CN109819089B - Voiceprint extraction method, core network element, electronic device and storage medium - Google Patents
Voiceprint extraction method, core network element, electronic device and storage medium Download PDFInfo
- Publication number
- CN109819089B CN109819089B CN201711166761.4A CN201711166761A CN109819089B CN 109819089 B CN109819089 B CN 109819089B CN 201711166761 A CN201711166761 A CN 201711166761A CN 109819089 B CN109819089 B CN 109819089B
- Authority
- CN
- China
- Prior art keywords
- call
- call signaling
- network element
- fraud
- core network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention provides a voiceprint extraction method, a core network element, electronic equipment and a storage medium. The method comprises the steps that a core network element receives a first call signaling sent by a sending end, the first call signaling comprises a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end judges that the calling number is a suspected fraud telephone number; and sending the first call signaling and the call telephone traffic corresponding to the call signaling received in advance to the convergence end office according to the fraud identification mark, so that the voiceprint extraction system collects the first call signaling and the call telephone traffic through a link of the convergence end office and extracts the voiceprint according to the first call signaling and the call telephone traffic. According to the method, the core network element routes the first call signaling and the call telephone traffic to the appointed convergence end office according to the fraud identification mark, single-point acquisition of the first call signaling and the call telephone traffic is achieved, and the voiceprint is extracted according to the first call signaling and the call telephone traffic, so that the voiceprint extraction efficiency is improved.
Description
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to a voiceprint extraction method, a core network element, electronic equipment and a storage medium.
Background
Telephone fraud refers to a criminal activity of deceiving the trusting of a victim by calling the victim, and is characterized in that the criminal suspect leaves little evidence, and the voice of the criminal suspect is important evidence in the telephone fraud process.
After intensive analytical studies, the most effective weapon for detecting telephone fraud was found to identify criminal suspects by voiceprints. The voiceprint is a sound of a person speaking, which is input into a sound analyzer for analysis to obtain a distribution waveform of the sound. Voiceprint recognition is a technique for automatically recognizing the identity of a speaker according to a waveform.
The way of extracting voiceprints of telephone fraud in the prior art is introduced:
the voiceprint extraction of telephone fraudsters is usually carried out by adopting a mode of fully deploying collection equipment and fully collecting telephone traffic data. Firstly, original signaling and media code streams of all network elements of the whole network are collected, then, traffic data of suspected fraud numbers are obtained by screening the original signaling and the media code streams of all network elements according to a suspected fraud number list, and finally, the voiceprint characteristics of speakers of the suspected fraud numbers are extracted through a voiceprint technology engine.
The prior art approach has the following problems:
in the telecommunication-grade massive call telephone traffic, most calls are normal user behaviors, only few calls are telephone fraud behaviors, hundreds of millions of massive telephone traffic data are collected in a whole quantity, suspected fraud calls are obtained through filtering, and voiceprints of suspected fraud numbers are extracted, so that the cost is high and the efficiency is low.
Disclosure of Invention
In view of the defects in the prior art, embodiments of the present invention provide a voiceprint extraction method, a core network element, an electronic device, and a storage medium.
In one aspect, an embodiment of the present invention provides a method for voiceprint extraction, where the method includes:
a core network element receives a first call signaling sent by a sending end, wherein the first call signaling comprises a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end judges that the calling number is a suspected fraud telephone number;
and sending the first call signaling and the call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification mark, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office and extracts a voiceprint according to the first call signaling and the call traffic.
In another aspect, an embodiment of the present invention provides a core network element, where the core network element includes:
a receiving module, configured to receive a first call signaling sent by a sending end, where the first call signaling includes a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end determines that the calling number is a suspected fraud phone number;
a sending module, configured to send the first call signaling and the call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification flag, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office, and extracts a voiceprint according to the first call signaling and the call traffic.
In another aspect, an embodiment of the present invention further provides an electronic device, which includes a memory, a processor, a bus, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the above method when executing the program.
In another aspect, an embodiment of the present invention further provides a storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the steps of the above method.
It can be known from the foregoing technical solutions that, in the method for voiceprint extraction, the core network element, the electronic device, and the storage medium provided in the embodiments of the present invention, the core network element routes the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point collection of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, so as to effectively reduce collection cost and improve voiceprint extraction efficiency.
Drawings
Fig. 1 is a schematic flow chart of a method for voiceprint extraction according to an embodiment of the present invention;
fig. 2 is a traffic routing convergence flow provided in the embodiment of the present invention;
fig. 3 is a schematic structural diagram of a network element of a core network according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to another embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention.
Fig. 1 shows a schematic flow chart of a method for voiceprint extraction according to an embodiment of the present invention.
As shown in fig. 1, the method provided in the embodiment of the present invention specifically includes the following steps:
the method for voiceprint extraction in the embodiment of the invention is realized on a network element of a core network.
Optionally, the core network element is a high-level control network element, and there may be a plurality of implementation modes according to different networking modes of the network.
Optionally, the high-level control network element is a GateWay exchange (GateWay MSC, GMSC), and the GateWay exchange mainly completes a function of forwarding services with other networks or operators, thereby implementing interconnection and interworking of services between networks.
Optionally, the high-level control element is a long distance office, and the long distance office is mainly responsible for tandem connection of long distance terminal traffic of the local network.
Optionally, before this step, the user initiates a call, and the sending end obtains the calling number and the called number, and determines whether the calling number is a suspected fraud phone number.
Optionally, the sender pre-stores a suspected fraud number list comprising a plurality of pre-determined suspected fraud numbers and corresponding fraud identification markers, the fraud identification markers being characters indicating that the calling number is a suspected fraud number.
Optionally, after receiving the calling number, the sending end determines whether the calling number is a suspected fraud phone number, and if so, adds the fraud identification mark before a called number corresponding to the calling number.
Optionally, the sending end respectively determines that the plurality of calling numbers are suspected fraud phone numbers, and then adds the same fraud identification mark in front of the corresponding called number respectively to display that the calling numbers are suspected fraud numbers.
Optionally, although the calling number is a suspected fraud phone number, the sender will add a fraud identification mark before the called number according to the protocol specification of the current network.
Optionally, the sender is a network element of an existing network and adds fraud identification markers according to prior art methods.
Optionally, if the sending end determines that the calling number is not a suspected fraud phone number, the sending end directly sends the calling number to a core network element without adding a fraud identification mark.
Optionally, the sending end sends the first call signaling to the core network element, where the first call signaling is used to request a call service.
And 12, sending the first call signaling and the call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification mark, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office, and extracts a voiceprint according to the first call signaling and the call traffic.
Optionally, each network element is in interaction, because a preset mechanism may perform various marks on the calling number and/or the called number, and characters used by each mark are different.
Optionally, the core network element stores policy data in advance, where the policy data includes each type of flag and a corresponding processing policy.
Optionally, the core network element determines, according to the policy data, that the received mark is not the fraud identifier mark but is a mark of other significance, and then adopts a corresponding processing policy, for example, a manner in the prior art is adopted for processing, for example, a call can be directly connected to the called user through a normal signaling route, which is not described in detail in the embodiment of the present invention.
Optionally, in the embodiment of the present invention, when the mark is a fraud identification mark, a processing policy corresponding to the fraud identification mark is determined.
Optionally, the aggregation policy is a processing policy newly added to the core network element according to the embodiment of the present invention, where the aggregation policy indicates that the first call signaling and the call traffic are uniformly routed to the specified aggregation end office after the core network element determines that the mark is the fraud identification mark.
That is, for different first call signaling, if the fraud identification mark is carried (indicating that the calling number is a suspected fraud phone number), each first call signaling is sent to a designated convergence end office.
Optionally, the aggregation end office is a pre-specified lower core network element, such as a mobile switching center MSC or a media gateway MGW.
Optionally, the call traffic is traffic data of a call service, i.e. a media stream of a call. After the user call completes the establishment of the first call signaling, the corresponding call traffic transmission will be started.
Optionally, the call traffic is directly transmitted to the core network element through an access network, and after the core network element determines that the first call signaling should be sent to the convergence end office, the call signaling and the call traffic are routed to the convergence end office together.
Optionally, a voiceprint extraction system is deployed on the link of the aggregation end office.
Optionally, the voiceprint extraction system includes a light splitting acquisition device, a data transmission device, and a data application system, where the light splitting acquisition device acquires traffic data according to a mode of the prior art, and the traffic data includes the first call signaling and the call traffic.
Optionally, the optical splitting and collecting device is configured to bypass and collect link communication data using an optical port or an electrical port as a carrier.
Optionally, the data transmission device is configured to send the collected traffic data to a voiceprint extraction system server in real time.
Optionally, the voice print extraction process does not need to store the traffic data, and does not need to monitor the content of the call.
Optionally, the voiceprint extraction system bypasses data on a link interface of the aggregation end office, and a collection process does not affect call connection between a core network element and the aggregation end office.
Optionally, after receiving the first call signaling and the call traffic, the convergence end office performs processing according to the prior art, and connects the first call signaling to the called registration end office to implement connection of the call signaling.
In the prior art, a light splitting and collecting device is usually deployed at a called registration end office corresponding to a called party. In order to completely combat telephone fraud, the voiceprint extraction system needs to access link data of all called registered end offices (such as MSC or MGW), and a light splitting collection device is deployed on all MSC/MGW links.
In the embodiment of the present invention, the core network element converges the first call signaling and the call traffic route to a specified convergence end office according to the fraud identification flag, so as to implement single-point collection. The single-point acquisition is that the light-splitting acquisition equipment acquires traffic data at an acquisition node (convergence end office).
In the embodiment of the invention, the data acquisition equipment of the voiceprint extraction system can be deployed only in the convergence end office, so that the system construction cost is saved.
For example, a suspected fraud number initiates a call to a called party, a registered home-end office of the called party is a certain MSC/MGW in beijing, all the MSC/MGWs in beijing need to be deployed with light splitting acquisition equipment in the prior art, then data is filtered and accessed to a voiceprint extraction system.
For example, the telephone traffic of the nationwide registered end offices can be converged to a designated convergence end office, and the voiceprint extraction system collects the telephone traffic data at the convergence end office in a unified manner.
Optionally, if the network is expanded, that is, a new called registration end office is added, before the core network element sends the first call signaling and the call traffic to the new called registration end office, the core network element sends the first call signaling and the call traffic to the aggregation end office to perform data acquisition, and then the aggregation end office queries and forwards the first call signaling and the call traffic to the new called registration end office, without deploying a light splitting and collecting device to the new called registration end office.
In the method for extracting a voiceprint provided by this embodiment, the core network element routes the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point acquisition of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, thereby effectively reducing data acquisition cost and improving voiceprint extraction efficiency.
On the basis of the above embodiments, the method for voiceprint extraction provided by another embodiment of the present invention has various ways of fraud identification marking, and this embodiment takes one of the ways as an example for explanation.
The sending end is a control device, and accordingly, before the step of receiving the first call signaling sent by the sending end, the method further includes:
receiving a second call signaling sent by an access network element, wherein the second call signaling comprises the calling number and a called number;
and sending the second call signaling to the control device, so that the control device performs fraud identification marking on the called number after judging that the calling number is a suspected fraud telephone number, and converts the called number into the first call signaling.
Optionally, before this step, the user initiates a call, triggers a session mechanism of an access network, and the access network element correspondingly generates the second call signaling, where the second call signaling is used to request a call service and includes the calling number and the called number.
Optionally, the access network element sends the second call signaling to the core network element.
Alternatively, a traffic aggregation control unit is newly built in the network, and the traffic aggregation control unit can be implemented as a group of control devices.
Optionally, each control device is a server capable of operating independently, and each control device is connected to a core network element and functions to perform aggregate control on the second call signaling.
Alternatively, the control device may establish a connection with a core network element according to a manner in the prior art.
Optionally, the control device may interact with the core network element according to a control protocol applicable to the core network element, according to a different networking mode of the core network element and a different control protocol applicable to the core network element.
Optionally, after the control device establishes a connection with the corresponding core network element, a processing mechanism of the signaling in the core network element is adjusted, so that all the second call signaling received by the core network element is sent to the corresponding control device first.
Optionally, after the core network element receives the second call signaling, the second call signaling is sent to a control device.
Optionally, if the control device determines that the calling number is a suspected fraud phone number, the control device performs fraud identification marking on the called number.
Optionally, each control device comprises a database comprising a list of suspected fraud numbers.
Optionally, each control device of the traffic aggregation control unit adds a suspected fraud number list in a database synchronously.
Optionally, after receiving the second call signaling, the control device extracts the calling number and the called number.
Optionally, according to the calling number, querying whether a number consistent with the calling number exists in the suspected fraud number list.
And if the calling number is the suspected fraud phone number, carrying out fraud identification marking on the called number corresponding to the calling number.
Alternatively, the fraud identification marker can take a variety of implementations, one of which is illustrated by the embodiments of the present invention.
The fraud identification marker is a digital prefix located before the called number.
Optionally, when the calling number is judged to be a suspected fraud phone number, the control device adds a digital prefix to the called number for fraud identification marking.
Optionally, a numeric prefix is added before the called number to implement the fraud identification marking action, and the numeric prefix can uniquely correspond to one aggregation end office.
For example, the calling and called formats are: calling AA and called BB, wherein the special number prefix is XXX, then the calling and called formats in the second call signaling are changed as follows: calling AA, called xxbbb, i.e. the first call signaling.
Other steps of this embodiment are similar to those of the previous embodiment, and are not described again in this embodiment.
In the voiceprint extraction method provided by this embodiment, the control module performs fraud identification marking on the called number of the suspected fraud number, so as to notify the core network element that the calling number is the suspected fraud telephone number, so that the core network element adopts a convergence policy, thereby implementing single-point collection.
On the basis of the above embodiment, there are various processing manners of the control device in the method for extracting voiceprint according to another embodiment of the present invention, and this embodiment takes one of the manners as an example for description.
The first call signaling of the calling number is obtained by randomly sampling after the control device judges that the calling number is a suspected fraud telephone number.
Optionally, the core network element sends the second call signaling to the control device, and the control device randomly samples the call of the calling number after judging that the calling number is a suspected fraud phone number, and performs fraud identification marking on the called number of the call if the call is sampled.
Optionally, in the embodiment of the present invention, after determining that the calling number is a suspected fraud number, instead of directly performing fraud identification marking on the called number corresponding to the calling number, the calls of the called number are randomly sampled first to determine whether to perform fraud identification marking on the called number.
It can be understood that, the cost is extremely high by collecting the traffic data of all the network elements in a full amount and then performing voiceprint extraction. Suspected fraud numbers will frequently initiate calls for crime enforcement, and the financial cost of paying is extremely high if voiceprint extraction is performed for each call.
Therefore, all call telephone traffic initiated by one suspected fraud number is not extracted completely but extracted randomly, so that the information security risk can be reduced, the data acquisition cost is reduced, and the voiceprint identification efficiency is improved.
Alternatively, a call placed to one suspected fraud number is typically sampled with a probability of 10%. And marking the called number fraud identification if the calling of the calling number is drawn.
Optionally, there are various ways of randomly sampling the control device, and this embodiment is described by taking one of the ways as an example.
The calling of the calling number is acquired when the control device judges that a preset condition is met, the preset condition is that a pseudo-random number is equal to 1, the number of times that the calling is extracted within a preset time is smaller than an upper limit number of times, and the pseudo-random number is correspondingly generated after the calling number is judged and known to be a suspected fraud telephone number.
Optionally, the control device generates a pseudo-random number if it is determined that the calling number is a suspected fraud phone number.
Optionally, for said suspected fraud telephone number, the control module generates a pseudo random number r according to a pre-constructed pseudo random number generation function f (M, n).
Wherein k is an adjustment factor, and k > 1, M is the total number of times M that all suspected fraud numbers have been extracted within a preset time, and n is the number of times that the suspected fraud numbers have been extracted within the preset time.
Wherein r is randomly valued between [0,1] according to a preset probability, and the larger the n value is, the smaller the probability that r is 1 is; the larger the value of M, the greater the probability that r is 1.
Optionally, if the control device determines that the pseudo-random number is 1 and N is less than N, the control device performs fraud identification marking on the called number corresponding to the current call signaling.
Optionally, N is an upper limit number of times, where the upper limit number of times is a total number of times that traffic data is extracted from a called number corresponding to a calling number within a preset time. N can be set according to actual conditions.
Optionally, the pseudo-random number is 1, which means that the call is being taken, and N < N means that the number of times that the suspected fraud number has extracted traffic data has not reached the upper limit number, fraud identification marking can be performed.
Alternatively, the users using the suspected fraud numbers may be the same person, and the embodiment of the present invention extracts the voiceprint of the speaker who obtains the suspected fraud numbers without extracting all calls.
Alternatively, the preset time may be set according to actual conditions, such as one hour.
Optionally, the value of M is related to the processing capability of the platform (the control device and the network element of the core network), and if the processing capability of the platform is strong, M may be set higher, and the more calls are dropped.
Optionally, if the control device determines that the pseudo random number is not 1, it indicates that the call is not taken, and directly sends the calling number and the called number to a core network element.
And if the pseudo-random number is judged to be 1 and N is more than or equal to N, the drawing is indicated, but the upper limit of the platform processing is reached, and the calling number and the called number are directly sent to a core network element.
Other steps of this embodiment are similar to those of the previous embodiment, and are not described again in this embodiment.
In the voiceprint extraction method provided in this embodiment, the first call signaling of the calling number is randomly extracted, so that the amount of marks of the control module can be reduced, and the service load of the control device and the voiceprint extraction system is reduced.
In order to more fully understand the technical content of the present invention, on the basis of the above embodiments, the method for voiceprint extraction provided by the present embodiment is explained in detail.
The existing voiceprint technical method for extracting telephone fraudsters has the following defects:
the cost is high: at present, the network of mobile communication operator is huge and complex, and collecting and analyzing the whole call traffic data requires hundreds of millions of resource costs.
The adaptability is low: if the network expands, synchronous expansion acquisition equipment is needed, and the situation of rapid increase of network service is difficult to deal with.
The efficiency is low: in the massive call telephone traffic of the telecommunication grade, most calls are normal user behaviors, and only few calls are telephone fraud behaviors, so that the method of firstly collecting the whole call and then filtering and analyzing is used, the requirement of real-time analysis of the existing network is difficult to meet, and resource waste is easily caused.
The embodiment of the invention solves the problems of high cost and low efficiency of traffic data acquisition and analysis of hundreds of millions of levels of mass calls per day in the industry, and the scheme is as follows:
firstly, analyzing the current network call data, identifying suspected fraud phone numbers, furthest narrowing the identification range from 'mass calls with sporadic fraud calls', and narrowing 'a wide call sea' to a 'pond' containing a large number of suspected fraud calls; then based on the telephone traffic route aggregation technology, in all calls of the identified suspected fraud numbers, part of telephone traffic of the calling side of the suspected fraud numbers is randomly and uniformly extracted and aggregated to a certain specified end office (called the aggregation end office for short), and part of representative 'fish' of the suspected fraud numbers are randomly fished from a large number of 'ponds' of the suspected fraud numbers; and finally, collecting signaling and media surface data at the local side of the convergence end in a light splitting manner to realize single-point collection of traffic data and form data access of voiceprint extraction. According to the scheme, the risk of user information safety leakage is effectively avoided, the full coverage of suspected fraud number data acquisition is realized, the data acquisition resources are saved, and the voiceprint extraction efficiency is improved.
And establishing a traffic aggregation control unit in the network, and synchronously adding the identified suspected fraud number list. The control unit establishes connection with the network elements of the core network of the whole network, and all call signaling is sent to the control unit after passing through the network elements of the core network.
The key process of extracting suspected fraud number voiceprints based on the traffic routing convergence technology is as follows:
the control unit judges whether the calling AA is a suspected fraud number, and if so, adds a special character header XXX to the called BB; if not, no operation is performed.
After the control unit judges that the calling AA is a suspected fraud number, random sampling screening is also carried out.
Random sampling of traffic
1. Setting the upper limit of the total call extraction times of the total number of suspected fraud number sets in a minute interval to be M, wherein M can be adjusted according to the processing capacity of a service platform;
2. setting the upper limit of the total number of times of call extraction of a single suspected fraud number in an hour interval as N, and the number of times of call extraction currently as N;
3. constructing a pseudo-random number generation function f (M, n), generating a random number r:
wherein r is randomly selected between [0,1] according to a certain probability, and the larger the n value is, the smaller the probability that r is 1 is; the larger the value of M, the greater the probability that r is 1.
4. A random number r is randomly generated for each call initiated by a single suspected fraud number. When r is 1 and the number has extracted the telephone traffic number N < N, then extracting the telephone traffic of the call; if the above conditions are not met, the extraction is abandoned and the extraction is directly put through.
(II) traffic route aggregation
Fig. 2 is a traffic routing convergence procedure provided in the embodiment of the present invention.
As shown in fig. 2, a flow is described;
after the call is randomly sampled by the control unit, the call is routed to the appointed convergence end office and then is connected to the called user, so that the convergence of the telephone traffic is realized, and the single-point collection of the telephone traffic data is facilitated. The service logic of the technical implementation is as follows:
1. signalling plane
a1, in the second call signaling passing through the core network element under normal condition, the format of the calling and called number is: calling AA and called BB;
a2, the core network element triggers the second call signaling to the traffic aggregation control unit. When a certain call of suspected fraud number is randomly chosen by the control unit, a special number prefix XXX is added in front of the corresponding called number, and the calling and called formats in the second call signaling are changed as follows: calling AA, called xxbbb, first call signaling;
a3, after the call convergence control unit completes the called number conversion, the first call signaling is sent back to the core network element;
a4, the network element of the core network receives the returned first call signaling, analyzes the called number and matches the traffic routing strategy. If the prefix of the called number is XXX, uniformly triggering to a specified core network element (namely a convergence end office), and turning to a process a 5; if not, the call is directly connected to the called user through the normal signaling route.
a5, after receiving the first call signaling, the convergence end office removes the called number prefix XXX, restores the real called number to obtain the normal called number BB, and inquires the end office information of the called registration from HLR (Home Location Register);
a6, HLR returns the end office related information registered by the called number;
a7, the convergent end office connects the call signaling to the called register end office to realize the signaling connection.
2. Media surface
b1, the suspected fraud number is randomly selected by the telephone traffic convergence control unit to call the telephone traffic, and the telephone traffic is accessed by the network element of the core network;
b2, the network element of the core network routes the call traffic to the convergence end office;
b3, the convergent end office routes the call traffic to the called registration end office to realize the connection of the traffic.
The embodiment of the invention firstly analyzes the suspected fraud number list, then randomly extracts the whole amount of the telephone traffic of the calling side part of the suspected fraud number, routes the telephone traffic to the appointed convergence end office, and collects the signaling and the media data of the convergence end office through light splitting, thereby realizing the data input of the fraud telephone voiceprint extraction. The telephone traffic random sampling and route converging technology in the embodiment of the invention realizes that the telephone traffic data of the suspected fraud telephone can be obtained with high efficiency and low cost without collecting the signaling media code streams of all network elements in full quantity under the condition of not influencing the service load of the current network and the normal connection of the call.
The method for extracting the voiceprint provided by the embodiment has the following technical effects:
1. the efficiency is high: and the core network element routes the first call signaling and the call telephone traffic to a specified convergence end office according to the special prefix, and reduces the objects extracted from the voice print of the fraud telephone to ten thousand levels from hundred million levels of mass data of the original mobile communication network every day so as to achieve the target of real-time analysis.
2. The adaptability is strong: if the network expands, hardware equipment is not required to be synchronously expanded and collected, and local data is only required to be configured for the newly expanded network elements to be accessed into the network, so that the network expansion method flexibly adapts to the network change condition.
3. The cost is low: the signaling and media data of the whole network elements do not need to be collected, and only a single sink node needs to be subjected to data collection, so that the cost investment is greatly saved.
Fig. 3 is a schematic structural diagram of a network element of a core network according to yet another embodiment of the present invention.
Referring to fig. 3, on the basis of the foregoing embodiment, the core network element provided in this embodiment includes a receiving module 31 and a sending module 32, where:
the receiving module 31 is configured to receive a first call signaling sent by a sending end, where the first call signaling includes a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end determines that the calling number is a suspected fraud phone number; the sending module 32 is configured to send the first call signaling and the call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification flag, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office, and extracts a voiceprint according to the first call signaling and the call traffic.
Optionally, the core network element is a high-level control network element, and there may be a plurality of implementation modes according to different networking modes of the network.
Optionally, the high-level control network element is a GateWay exchange (GateWay MSC, GMSC), and the GateWay exchange mainly completes a function of forwarding services with other networks or operators, thereby implementing interconnection and interworking of services between networks.
Optionally, the high-level control element is a long distance office, and the long distance office is mainly responsible for tandem connection of long distance terminal traffic of the local network.
Optionally, the user initiates a call, and the sending end obtains the calling number and the called number, and determines whether the calling number is a suspected fraud phone number.
Optionally, the sender pre-stores a suspected fraud number list comprising a plurality of pre-determined suspected fraud numbers and corresponding fraud identification markers, the fraud identification markers being characters indicating that the calling number is a suspected fraud number.
Optionally, after receiving the calling number, the sending end determines whether the calling number is a suspected fraud phone number, and if so, adds the fraud identification mark before a called number corresponding to the calling number.
Optionally, the sending end respectively determines that the plurality of calling numbers are suspected fraud phone numbers, and then adds the same fraud identification mark in front of the corresponding called number respectively to display that the calling numbers are suspected fraud numbers.
Optionally, although the calling number is a suspected fraud phone number, the sender will add a fraud identification mark before the called number according to the protocol specification of the current network.
Optionally, the sender is a network element of an existing network and adds fraud identification markers according to prior art methods.
Alternatively, if the sending end determines that the calling number is not a suspected fraud phone number, the sending end directly sends the calling number to the receiving module 31 without adding a fraud identification mark.
Optionally, the sending end sends the first call signaling to the receiving module 31, where the first call signaling is used to request a call service.
Optionally, the network elements are in interaction, since the preset mechanism may perform various fraud identification marks on the calling number and/or the called number.
Optionally, the sending module 32 stores policy data in advance, the policy data including each fraud identification marker and the corresponding processing policy.
Optionally, according to the policy data, it is determined that the received mark is not the fraud identifier mark but is a mark of other significance, and a corresponding processing policy is adopted, for example, a processing is performed in the prior art, for example, a call can be directly connected to a called user through a normal signaling route, which is not described in detail in the embodiments of the present invention.
Optionally, after determining that the mark is a fraud identification mark for the marked called number, the sending module 32 routes the first call signaling to the specified aggregation end office in a unified manner.
That is, for different first call signaling, if the fraud identification mark is carried (the calling number is a suspected fraud phone number), each first call signaling is sent to a designated convergence end office.
Optionally, the aggregation end office is a pre-specified lower core network element, such as a mobile switching center MSC or a media gateway MGW.
Optionally, the call traffic is traffic data of a call service, i.e. a media stream of a call. After the user triggers the first call signaling, a corresponding call traffic will be generated.
Optionally, the call traffic is directly transmitted to the sending module 32 through an access network, and after the sending module 32 determines that the first call signaling should be sent to the aggregation end office, the call signaling and the call traffic are routed to the aggregation end office together.
Optionally, the link data of the aggregation end office is accessed to the voiceprint extraction system.
Optionally, the voiceprint extraction system includes a light splitting acquisition device, a data transmission device, and a data application system, where the light splitting acquisition device acquires traffic data according to a mode of the prior art, and the traffic data includes the first call signaling and the call traffic.
Optionally, the optical splitting and collecting device is configured to bypass and collect link communication data using an optical port or an electrical port as a carrier.
Optionally, the data transmission device is configured to send the collected traffic data to a voiceprint extraction system server in real time.
Optionally, the voice print extraction process does not need to store the traffic data, and does not need to monitor the content of the call.
Optionally, the voiceprint extraction system bypasses data on the link interface of the aggregation end office, and the collection process does not affect the call connection between the sending module 32 and the aggregation end office.
Optionally, after receiving the first call signaling and the call traffic, the convergence end office performs processing according to the prior art, and connects the first call signaling to the called registration end office to implement connection of the call signaling.
In the prior art, a light splitting and collecting device is usually deployed at a called registration end office corresponding to a called party. In order to completely combat telephone fraud, the voiceprint extraction system needs to access link data of all called registered end offices (such as MSC or MGW), and a light splitting collection device is deployed on all MSC/MGW links.
In this embodiment of the present invention, the sending module 32 converges the first call signaling and the call traffic route to a specified convergence end office according to the fraud identifier, so as to implement single-point collection, where the single-point collection is that the optical distribution collection device collects traffic data at a collection node (convergence end office).
In the embodiment of the invention, the data acquisition equipment of the voiceprint extraction system can be deployed only in the convergence end office, so that the system construction cost is saved.
For example, a suspected fraud number initiates a call to a called party, a registered home-end office of the called party is a certain MSC/MGW in beijing, all the MSC/MGWs in beijing need to be deployed with light splitting collection equipment in the prior art, and then data is filtered and accessed to a voiceprint extraction system.
For example, the telephone traffic of the nationwide registered end offices can be converged to a designated convergence end office, and the voiceprint extraction system collects the telephone traffic data at the convergence end office in a unified manner. Optionally, if the network expands, that is, a new called registered end office is added, the sending module 32 sends the first call signaling and the call traffic to the new called registered end office for data acquisition before sending them to the aggregation end office, and then forwards the first call signaling and the call traffic to the new called registered end office after querying by the aggregation end office, without deploying a light splitting and collecting device to the new called registered end office.
In the method for extracting a voiceprint provided by this embodiment, the sending module 32 routes the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point acquisition of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, so as to reduce data acquisition cost and improve voiceprint extraction efficiency.
The core network element provided in this embodiment may be configured to execute the method in the foregoing method embodiment, and this implementation is not described again.
In the core network element provided in this embodiment, the sending module routes the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point acquisition of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, so as to improve efficiency of voiceprint extraction.
Fig. 4 is a schematic structural diagram of an electronic device according to yet another embodiment of the present invention.
Referring to fig. 4, an electronic device provided by the embodiment of the present invention includes a memory (memory)41, a processor (processor)42, a bus 43, and a computer program stored in the memory 41 and running on the processor. The memory 41 and the processor 42 complete communication with each other through the bus 43.
The processor 42 is used to call the program instructions in the memory 41 to implement the method of fig. 1 when executing the program.
In another embodiment, the processor, when executing the program, implements the method of:
the sending end is a control device, and correspondingly, before the step of the core network element receiving the first call signaling sent by the sending end, the method further includes:
receiving a second call signaling sent by an access network element, wherein the second call signaling comprises the calling number and a called number;
and sending the second call signaling to the control device, so that the control device performs fraud identification marking on the called number after judging that the calling number is a suspected fraud telephone number, and converts the called number into the first call signaling.
In another embodiment, the processor, when executing the program, implements the method of:
the fraud identification marker is a digital prefix located before the called number.
In another embodiment, the processor, when executing the program, implements the method of:
the first call signaling of the calling number is obtained by randomly sampling after the control device judges that the calling number is a suspected fraud telephone number.
In another embodiment, the processor, when executing the program, implements the method of:
the calling of the calling number is acquired when the control device judges that a preset condition is met, the preset condition is that the pseudo-random number is equal to 1, and the number of times that the calling is extracted within the preset time is less than the upper limit number of times. And the pseudo-random number is correspondingly generated after the calling number is judged and known to be a suspected fraud telephone number.
In another embodiment, the processor, when executing the program, implements the method of:
the core network element is a high-level control network element.
In another embodiment, the processor, when executing the program, implements the method of:
the convergence end office is a mobile switching center or a media gateway.
The electronic device provided in this embodiment may be configured to execute the program corresponding to the method in the foregoing method embodiment, and this implementation is not described again.
In the electronic device provided in this embodiment, when the processor executes the program, the core network element is enabled to route the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point collection of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, so as to improve efficiency of voiceprint extraction.
A further embodiment of the invention provides a storage medium having a computer program stored thereon, which when executed by a processor performs the steps of fig. 1.
In another embodiment, the program when executed by a processor implements a method comprising:
the sending end is a control device, and correspondingly, before the step of the core network element receiving the first call signaling sent by the sending end, the method further includes:
receiving a second call signaling sent by an access network element, wherein the second call signaling comprises the calling number and a called number;
and sending the second call signaling to the control device, so that the control device performs fraud identification marking on the called number after judging that the calling number is a suspected fraud telephone number, and converts the called number into the first call signaling.
In another embodiment, the program when executed by a processor implements a method comprising:
the fraud identification marker is a digital prefix located before the called number.
In another embodiment, the program when executed by a processor implements a method comprising:
the first call signaling of the calling number is obtained by randomly sampling after the control device judges that the calling number is a suspected fraud telephone number.
In another embodiment, the program when executed by a processor implements a method comprising:
the calling of the calling number is acquired when the control device judges that a preset condition is met, the preset condition is that the pseudo-random number is equal to 1, and the number of times that the calling is extracted within the preset time is less than the upper limit number of times. And the pseudo-random number is correspondingly generated after the calling number is judged and known to be a suspected fraud telephone number.
In another embodiment, the program when executed by a processor implements a method comprising:
the core network element is a high-level control network element.
In another embodiment, the program when executed by a processor implements a method comprising:
the convergence end office is a mobile switching center or a media gateway.
In the storage medium provided in this embodiment, when the program is executed by the processor, the method in the foregoing method embodiment is implemented, and details of this implementation are not described again.
In the storage medium provided in this embodiment, the core network element routes the first call signaling and the call traffic to the specified convergence end office according to the fraud identifier, so as to implement single-point collection of the first call signaling and the call traffic, and extract a voiceprint according to the first call signaling and the call traffic, so as to improve efficiency of voiceprint extraction.
Yet another embodiment of the present invention discloses a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the methods provided by the above-mentioned method embodiments, for example, comprising:
a core network element receives a first call signaling sent by a sending end, wherein the first call signaling comprises a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end judges that the calling number is a suspected fraud telephone number;
and sending the first call signaling and the call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification mark, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office and extracts a voiceprint according to the first call signaling and the call traffic.
Those skilled in the art will appreciate that although some embodiments described herein include some features included in other embodiments instead of others, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments.
Those skilled in the art will appreciate that the steps of the embodiments may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (7)
1. A method of voiceprint extraction, the method comprising:
a core network element receives a first call signaling sent by a sending end, wherein the first call signaling comprises a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end judges that the calling number is a suspected fraud telephone number;
according to the fraud identification mark, sending the first call signaling and a call telephone traffic corresponding to the call signaling received in advance to a convergence end office so that a voiceprint extraction system collects the first call signaling and the call telephone traffic through a link of the convergence end office and extracts a voiceprint according to the first call signaling and the call telephone traffic; the convergence end office is a mobile switching center or a media gateway;
the core network element converges the first call signaling and the call traffic route to a specified convergence end office according to the fraud identification mark; deploying a voiceprint extraction system only on the link of the aggregation end office;
the sending end is a control device, and correspondingly, before the step of the core network element receiving the first call signaling sent by the sending end, the method further includes:
receiving a second call signaling sent by an access network element, wherein the second call signaling comprises the calling number and a called number;
sending the second call signaling to the control device, so that the control device performs fraud identification marking on the called number after judging that the calling number is a suspected fraud phone number, and converts the called number into the first call signaling;
the first call signaling of the calling number is obtained by random sampling after the control device judges that the calling number is a suspected fraud telephone number;
and the core network element sends the second call signaling to the control device, the control device randomly samples the calls of the calling number after judging that the calling number is a suspected fraud telephone number, and performs fraud identification marking on the called number called in the sampling if the call is sampled.
2. The method of claim 1, wherein: the fraud identification marker is a digital prefix located before the called number.
3. The method of claim 1, wherein: the calling of the calling number is acquired when the control device judges that a preset condition is met, the preset condition is that a pseudo-random number is equal to 1, the number of times that the calling is extracted within a preset time is smaller than an upper limit number of times, and the pseudo-random number is correspondingly generated after the calling number is judged to be a suspected fraud telephone number.
4. The method of claim 1, wherein: the core network element is a high-level control network element.
5. A core network element, wherein the core network element comprises:
a receiving module, configured to receive a first call signaling sent by a sending end, where the first call signaling includes a calling number and a called number carrying a fraud identification mark, and the fraud identification mark is added after the sending end determines that the calling number is a suspected fraud phone number;
a sending module, configured to send the first call signaling and a call traffic corresponding to the call signaling received in advance to a convergence end office according to the fraud identification flag, so that a voiceprint extraction system collects the first call signaling and the call traffic through a link of the convergence end office, and extracts a voiceprint according to the first call signaling and the call traffic;
the convergence end office is a mobile switching center or a media gateway;
the core network element converges the first call signaling and the call traffic route to a specified convergence end office according to the fraud identification mark; deploying a voiceprint extraction system only on the link of the aggregation end office;
the sending end is a control device, and accordingly, before the step of the core network element receiving the first call signaling sent by the sending end, the method further includes:
receiving a second call signaling sent by an access network element, wherein the second call signaling comprises the calling number and a called number;
sending the second call signaling to the control device, so that the control device performs fraud identification marking on the called number after judging that the calling number is a suspected fraud phone number, and converts the called number into the first call signaling;
the first call signaling of the calling number is obtained by random sampling after the control device judges that the calling number is a suspected fraud telephone number;
and the core network element sends the second call signaling to the control device, the control device randomly samples the calls of the calling number after judging that the calling number is a suspected fraud telephone number, and performs fraud identification marking on the called number called in the sampling if the call is sampled.
6. An electronic device comprising a memory, a processor, a bus, and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of any of claims 1-4.
7. A storage medium having a computer program stored thereon, characterized in that: the program when executed by a processor implementing the steps of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711166761.4A CN109819089B (en) | 2017-11-21 | 2017-11-21 | Voiceprint extraction method, core network element, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711166761.4A CN109819089B (en) | 2017-11-21 | 2017-11-21 | Voiceprint extraction method, core network element, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109819089A CN109819089A (en) | 2019-05-28 |
| CN109819089B true CN109819089B (en) | 2021-05-04 |
Family
ID=66600435
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711166761.4A Active CN109819089B (en) | 2017-11-21 | 2017-11-21 | Voiceprint extraction method, core network element, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109819089B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110719592B (en) * | 2019-10-18 | 2023-01-31 | 国家计算机网络与信息安全管理中心 | System and method for preventing fraud telephone compatible with 4G and 5G networks |
| CN112533157A (en) * | 2020-12-08 | 2021-03-19 | 中国联合网络通信集团有限公司 | Data acquisition method, device and system |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101472008B (en) * | 2007-12-28 | 2011-06-15 | 中国移动通信集团公司 | Method and corresponding system for identifying and controlling disturbance telephone |
| CN102075639A (en) * | 2009-11-24 | 2011-05-25 | 中国移动通信集团上海有限公司 | Method and device for intercepting malicious call in international service communication network |
| CN102118874A (en) * | 2009-12-31 | 2011-07-06 | 华为技术有限公司 | Call processing method and mobile switching center |
| CN104144262B (en) * | 2013-05-10 | 2016-12-28 | 中国电信股份有限公司 | Telephone network illegal telephone traffic screening method and device |
| CN104244216B (en) * | 2014-09-29 | 2017-07-04 | 中国移动通信集团浙江有限公司 | The method and system of real-time blocking fraudulent call in a kind of communication process |
| CN104469025B (en) * | 2014-11-26 | 2017-08-25 | 杭州东信北邮信息技术有限公司 | A kind of method and system of the real-time blocking fraudulent call based on clustering algorithm |
| US9716791B1 (en) * | 2016-05-27 | 2017-07-25 | Avaya Inc. | Systems and methods for detecting and reducing fraud in a contact center |
| CN106210239A (en) * | 2016-09-14 | 2016-12-07 | 北京奇虎科技有限公司 | The maliciously automatic identifying method of caller's vocal print, device and mobile terminal |
| CN106341539A (en) * | 2016-09-14 | 2017-01-18 | 北京奇虎科技有限公司 | Automatic evidence obtaining method of malicious caller voiceprint, apparatus and mobile terminal thereof |
| CN106791220B (en) * | 2016-11-04 | 2021-06-04 | 国家计算机网络与信息安全管理中心 | Method and system for preventing telephone fraud |
| CN107197463A (en) * | 2017-07-10 | 2017-09-22 | 北京亿赛通网络安全技术有限公司 | A kind of detection method of telephone fraud, storage medium and electronic equipment |
-
2017
- 2017-11-21 CN CN201711166761.4A patent/CN109819089B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109819089A (en) | 2019-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101651934B (en) | Method and system for filtering long short messages | |
| WO2006019539A2 (en) | Automatically populating signaling-based access control database | |
| CN109450841B (en) | Large-scale DDoS attack resisting defense method based on cloud + end equipment on-demand linkage mode | |
| CN103139315A (en) | Application layer protocol analysis method suitable for home gateway | |
| EP1414185A3 (en) | Apparatus and method for generating billing data according to contents of mobile communication system | |
| CN110213212A (en) | A kind of classification method and device of equipment | |
| CN104093153A (en) | Method for achieving pseudo number call discrimination and interception based on signalling route analysis and system thereof | |
| CN102075639A (en) | Method and device for intercepting malicious call in international service communication network | |
| CN109819089B (en) | Voiceprint extraction method, core network element, electronic device and storage medium | |
| CN102378151B (en) | Information sharing platform and method thereof | |
| US8953771B2 (en) | Method and apparatus to provide cryptographic identity assertion for the PSTN | |
| CN113490202A (en) | Method and device for synthesizing voice call ticket, computer equipment and storage medium | |
| KR101945782B1 (en) | Method and apparatus for providing illegal phishing call blocking services of VoIP call | |
| CN102438243A (en) | Method for identifying harassing phone call by analyzing frequency of phone call | |
| CN102271331B (en) | Method and system for detecting reliability of service provider (SP) site | |
| CN102932753A (en) | Method for intercepting spam multimedia message on link of multimedia system | |
| EP1389864A1 (en) | Network architecture for supporting the lawful intercept of a network communication | |
| CN101127777A (en) | Method, device and system for processing security threat information of voice communication | |
| CN102075588A (en) | Method and system for realizing network address translation (NAT) transversing and equipment | |
| CN116546501A (en) | 5G private network core network signaling security detection method and device | |
| CN102958055B (en) | A kind of discrimination method of illegal callback service and system | |
| CN105763713A (en) | Harassing call intercepting method based on combination of Internet technology and communication technology | |
| CN102307361A (en) | Harassing call monitoring method, center and system | |
| CN110856128B (en) | Method and device for judging VoLTE call intercommunication network scene | |
| CN112004228B (en) | Real person authentication method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |