter signaling.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
In this embodiment, a Diameter signaling sending apparatus is further provided, where the apparatus is applied to a DRA, and is used to implement the foregoing embodiments and preferred embodiments, and details of which have been already described are omitted.
Figure 4 is a block diagram of a Diameter signaling apparatus according to an embodiment of the present invention, as shown in figure 4, the Diameter signaling apparatus includes: a receiving module 42, a determining module 44, a first processing module 46, and a first transmitting module 48, wherein,
a receiving module 42, configured to receive Diameter signaling; a determining module 44, coupled to the receiving module 42, configured to determine whether a previous-hop node of the Diameter signaling is a service node; a first processing module 46, coupled to the determining module 44, configured to, if the determination result is yes, clear first path information in the Diameter signaling, and add second path information to the Diameter signaling, where the second path information includes: identification information of a previous hop node of the Diameter signaling; a first sending module 48, coupled to the first processing module 46, is configured to send Diameter signaling.
Figure 5 is an alternative block diagram of a Diameter signaling apparatus according to an embodiment of the present invention, and as shown in figure 5, the apparatus may optionally further include: a second processing module 52, coupled to the determining module 44, configured to, if the determination result is negative, retain the first path information in the Diameter signaling, and add the second path information to the Diameter signaling; a second sending module 54, coupled to the second processing module 52, is configured to send Diameter signaling.
Optionally, the first sending module 46 or the second sending module 54 respectively includes: and the judging unit is used for judging whether the Diameter signaling meets a preset condition or not according to the second path information and a message set to which the Diameter signaling belongs under the condition that the DRA is the ground DRA, wherein the message set comprises one of the following components: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country; and the sending unit is coupled to the judging unit and used for sending the Diameter signaling under the condition that the judging result is yes.
In this embodiment, a Diameter signaling sending apparatus is further provided, where the Diameter signaling sending apparatus is applied in a service node, and is used to implement the foregoing embodiment and the preferred embodiment, which have already been described and are not described again.
Figure 6 is a block diagram of a Diameter signaling apparatus according to an embodiment of the present invention, and as shown in figure 6, the Diameter signaling apparatus includes: a generation module 62, a processing module 66, and a sending module 68, wherein,
a generating module 62, configured to generate a Diameter signaling; a processing module 66, coupled to the generating module 62, configured to add third path information to the Diameter signaling, where the third path information is gateway DRA information of a country other than a home country operator of the Diameter signaling and gateway DRA information of a roaming country operator of the Diameter signaling; a sending module 68, coupled to the processing module 66, is configured to send Diameter signaling.
Optionally, the apparatus may further include a determining module 64, coupled between the generating module 62 and the processing module 66, configured to determine whether the first DRA has a capability of clearing the first path information in the Diameter signaling, where the first DRA is a next hop DRA of the Diameter message; the processing module 66 is configured to: and if the judgment result of the judgment module 64 is negative, adding third path information to the Diameter signaling.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in a plurality of processors.
The embodiment of the present invention also provides software for executing the technical solutions described in the above embodiments and preferred embodiments.
The embodiment of the invention also provides a storage medium. In the present embodiment, the storage medium described above may be configured to store program code for performing the steps of:
step S202, receiving Diameter signaling by DRA;
step S204, DRA judges whether the last hop node of the Diameter signaling is a service node;
step S206, if the judgment result is yes, the DRA removes the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling;
step S208, the DRA sends Diameter signaling.
The embodiment of the invention also provides a storage medium. In the present embodiment, the storage medium described above may be configured to store program code for performing the steps of:
step S302, a service node generates a Diameter signaling;
step S304, adding third path information to the Diameter signaling by the service node, wherein the third path information is gateway DRA information of other countries except the gateway DRA information of the home country operator of the Diameter signaling and the gateway DRA information of the roaming country operator of the Diameter signaling;
step S306, the service node sends a Diameter signaling.
Optionally, in this embodiment, the storage medium may include, but is not limited to: various media capable of storing program codes, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
In order to make the description of the embodiments of the present invention clearer, the following description and illustrations are made with reference to alternative embodiments.
In order to overcome the problem and defect that signaling contents such as a disguised source address or an IMSI number cannot be identified in the existing GSMA technology, embodiments of the present invention provide a method, an apparatus, and a system for identifying a disguised source address or an IMSI number, including the following technical solutions:
step 1, when the DRA receives a message (namely, a Diameter signaling) of a service node, all Route-Record AVPs in the message are cleared, and the Route-Record AVPs are ensured not to be forged by a hacker;
step 2, when each DRA forwards any Diameter request message, recording the DRA or service node of the previous hop into a Route-Record AVP to form a Route-Record AVP chain, and completely reflecting the path formed by all DRA nodes or service nodes passed by the Diameter request message;
and 3, before the DRA forwards the Diameter request message to a service node, adding the checks of the gateway DRA of the roaming country and the gateway DRA of the land country to the three types of messages (namely, the message sent from the home country to the roaming country, the message sent from the roaming country to the home country and the message sent only from the home country), identifying the message of forged signaling content through the checks, and shielding the messages which can not pass all the checks.
And 4, anti-Route-Record AVP counterfeiting. When the DRA of the country initiating the service does not regulate the Route-Record AVP (i.e., the message sent by the service node carries the path information, but the DRA of the country initiating the service does not clear all the Route-Record AVPs in the message), the service node may include a group of Route-Record AVPs in the sent message to forge a path of a third country. Before forwarding the Diameter request message to a service node, the ground DRA checks whether the path of the Diameter request message contains a detour path or contains three or more national gateway DRA information, and if so, the ground DRA confirms that the path is a forged path and shields the message. By the method, the path of the third country is initiatively forged under the condition that the DRA flow is not changed, the existing forged path identification function is utilized, and the identification and shielding of the information with potential safety hazards are realized.
And step 5, after all the checks are passed, the DRA forwards the Diameter request message to a service node.
Through the steps, due to the particularity of Diameter signaling: the service node does not carry path information when sending out the message, and the path information (i.e. one or more Route-Record AVPs) is added to the message one by the DRA node which forwards the message. In addition, since the reliability of the DRA node is higher than that of the service node, the path information added by the DRA is more reliable. After the processing, the path information carried in the Diameter request message can be used for verifying the consistency of the source host name/domain name/IMSI number or whether the source host name/domain name/IMSI number is a legal path, so that the forged Diameter signaling is identified, and the defense capability of the network is greatly improved. By adopting the method, the attack mode of 'hiding at one corner and attacking the world' can be effectively defended.
In addition, the predetermined conditions can be further established for the message sent from the home country to the roaming country, the message sent from the roaming country to the home country, and the message sent only in the home country according to the characteristics of the messages, so that higher reliability is realized.
Alternative embodiments of the present invention will now be described and illustrated with reference to the accompanying drawings and examples.
FIG. 7 is a diagram of message classification for MAP signaling according to an alternative embodiment of the present invention, as shown in FIG. 7, indicating a delivery range of "Home Only sent messages"; indicating the transmission range of the message sent from the home country to the roaming country; and represents the transmission range of the message sent from the roaming country to the home country. Diameter signaling is also classified into three categories according to the classification method of MAP signaling.
Figure 8 is a schematic structural diagram of a Diameter signaling network according to an alternative embodiment of the present invention, and as shown in figure 8, the Diameter signaling network is divided into three layers, which are: the bottom layer is a service node; the domestic DRA switching layer of the middle layer; the uppermost international dra (isda) signaling transit layer. In addition, the transfer path of Diameter signaling is schematically shown in fig. 8.
In order to make the embodiments of the present invention easier to understand, the configuration of the parameters is described in the alternative embodiments of the present invention. It should be noted that the following parameter configurations are only exemplary, and the embodiments of the present invention are not limited to the following specific parameter configuration values; that is, the actual configuration values can be modified according to the actual needs and related protocols, and are not limited to the specific parameter configurations illustrated below.
1. A "national operator network name, gateway DRA host" relationship is configured, wherein,
the network Name of the national operator is a full Name Domain Name (FQDN) character string, and the longest length is 128 bytes; the gateway DRA host is an FQDN character string, and the longest is 128 bytes;
it should be noted that, when one national operator network name has multiple gateways DRA for load sharing, the multiple gateway DRA hosts need to be configured in the relationship of "national operator network name, gateway DRA host".
2. Configuring a 'national operator network name, service host application ID set' relationship, wherein,
the name of the national operator network is FQDN character string, and the longest is 128 bytes; the service host is an FQDN character string with the longest length of 128 bytes; service host application ID set: a set of Application IDs, representing legitimate applications supported by the host;
it should be noted that, when one national operator network name has multiple service hosts, the multiple service hosts need to be configured in the relationship of "national operator network name, service host, and service host application ID set"; when one service host can support multiple interfaces simultaneously, for example: and when the PCRF simultaneously supports interfaces Gxx, Gx, Rx, S9, Sd, Gy, and the like, a plurality of interfaces are all required to be configured in a relationship of "national operator network name, service host, and service host application ID set".
3. A 'national operator network name, IMSI number segment' relationship is configured, wherein,
the name of the national operator network is FQDN character string, and the longest is 128 bytes; the IMSI number segment is a decimal code, and the longest length is 15 bytes;
it should be noted that, when a network name of a national operator has multiple IMSI number segments, the multiple IMSI number segments need to be configured in the relationship of "network name of the national operator, IMSI number segment".
4. A "national operator network name, Public User Identity (PUI) number segment" relationship is configured, wherein,
the name of the national operator network is FQDN character string, and the longest is 128 bytes; the PUI number segment is a character string, and the longest length is 128 bytes;
it should be noted that, when one country operator network name has multiple PUI number segments, the multiple PUI number segments need to be configured in the relationship of "country operator network name, PUI number segment".
5. And configuring the network name of the national operator.
After the parameter configuration is completed, the authentication processes can be designed according to the type of the message in fig. 7 to which the message belongs.
Figure 9 is a flow chart of an inspection of a message sent by a home country to a roaming country according to an alternative embodiment of the present invention, where, as shown in figure 9, country a is assumed to be the home country of a Diameter message sender and country B is assumed to be the roaming country of the Diameter message sender, the flow includes the following steps:
step S901, DRA in B receives Diameter message (namely Diameter signaling), and the next node of route analysis is a service node;
step S902: and the DRA in the country B judges whether the Diameter message belongs to the home country-to-roaming country message set or not according to the command code and the application interface of the Diameter message, and if so, the DRA continues. Otherwise, processing according to other judgment logics.
Step S903: and the DRA in the country B acquires the network name of the national operator corresponding to the IMSI according to the network name and IMSI number field of the national operator, and if the network name is the operator in other countries (namely, the operators in other countries except the country B), the operation is continued. Otherwise, processing according to other judgment logics.
Step S904: the DRA of B checks the source host name of the message according to the name of the network of the national operator and the service host, if the source host name and the name of the network of the national operator obtained according to the IMSI form a trust relationship. Continuing, otherwise, judging as illegal message and discarding.
Step S905: and the DRA of the B country judges whether the Route-Record chain comprises the gateway DRA of the B country or not according to the national operator network name, the gateway DRA host and the Route-Record chain of the request message. If yes, the process continues. If not, the message is judged to be illegal and discarded.
Step S906: the DRA in country B checks the Route-Record chain of the message according to the national operator network name and gateway DRA host, and if the gateway DRA in country A is contained, the operation is continued. Otherwise, judging the message to be an illegal message and discarding the message.
Step S907: the Route-Record AVP chain of the DRA check message in country B continues if it contains a maximum of two national gateway DRAs. Otherwise, judging the message as a forged Route-Record message and discarding the message.
Through the content check and Route-Record path information check shown in fig. 9, for example, for the CLR request message of the Diameter signaling S6a interface, if an attacker launches an information deletion attack of a legitimate user through a third country, the DRA may be identified and discarded.
Figure 10 is a flow chart of an inspection of messages sent by a roaming country to a home country according to an alternative embodiment of the present invention, where as shown in figure 10, assuming country a is the home country of a Diameter message sender and country B is the roaming country of the Diameter message sender, the flow includes the following steps:
step S1001: DRA of A country receives the Diameter message, and the next node of route analysis is a service node;
step S1002: and D, the DRA of the country A continues according to whether the command code of the Diameter message belongs to the message set sent from the roaming country to the home country or not, and if so, continuing. Otherwise, processing according to other judgment logics.
Step S1003: and the DRA of the country A acquires the network name of the country operator corresponding to the IMSI according to the network name and IMSI number field of the country operator, and if the network name is the country operator, the operation is continued. Otherwise, discarding.
Step S1004: the DRA of the country A acquires the network name of the country operator corresponding to the source host name according to the network name of the country operator and the service host, and if the network name of the country operator is the other country operator (namely, the operators of other countries except the country A), the operation continues. Otherwise, processing according to other judgment logics.
Step S1005: and the DRA of the country A judges whether the Route-Record chain comprises the gateway DRA of the country B or not according to the national operator network name, the gateway DRA host and the Route-Record chain of the request message. If yes, the process continues. If not, the message is judged to be illegal and discarded.
Step S1006: the DRA of country A checks the Route-Record chain of the message according to the national operator network name and gateway DRA host, and if the gateway DRA of country A is contained, the operation is continued. Otherwise, judging the message to be an illegal message and discarding the message.
Step S1007: the Route-Record AVP chain of the DRA check message of country a continues if it contains a maximum of two country's gateway DRAs. Otherwise, judging the message as a forged Route-Record message and discarding the message.
Through the content check and Route-Record path information check shown in fig. 10, for example, for the PUR request message of the Diameter signaling S6a interface, if an attacker initiates information roaming information deletion of a legitimate user through a third country, the DRA may be identified and discarded.
Figure 11 is a flow chart of an inspection of messages sent only within the home country according to an alternative embodiment of the present invention, where as shown in figure 11, assuming country a is the home country of the Diameter message sender, the flow includes the following steps:
step S1101: DRA of A country receives the Diameter message, and the next node of route analysis is a service node;
step S1102: and D, the DRA of the country A continues according to whether the command code of the Diameter message belongs to the message set which is only sent in the home country or not, and if so, continuing. Otherwise, processing according to other judgment logics.
Step S1103: and the DRA of the country A checks the IMSI or the MSISDN of the message according to the 'network name of the country operator and the IMSI number field', if the matched country is the country A, the operation is continued, and if the matched country is the country A, the illegal message is judged to be discarded.
Step S1104: and the DRA of the country A acquires the network name of the country operator corresponding to the source host name according to the network name of the country operator and the service host, and if the network name of the country operator is the country operator, the DRA continues. Otherwise, judging the message to be an illegal message and discarding the message.
Step S1105: the DRA of country a checks the Route-Record chain of the message by the "national operator network name, gateway DRA host" and continues if it does not contain a gateway DRA of its country, i.e. of a country other than country a. Otherwise, judging the message to be an illegal message and discarding the message.
Through the content check and Route-Record path information check shown in fig. 11, for example, for the UDR request message of the Sh interface, if an attacker initiates a user data request (aiming to illegally acquire user subscription information) to the IMS-HSS through the third country, the DRA may be identified and discarded.
Fig. 12 is a flowchart of DRA-regulated service node message according to an alternative embodiment of the present invention, and as shown in fig. 12, the flowchart includes the following steps:
step S1201: DRA receives Diameter request message, if it is initiated by service node, then all Route-Record AVP are cleared;
step S1202: and subsequently carrying out normal service processing.
Through the steps, if the incoming of the Diameter signaling is the service node, the path information is completely deleted no matter how much the path information is carried by the Route-Record AVP, so that the subsequently transmitted Diameter signaling can not carry the Route-Record AVP information added by the service node.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (14)
1. A Diameter signaling method, comprising:
a Diameter routing agent DRA receives Diameter signaling;
the DRA judges whether a last hop node of the Diameter signaling is a service node;
if the judgment result is yes, the DRA removes first path information in the Diameter signaling, and adds second path information to the Diameter signaling, wherein the second path information comprises: identification information of a previous hop node of the Diameter signaling;
the DRA sends the Diameter signaling.
2. The method of claim 1, wherein after the DRA determines whether the last hop node of the Diameter signaling is the service node, the method further comprises:
if the judgment result is negative, the DRA reserves the first path information in the Diameter signaling, and adds the second path information to the Diameter signaling;
the DRA sends the Diameter signaling.
3. The method of claim 1 or 2, wherein, in the case that the DRA is a ground DRA, the sending of the Diameter signaling by the DRA comprises:
the DRA judges whether the Diameter signaling meets a preset condition or not according to the second path information and a message set to which the Diameter signaling belongs, wherein the message set comprises one of the following parts: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country;
and if the judgment result is yes, the DRA sends the Diameter signaling.
4. The method of claim 3, wherein in the case that the message set to which the Diameter signaling belongs is a message set sent from a home country to a roaming country, the predetermined condition comprises at least one of:
the national operator inquired according to the International Mobile Subscriber Identity (IMSI) of the Diameter signaling is a first country operator;
a source host of the Diameter signaling and a first country operator inquired according to the IMSI form a trust relationship;
the second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA information is gateway DRA information of a first country operator inquired according to IMSI;
the second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located;
and the second path information of the Diameter signaling at most comprises gateway DRA information of two countries.
5. The method of claim 3, wherein in the case that the message set to which the Diameter signaling belongs is a message set sent from a roaming country to a home country, the predetermined condition comprises at least one of:
the national operator inquired according to the International Mobile Subscriber Identity (IMSI) of the Diameter signaling is a second country operator, wherein the second country operator is the operator of the country where the DRA is located;
the country operator inquired according to the source host of the Diameter signaling is a first country operator;
the second path information of the Diameter signaling comprises first country gateway DRA information, wherein the first country gateway DRA is gateway DRA information of a first country operator inquired according to a source host;
the second path information of the Diameter signaling comprises second country gateway DRA information, wherein the second country gateway DRA information is gateway DRA information of an operator of the country where the DRA is located;
and the second path information of the Diameter signaling at most comprises gateway DRA information of two countries.
6. The method according to claim 3, characterized in that in case the message set to which the Diameter signaling belongs is a message set sent only within the home country, the predetermined condition comprises at least one of the following:
the national operator inquired according to the international mobile subscriber identity IMSI of the Diameter signaling or the mobile station international ISDN/PSTN identification number MSISDN is a second country operator;
the country operator inquired according to the source host of the Diameter signaling is a second country operator;
the second path information of the Diameter signaling only comprises gateway DRA information of a second country operator;
wherein the second country operator is an operator of the country where the DRA is located.
7. A Diameter signaling method, comprising:
the service node generates a Diameter signaling;
adding third path information to the Diameter signaling by the service node, wherein the third path information is gateway Diameter routing agent DRA information of a home country operator of the Diameter signaling and gateway DRA information of other countries except the gateway DRA information of a roaming country operator of the Diameter signaling;
the service node sends the Diameter signaling.
8. The method of claim 7, wherein after the traffic node generates the Diameter signaling, the method further comprises:
the service node judges whether a first DRA has the capacity of clearing first path information in the Diameter signaling, wherein the first DRA is a next hop DRA of the Diameter message;
wherein the adding, by the service node, third path information to the Diameter signaling includes: and if the judgment result is negative, the service node adds the third path information to the Diameter signaling.
9. The method of claim 7 or 8, wherein after the service node sends the Diameter signaling, the method further comprises:
the landing DRA receives the Diameter signaling;
and the ground DRA determines the path of the Diameter signaling as a forged path according to the third path information.
10. A Diameter signaling transmission device is applied to a Diameter routing agent DRA and is characterized by comprising:
a receiving module, configured to receive a Diameter signaling;
the judging module is used for judging whether a previous hop node of the Diameter signaling is a service node;
a first processing module, configured to, if the determination result is yes, clear first path information in the Diameter signaling, and add second path information to the Diameter signaling, where the second path information includes: identification information of a previous hop node of the Diameter signaling;
the first sending module is used for sending the Diameter signaling.
11. The apparatus of claim 10, further comprising:
the second processing module is used for reserving the first path information in the Diameter signaling and adding the second path information to the Diameter signaling under the condition that the judgment result is negative;
and the second sending module is used for sending the Diameter signaling.
12. The apparatus of claim 11, wherein the first sending module or the second sending module respectively comprises:
a determining unit, configured to determine, when the DRA is a ground DRA, whether the Diameter signaling meets a predetermined condition according to the second path information and a message set to which the Diameter signaling belongs, where the message set includes one of: the message set sent by the home country to the roaming country, the message set sent by the roaming country to the home country, and the message set sent only in the home country;
and the sending unit is used for sending the Diameter signaling under the condition that the judgment result is yes.
13. A Diameter signaling transmission device is applied to a service node, and is characterized by comprising:
a generation module for generating a Diameter signaling;
the processing module is used for adding third path information into the Diameter signaling, wherein the third path information is gateway DRA information of other countries except a gateway DRA information of a home country operator of the Diameter signaling and a gateway DRA information of a roaming country operator of the Diameter signaling;
and the sending module is used for sending the Diameter signaling.
14. The apparatus of claim 13, further comprising:
a judging module, configured to judge whether a first DRA has a capability of clearing first path information in the Diameter signaling, where the first DRA is a next hop DRA of the Diameter message;
wherein the processing module is configured to: and adding the third path information to the Diameter signaling under the condition that the judgment result of the judgment module is negative.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510992477.7A CN106921570B (en) | 2015-12-24 | 2015-12-24 | Diameter signaling sending method and device |
| PCT/CN2016/112681 WO2017108009A1 (en) | 2015-12-24 | 2016-12-28 | Diameter signaling transmission method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510992477.7A CN106921570B (en) | 2015-12-24 | 2015-12-24 | Diameter signaling sending method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106921570A CN106921570A (en) | 2017-07-04 |
| CN106921570B true CN106921570B (en) | 2020-09-29 |
Family
ID=59089143
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510992477.7A Active CN106921570B (en) | 2015-12-24 | 2015-12-24 | Diameter signaling sending method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106921570B (en) |
| WO (1) | WO2017108009A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109246144A (en) * | 2018-10-31 | 2019-01-18 | 中国人民解放军战略支援部队信息工程大学 | HSS unauthorized access detection device and method in IMS network |
| CN111277552B (en) * | 2018-12-05 | 2022-06-14 | 中国移动通信集团广西有限公司 | Method, device and storage medium for identifying direct signaling security threat |
| CN112954625B (en) * | 2021-03-02 | 2022-03-11 | 武汉绿色网络信息服务有限责任公司 | Signaling transmission method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247321A (en) * | 2007-02-14 | 2008-08-20 | 华为技术有限公司 | Method, device and system for routing diagnosis in network based on diameter protocol |
| CN103385012A (en) * | 2010-12-23 | 2013-11-06 | 泰克莱克股份有限公司 | Methods, systems, and computer readable media for modifying a Diameter signaling message directed to a charging function node |
| CN103650543A (en) * | 2013-06-28 | 2014-03-19 | 华为技术有限公司 | Routing message transmission method and device |
| CN104350711A (en) * | 2012-06-11 | 2015-02-11 | 泰科来股份有限公司 | Methods, systems, and computer readable media for routing diameter messages at diameter signaling router |
| JP2015065539A (en) * | 2013-09-24 | 2015-04-09 | 株式会社Nttドコモ | Ip multimedia sub-system, proxy session control device, and communication control method |
| EP2534794A4 (en) * | 2010-02-12 | 2015-07-29 | Tekelec Inc | Methods, systems, and computer readable media for providing peer routing at a diameter node |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8750126B2 (en) * | 2009-10-16 | 2014-06-10 | Tekelec, Inc. | Methods, systems, and computer readable media for multi-interface monitoring and correlation of diameter signaling information |
| WO2014025773A1 (en) * | 2012-08-10 | 2014-02-13 | Ibasis, Inc. | Signaling traffic reduction in mobile communication systems |
-
2015
- 2015-12-24 CN CN201510992477.7A patent/CN106921570B/en active Active
-
2016
- 2016-12-28 WO PCT/CN2016/112681 patent/WO2017108009A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247321A (en) * | 2007-02-14 | 2008-08-20 | 华为技术有限公司 | Method, device and system for routing diagnosis in network based on diameter protocol |
| EP2534794A4 (en) * | 2010-02-12 | 2015-07-29 | Tekelec Inc | Methods, systems, and computer readable media for providing peer routing at a diameter node |
| CN103385012A (en) * | 2010-12-23 | 2013-11-06 | 泰克莱克股份有限公司 | Methods, systems, and computer readable media for modifying a Diameter signaling message directed to a charging function node |
| CN104350711A (en) * | 2012-06-11 | 2015-02-11 | 泰科来股份有限公司 | Methods, systems, and computer readable media for routing diameter messages at diameter signaling router |
| CN103650543A (en) * | 2013-06-28 | 2014-03-19 | 华为技术有限公司 | Routing message transmission method and device |
| JP2015065539A (en) * | 2013-09-24 | 2015-04-09 | 株式会社Nttドコモ | Ip multimedia sub-system, proxy session control device, and communication control method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017108009A1 (en) | 2017-06-29 |
| CN106921570A (en) | 2017-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10237721B2 (en) | Methods, systems, and computer readable media for validating a redirect address in a diameter message | |
| WO2011035684A1 (en) | Network selection method based on multi-link and apparatus thereof | |
| CN109450841B (en) | Large-scale DDoS attack resisting defense method based on cloud + end equipment on-demand linkage mode | |
| CN104010285A (en) | Short message filtering method and system, short message service center and terminal | |
| WO2010105099A2 (en) | Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions | |
| KR20150013635A (en) | Organization of diameter routing agent rule sets | |
| US20190394169A1 (en) | Service flow control method and apparatus | |
| CN106921570B (en) | Diameter signaling sending method and device | |
| JP2015510706A (en) | Offline charging for M2M interaction | |
| CN111277552B (en) | Method, device and storage medium for identifying direct signaling security threat | |
| EP3366017B1 (en) | Detection method against charging fraud | |
| CN105429936A (en) | Defense method and apparatus of malicious occupation of storage resources in private network router | |
| US9027139B2 (en) | Method for malicious attacks monitoring | |
| CN105208022A (en) | Alarm information generation method and device | |
| EP3018876B1 (en) | Monitoring of signalling traffic | |
| US11108914B2 (en) | Method and system for revenue maximization in a communication network | |
| CN109309905A (en) | A kind of identification of pseudo-base station note and hold-up interception method and device | |
| CN111163033B (en) | Message forwarding method and device, communication network element and computer readable storage medium | |
| US9942767B2 (en) | Reducing fraudulent activity associated with mobile networks | |
| US10271270B2 (en) | Reducing fraudulent activity associated with mobile networks | |
| KR102440411B1 (en) | Method and apparatus for detecting abnormal roaming request | |
| CN110324799B (en) | Traffic management method, equipment and storage medium based on business strategy routing | |
| KR102456861B1 (en) | Domestic home network negative connection blocking method and system thereof using roaming network | |
| CN108366364B (en) | Discrimination processing method for abnormal MAP operation | |
| CN111263381B (en) | Service processing method, device, system, terminal and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200819 Address after: 210012 Nanjing, Yuhuatai District, South Street, Bauhinia Road, No. 68 Applicant after: Nanjing Zhongxing Software Co.,Ltd. Address before: 518057 Nanshan District science and technology, Guangdong Province, South Road, No. 55, No. Applicant before: ZTE Corp. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |