CN111757326A - Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium - Google Patents

Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium Download PDF

Info

Publication number
CN111757326A
CN111757326A CN202010560880.3A CN202010560880A CN111757326A CN 111757326 A CN111757326 A CN 111757326A CN 202010560880 A CN202010560880 A CN 202010560880A CN 111757326 A CN111757326 A CN 111757326A
Authority
CN
China
Prior art keywords
access point
point type
network connection
access
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010560880.3A
Other languages
Chinese (zh)
Other versions
CN111757326B (en
Inventor
杨琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Wingtech Electronic Technology Co Ltd
Original Assignee
Shanghai Wingtech Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Wingtech Electronic Technology Co Ltd filed Critical Shanghai Wingtech Electronic Technology Co Ltd
Priority to CN202010560880.3A priority Critical patent/CN111757326B/en
Publication of CN111757326A publication Critical patent/CN111757326A/en
Application granted granted Critical
Publication of CN111757326B publication Critical patent/CN111757326B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The embodiment of the application discloses a vulnerability prevention and control method, a vulnerability prevention and control device, a mobile terminal and a computer readable storage medium. The method comprises the following steps: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the first access point type parameter and the connection state of the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the defects in the prior art are overcome.

Description

Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium
Technical Field
The present application relates to the field of security protection technologies, and in particular, to a vulnerability prevention and control method, device, mobile terminal, and computer-readable storage medium.
Background
An IP Multimedia Subsystem (ims) is a Subsystem supporting IP Multimedia services proposed by the third Generation mobile communication partner organization (3rd Generation Partnership Project, 3GPP) in Release5 version standard, and is an important way to solve the convergence of mobile networks and fixed networks and introduce differentiation services such as triple fusion of voice, data, and video, which brings more entertainment to users and also makes communication between users more and more convenient. Currently, SIM cards provided by various operators basically support ims services to meet market demands, and are generally implemented by a type field of an Access Point Name (APN), where the type field of the APN determines functions of network connections established based on the type field, and a same SIM card may establish multiple network connections to implement multiple functions.
When multiple network connections need to be established by the same SIM card to realize multiple functions, the network connections are usually respectively established based on received access requests, and in some scenes, because type fields corresponding to two network connections are mutually influenced, the risk that a data switch is not controlled exists, so that a certain hacker or lawless person can take advantage of the risk.
Content of application
In view of the above, it is necessary to provide a vulnerability defense method, apparatus, mobile terminal and computer readable storage medium for avoiding data switch failure.
The embodiment of the application provides a vulnerability prevention and control method, which comprises the following steps:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection status of the second network connection includes:
if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request;
and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
In one embodiment, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request includes:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
a non-null type of network connection is established as the first network connection.
In one embodiment, the establishing a first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request includes:
if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
a network connection of a third access point type is established as the first network connection.
In one embodiment, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request includes:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
a network connection of a fourth access point type is established as the first network connection.
In one embodiment, establishing a first network connection based on the first access point type parameter comprises:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
a network connection of a fifth access point type is established as the first network connection.
The embodiment of the application provides a loophole prevention and control device, the device includes:
the access control device comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring a first access network request and a connection state of a second network connection, the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and the establishing module is used for establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the setup module includes:
a first establishing unit, configured to establish a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request if the connection status of the second network connection is unconnected;
and the second establishing unit is used for establishing the first network connection according to the first access point type parameter if the connection state of the second network connection is connected.
The embodiment of the application provides a mobile terminal, which comprises a memory and a controller, wherein the memory stores a computer program, and the controller realizes the steps of the vulnerability prevention and control method provided by any embodiment of the application when executing the computer program.
The embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a controller, implements the steps of the vulnerability prevention and control method provided in any embodiment of the present application.
According to the vulnerability prevention and control method, the vulnerability prevention and control device, the mobile terminal and the computer readable storage medium, the first access network request and the connection state of the second network connection are obtained, the first access network request comprises the first access point type parameter, and the second network connection is the network connection corresponding to the second access network request; according to the first access point type parameter and the connection state of the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the defects in the prior art are overcome.
Drawings
FIG. 1 is a diagram illustrating an application scenario of a vulnerability defense method in an embodiment;
FIG. 2 is a flow chart illustrating a vulnerability defense method according to an embodiment;
FIG. 3 is a schematic flow chart illustrating a vulnerability defense method according to another embodiment;
FIG. 4 is a schematic diagram illustrating an implementation flow of a vulnerability defense method in an embodiment;
FIG. 5 is a block diagram of a vulnerability defense apparatus in one embodiment;
fig. 6 is an internal structural diagram of a mobile terminal in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. It should also be understood that the appearances of "first," "second," "third," "fourth," and "fifth" in the embodiments of the present application are not necessarily in chronological order, but are merely for purposes of distinction.
The vulnerability prevention and control method provided by the application can be applied to the application environment shown in FIG. 1. The SIM card in the mobile terminal 100 supports the ims network, and when the mobile terminal 100 is in an environment with the ims network, an ims connection can be automatically established to provide voice, data, and video functions. The mobile terminal 100 of the embodiment is exemplified by a smart phone. The mobile terminal 100 may access the mobile network through the APN, or may access the mobile network through wifi or a hotspot, where for the mobile terminal 100 of this embodiment, for example, accessing the mobile network through the APN, the APN parameter needs to be configured in the first step before accessing the mobile network.
In one embodiment, as shown in fig. 2, a flow diagram of a vulnerability defense method is provided. The present embodiment is mainly illustrated by applying the method to the mobile terminal 100 in fig. 1.
Step 210, obtaining a first access network request and a connection state of a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request.
The first access network request and the second access network request are request information for establishing network connection, which is sent by the user to the mobile terminal 100, wherein the first access network request may be sent prior to the second access network request, or may be sent after the second access network request. The first access network request includes a first access point parameter, which is a parameter that must be configured for the user to access the mobile network via the mobile terminal 100, including but not limited to a first access point name, a proxy, a port, a first access point type parameter, and the like. The first access point type parameter, i.e. the type field of the APN, is used to reflect the connection type of the first network connection, generally, the type field may be set to at least one of default, mms, supply, dun, hipri, fota, and ims, and of course, may also be set to another type, which is not limited in this embodiment. The different connection types correspond to different functions, for example, when the type field is mms, the connection type of the first network connection is represented as mms type and has the capability of sending multimedia messages, and when the type field is default, the connection type of the first network connection is represented as default type and can access the Internet by using a data network, and the first network connection requests the corresponding network connection for the first access network.
Correspondingly, the second access network request includes a second access point type parameter, which includes but is not limited to a second access point name, a proxy, a port, a second access point type parameter, and the like. The second access point type parameter, namely type field, can be ims or non-ims, when the type field is ims, the connection type of the established second network connection is represented as ims type, and the second network connection has voice, video and data capabilities; when the type field is not ims, such as default, the connection type of the established second network connection is default type. The connected state of the second network connection may include both connected and unconnected states. Step 220, establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
The connection state of the second network connection may affect the establishment of the first network connection under certain circumstances, and the conventional method ignores the effect of the connection state of the second network connection on the first network connection when the first network connection is established, so that the data switch is not controlled under certain circumstances, and a hacker or a lawless person can take a chance. For example, when the second network connection is not established, the second access point type parameter is ims, and the first access point type parameter is null, the APN connection of the null type is established as the first network connection in a conventional manner, if the first network connection is successfully connected preferentially, the second network connection may multiplex the first network connection, and after the user closes the data switch, because the second network connection still needs to use the first network connection, the first network connection is not disconnected, and the final expression result is that the data switch is closed, but the background still can use data traffic, thereby bringing a ride-by-pass opportunity to some hackers or lawless persons. Therefore, when the first network connection is established, the first access point type parameter and the connection state of the second network connection are considered at the same time, the defects existing in the prior art are overcome, and the safety is guaranteed.
In an embodiment, when the first access point type parameter is default, the second access point type parameter is ims, and the second network connection is not connected, it may be determined that the connection type of the first network connection is default type, and the connection type of the second network connection is ims type, so that an APN connection of default type may be established as the first network connection, and an APN connection of ims type may be established as the second network connection.
In another embodiment, when the first access point type parameter is null, the second access point type parameter is ims, and the second network connection is unconnected, it may be determined that the connection type of the first network connection is a non-null type, and the connection type of the second network connection is an ims type, so that the non-null type APN connection may be established as the first network connection and the ims type APN connection may be established as the second network connection.
In another embodiment, if the second network connection is already connected and the second access point type parameter is ims, the first network connection may be established directly according to the first access network request corresponding to the first access point type parameter. For example, if the first access point TYPE parameter is null, it may be determined that the connection TYPE of the first network connection is APN _ TYPE _ ALL, and an APN connection of the APN _ TYPE _ ALL TYPE is established as the first network connection. If the first access point type parameter is default, it may be determined that the connection type of the first network connection is default, and an APN connection of the default type is established as the first network connection.
The TYPE field is empty, which means that the TYPE field is not configured, and this situation is usually defined as APN _ TYPE _ ALL, and a network established by using APN _ TYPE _ ALL has ALL network capabilities, for example, the network may have the capabilities of accessing Internet, sending multimedia messages, voice, video, and data at the same time. The present embodiment does not limit the specific type of the non-empty type, and may be, for example, a default type, an mms type, a supply type, an dun type, a hipri type, or a fota type.
It should be noted that the mobile terminal 100 of this embodiment supports the ims-type APN connection by default, that is, when the mobile terminal 100 is in an environment with an ims network, the ims-type APN connection may be established based on the obtained ims connection request, or the ims-type APN connection may be automatically established in a default manner. The ims connection request may be the aforementioned second access network request, and the corresponding second access point type parameter is ims. The second network connection in this embodiment takes an ims-type APN connection and a non-type APN connection as examples, and correspondingly, the second access point type parameter may be ims or non-ims.
