CN110312259B - Pseudo base station identification method, pseudo base station identification device, terminal and storage medium - Google Patents

Pseudo base station identification method, pseudo base station identification device, terminal and storage medium Download PDF

Info

Publication number
CN110312259B
CN110312259B CN201910769065.5A CN201910769065A CN110312259B CN 110312259 B CN110312259 B CN 110312259B CN 201910769065 A CN201910769065 A CN 201910769065A CN 110312259 B CN110312259 B CN 110312259B
Authority
CN
China
Prior art keywords
base station
pseudo base
terminal
suspected
lai
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910769065.5A
Other languages
Chinese (zh)
Other versions
CN110312259A (en
Inventor
王振宇
马剑钊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Oppo Mobile Telecommunications Corp Ltd filed Critical Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority to CN201910769065.5A priority Critical patent/CN110312259B/en
Publication of CN110312259A publication Critical patent/CN110312259A/en
Application granted granted Critical
Publication of CN110312259B publication Critical patent/CN110312259B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices

Abstract

The embodiment of the application discloses a pseudo base station identification method, a pseudo base station identification device, a pseudo base station identification terminal and a storage medium, which belong to the technical field of computers, wherein the method comprises the following steps: after a terminal establishes Radio Resource Control (RRC) connection with a base station, counting the number of continuous attachment failures, wherein the attachment failures occur before the base station successfully authenticates the terminal; if the times exceed a preset threshold value, determining the base station as a suspected pseudo base station; and verifying the suspected pseudo base station, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result. The method and the device for identifying the pseudo base station can improve the accuracy of pseudo base station identification.

Description

Pseudo base station identification method, pseudo base station identification device, terminal and storage medium
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a pseudo base station identification method, a pseudo base station identification device, a terminal and a storage medium.
Background
The pseudo base station is a base station which is used for establishing connection between a counterfeit normal base station and the terminal and sending spam short messages such as fraud and promotion or dialing harassing calls to the terminal. Since the pseudo base station seriously affects the normal communication of the terminal, the pseudo base station needs to be identified to avoid the terminal accessing the pseudo base station.
Currently, a terminal preferentially selects to establish connection with an LTE (Long Term Evolution) base station, and a bidirectional authentication mechanism is introduced in LTE, that is, the terminal and the LTE base station need to establish connection after bidirectional authentication is successful, so that it can be ensured that the LTE base station which successfully establishes connection with the terminal is not a pseudo base station.
However, if the LTE base station makes the terminal establish connection with a GSM (Global System for Mobile Communication) base station after the terminal establishes connection with the LTE base station, since the terminal can establish connection with the GSM base station without authenticating the GSM base station, if the GSM base station that successfully establishes connection with the terminal is a pseudo base station, the LTE base station is also a pseudo base station, and at present, such an LTE base station cannot be identified as a pseudo base station.
Disclosure of Invention
The embodiment of the application provides a pseudo base station identification method, a pseudo base station identification device, a terminal and a storage medium, and can solve the problem that an LTE base station cannot be identified as a pseudo base station. The technical scheme is as follows:
according to an aspect of the present application, there is provided a pseudo base station identification method, the method including:
after a terminal establishes Radio Resource Control (RRC) connection with a base station, counting the number of continuous attachment failures, wherein the attachment failures occur before the base station successfully authenticates the terminal;
if the times exceed a preset threshold value, determining the base station as a suspected pseudo base station;
and verifying the suspected pseudo base station, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result.
According to another aspect of the present application, there is provided a pseudo base station identification apparatus, the apparatus including:
a counting module, configured to count the number of consecutive attachment failures after a radio resource control RRC connection is established between a terminal and a base station, where the attachment failures occur before the base station and the terminal successfully authenticate each other;
a first determining module, configured to determine the base station as a suspected fake base station when the number of times obtained by the counting module exceeds a predetermined threshold;
and the verification module is used for verifying the suspected pseudo base station determined by the first determination module and determining whether the suspected pseudo base station is a pseudo base station according to a verification result.
According to yet another aspect of the present application, there is provided a terminal comprising a processor and a memory, the memory having stored therein at least one instruction, the instruction being loaded and executed by the processor to implement the pseudo base station identification method as described above.
According to yet another aspect of the present application, there is provided a computer readable storage medium having stored therein at least one instruction that is loaded and executed by a processor to implement the pseudo base station identification method as described above.
The beneficial effects brought by the technical scheme provided by the embodiment of the application at least comprise:
if the base station is a pseudo base station, after the RRC connection is established between the terminal and the base station, the base station may cause a failure of the terminal attachment before the terminal successfully authenticates with the base station, so that the terminal establishes a connection with a GSM base station, which is a pseudo base station. Based on the above characteristics of the pseudo base station, the terminal may count the number of consecutive attachment failures, and since the attachment failures occur before the base station and the terminal successfully authenticate each other, if the number of times exceeds a predetermined threshold, the base station may be determined as a suspected pseudo base station, and then the terminal may continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is a pseudo base station according to a verification result, so that the condition that the number of consecutive attachment failures exceeds the predetermined threshold may be used to prevent a normal base station from being identified as a pseudo base station, and whether the base station is a pseudo base station may also be verified in many ways, thereby improving the accuracy of pseudo base station identification.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of a communication system provided by an exemplary embodiment of the present application;
fig. 2 is a flowchart of a pseudo base station identification method provided in an exemplary embodiment of the present application;
fig. 3 is a flowchart of a pseudo base station identification method provided in an exemplary embodiment of the present application;
fig. 4 is a flowchart of a pseudo base station identification method provided in an exemplary embodiment of the present application;
fig. 5 is a block diagram of a pseudo base station identification apparatus according to an exemplary embodiment of the present application;
fig. 6 is a block diagram of a pseudo base station identification apparatus according to an exemplary embodiment of the present application;
fig. 7 is a block diagram of a pseudo base station identification apparatus according to an exemplary embodiment of the present application;
fig. 8 is a block diagram of a pseudo base station identification apparatus according to an exemplary embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, the following detailed description of the embodiments of the present application will be made with reference to the accompanying drawings.
Reference is now made to fig. 1, which is a block diagram illustrating a communication system in accordance with an exemplary embodiment of the present application. As shown in fig. 1, the communication system includes a first base station 110, a second base station 120 and at least one terminal 130, and the at least one terminal 130 is located in the coverage area of the first base station 110 and the second base station 120. A terminal is illustrated in fig. 1.
Terminal 130 can also be referred to as a User Equipment (UE), an access terminal, a subscriber unit, a subscriber station, a mobile device, a User terminal, a wireless communication device, a User agent, or a User Equipment. The terminal may be a smartphone, a cellular phone, a cordless phone, a Personal Digital Assistant (PDA) device, a handheld device with wireless communication capability or other processing device connected to a wireless modem, an in-vehicle device, a wearable device, etc.
The first base station 110 is a base station with a two-way authentication mechanism. After the terminal 130 selects the cell corresponding to the first base station 110 through the cell selection or cell reselection, the terminal 130 establishes an RRC (Radio Resource Control) connection with the first base station 110, and performs bidirectional authentication with the first base station 110, that is, after the terminal 130 determines that the authentication of the first base station 110 is successful and the first base station 110 determines that the authentication of the terminal 130 is successful, the registration procedure after the cell selection or the location update procedure after the cell reselection is completed. Optionally, the first base station 110 may be an LTE base station.
If the first base station 110 is a pseudo base station, the first base station 110 mainly functions to attract the terminal 130 to access, and then guide the terminal 130 to access the second base station 120. If the second base station 120 is a pseudo base station, the second base station 120 is a base station with a one-way authentication mechanism. When the terminal 130 accesses the second base station 120, the terminal 130 establishes RRC connection with the second base station 120, and the second base station 120 performs unidirectional authentication on the terminal 130, that is, after the second base station 120 determines that the authentication on the terminal 130 is successful, the registration procedure is completed. Subsequently, the second base station 120 may send spam short messages such as fraud, promotion, etc. to the terminal 130 or make harassing calls to the terminal 130, thereby affecting the normal communication of the terminal 130. Alternatively, the second base station 120 may be a GSM base station.
Please refer to fig. 2, which is a flowchart illustrating a pseudo base station identification method according to an exemplary embodiment of the present application. The pseudo base station identification method can be applied to the terminal 130 shown above, and the base station in this embodiment is the first base station 110 in fig. 1. In fig. 2, the pseudo base station identification method includes:
step 210, after the terminal establishes RRC connection with the base station, counting the number of consecutive attachment failures, where the attachment failures occur before the base station successfully authenticates the terminal.
The terminal selects a cell through a cell selection or cell reselection mode, and establishes RRC connection with a base station corresponding to the cell. The present embodiment does not limit the RRC connection establishment procedure.
After establishing RRC connection between the terminal and the base station, if the terminal selects a cell in a cell selection mode, the subsequent terminal needs to perform network registration; if the terminal selects a cell through a cell reselection mode, the subsequent terminal needs to perform location updating. No matter network registration or position updating, the terminal needs to send an attachment request to the base station, the base station authenticates the terminal according to the attachment request, if the authentication is successful, the attachment process is continued, and if the authentication is failed, the attachment is considered to be failed.
Since the pseudo base station mainly functions to attract the terminal to access and then guide the terminal to access another pseudo base station, if the base station establishing the RRC connection with the terminal is the pseudo base station, the base station may not authenticate with the terminal, thereby causing an attachment failure and then guide the terminal to access another pseudo base station. That is, if the attachment fails before the base station and the terminal successfully authenticate, the terminal may regard the base station as a suspected fake base station. The base station not authenticating with the terminal may include: the base station releases the RRC connection before authenticating with the terminal, resulting in an attachment failure, or the base station may not initiate authentication, resulting in an authentication failure, or the base station may send wrong authentication information to the terminal, resulting in an authentication failure.
Since the normal base station may also fail in authentication due to some reasons, and the pseudo base station may continuously fail in attachment for multiple times, in order to avoid identifying the normal base station as the suspected pseudo base station, in this embodiment, the base station that continuously fails in attachment for multiple times may be determined as the suspected pseudo base station, so as to improve the accuracy of identifying the suspected pseudo base station.
In an alternative embodiment, the terminal may count the number of consecutive attachment failures, and compare the number with a predetermined threshold; when the number of times exceeds a predetermined threshold, determining the base station as a suspected pseudo base station, namely executing step 220; and when the times do not exceed the preset threshold, continuing to perform the step of counting the times of continuous attachment failures until the times exceed the preset threshold or the terminal is successfully attached. The predetermined threshold value will be explained below.
The relevant communication standard specifies that when the terminal and the base station fail to attach for 5 times continuously, a timer is started, and the cell corresponding to the base station is forbidden for a predetermined time and then can be restarted. If the base station is a pseudo base station, the base station may cause the terminal to fail to attach for 5 consecutive times, so that the terminal reselects a cell corresponding to another pseudo base station when the cell reselects, and therefore, the predetermined threshold may be set to be less than 5, for example, the predetermined threshold may be 4, 3, or 2, and the like, which is not limited in this embodiment.
In step 220, if the number of times exceeds a predetermined threshold, the base station is determined to be a suspected pseudo base station.
And step 230, verifying the suspected pseudo base station, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result.
Because the normal base station may also fail authentication due to some reasons, in order to avoid the normal base station being identified as a pseudo base station, the terminal may further continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is the pseudo base station or the normal base station according to a verification result, thereby improving accuracy of pseudo base station identification.
In summary, in the pseudo base station identification method provided in this embodiment, if the base station is a pseudo base station, after the RRC connection is established between the terminal and the base station, the base station may cause a failure in attaching the terminal before the base station successfully authenticates the terminal, so that the terminal is connected to a GSM base station, where the GSM base station is a pseudo base station. Based on the above characteristics of the pseudo base station, the terminal may count the number of consecutive attachment failures, and since the attachment failures occur before the base station and the terminal successfully authenticate each other, if the number of times exceeds a predetermined threshold, the base station may be determined as a suspected pseudo base station, and then the terminal may continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is a pseudo base station according to a verification result, so that the condition that the number of consecutive attachment failures exceeds the predetermined threshold may be used to prevent a normal base station from being identified as a pseudo base station, and whether the base station is a pseudo base station may also be verified in many ways, thereby improving the accuracy of pseudo base station identification.
Please refer to fig. 3, which is a flowchart illustrating a pseudo base station identification method according to an exemplary embodiment of the present application. The pseudo base station identification method can be applied to the terminal 130 shown above, and the base station in this embodiment is the first base station 110 in fig. 1. In fig. 3, the pseudo base station identification method includes:
step 310, after the terminal establishes RRC connection with the base station, if RRC connection release information sent by the base station is received before authentication, it is determined that the attachment fails; or, if the base station does not initiate the authentication process with the terminal, determining that the attachment fails.
The terminal selects a cell through a cell selection or cell reselection mode, and establishes RRC connection with a base station corresponding to the cell. The present embodiment does not limit the RRC connection establishment procedure.
After establishing RRC connection between the terminal and the base station, if the terminal selects a cell in a cell selection mode, the subsequent terminal needs to perform network registration; if the terminal selects a cell through a cell reselection mode, the subsequent terminal needs to perform location updating. No matter network registration or position updating, the terminal needs to send an attachment request to the base station, the base station authenticates the terminal according to the attachment request, if the authentication is successful, the attachment process is continued, and if the authentication is failed, the attachment is considered to be failed.
Since the pseudo base station mainly functions to attract the terminal to access and then guide the terminal to access another pseudo base station, if the base station establishing the RRC connection with the terminal is the pseudo base station, the base station may not authenticate with the terminal, thereby causing an attachment failure and then guide the terminal to access another pseudo base station. That is, if the attachment fails before the base station and the terminal successfully authenticate, the terminal may regard the base station as a suspected fake base station. The following describes that the base station does not authenticate the terminal.
In an alternative embodiment, the base station does not authenticate the terminal, that is, the base station releases the RRC connection before authenticating with the terminal, so as to cause an attachment failure, and if the terminal receives RRC connection release information sent by the base station before authenticating, the terminal determines that the attachment fails.
The base station can reject network registration or location update for a special reason value before authentication, and sends RRC connection release information to the terminal, if the RRC connection release information carries a GSM frequency point, the terminal can be redirected to the GSM base station according to the GSM frequency point; if the RRC connection release information does not carry the GSM frequency point, the terminal can access the GSM base station through cell reselection. Wherein, the GSM base station is a pseudo base station.
In another optional embodiment, the base station does not authenticate the terminal, that is, the base station does not initiate authentication, so that authentication fails, and if the base station does not initiate an authentication procedure with the terminal, the terminal determines that attachment fails.
In LTE, the bidirectional authentication between the base station and the terminal is initiated by the base station, and if the base station does not initiate an authentication procedure with the terminal, the timer in the terminal will timeout, resulting in authentication failure and finally attachment failure. Subsequently, the terminal can access the GSM base station through cell reselection, and the GSM base station is a pseudo base station.
In this embodiment, the suspected fake base station may be identified through network registration or location update of a NAS (Non-Access Stratum).
In step 320, the number of times of continuous attachment failure is counted, wherein the attachment failure occurs before the base station and the terminal are successfully authenticated.
Since the normal base station may also fail in authentication due to some reasons, and the pseudo base station may continuously fail in attachment for multiple times, in order to avoid identifying the normal base station as the suspected pseudo base station, in this embodiment, the base station that continuously fails in attachment for multiple times may be determined as the suspected pseudo base station, so as to improve the accuracy of identifying the suspected pseudo base station.
In an alternative embodiment, the terminal may count the number of consecutive attachment failures, and compare the number with a predetermined threshold; when the number of times exceeds the predetermined threshold, determining the base station as a suspected pseudo base station, namely executing step 330; and when the times do not exceed the preset threshold, continuing to perform the step of counting the times of continuous attachment failures until the times exceed the preset threshold or the terminal is successfully attached. The predetermined threshold value is explained below.
The relevant communication standard specifies that when the terminal and the base station fail to attach for 5 times continuously, the timer is started, and the cell corresponding to the base station is forbidden for a predetermined time and then can be restarted. If the base station is a pseudo base station, the base station may cause the terminal to fail to attach for 5 consecutive times, so that the terminal reselects a cell corresponding to another pseudo base station when the cell reselects, and therefore, the predetermined threshold may be set to be less than 5, for example, the predetermined threshold may be 4, 3, or 2, and the like, which is not limited in this embodiment.
In step 330, if the number of times exceeds a predetermined threshold, the base station is determined to be a suspected pseudo base station.
And 340, verifying the suspected pseudo base station, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result.
Because the normal base station may also fail authentication due to some reasons, in order to avoid the normal base station being identified as a pseudo base station, the terminal may further continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is the pseudo base station or the normal base station according to a verification result, thereby improving accuracy of pseudo base station identification.
In summary, in the pseudo base station identification method provided in this embodiment, if the base station is a pseudo base station, after the RRC connection is established between the terminal and the base station, the base station may cause a failure in attaching the terminal before the base station successfully authenticates the terminal, so that the terminal is connected to a GSM base station, where the GSM base station is a pseudo base station. Based on the above characteristics of the pseudo base station, the terminal may count the number of consecutive attachment failures, and since the attachment failures occur before the base station and the terminal successfully authenticate each other, if the number of times exceeds a predetermined threshold, the base station may be determined as a suspected pseudo base station, and then the terminal may continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is a pseudo base station according to a verification result, so that the condition that the number of consecutive attachment failures exceeds the predetermined threshold may be used to prevent a normal base station from being identified as a pseudo base station, and whether the base station is a pseudo base station may also be verified in many ways, thereby improving the accuracy of pseudo base station identification.
The following describes a procedure for the terminal to verify a suspected fake base station.
In an alternative embodiment, the terminal may verify the suspected pseudo base station according to an LAI (Location Area Identity) of a cell corresponding to the suspected pseudo base station, and step 340 may include the following steps:
step 341, obtain the location area identifier LAI list of the terminal, where the LAI list includes the LAIs of the cells that the terminal has accessed.
And after the terminal accesses a cell corresponding to a normal base station, acquiring the LAI of the cell, and adding the LAI into an LAI list, wherein the LAI list comprises the LAI of the cell accessed by the terminal.
After acquiring the suspected pseudo base station, the terminal may acquire an LAI of a cell corresponding to the suspected pseudo base station, and detect whether the LAI list includes the LAI, if the LAI list includes the LAI, step 342 is executed, and if the LAI list does not include the LAI, step 343 is executed.
In step 342, if the LAI list includes the LAI of the cell corresponding to the suspected pseudo base station, a verification result that the suspected pseudo base station is not a pseudo base station is generated.
If the LAI list contains the LAI, it can be determined that the terminal has previously accessed the cell corresponding to the suspected pseudo base station, that is, the suspected pseudo base station is considered to be a normal base station, and the terminal generates a verification result that the suspected pseudo base station is not a pseudo base station.
In step 343, if the LAI list does not include the LAI of the cell corresponding to the suspected pseudo base station, a verification result that the suspected pseudo base station is a pseudo base station is generated.
If the LAI list contains the LAI, it may be determined that the terminal has not previously accessed the cell corresponding to the suspected pseudo base station, that is, the suspected pseudo base station may be considered as a pseudo base station, and the terminal generates a verification result that the suspected pseudo base station is a pseudo base station.
In another alternative embodiment, the terminal may verify a suspected fake base station according to a system message of an AS (Access Stratum), and step 340 may include the following steps:
in step 344, the system message sent by the base station is received.
In this embodiment, a System information block (SIB 1) is taken as an example for description.
And step 345, verifying the suspected pseudo base station according to the system message.
Since the SIB1 may include a plurality of kinds of information, the following describes a procedure for verifying a suspected fake base station by taking several kinds of information as examples.
In a first implementation, step 345 may include the following steps:
step 3451, obtain the public Land Mobile Network PLMN (public Land Mobile Network) identifier in SIB 1.
Generally, a normal base station provides service to a user of an operator, and one operator corresponds to one PLMN identity, so SIB1 sent by the normal base station to the terminal carries one PLMN identity. If the SIB1 carries at least two PLMN identifiers, the base station may be considered as a pseudo base station, and therefore, the terminal may verify the suspected pseudo base station according to the number of PLMN identifiers in the SIB 1.
Wherein, the terminal may obtain the PLMN identities in SIB1, and compare the number of PLMN identities with 1, if the number of PLMN identities is equal to 1, perform step 3452; if the number of PLMN identities is greater than 1, go to step 3453.
Step 3452, if the number of PLMN identities is equal to 1, generating a verification result that the suspected pseudo base station is not a pseudo base station.
Step 3453, if the number of PLMN identities is greater than 1, generating a verification result that the suspected pseudo base station is a pseudo base station.
In a second implementation, step 345 may include the following steps:
in step 3454, it is determined whether SIB5 is configured in SIB1, and it is determined whether SIB5 sent by the suspected pseudo base station is received.
Generally, if a normal base station needs to transmit SIB5 to a terminal, SIB5 is configured in SIB1, and SIB5 is transmitted to the terminal; alternatively, if the normal base station does not need to transmit SIB5 to the terminal, SIB5 will not be configured in SIB1, and SIB5 will not be transmitted to the terminal, i.e., whether SIB5 is configured in SIB1 or not and whether SIB5 needs to be delivered or not. If the base station is a pseudo base station, SIB5 may be configured in SIB1 but SIB5 is not transmitted to the terminal, or SIB5 may not be configured in SIB1 but SIB5 is transmitted to the terminal, so the terminal may verify the pseudo base station according to whether SIB5 is configured in SIB1 or not and whether SIB5 is transmitted or not.
In step 3455, if SIB5 is configured in SIB1 and SIB5 is received, or if SIB5 is not configured in SIB1 and SIB5 is not received, a verification result indicating that the suspected pseudo base station is not a pseudo base station is generated.
In step 3456, if SIB5 is configured in SIB1 and SIB5 is not received, or if SIB5 is not configured in SIB1 and SIB5 is received, a verification result that the suspected pseudo base station is the pseudo base station is generated.
In a third implementation, step 345 may include the following steps:
step 3457, obtain the configuration parameters of intra-frequency measurement in SIB 1.
The intra-frequency measurement may also be referred to as intra-frequency measurement, and the configuration parameters of the intra-frequency measurement may include an allow and a not allow, where the configuration parameter is allow for indicating that the intra-frequency measurement is allowed, and the configuration parameter is not allow for indicating that the intra-frequency measurement is forbidden.
The normal base station will allow the terminal to perform the intra-frequency measurement, and the pseudo base station will prohibit the terminal from performing the intra-frequency measurement, so the terminal can verify the suspected pseudo base station according to whether the intra-frequency measurement is allowed or not.
In step 3458, if the configuration parameter indicates that the intra-frequency measurement is allowed, a verification result indicating that the suspected pseudo base station is not a pseudo base station is generated.
And if the configuration parameter is allow, the terminal generates a verification result that the suspected pseudo base station is not the pseudo base station.
Step 3459, if the configuration parameter is used to indicate that intra-frequency measurement is forbidden, a verification result that the suspected pseudo base station is a pseudo base station is generated.
And if the configuration parameter is not allow, the terminal generates a verification result that the suspected pseudo base station is the pseudo base station.
It should be noted that the terminal may verify the suspected fake base station according to one, two, or three of the above three implementation manners. When the terminal verifies the suspected pseudo base station according to at least two implementation manners, a verification result that the suspected pseudo base station is the pseudo base station can be generated when the suspected pseudo base station is determined to be the pseudo base station according to any one implementation manner; and when the suspected pseudo base station is determined not to be the pseudo base station according to all the implementation modes, generating a verification result that the suspected pseudo base station is not the pseudo base station.
For example, if the terminal verifies the suspected pseudo base station according to the first and third implementation manners, the terminal may generate a verification result that the suspected pseudo base station is the pseudo base station when it is determined that the number of PLMN identifiers is greater than 1, or the configuration parameter is used to indicate that intra-frequency measurement is prohibited, or the number of PLMN identifiers is greater than 1 and the configuration parameter is used to indicate that intra-frequency measurement is prohibited; and generating a verification result that the suspected pseudo base station is not the pseudo base station when the number of the PLMN identifications is determined to be equal to 1 and the configuration parameter is used for indicating that the intra-frequency measurement is allowed.
In this embodiment, the terminal may jointly identify whether the base station is a pseudo base station through the NAS layer and the AS layer, so that accuracy of pseudo base station identification is improved. In addition, compared with the method for identifying the pseudo base station from a single aspect, the method can effectively reduce the misjudgment of the normal base station, thereby reducing the problem that the terminal cannot be normally registered in the network because the normal base station is misjudged as the pseudo base station, and the problem of no service condition occurs.
The terminal may also verify the suspected fake base station by combining the two optional embodiments in the foregoing. For example, the terminal may verify the suspected pseudo base station according to the LAI of the cell corresponding to the suspected pseudo base station, and then verify the suspected pseudo base station according to the system message; the suspected pseudo base station may also be verified according to the system message, and then the suspected pseudo base station may be verified according to the LAI of the cell corresponding to the suspected pseudo base station, which is not limited in this embodiment. The following describes a process in which the terminal first verifies the suspected pseudo base station according to the LAI of the cell corresponding to the suspected pseudo base station, and then verifies the suspected pseudo base station according to the system message, with reference to fig. 4.
In step 410, the terminal reselects from the first serving cell to the second serving cell.
Step 420, after establishing RRC connection with the base station corresponding to the second serving cell, the terminal detects whether 4 consecutive attachment failures are caused by non-authentication, and if 4 consecutive attachment failures are caused by non-authentication, step 430 is executed.
In step 430, the terminal detects whether the LAI list stored in the terminal includes the LAI of the second serving cell, and if the LAI list does not include the LAI of the second serving cell, step 440 is executed.
If the LAI list includes the LAI of the second serving cell, the terminal determines that the base station is not a pseudo base station, and ends the process.
In step 440, the terminal detects whether the system information of the second serving cell carries special parameters, and if the system information of the second serving cell carries special parameters, step 450 is executed.
Wherein, the special parameters include: the number of the PLMN identifications is more than 1, SIB5 is configured in SIB1 and SIB5 is not received, or if SIB5 is not configured in SIB1 and SIB5 is received, the configuration parameter of intra-frequency measurement is not all.
If the special parameters are not carried, the terminal determines that the base station is not a pseudo base station, and the process is ended.
In step 450, the terminal determines that the base station corresponding to the second serving cell is a pseudo base station.
If the module is used to implement fig. 4, in an alternative embodiment, the terminal may include an attachment failure detection module, a first storage module, an LAI comparison module, a second storage module, a system message comparison module, and a determination module, and a connection relationship between these modules may be as shown in fig. 5.
The attachment failure detection module is used for screening base stations which are continuously and repeatedly subjected to attachment failure before successful authentication, and listing the base stations as suspected pseudo base stations; the first storage module is used for storing base station information of a suspected pseudo base station, wherein the base station information comprises LAI of a cell corresponding to the suspected pseudo base station and a system message sent by the suspected pseudo base station; the LAI comparison module is used for comparing the LAI with the LAI list, if the LAI list contains the LAI, the base station information of the suspected pseudo base station stored in the first storage module is deleted, and if the LAI list does not contain the LAI, the base station information of the suspected pseudo base station is sent to the second storage module; the second storage module is used for storing the base station information of the suspected pseudo base station sent by the LAI comparison module; the system message comparison module is used for comparing parameters in the system message in the second storage module with preset special parameters, deleting the base station information of the suspected pseudo base station in the second storage module if the parameters are different from the preset special parameters, and sending the base station information of the suspected pseudo base station in the second storage module to the determination module if the parameters are the same as the preset special parameters; the determining module is used for sorting the base station information of the suspected pseudo base station, confirming the pseudo base station and outputting a judgment result that the base station is the pseudo base station.
If the module is used to implement fig. 4, in another alternative embodiment, the LAI comparison module and the system message detection module in fig. 5 may be combined into an information comparison module and compared at the same time, the terminal may include an attachment failure detection module, a first storage module, an information comparison module, a second storage module, and a determination module, and a connection relationship between these modules may be as shown in fig. 6.
The attachment failure detection module is used for screening base stations which are continuously and repeatedly subjected to attachment failure before successful authentication, and listing the base stations as suspected pseudo base stations; the first storage module is used for storing base station information of a suspected pseudo base station, wherein the base station information comprises system information sent by the suspected pseudo base station; the second storage module is used for storing the LAI of the cell corresponding to the suspected pseudo base station; the information comparison module is used for comparing the LAI with the LAI list, comparing parameters in the system message in the second storage module with preset special parameters, if the LAI list contains the LAI and the parameters in the system message in the second storage module are different from the preset special parameters, deleting the base station information of the suspected pseudo base station stored in the first storage module, reserving the LAI in the second storage module, and reserving the LAI for identifying the pseudo base station for comparison information next time; if the LAI list does not contain the LAI and the parameters in the system message in the second storage module are the same as the preset special parameters, the base station information of the suspected pseudo base station in the first storage module is sent to the determining module, and the LAI in the second storage module is specially marked, so that the pseudo base station can be conveniently identified subsequently; the determining module is used for sorting the base station information of the suspected pseudo base station, confirming the pseudo base station and outputting a judgment result that the base station is the pseudo base station.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the apparatus of the present application, reference is made to the embodiments of the method of the present application.
Fig. 7 shows a block diagram of a pseudo base station identification apparatus according to an exemplary embodiment of the present application. The pseudo base station identification means may be implemented as all or part of the terminal by software, hardware or a combination of both. The device includes:
a counting module 710, configured to count the number of consecutive attachment failures after the RRC connection is established between the terminal and the base station, where the attachment failures occur before the base station and the terminal successfully authenticate each other;
a first determining module 720, configured to determine, when the number of times obtained by the counting module 710 exceeds a predetermined threshold, the base station as a suspected pseudo base station;
the verifying module 730 is configured to verify the suspected pseudo base station determined by the first determining module 720, and determine whether the suspected pseudo base station is a pseudo base station according to a verification result.
In an alternative embodiment, the verification module 730 is further configured to:
acquiring an LAI list of a terminal, wherein the LAI list comprises LAIs of cells accessed by the terminal;
if the LAI list contains the LAI of the cell corresponding to the suspected pseudo base station, generating a verification result that the suspected pseudo base station is not the pseudo base station;
and if the LAI list does not contain the LAI of the cell corresponding to the suspected pseudo base station, generating a verification result that the suspected pseudo base station is the pseudo base station.
In an alternative embodiment, the verification module 730 is further configured to:
receiving a system message sent by a base station;
and verifying the suspected pseudo base station according to the system message.
In an alternative embodiment, when the system message includes SIB1, the verification module 730 is further configured to:
acquiring a PLMN identification in an SIB1;
if the number of the PLMN identifications is equal to 1, generating a verification result that the suspected pseudo base station is not the pseudo base station;
and if the number of the PLMN identifications is larger than 1, generating a verification result that the suspected pseudo base station is the pseudo base station.
In an alternative embodiment, when the system message includes a system information block SIB1, the verification module 730 is further configured to:
determining whether SIB5 is configured in SIB1 and determining whether SIB5 sent by a suspected pseudo base station is received;
if SIB5 is configured in SIB1 and SIB5 is received, or if SIB5 is not configured in SIB1 and SIB5 is not received, generating a verification result that the suspected pseudo base station is not a pseudo base station;
if SIB5 is configured in SIB1 and SIB5 is not received, or if SIB5 is not configured in SIB1 and SIB5 is received, a verification result is generated that the suspected pseudo base station is a pseudo base station.
In an alternative embodiment, when the system message includes a system information block SIB1, the verification module 730 is further configured to:
acquiring configuration parameters of intra-frequency measurement in SIB1;
if the configuration parameters are used for indicating that intra-frequency measurement is allowed, generating a verification result that the suspected pseudo base station is not the pseudo base station;
and if the configuration parameters are used for indicating that the intra-frequency measurement is forbidden, generating a verification result that the suspected pseudo base station is the pseudo base station.
Referring to fig. 8, in an alternative embodiment, the apparatus further includes:
a second determining module 740, configured to determine that the attachment fails if RRC connection release information sent by the base station is received before authentication; alternatively, the first and second electrodes may be,
a third determining module 750, configured to determine that the attachment fails if the base station does not initiate an authentication procedure with the terminal.
In summary, in the pseudo base station identification apparatus provided in this embodiment, if the base station is a pseudo base station, after the RRC connection is established between the terminal and the base station, the base station may cause a failure of the terminal attachment before the base station successfully authenticates with the terminal, so that the terminal is connected to a GSM base station, where the GSM base station is a pseudo base station. Based on the above characteristics of the pseudo base station, the terminal may count the number of consecutive attachment failures, and since the attachment failures occur before the base station and the terminal successfully authenticate each other, if the number of times exceeds a predetermined threshold, the base station may be determined as a suspected pseudo base station, and then the terminal may continue to verify the suspected pseudo base station, and determine whether the suspected pseudo base station is a pseudo base station according to a verification result, so that the condition that the number of consecutive attachment failures exceeds the predetermined threshold may be used to prevent a normal base station from being identified as a pseudo base station, and whether the base station is a pseudo base station may also be verified in many ways, thereby improving the accuracy of pseudo base station identification.
The embodiment of the present application further provides a computer-readable medium, which stores at least one instruction, where the at least one instruction is loaded and executed by the processor to implement the pseudo base station identification method according to the above embodiments.
The embodiment of the present application further provides a computer program product, where at least one instruction is stored, and the at least one instruction is loaded and executed by the processor to implement the pseudo base station identification method according to the above embodiments.
It should be noted that: in the pseudo base station identification apparatus provided in the foregoing embodiment, when the pseudo base station identification method is executed, only the division of the above functional modules is illustrated, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the apparatus is divided into different functional modules, so as to complete all or part of the above described functions. In addition, the pseudo base station identification apparatus provided in the above embodiment and the pseudo base station identification method embodiment belong to the same concept, and specific implementation processes thereof are detailed in the method embodiment and are not described herein again.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is not intended to limit the present application, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present application should be included in the scope of the present application.

Claims (9)

1. A pseudo base station identification method, the method comprising:
after a terminal establishes Radio Resource Control (RRC) connection with a base station, counting the number of continuous attachment failures based on signaling of a non-access stratum, wherein the attachment failures occur before the base station successfully authenticates with the terminal;
if the times exceed a preset threshold value, determining the base station as a suspected pseudo base station;
receiving a system message sent by the base station through an access layer, wherein the system message comprises a system information block SIB1;
verifying the suspected pseudo base station according to the parameters in the SIB1 and/or a Location Area Identifier (LAI) list stored by the terminal, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result, wherein the suspected pseudo base station is the verification result of the pseudo base station and is generated when the SIB1 is determined to contain a special parameter, and/or the LAI list stored by the terminal does not contain the LAI of the cell corresponding to the suspected pseudo base station, the LAI list contains the LAI of the cell to which the terminal has accessed, and the terminal adds the LAI of the cell to the LAI list after accessing the cell corresponding to the normal base station, and the special parameter includes: the number of public land mobile network PLMN identifications is larger than 1, the SIB1 is configured with SIB5 and does not receive SIB5, or the SIB1 is not configured with SIB5 and receives SIB5, a configuration parameter of intra-frequency measurement is a notallow, and the configuration parameter is notallow representing that intra-frequency measurement is forbidden.
2. The method according to claim 1, wherein the verifying the suspected pseudo base station according to the parameters in the SIB1 and/or a Location Area Identifier (LAI) list stored in a terminal comprises:
acquiring the LAI list of the terminal, wherein the LAI list comprises the LAI of the cell accessed by the terminal;
if the LAI list contains the LAI of the cell corresponding to the suspected pseudo base station, generating a verification result that the suspected pseudo base station is not a pseudo base station;
and if the LAI list does not contain the LAI of the cell corresponding to the suspected pseudo base station, generating a verification result that the suspected pseudo base station is a pseudo base station.
3. The method according to claim 1, wherein when the system message includes a system information block SIB1, the verifying the suspected pseudo base station according to a parameter in the SIB1 and/or a location area identity, LAI, list stored by a terminal comprises:
acquiring the PLMN identification in the SIB1;
if the number of the PLMN identifications is equal to 1, generating a verification result that the suspected pseudo base station is not a pseudo base station;
and if the number of the PLMN identifications is greater than 1, generating a verification result that the suspected pseudo base station is a pseudo base station.
4. The method according to claim 1, wherein when the system message includes a system information block SIB1, the verifying the suspected pseudo base station according to a parameter in the SIB1 and/or a location area identity, LAI, list stored by a terminal comprises:
determining whether the SIB5 is configured in the SIB1, and determining whether the SIB5 sent by the suspected pseudo base station is received;
if SIB5 is configured in the SIB1 and the SIB5 is received, or if SIB5 is not configured in the SIB1 and the SIB5 is not received, generating a verification result that the suspected pseudo base station is not a pseudo base station;
if the SIB5 is configured in the SIB1 and the SIB5 is not received, or if the SIB5 is not configured in the SIB1 and the SIB5 is received, generating a verification result that the suspected pseudo base station is a pseudo base station.
5. The method according to claim 1, wherein when the system message includes a system information block SIB1, the verifying the suspected pseudo base station according to a parameter in the SIB1 and/or a location area identity, LAI, list stored by a terminal comprises:
acquiring the configuration parameters of the intra-frequency measurement in the SIB1;
if the configuration parameter is used for indicating that intra-frequency measurement is allowed, generating a verification result that the suspected pseudo base station is not a pseudo base station;
and if the configuration parameters are used for indicating that intra-frequency measurement is forbidden, generating a verification result that the suspected pseudo base station is a pseudo base station.
6. The method according to any one of claims 1 to 5, further comprising:
if RRC connection release information sent by the base station is received before authentication, determining that the attachment fails; alternatively, the first and second electrodes may be,
and if the base station does not initiate an authentication process with the terminal, determining that the attachment fails.
7. A pseudo base station identification apparatus, the apparatus comprising:
a counting module, configured to count the number of consecutive attachment failures after a radio resource control RRC connection is established between a terminal and a base station, where the attachment failures occur before the base station and the terminal successfully authenticate each other;
a first determining module, configured to determine the base station as a suspected fake base station when the number of times obtained by the counting module exceeds a predetermined threshold;
a verification module, configured to receive, through an access layer, a system message sent by the base station, where the system message includes a system information block SIB1; verifying the suspected pseudo base station according to the parameters in the SIB1 and/or a Location Area Identifier (LAI) list stored by the terminal, and determining whether the suspected pseudo base station is a pseudo base station according to a verification result, wherein the suspected pseudo base station is the verification result of the pseudo base station and is generated when the SIB1 is determined to contain a special parameter, and/or the LAI list stored by the terminal does not contain the LAI of the cell corresponding to the suspected pseudo base station, the LAI list contains the LAI of the cell to which the terminal has accessed, and the terminal adds the LAI of the cell to the LAI list after accessing the cell corresponding to the normal base station, and the special parameter includes: the number of Public Land Mobile Network (PLMN) identifications is more than 1, the SIB1 is configured with SIB5 and does not receive SIB5, or the SIB1 is not configured with SIB5 and receives SIB5, a configuration parameter of intra-frequency measurement is not all, and the non-all represents prohibition of intra-frequency measurement.
8. A terminal, characterized in that the terminal comprises a processor and a memory, in which at least one instruction is stored, which is loaded and executed by the processor to implement the pseudo base station identification method according to any of claims 1 to 6.
9. A computer readable storage medium having stored therein at least one instruction which is loaded and executed by a processor to implement the pseudo base station identification method of any one of claims 1 to 6.
CN201910769065.5A 2019-08-20 2019-08-20 Pseudo base station identification method, pseudo base station identification device, terminal and storage medium Active CN110312259B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910769065.5A CN110312259B (en) 2019-08-20 2019-08-20 Pseudo base station identification method, pseudo base station identification device, terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910769065.5A CN110312259B (en) 2019-08-20 2019-08-20 Pseudo base station identification method, pseudo base station identification device, terminal and storage medium

Publications (2)

Publication Number Publication Date
CN110312259A CN110312259A (en) 2019-10-08
CN110312259B true CN110312259B (en) 2023-03-24

Family

ID=68083648

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910769065.5A Active CN110312259B (en) 2019-08-20 2019-08-20 Pseudo base station identification method, pseudo base station identification device, terminal and storage medium

Country Status (1)

Country Link
CN (1) CN110312259B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112804701A (en) * 2019-11-14 2021-05-14 中兴通讯股份有限公司 Pseudo base station identification method, system and computer readable storage medium
CN111988784A (en) * 2020-08-04 2020-11-24 深圳传音控股股份有限公司 Information processing method, terminal equipment and storage medium
CN113099455B (en) * 2021-03-15 2023-04-28 重庆邮电大学 Anti-capturing method for mobile phone number of LTE terminal user
CN113068192B (en) * 2021-03-17 2022-08-16 Oppo广东移动通信有限公司 Pseudo base station identification method and device, terminal and storage medium
CN116684879A (en) * 2022-02-22 2023-09-01 华为技术有限公司 Communication method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107567030A (en) * 2017-10-19 2018-01-09 中国电信股份有限公司南京分公司 A kind of method and system investigated with evading pseudo-base station interference
CN107911822A (en) * 2017-10-31 2018-04-13 珠海市魅族科技有限公司 Pseudo-base station detection method and device, terminal and computer-readable recording medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358199B (en) * 2016-09-30 2019-03-05 维沃移动通信有限公司 A kind of method and mobile terminal of mobile terminal identification pseudo-base station
CN109195217B (en) * 2018-10-23 2021-06-04 Oppo广东移动通信有限公司 Method and device for processing LTE network rejection behavior

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107567030A (en) * 2017-10-19 2018-01-09 中国电信股份有限公司南京分公司 A kind of method and system investigated with evading pseudo-base station interference
CN107911822A (en) * 2017-10-31 2018-04-13 珠海市魅族科技有限公司 Pseudo-base station detection method and device, terminal and computer-readable recording medium

Also Published As

Publication number Publication date
CN110312259A (en) 2019-10-08

Similar Documents

Publication Publication Date Title
CN110312259B (en) Pseudo base station identification method, pseudo base station identification device, terminal and storage medium
KR101879910B1 (en) Single-card multi-mode multi-operator authentication method and device
CN105722090A (en) Control method and device for automatically identifying pseudo base station
US10681546B2 (en) Processing method for sim card equipped terminal access to 3GPP network and apparatus
CN110741661A (en) Pseudo base station detection
CN109548027B (en) Method and device for identifying pseudo base station in mobile terminal
US20170127371A1 (en) Method for Updating RPLMN Information and User Equipment
EP2611226A1 (en) Processing method and system for over-the-air bootstrap
CN111278036B (en) Method and device for acquiring MAC address
CN108093404B (en) Information processing method and device
CN107124744B (en) Network switching method and wireless access point
CN108934006B (en) Network access method, device, user equipment and base station
CN116711382A (en) Method and user equipment for handling communications in a satellite communications network
TWI488514B (en) Method of cell reselection for a mobile communication system and related mobile device
US11792633B2 (en) Device authentication verification for device registration
CN114125972A (en) Network connection method and related device
CN111278003B (en) Position updating processing method and mobile terminal
CN109039676B (en) Network fault diagnosis method and device and computer readable storage medium
WO2021233286A1 (en) Data processing method and apparatus, network device, and terminal
US11096058B2 (en) Reconfiguration of communications devices
CN107969000B (en) Method, device, equipment and medium for detecting state of uplink of wireless repeater
CN106454776B (en) Pseudo base station protection method and device
US10547603B2 (en) Secure call answering
CN108076460B (en) Method and terminal for authentication
KR20090116401A (en) Method for identifying mobile station, and mobile station and core network apparauts for executing the method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant