CN108718369B - Gateway access method, device and computer storage medium - Google Patents
Gateway access method, device and computer storage medium Download PDFInfo
- Publication number
- CN108718369B CN108718369B CN201810416256.9A CN201810416256A CN108718369B CN 108718369 B CN108718369 B CN 108718369B CN 201810416256 A CN201810416256 A CN 201810416256A CN 108718369 B CN108718369 B CN 108718369B
- Authority
- CN
- China
- Prior art keywords
- gateway
- public service
- illegal
- voip
- list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000005540 biological transmission Effects 0.000 claims abstract description 53
- 238000012544 monitoring process Methods 0.000 claims abstract description 29
- 238000004590 computer program Methods 0.000 claims description 19
- 229910002056 binary alloy Inorganic materials 0.000 claims description 4
- 238000004806 packaging method and process Methods 0.000 claims description 4
- 238000000605 extraction Methods 0.000 claims description 2
- 230000009286 beneficial effect Effects 0.000 abstract description 6
- 230000006870 function Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 239000002699 waste material Substances 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M7/00—Arrangements for interconnection between switching centres
- H04M7/006—Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
- H04M7/0078—Security; Fraud detection; Fraud prevention
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M7/00—Arrangements for interconnection between switching centres
- H04M7/006—Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
- H04M7/0075—Details of addressing, directories or routing tables
Abstract
The invention is suitable for the field of software, and provides a gateway access method, a gateway access device and a computer storage medium, wherein the method comprises the following steps: the VOIP server searches a calling number in a public service number list; if the calling number is found in the public service number list, discarding the call request, marking the VOIP gateway as an illegal gateway, closing a data transmission channel, and reporting a message that the VOIP gateway is the illegal gateway to a monitoring server; if the calling number is not the pre-stored public service number, the calling number is searched in the fraud phone list, if the calling number is searched in the fraud phone list, the calling request is discarded, the VOIP gateway is marked as an illegal gateway, a data transmission channel is closed, the pre-stored illegal gateway identifier, the IP address and the MAC address of the VOIP gateway are packaged to generate a message that the VOIP gateway is the illegal gateway, and the message that the VOIP gateway is the illegal gateway is reported to a monitoring server. The invention is not only beneficial to intercepting fraud calls, but also beneficial to saving network resources.
Description
Technical Field
The invention belongs to the field of software, and particularly relates to a gateway access method, a gateway access device and a computer storage medium.
Background
At present, fraud telephones are mainly dialed by fraud groups in some countries and regions in southeast Asia by using IP technology, and the fraud telephones enter the country mainly through the Internet and then are accessed into the local network of the domestic telecommunication network through a VoIP network. Because the fraud telephone seriously interferes with the life of common people and becomes a prominent problem of social security and social public nuisance, the fraud telephone must be found, notified and intercepted in time, and the ability of fighting against fraud telephones is continuously promoted.
However, the current gateway access method cannot shield the VoIP gateway transmitting the fraud phone, which is not beneficial to intercepting the fraud phone. The reason is that the current gateway access is oriented to all VoIP gateways, the VoIP gateways for transmitting fraud calls and the VoIP gateways for transmitting normal calls cannot be distinguished, the VoIP gateways for transmitting fraud calls can also reserve the accessed data transmission channels, fraud calls can be accessed to the local network of the domestic telecommunication network through the VoIP network, and therefore fraud calls cannot be intercepted favorably, in addition, the VoIP gateways for transmitting fraud calls occupy a large number of data transmission channels, and a large amount of waste of network resources is caused, so the current gateway access method is not beneficial to the interception of fraud calls nor the saving of network resources.
Disclosure of Invention
In view of this, embodiments of the present invention provide a gateway access method, an apparatus and a computer storage medium, so as to solve the problem that the current gateway access method cannot shield the VoIP gateway transmitting the fraud phone and is not beneficial to intercepting the fraud phone.
A first aspect of an embodiment of the present invention provides a gateway access method, including:
the VOIP server is connected with the first server and downloads a public service number list, and the public service number list comprises authenticated public service numbers;
connecting to a second server, downloading a fraud phone list, the fraud phone list comprising marked fraud phones;
receiving an access request sent by a VOIP gateway, wherein the access request carries an IP address and an MAC address of the VOIP gateway;
according to the access request, establishing a data transmission channel between the server and the VOIP gateway at a transmission layer of a TCP/IP network;
receiving a call request through the data transmission channel, wherein the call request is forwarded by the VOIP gateway and comprises a calling number and a called number;
extracting the calling number in the call request;
searching the calling number in the public service number list;
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, and reporting a message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to a gateway which is tampered with the public service number;
if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is searched in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, encapsulating a pre-stored illegal gateway identifier, an IP address and an MAC address of the VOIP gateway, generating a message that the VOIP gateway is an illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway identifier consists of a first character string and a second character string, the first character string is a Violation, the second character string is 6 0 s in a binary form, and the illegal gateway is the VoIP gateway for transmitting the fraud phone.
As an implementation manner of this embodiment, in the gateway access method, the VOIP server is connected to a first server, and downloads a public service number list, where the public service number list includes authenticated public service numbers, and the method specifically includes:
and the VOIP server acquires the downloading time preset by the user or default by the system, and when the downloading time is up, the VOIP server is connected with a second server to download a public service number list, wherein the public service number list comprises the authenticated public service numbers.
As an implementation manner of this embodiment, in this gateway access method, the connecting to the second server downloads a fraud phone list, where the fraud phone list includes marked fraud phones, specifically:
every 20 minutes, the second server is connected, and a fraud phone list is downloaded, which comprises the marked fraud phones.
As an implementation manner of this embodiment, in the gateway access method, if the calling number is found in the public service number list, it is determined that the calling number is tampered with as the public service number, the call request is discarded, the VOIP gateway is marked as an illegal gateway, the data transmission channel is closed, and a message that the VOIP gateway is an illegal gateway is reported to the monitoring server, specifically:
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, packaging a prestored illegal gateway identifier, an IP address of the VOIP gateway and an MAC address to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to the gateway which is tampered with the public service number, the illegal gateway identifier consists of a third character string and a fourth character string, the third character string is Unlawful, and the fourth character string is 1 in 6 binary systems.
As an implementation manner of this embodiment, in this gateway access method, after the calling number is looked up in the fraud phone list if the calling number is not a pre-stored public service number, the method further includes:
if the calling number cannot be found in the fraud call list, judging that the calling number is not a fraud call, acquiring a called number in the call request, finding a visited GMSC to which the called number belongs, and sending the called number to the visited GMSC so that the visited GMSC can call the called number conveniently.
A second aspect of an embodiment of the present invention provides a gateway access apparatus, including:
the first downloading module is used for connecting a first server and downloading a public service number list, wherein the public service number list comprises authenticated public service numbers;
a second downloading module, for connecting to a second server, downloading a fraud phone list, said fraud phone list comprising marked fraud phones;
the access request receiving module is used for receiving an access request sent by a VOIP gateway, wherein the access request carries an IP address and an MAC address of the VOIP gateway;
the data transmission channel establishing module is used for establishing a data transmission channel between the server and the VOIP gateway in a transmission layer of a TCP/IP network according to the access request;
a call request receiving module, configured to receive a call request through the data transmission channel, where the call request is forwarded by the VOIP gateway and includes a calling number and a called number;
a calling number extraction module, configured to extract the calling number from the call request;
the calling number searching module is used for searching the calling number in the public service number list;
an illegal gateway marking module, configured to, if the calling number is found in the public service number list, determine that the calling number is tampered with as the public service number, discard the call request, mark the VOIP gateway as an illegal gateway, close the data transmission channel, and report a message that the VOIP gateway is an illegal gateway to a preset monitoring server, where the illegal gateway refers to a gateway that tampered with the public service number;
a violation gateway marking module for, if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is searched in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, encapsulating a prestored illegal gateway identifier, an IP address and an MAC address of the VOIP gateway to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, the Violation gateway identifier consists of a first string and a second string, the first string being Violation, the second string is 6 0's in binary form, and the violation gateway is a VoIP gateway transmitting the fraud phone.
As an implementation manner of this embodiment, in the gateway access apparatus, the first downloading module is configured to acquire downloading time preset by a user or default by a system, and when the downloading time is reached, connect to a second server to download a public service number list, where the public service number list includes an authenticated public service number;
the second downloading module is used for connecting a second server every 20 minutes and downloading a fraud phone list, wherein the fraud phone list comprises marked fraud phones.
An illegal gateway marking module, configured to, if the calling number is found in the public service number list, determine that the calling number is tampered with as the public service number, discard the call request, mark the VOIP gateway as an illegal gateway, close the data transmission channel, encapsulate a pre-stored illegal gateway identifier, an IP address of the VOIP gateway, and an MAC address of the VOIP gateway, generate a message that the VOIP gateway is an illegal gateway, and report the message that the VOIP gateway is an illegal gateway to a preset monitoring server, where the illegal gateway refers to a gateway that tampered with the public service number, where the illegal gateway identifier is composed of a third character string and a fourth character string, the third character string is Unlawful, and the fourth character string is 6 1 s in binary form.
As an implementation manner of this embodiment, the gateway access apparatus further includes:
and the called number calling module is used for judging that the calling number is not a fraud phone if the calling number cannot be searched in the fraud phone list, acquiring the called number in the call request, searching a visited GMSC to which the called number belongs, and sending the called number to the visited GMSC so that the visited GMSC can call the called number conveniently.
A third aspect of the embodiments of the present invention provides a gateway access apparatus, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method when executing the computer program.
A fourth aspect of embodiments of the present invention provides a computer storage medium storing a computer program that, when executed by a processor, performs the steps of the above-described method.
Compared with the prior art, the embodiment of the invention has the advantages that on one hand, the VOIP gateway is marked as the violation gateway, the data transmission channel is closed, the VoIP gateway for transmitting the fraud phone can be shielded, and the fraud phone can be intercepted, on the other hand, the data transmission channel is closed, and the condition that the VoIP gateway for transmitting the fraud phone occupies a large number of data transmission channels to cause a large amount of waste of network resources can be avoided, so that the method is beneficial to intercepting the fraud phone and saving network resources.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a flowchart of an implementation of a gateway access method according to an embodiment of the present invention;
fig. 2 is a block diagram of a gateway access apparatus according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a gateway access apparatus according to an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
In order to explain the technical means of the present invention, the following description will be given by way of specific examples.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
In particular implementations, the terminal devices described in embodiments of the invention include, but are not limited to, other portable devices such as mobile phones, laptop computers, or tablet computers having touch sensitive surfaces (e.g., touch screen displays and/or touch pads). It should also be understood that in some embodiments, the device is not a portable communication device, but is a desktop computer having a touch-sensitive surface (e.g., a touch screen display and/or touchpad).
In the discussion that follows, a terminal device that includes a display and a touch-sensitive surface is described. However, it should be understood that the terminal device may include one or more other physical user interface devices such as a physical keyboard, mouse, and/or joystick.
The terminal device supports various applications, such as one or more of the following: a drawing application, a presentation application, a word processing application, a website creation application, a disc burning application, a spreadsheet application, a gaming application, a telephone application, a video conferencing application, an email application, an instant messaging application, an exercise support application, a photo management application, a digital camera application, a web browsing application, a digital music player application, and/or a digital video player application.
Various applications that may be executed on the terminal device may use at least one common physical user interface device, such as a touch-sensitive surface. One or more functions of the touch-sensitive surface and corresponding information displayed on the terminal can be adjusted and/or changed between applications and/or within respective applications. In this way, a common physical architecture (e.g., touch-sensitive surface) of the terminal can support various applications with user interfaces that are intuitive and transparent to the user.
In order to explain the technical means of the present invention, the following description will be given by way of specific examples.
Example one
Referring to fig. 1, fig. 1 is a flowchart of an implementation of a gateway access method provided in an embodiment of the present invention, where the method is applied to a terminal device, and as shown in fig. 1, the gateway access method may include the following steps:
s101, a VOIP server is connected with a first server and downloads a public service number list, wherein the public service number list comprises authenticated public service numbers;
the VoIP Gateway includes a Voice Gateway (VG for short) and a router providing a Voice IP access function.
S102, connecting a second server, downloading a fraud phone list, wherein the fraud phone list comprises marked fraud phones;
s103, receiving an access request sent by a VOIP gateway, wherein the access request carries an IP address and an MAC address of the VOIP gateway;
s104, establishing a data transmission channel between the server and the VOIP gateway at a transmission layer of a TCP/IP network according to the access request;
the server refers to a VOIP server.
S105, receiving a call request through the data transmission channel, wherein the call request is forwarded by the VOIP gateway and comprises a calling number and a called number;
s106, extracting the calling number in the calling request;
s107, searching the calling number in the public service number list;
and judging whether the prefix of the calling number is 00 or not, and if the prefix is 00, searching the calling number after the prefix of 00 is deleted in the public service number list.
The public service number in the present application refers to a special service telephone number, that is, a telephone number at the beginning of 11 or 12. 11, special service numbers such as bandit police 110 and fire police 119 are given, 12, civil special numbers such as 120 (hospital) and 121 (weather forecast) are given. For ease of illustration, postal 11185 is exemplified as follows:
the calling number is 0011185, the calling number after the 00 prefix is deleted is 11185, 11185 is searched in the public service number list, if 11185 is found in the public service number list, it is judged that 11185 is tampered with the public service number, the call request is discarded, the VOIP gateway is marked as an illegal gateway, the data transmission channel is closed, and a message that the VOIP gateway is an illegal gateway is reported to a preset monitoring server, wherein the illegal gateway refers to a gateway which is tampered with the public service number.
The search process of public service numbers such as social security (12333) and public security bureau (110) is the same as above, and is not described herein again.
S108, if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, and reporting a message that the VOIP gateway is an illegal gateway to a preset monitoring server, wherein the illegal gateway refers to a gateway which is tampered with the public service number;
if the calling number is found in the public service number list, the calling number is judged to be falsified into the public service number, the call request is discarded, the VOIP gateway is marked as an illegal gateway, and the data transmission channel is closed, wherein in China, the network bearing the public service number is a local network of a domestic telecommunication network and is not a VOIP network, so the calling number normally reported by the VOIP gateway cannot be the public service number, and if the calling number reported by the VOIP gateway is the public service number, the VOIP gateway changes the calling number into the public service number, therefore, by closing the data transmission channel, fraudulent calls imitating the public service number can be intercepted, and network resources can be saved.
Wherein, S108 specifically is:
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, packaging a prestored illegal gateway identifier, an IP address of the VOIP gateway and an MAC address to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to the gateway which is tampered with the public service number, the illegal gateway identifier consists of a third character string and a fourth character string, the third character string is Unlawful, and the fourth character string is 1 in 6 binary systems.
The monitoring server receives and analyzes the message that the VOIP gateway is the illegal gateway, identifies the illegal gateway identifier through Unlawful and 6 pieces of 1 in binary form, identifies the VOIP gateway as the illegal gateway through the illegal gateway identifier, and positions the illegal gateway through the IP address and the MAC address of the VOIP gateway.
Wherein Unlawful indicates illegitimate.
S109, if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is found in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, encapsulating a prestored illegal gateway identifier, an IP address and an MAC address of the VOIP gateway to generate a message that the VOIP gateway is the illegal gateway, reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, the Violation gateway identifier consists of a first string and a second string, the first string being Violation, the second string is 6 0's in binary form, and the violation gateway is a VoIP gateway transmitting the fraud phone.
The monitoring server receives and analyzes the message that the VOIP gateway is the Violation gateway, identifies the Violation gateway identifier through Violation and 6 0 s in binary form, identifies the VOIP gateway as the Violation gateway through the Violation gateway identifier, and positions the Violation gateway through the IP address and the MAC address of the VOIP gateway. Wherein Violation represents a Violation.
Wherein, after said finding said calling number in said fraud phone list if said calling number is not a pre-stored public service number, said method further comprises:
if the calling number cannot be found in the fraud call list, judging that the calling number is not a fraud call, acquiring a called number in the call request, finding a visited GMSC to which the called number belongs, and sending the called number to the visited GMSC so that the visited GMSC can call the called number conveniently.
Since the VOIP server may be interconnected with a plurality of gateway mobile switching centers GMSCs at the same time, in actual use, when the visited GMSC to which the called number belongs needs to be determined, the visited GMSC may be determined according to the called number. For example, when the called number is a mobile phone number, the visited place GMSC is determined according to the attribution of the mobile phone number.
In the embodiment of the invention, if the calling number is found in the fraud phone list, the calling number is judged to be a fraud phone, the call request is discarded, the VOIP gateway is marked as an illegal gateway, and the data transmission channel is closed.
Example two
Corresponding to the method described in the first embodiment, referring to fig. 2, fig. 2 is a block diagram of a gateway access apparatus provided in the first embodiment of the present invention, and is applied to terminal devices, where the terminal devices include, but are not limited to, a VOIP server and a switch. For convenience of explanation, only the portions related to the present embodiment are shown. For convenience of explanation, only the portions related to the present embodiment are shown.
Referring to fig. 2, the gateway access apparatus includes:
a first downloading module 21, configured to connect to a first server, and download a public service number list, where the public service number list includes authenticated public service numbers;
a second download module 22 for connecting to a second server, downloading a fraud phone list, said fraud phone list comprising marked fraud phones;
an access request receiving module 23, configured to receive an access request sent by a VOIP gateway, where the access request carries an IP address and an MAC address of the VOIP gateway;
a data transmission channel establishing module 24, configured to establish a data transmission channel between the server and the VOIP gateway in a transmission layer of the TCP/IP network according to the access request;
a call request receiving module 25, configured to receive a call request through the data transmission channel, where the call request is forwarded by the VOIP gateway and includes a calling number and a called number;
a calling number extracting module 26, configured to extract the calling number in the call request;
a calling number searching module 27, configured to search the public service number list for the calling number;
an illegal gateway marking module 28, configured to, if the calling number is found in the public service number list, determine that the calling number is tampered with as the public service number, discard the call request, mark the VOIP gateway as an illegal gateway, close the data transmission channel, and report a message that the VOIP gateway is an illegal gateway to a preset monitoring server, where the illegal gateway refers to a gateway that tampered with the public service number;
and an offending gateway tagging module 29 for, if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is searched in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, encapsulating a prestored illegal gateway identifier, an IP address and an MAC address of the VOIP gateway to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, the Violation gateway identifier consists of a first string and a second string, the first string being Violation, the second string is 6 0's in binary form, and the violation gateway is a VoIP gateway transmitting the fraud phone.
In the embodiment of the invention, if the calling number is found in the fraud phone list, the calling number is judged to be a fraud phone, the call request is discarded, the VOIP gateway is marked as an illegal gateway, and the data transmission channel is closed.
EXAMPLE III
Fig. 3 is a schematic diagram of a gateway access apparatus according to an embodiment of the present invention. As shown in fig. 3, the gateway access apparatus 3 of this embodiment includes: a processor 30, a memory 31 and a computer program 32, such as a gateway access program, stored in said memory 31 and operable on said processor 30. The processor 30 implements the steps in the various gateway access method embodiments described above when executing the computer program 32.
Illustratively, the computer program 32 may be partitioned into one or more modules/units that are stored in the memory 31 and executed by the processor 30 to implement the present invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program 32 in the gateway access apparatus 3.
The gateway access device 3 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The gateway access device may include, but is not limited to, a processor 30, a memory 31.
It will be understood by those skilled in the art that fig. 3 is merely an example of the gateway access apparatus 3, and does not constitute a limitation of the gateway access apparatus 3, and may include more or less components than those shown, or combine some components, or different components, for example, the gateway access apparatus may further include an input-output device, a network access device, a bus, etc.
The Processor 30 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 31 may be an internal storage unit of the gateway access apparatus 3, such as a hard disk or a memory of the gateway access apparatus 3. The memory 31 may also be an external storage device of the gateway access apparatus 3, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the gateway access apparatus 3. Further, the memory 31 may also include both an internal storage unit and an external storage device of the gateway access apparatus 3. The memory 31 is used for storing the computer program and other programs and data required by the gateway access means. The memory 31 may also be used to temporarily store data that has been output or is to be output. It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In another embodiment of the present invention, a computer storage medium is provided, which stores a computer program that, when executed by a processor, implements the steps in the above-described respective gateway access method embodiments.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer storage medium and used by a processor to implement the steps of the embodiments of the method. . Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain other components which may be suitably increased or decreased as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media which may not include electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.
The device can be a desktop computer, a notebook, a palm computer, a cloud server and other computing equipment. The device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that the schematic diagrams are merely examples of an apparatus and do not constitute a limitation of the apparatus, and may include more or less components than those shown, or combine certain components, or different components, e.g. the apparatus may also include input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like that is the control center for the device and that connects the various parts of the overall device using various interfaces and lines.
The memory may be used to store the computer programs and/or modules, and the processor may implement the various functions of the apparatus by running or executing the computer programs and/or modules stored in the memory, as well as by invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.
Claims (9)
1. A gateway access method, comprising:
the VOIP server is connected with the first server and downloads a public service number list, and the public service number list comprises authenticated public service numbers;
connecting to a second server, downloading a fraud phone list, the fraud phone list comprising marked fraud phones;
receiving an access request sent by a VOIP gateway, wherein the access request carries an IP address and an MAC address of the VOIP gateway;
according to the access request, establishing a data transmission channel between the server and the VOIP gateway at a transmission layer of a TCP/IP network;
receiving a call request through the data transmission channel, wherein the call request is forwarded by the VOIP gateway and comprises a calling number and a called number;
extracting the calling number in the call request;
searching the calling number in the public service number list;
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, and reporting a message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to a gateway which is tampered with the public service number;
if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is searched in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as a Violation gateway, closing the data transmission channel, encapsulating a pre-stored Violation gateway identifier, an IP address and an MAC address of the VOIP gateway, generating a message that the VOIP gateway is a Violation gateway, and reporting the message that the VOIP gateway is the Violation gateway to a preset monitoring server, wherein the Violation gateway identifier consists of a first character string and a second character string, the first character string is a Violation, the second character string is 6 0 s in a binary form, and the Violation gateway is the VoIP gateway for transmitting the fraud phone;
if the calling number is found in the public service number list, the calling number is judged to be tampered as the public service number, the call request is discarded, the VOIP gateway is marked as an illegal gateway, the data transmission channel is closed, and a message that the VOIP gateway is an illegal gateway is reported to the monitoring server, specifically:
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, packaging a prestored illegal gateway identifier, an IP address of the VOIP gateway and an MAC address to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to the gateway which is tampered with the public service number, the illegal gateway identifier consists of a third character string and a fourth character string, the third character string is Unlawful, and the fourth character string is 1 in 6 binary systems;
judging whether the prefix of the calling number is 00 or not, if the prefix is 00, searching the calling number after the prefix of 00 is deleted in the public service number list;
the monitoring server receives and analyzes the message that the VOIP gateway is an illegal gateway, identifies an illegal gateway identifier through Unlawful and 6 pieces of 1 in a binary form, identifies the VOIP gateway as the illegal gateway through the illegal gateway identifier, and positions the illegal gateway through the IP address and the MAC address of the VOIP gateway;
the monitoring server receives and analyzes the message that the VOIP gateway is the Violation gateway, identifies the Violation gateway identifier through Violation and 6 0 s in binary form, identifies the VOIP gateway as the Violation gateway through the Violation gateway identifier, and positions the Violation gateway through the IP address and the MAC address of the VOIP gateway.
2. The method according to claim 1, wherein the VOIP server is connected to a first server, and downloads a list of public service numbers, the list of public service numbers including authenticated public service numbers, specifically:
and the VOIP server acquires the downloading time preset by the user or default by the system, and when the downloading time is up, the VOIP server is connected with a second server to download a public service number list, wherein the public service number list comprises the authenticated public service numbers.
3. The method as claimed in claim 1, wherein said connecting to a second server downloads a list of fraudulent telephones, said list of fraudulent telephones comprising marked fraudulent telephones, in particular:
every 20 minutes, the second server is connected, and a fraud phone list is downloaded, which comprises the marked fraud phones.
4. The method as recited in claim 1, wherein after said finding said calling number in said fraud phone list if said calling number is not a pre-stored public service number, said method further comprises:
if the calling number cannot be found in the fraud call list, judging that the calling number is not a fraud call, acquiring a called number in the call request, finding a visited GMSC to which the called number belongs, and sending the called number to the visited GMSC so that the visited GMSC can call the called number conveniently.
5. A gateway access apparatus, comprising:
the first downloading module is used for connecting a first server and downloading a public service number list, wherein the public service number list comprises authenticated public service numbers;
a second downloading module, for connecting to a second server, downloading a fraud phone list, said fraud phone list comprising marked fraud phones;
the access request receiving module is used for receiving an access request sent by a VOIP gateway, wherein the access request carries an IP address and an MAC address of the VOIP gateway;
the data transmission channel establishing module is used for establishing a data transmission channel between the server and the VOIP gateway in a transmission layer of a TCP/IP network according to the access request;
a call request receiving module, configured to receive a call request through the data transmission channel, where the call request is forwarded by the VOIP gateway and includes a calling number and a called number;
a calling number extraction module, configured to extract the calling number from the call request;
the calling number searching module is used for searching the calling number in the public service number list;
an illegal gateway marking module, configured to, if the calling number is found in the public service number list, determine that the calling number is tampered with as the public service number, discard the call request, mark the VOIP gateway as an illegal gateway, close the data transmission channel, and report a message that the VOIP gateway is an illegal gateway to a preset monitoring server, where the illegal gateway refers to a gateway that tampered with the public service number;
a violation gateway marking module for, if the calling number is not a pre-stored public service number, searching the calling number in the fraud phone list, if the calling number is searched in the fraud phone list, judging that the calling number is a fraud phone, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, encapsulating a prestored illegal gateway identifier, an IP address and an MAC address of the VOIP gateway to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, the Violation gateway identifier consists of a first string and a second string, the first string being Violation, the second character string is 6 0's in binary form, and the violation gateway is a VoIP gateway transmitting the fraud phone;
if the calling number is found in the public service number list, the calling number is judged to be tampered as the public service number, the call request is discarded, the VOIP gateway is marked as an illegal gateway, the data transmission channel is closed, and a message that the VOIP gateway is an illegal gateway is reported to the monitoring server, specifically:
if the calling number is found in the public service number list, judging that the calling number is tampered as the public service number, discarding the call request, marking the VOIP gateway as an illegal gateway, closing the data transmission channel, packaging a prestored illegal gateway identifier, an IP address of the VOIP gateway and an MAC address to generate a message that the VOIP gateway is the illegal gateway, and reporting the message that the VOIP gateway is the illegal gateway to a preset monitoring server, wherein the illegal gateway refers to the gateway which is tampered with the public service number, the illegal gateway identifier consists of a third character string and a fourth character string, the third character string is Unlawful, and the fourth character string is 1 in 6 binary systems;
judging whether the prefix of the calling number is 00 or not, if the prefix is 00, searching the calling number after the prefix of 00 is deleted in the public service number list;
the monitoring server receives and analyzes the message that the VOIP gateway is an illegal gateway, identifies an illegal gateway identifier through Unlawful and 6 pieces of 1 in a binary form, identifies the VOIP gateway as the illegal gateway through the illegal gateway identifier, and positions the illegal gateway through the IP address and the MAC address of the VOIP gateway;
the monitoring server receives and analyzes the message that the VOIP gateway is the Violation gateway, identifies the Violation gateway identifier through Violation and 6 0 s in binary form, identifies the VOIP gateway as the Violation gateway through the Violation gateway identifier, and positions the Violation gateway through the IP address and the MAC address of the VOIP gateway.
6. The apparatus of claim 5,
the first downloading module is used for acquiring downloading time preset by a user or defaulted by a system, and when the downloading time is up, connecting a second server to download a public service number list, wherein the public service number list comprises authenticated public service numbers;
the second downloading module is used for connecting a second server every 20 minutes and downloading a fraud phone list, wherein the fraud phone list comprises marked fraud phones.
7. The apparatus of claim 5, further comprising:
and the called number calling module is used for judging that the calling number is not a fraud phone if the calling number cannot be searched in the fraud phone list, acquiring the called number in the call request, searching a visited GMSC to which the called number belongs, and sending the called number to the visited GMSC so that the visited GMSC can call the called number conveniently.
8. A gateway access device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 4 when executing the computer program.
9. A computer storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810416256.9A CN108718369B (en) | 2018-05-03 | 2018-05-03 | Gateway access method, device and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810416256.9A CN108718369B (en) | 2018-05-03 | 2018-05-03 | Gateway access method, device and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108718369A CN108718369A (en) | 2018-10-30 |
| CN108718369B true CN108718369B (en) | 2021-09-24 |
Family
ID=63899600
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810416256.9A Active CN108718369B (en) | 2018-05-03 | 2018-05-03 | Gateway access method, device and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108718369B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111741472B (en) * | 2020-08-07 | 2020-11-24 | 北京微智信业科技有限公司 | GoIP fraud telephone identification method, system, medium and equipment |
| CN113114669B (en) * | 2021-04-09 | 2023-05-23 | 厦门市美亚柏科信息股份有限公司 | GOIP gateway identification method, device, equipment and storage medium based on gateway data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247217A (en) * | 2008-03-17 | 2008-08-20 | 北京星网锐捷网络技术有限公司 | Method, unit and system for preventing address resolution protocol flux attack |
| CN101572700A (en) * | 2009-02-10 | 2009-11-04 | 中科正阳信息安全技术有限公司 | Method for defending HTTP Flood distributed denial-of-service attack |
| CN104883428A (en) * | 2015-05-05 | 2015-09-02 | 中国联合网络通信集团有限公司 | Method and device for identifying VOIP calls |
| CN107070741A (en) * | 2017-03-13 | 2017-08-18 | 中国人民解放军信息工程大学 | A kind of voip network topology detection method analyzed based on gateway space time correlation |
-
2018
- 2018-05-03 CN CN201810416256.9A patent/CN108718369B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247217A (en) * | 2008-03-17 | 2008-08-20 | 北京星网锐捷网络技术有限公司 | Method, unit and system for preventing address resolution protocol flux attack |
| CN101572700A (en) * | 2009-02-10 | 2009-11-04 | 中科正阳信息安全技术有限公司 | Method for defending HTTP Flood distributed denial-of-service attack |
| CN104883428A (en) * | 2015-05-05 | 2015-09-02 | 中国联合网络通信集团有限公司 | Method and device for identifying VOIP calls |
| CN107070741A (en) * | 2017-03-13 | 2017-08-18 | 中国人民解放军信息工程大学 | A kind of voip network topology detection method analyzed based on gateway space time correlation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108718369A (en) | 2018-10-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106126562B (en) | A kind of pop-up hold-up interception method and terminal | |
| US8732827B1 (en) | Smartphone security system | |
| CN106657528B (en) | Incoming call management method and device | |
| CN110809010B (en) | Threat information processing method, device, electronic equipment and medium | |
| KR101093440B1 (en) | Mobile telecommunication terminal capable of preventing spam calls and method there-of | |
| CN107861773A (en) | Associate management-control method, device, storage medium and the mobile terminal started | |
| CN104038612A (en) | Incoming call intercepting method and device | |
| CN107957913A (en) | Associate management-control method, device, storage medium and the mobile terminal started | |
| CN105898085A (en) | Harassment communication account identification method and device | |
| CN105357204A (en) | Method and apparatus for generating terminal identifying information | |
| CN108718369B (en) | Gateway access method, device and computer storage medium | |
| CN108112010A (en) | Access method, apparatus, terminal and the computer readable storage medium of network | |
| KR101490442B1 (en) | Method and system for cutting malicious message in mobile phone, and mobile phone implementing the same | |
| CN107368735B (en) | Application installation method, mobile terminal and computer readable storage medium | |
| CN106022102A (en) | Method and apparatus for preventing third-party pushing platform from starting application in background | |
| CN108810233B (en) | Malicious incoming call identification method and device | |
| WO2012124955A2 (en) | Method for setting spam string in mobile device and device therefor | |
| CN106844057A (en) | Data processing method, device and mobile terminal | |
| CN108536512B (en) | Interface switching method and device and terminal equipment | |
| KR101654837B1 (en) | Method and Apparatus for Providing Counterpart's Reputation | |
| CN115037654B (en) | Flow statistics method, device, electronic equipment and readable storage medium | |
| CN106933666B (en) | Method for calling information input program and electronic equipment | |
| CN105188064B (en) | Method and device for shielding crank calls and short messages | |
| CN115150171A (en) | Flow statistical method and device, electronic equipment and storage medium | |
| CN104660834A (en) | Junk call protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Liu Tao Inventor after: Yu Zhongyang Inventor after: Yttrium Ice Inventor before: Yttrium Ice |
|
| CB03 | Change of inventor or designer information | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210908 Address after: 201900 No. 2687, Changjiang West Road, Baoshan District, Shanghai Applicant after: Shanghai wangchain Information Technology Co.,Ltd. Address before: 525242 No. 18, Gujun Road, Changpo Town, Maoming, Guangdong Applicant before: Yttrium Ice |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231008 Address after: Room 330, 3rd Floor, Building 1, No. 100 Hulan West Road, Baoshan District, Shanghai, 2019 Patentee after: Shanghai Jimu Galaxy Digital Technology Co.,Ltd. Address before: 201900 No. 2687, Changjiang West Road, Baoshan District, Shanghai Patentee before: Shanghai wangchain Information Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right |