The vulnerability prevention and control method comprises the steps of obtaining a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
In another embodiment, as shown in fig. 3, a flowchart of a vulnerability defense method is provided. In this embodiment, the method is mainly applied to the mobile terminal 100 in fig. 1, the second network connection is an ims type APN connection and a non-ims type APN connection, and the connection status is illustrated by taking a connection and a non-connection as an example.
Step 310, obtaining the connection state of the first access network request and the second network connection.
And 320, judging whether the connection state of the second network connection is unconnected, if so, executing a step 330, otherwise, executing a step 340.
Step 330, establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request.
In some scenarios, it is necessary for the mobile terminal 100 to support ALL network capabilities, and in order to simplify the operation, the TYPE field may be directly configured to be empty, and a long connection of APN _ TYPE _ ALL may be established to meet the application requirement. For example, in the area a, all functions need to be supported by using the same network, and the type field may be configured to be null, i.e., null characters. Since the second network connection is also not currently connected, there may be a long connection condition multiplexing APN _ TYPE _ ALL at this time, resulting in a data switch failure. This embodiment refines step 330 to this end.
In one embodiment, if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
The second access point type is a type corresponding to the second access point type parameter, for example, when the second access point type parameter is ims, the second access point type is ims type, and when the second access point type parameter is non-ims, the second access point type is non-ims type. Specifically, when the second access point TYPE is an ims TYPE and the first access point TYPE parameter is empty, in order to avoid the failure of the data switch due to the long connection of the second network connection multiplexing APN _ TYPE _ ALL, the embodiment does not resolve the first access point TYPE parameter as null resolving APN _ TYPE _ ALL, but resolves the first access point TYPE parameter as a non-null TYPE, for example, a default TYPE. Under normal conditions, the second network connection can not multiplex default type APN connection, so that the defects of the prior art are overcome, and the problem of data switch failure caused by user operation is solved. At this time, an ims type APN connection may be established as a second network connection, and when the data switch is turned off, the first network connection is also disconnected, and the second network connection may maintain normal operation.
In another embodiment, if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
Specifically, when the second access point TYPE is an ims TYPE, if the first network connection is a long connection of APN _ TYPE _ ALL, the second network connection may multiplex the first network connection, and if the first network connection is a non-empty TYPE APN connection, the second network connection may not multiplex the first network connection. For example, in this embodiment, when the first access point type parameter is non-empty, the third access point type obtained by analyzing the first access point type parameter is consistent with the first access point type parameter, for example, when the first access point type parameter is default, the third access point type is default; and if the first access point type parameter is mms, the third access point type parameter is mms type. At this time, an APN connection of a third access point type may be established as the first network connection, and an APN connection of an ims type may be established as the second network connection, respectively.
In another embodiment, if the second access point type is a non-ims type, the first access point type parameter is analyzed to obtain a fourth access point type, and the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
Specifically, if the second access point TYPE is a non-ims TYPE, the analysis of the first access point TYPE parameter is not affected, that is, a fourth access point TYPE obtained by analyzing the first access point TYPE parameter is consistent with the first access point TYPE parameter, for example, when the first access point TYPE parameter is empty, the third access point TYPE is an APN _ TYPE _ ALL TYPE; and if the first access point type parameter is mms, the third access point type parameter is mms type. When the first access point TYPE parameter is null, the non-ims TYPE second network connection can multiplex the long connection of APN _ TYPE _ ALL without affecting the effect of data switching.
Step 340, establishing the first network connection according to the first access point type parameter.
If the connection state of the second network connection is connected, the establishment of the first network connection is not affected no matter whether the type of the second access point is an ims type or not, and at this time, the corresponding APN connection can be established directly according to the parameter of the type of the first access point to serve as the first network connection.
In an embodiment, the first access point type parameter may be analyzed to obtain a fifth access point type, where the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
Illustratively, when the first access point TYPE parameter is empty, the first access point TYPE parameter may be analyzed as APN _ TYPE _ ALL, and an APN connection may be established based on the APN _ TYPE _ ALL, and when the user closes the data switch, the background may not use the data traffic any more, which may ensure the security of the user.
It should be noted that, when the mobile terminal 100 requests to configure the APN parameter based on the first access network, if the first access point type parameter set by the user is non-empty but is not matched with the operator corresponding to the mobile terminal 100, at this time, the mobile terminal 100 may select a type field from a default APN library in the system, and if the type field successfully matched is empty, at this time, the type field needs to be replaced, and a non-empty type field matched with the operator is reselected, thereby preventing the above vulnerability from occurring.
In an embodiment, as shown in fig. 4, an implementation flow diagram of a vulnerability prevention and control method is provided. Fig. 4 illustrates an example in which a type field set by the user and a connection state of the second network connection are not connected, and the type field set by the user is matched with an operator corresponding to the mobile terminal 100.
Analyzing a first access point type parameter in the first access network request, if the first access point type parameter is null, further determining whether a second access point type is an ims type, if the second access point type is the ims type, analyzing the first access point type parameter as default, establishing APN connection of the default type as first network connection and establishing APN connection of the ims type as second network connection. If the second access point TYPE is a non-ims TYPE, resolving the first access point TYPE parameter into APN _ TYPE _ ALL, and establishing APN connection of APN _ TYPE _ ALL TYPE as a first network connection, where the second network connection may multiplex APN connection of APN _ TYPE _ ALL TYPE. And if the first access point type parameter is non-null, directly establishing the non-null APN connection as a first network connection, and simultaneously establishing the APN connection of a second access point type as a second network connection.
It should be understood that although the various steps in the flow charts of fig. 2-3 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-3 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least some of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 5, a block diagram of a vulnerability prevention and control apparatus is provided, where the vulnerability prevention and control apparatus includes an obtaining module 51 and an establishing module 52, where:
the obtaining module 51 is configured to obtain a first access network request and a connection status of a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request.
An establishing module 52, configured to establish, according to the first access point type parameter and the connection status of the second network connection, a first network connection corresponding to the first access network request.
The vulnerability prevention and control device acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
On the basis of the above embodiment, the building module 52 includes: a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if a connection status of the second network connection is unconnected; and a second establishing unit, configured to establish the first network connection according to the first access point type parameter if the connection status of the second network connection is connected.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; establishing a non-null type of network connection as the first network connection.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; establishing a network connection of a third access point type as the first network connection.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; establishing a network connection of a fourth access point type as the first network connection.
On the basis of the foregoing embodiment, the second establishing unit is specifically configured to: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; establishing a network connection of a fifth access point type as the first network connection.
For specific limitations of the vulnerability defense apparatus, reference may be made to the above limitations of the vulnerability defense method, which are not described herein again. All or part of the modules in the vulnerability prevention and control device can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent of a controller in the mobile terminal, and can also be stored in a memory in the mobile terminal in a software form, so that the controller can call and execute operations corresponding to the modules.
In one embodiment, as shown in fig. 6, an internal structure diagram of a mobile terminal, which may be a smart phone, is provided, and the internal structure thereof is shown in fig. 6. The mobile terminal includes a memory 61, a controller 62, a communication interface 63, a display 64, and an input device 65 connected through a system bus. Controller 62 is used to provide, among other things, computational and control capabilities. The memory of the mobile terminal includes a nonvolatile storage medium storing an operating system and a computer program, and an internal memory. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface 63 of the mobile terminal is used for performing wired or wireless communication with an external terminal, and the wireless communication may be implemented by WIFI, an operator network, Near Field Communication (NFC), or other technologies. The computer program when executed by the controller 62 implements a vulnerability defense method. The display 64 of the mobile terminal may be a liquid crystal display or an electronic ink display, and the input device 65 of the mobile terminal may be a touch layer covered on the display 64, a key, a trackball or a touch pad arranged on a housing of the mobile terminal, or an external keyboard, a touch pad or a mouse.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to a first access point type parameter, comprising: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The mobile terminal acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
Those skilled in the art will appreciate that the configuration shown in fig. 6 is a block diagram of only a portion of the configuration associated with the present application and does not constitute a limitation of the mobile terminal to which the present application applies, and that a particular mobile terminal may include more or less components than those shown, or combine certain components, or have a different arrangement of components.
In one embodiment, a computer readable storage medium is provided, having a computer program stored thereon, the computer program, when executed by a controller, implementing the steps of: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter. In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to a first access point type parameter, comprising: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The computer program acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. Non-volatile memory may include Read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM is available in many forms, such as Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), and the like.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A vulnerability prevention and control method is characterized by comprising the following steps:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
2. The method of claim 1, wherein the establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection status of the second network connection comprises:
if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request;
and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
3. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
establishing a non-null type of network connection as the first network connection.
4. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
establishing a network connection of a third access point type as the first network connection.
5. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
establishing a network connection of a fourth access point type as the first network connection.
6. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter comprises:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
establishing a network connection of a fifth access point type as the first network connection.
7. A vulnerability prevention and control apparatus, the apparatus comprising:
an obtaining module, configured to obtain a first access network request and a connection status of a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and the establishing module is used for establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
8. The apparatus of claim 7, wherein the establishing module comprises:
a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if a connection status of the second network connection is unconnected;
and a second establishing unit, configured to establish the first network connection according to the first access point type parameter if the connection status of the second network connection is connected.
9. A mobile terminal comprising a memory and a controller, the memory storing a computer program, wherein the controller implements the steps of the vulnerability prevention and control method according to any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a controller, implements the steps of the vulnerability prevention and control method according to any of claims 1 to 6.
CN202010560880.3A 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium Active CN111757326B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010560880.3A CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010560880.3A CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN111757326A true CN111757326A (en) 2020-10-09
CN111757326B CN111757326B (en) 2023-10-13

Family

ID=72676345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010560880.3A Active CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN111757326B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090182871A1 (en) * 2008-01-14 2009-07-16 Qualmcomm Incorporated Backup paging for wireless communication
CN103299684A (en) * 2011-01-13 2013-09-11 瑞典爱立信有限公司 Roaming control for IMS APN
CN106817193A (en) * 2015-11-30 2017-06-09 华为技术有限公司 The method and access point of a kind of access point communication
CN110933770A (en) * 2019-11-27 2020-03-27 惠州Tcl移动通信有限公司 Connection request sending method and device, storage medium and electronic equipment
CN111225451A (en) * 2018-11-26 2020-06-02 中国电信股份有限公司 Halt processing method, system, MME and computer readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090182871A1 (en) * 2008-01-14 2009-07-16 Qualmcomm Incorporated Backup paging for wireless communication
CN103299684A (en) * 2011-01-13 2013-09-11 瑞典爱立信有限公司 Roaming control for IMS APN
CN106817193A (en) * 2015-11-30 2017-06-09 华为技术有限公司 The method and access point of a kind of access point communication
CN111225451A (en) * 2018-11-26 2020-06-02 中国电信股份有限公司 Halt processing method, system, MME and computer readable storage medium
CN110933770A (en) * 2019-11-27 2020-03-27 惠州Tcl移动通信有限公司 Connection request sending method and device, storage medium and electronic equipment

Also Published As

Publication number Publication date
CN111757326B (en) 2023-10-13

Similar Documents

Publication Publication Date Title
CN109842617B (en) Advertisement blocking method and device and storage medium
CN108521644B (en) Network access method, equipment and system
CN107979835B (en) eSIM card and management method thereof
US9615244B2 (en) Method for accessing a service and a corresponding device
CN108282521B (en) BIP protocol data transmission method and device, computer equipment and storage medium
US20150119017A1 (en) Method and system for implementing smart card remote operation based on smart card web server
US10901716B2 (en) Implicit file creation in APDU scripts
CN108616979B (en) Dual-card network system control method and device, computer equipment and storage medium
CN105635084A (en) Apparatus and method for authenticating terminal
US11895611B2 (en) Sim card registration method and apparatus, computer device, and storage medium
CN109842877B (en) Method for realizing IMSI changing function in SIM card
CN105637940B (en) The method of wireless telecom equipment and initiation and the session of radio network node
KR102045662B1 (en) System and method for managing logical channels for accessing several virtual profiles within a secure element
US20220159103A1 (en) Method, device, system, and storage medium for establishing local communication link
WO2018095079A1 (en) Method and apparatus for switching voice service, mobile terminal and computer storage medium
CN109831521B (en) Cache instance management method and device, computer equipment and storage medium
US10412585B2 (en) User identity authentication method and device
CN112702739A (en) Wireless network sharing method, device, readable storage medium and mobile terminal
US8898302B2 (en) Method and system for prevention of applications from initiating data connection establishment
CN111757326A (en) Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium
US20220255938A1 (en) Method and system for processing network resource access requests, and computer device
KR100608826B1 (en) Data access method for mobile communication device
CN112153109B (en) Method, device, computer equipment and storage medium for establishing communication connection
CN112995399B (en) Refused short message sending method and device, computer equipment and storage medium
CN113301289B (en) Communication processing method, communication processing device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant