CN111757326B - Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium - Google Patents

Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium Download PDF

Info

Publication number
CN111757326B
CN111757326B CN202010560880.3A CN202010560880A CN111757326B CN 111757326 B CN111757326 B CN 111757326B CN 202010560880 A CN202010560880 A CN 202010560880A CN 111757326 B CN111757326 B CN 111757326B
Authority
CN
China
Prior art keywords
access point
point type
network connection
access
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010560880.3A
Other languages
Chinese (zh)
Other versions
CN111757326A (en
Inventor
杨琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Wingtech Electronic Technology Co Ltd
Original Assignee
Shanghai Wingtech Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Wingtech Electronic Technology Co Ltd filed Critical Shanghai Wingtech Electronic Technology Co Ltd
Priority to CN202010560880.3A priority Critical patent/CN111757326B/en
Publication of CN111757326A publication Critical patent/CN111757326A/en
Application granted granted Critical
Publication of CN111757326B publication Critical patent/CN111757326B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The embodiment of the application discloses a vulnerability prevention and control method, a vulnerability prevention and control device, a mobile terminal and a computer readable storage medium. The method comprises the following steps: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the weaknesses of the prior art are overcome.

Description

Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium
Technical Field
The present application relates to the field of security protection technologies, and in particular, to a vulnerability prevention and control method, a vulnerability prevention and control device, a mobile terminal, and a computer readable storage medium.
Background
The IP multimedia subsystem (IP Multimedia Subsystem, ims) is a subsystem supporting the IP multimedia service proposed by the third generation mobile communication partner organization (3rd Generation Partnership Project,3GPP) in Release5 version standard, is an important way for solving the problem of fusion of a mobile network and a fixed network and introducing differentiated services such as voice, data and video triple fusion, and the like, brings more entertainment to users and also makes communication between users more and more convenient. Currently, SIM cards provided by various operators basically support ims to meet market demands, and are generally implemented through a type field of an access point name (Access Point Name, APN), the type field of the APN determines functions of network connection established based on the type field, and the same SIM card can establish multiple network connections to achieve multiple functions.
When multiple network connections are required to be established by the same SIM card to realize multiple functions, the network connections are generally established based on the received access requests respectively, and in certain scenes, as the type domains corresponding to the two network connections are mutually influenced, the risk of uncontrolled data switching exists, so that a multiplicative opportunity is brought to some hackers or lawbreakers.
Content of the application
Based on the foregoing, it is necessary to provide a vulnerability prevention and control method, device, mobile terminal and computer readable storage medium for avoiding failure of data switch.
The embodiment of the application provides a vulnerability prevention and control method, which comprises the following steps:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, establishing a first network connection corresponding to a first access network request according to a first access point type parameter and a connection state of a second network connection includes:
if the connection state of the second network connection is unconnected, establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request;
if the connection state of the second network connection is connected, the first network connection is established according to the first access point type parameter.
In one embodiment, establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request includes:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
a network connection of a non-null type is established as a first network connection.
In one embodiment, establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request includes:
if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
and establishing a network connection of a third access point type as the first network connection.
In one embodiment, establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request includes:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
and establishing a network connection of a fourth access point type as the first network connection.
In one embodiment, establishing a first network connection according to the first access point type parameter includes:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
a network connection of a fifth access point type is established as the first network connection.
The embodiment of the application provides a vulnerability prevention and control device, which comprises:
the acquisition module is used for acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and the establishing module is used for establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the establishing module includes:
the first establishing unit is used for establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request if the connection state of the second network connection is unconnected;
and the second establishing unit is used for establishing the first network connection according to the first access point type parameter if the connection state of the second network connection is connected.
The embodiment of the application provides a mobile terminal, which comprises a memory and a controller, wherein the memory stores a computer program, and the controller realizes the steps of the vulnerability prevention and control method provided by any embodiment of the application when executing the computer program.
The embodiment of the application provides a computer readable storage medium, on which a computer program is stored, which when executed by a controller, implements the steps of the vulnerability prevention and control method provided by any embodiment of the application.
The vulnerability prevention and control method, the vulnerability prevention and control device, the mobile terminal and the computer readable storage medium provided by the embodiment of the application are characterized in that by acquiring the connection state of a first access network request and a second network connection, the first access network request comprises a first access point type parameter, and the second network connection is the network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the weaknesses of the prior art are overcome.
Drawings
FIG. 1 is an application scenario diagram of a vulnerability prevention and control method in one embodiment;
FIG. 2 is a flow chart of a vulnerability prevention and control method in one embodiment;
FIG. 3 is a flowchart of a vulnerability control method according to another embodiment;
FIG. 4 is a schematic flow chart illustrating an implementation of the vulnerability prevention and control method in one embodiment;
FIG. 5 is a block diagram of a vulnerability prevention and control apparatus in one embodiment;
fig. 6 is an internal structural diagram of a mobile terminal in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application. It should also be understood that the "first," "second," "third," "fourth," and "fifth" embodiments of the present application occur without chronological order, for the purpose of distinction only.
The vulnerability prevention and control method provided by the application can be applied to an application environment shown in figure 1. The SIM card in the mobile terminal 100 supports an ims network, and when the mobile terminal 100 is in an environment with an ims network, an ims connection can be automatically established to provide voice, data, and video functions. The mobile terminal 100 of the present embodiment is exemplified by a smart phone. The mobile terminal 100 may access the mobile network through an APN, or may access the mobile network through wifi or a hotspot, which is taken as an example of the mobile terminal 100 in this embodiment, the APN parameter needs to be configured before the mobile terminal accesses the mobile network.
In one embodiment, as shown in fig. 2, a flow diagram of a vulnerability prevention and control method is provided. The present embodiment is mainly illustrated by the application of the method to the mobile terminal 100 in fig. 1.
Step 210, obtaining a connection state of a first access network request and a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request.
The first access network request and the second access network request are request information for establishing a network connection, which is sent by a user to the mobile terminal 100, where the first access network request may be sent prior to the second access network request or may be sent after the second access network request. The first access network request includes a first access point parameter, which is a parameter that must be configured by the user to access the mobile network through the mobile terminal 100, including, but not limited to, a first access point name, an agent, a port, a first access point type parameter, and the like. The type field of the APN, which is a type parameter of the first access point, is used to reflect the connection type of the first network connection, and in general, the type field may be set to at least one of default, mms, supl, dun, hipri, fota and ims, and may be set to another type, which is not limited in this embodiment. And when the type domain is default, the connection type of the first network connection is default type, and the Internet can be accessed by utilizing a data network, and the first network connection is the network connection corresponding to the first access network request.
Accordingly, the second access network request includes second access point type parameters including, but not limited to, a second access point name, an agent, a port, and a second access point type parameter. The second access point type parameter, i.e. the type field, can be ims or non-ims, when the type field is ims, the connection type of the established second network connection is ims type, and the voice, video and data capabilities are provided; when the type field is non-ims, such as default, the connection type indicating the established second network connection is of the default type. The connection state of the second network connection may include both connected and unconnected states. Step 220, a first network connection corresponding to the first access network request is established according to the first access point type parameter and the connection state of the second network connection.
The connection state of the second network connection may affect the establishment of the first network connection in some cases, and the conventional manner ignores the effect of the connection state of the second network connection on the first network connection when the first network connection is established, so that the data switch is not controlled in some cases, and a multiplicative machine is brought to some hackers or lawbreakers. For example, when the second network connection is not established, the second access point type parameter is ims, and the first access point type parameter is null, conventionally, an APN connection of a null type is established as the first network connection, if the first network connection is connected successfully with priority, the second network connection may multiplex the first network connection, after the user closes the data switch, the first network connection is not disconnected because the second network connection still needs to use the first network connection, and the final presentation result is that the data switch is already closed, but the background can still use data traffic, so that a multiplicative opportunity is brought to some hackers or lawbreakers. Therefore, in the embodiment, when the first network connection is established, the first access point type parameter and the connection state of the second network connection are considered, so that the loopholes in the prior art are overcome, and the safety is ensured.
In one embodiment, when the first access point type parameter is default, the second access point type parameter is ims and the second network connection is not connected, it may be determined that the connection type of the first network connection is default, and the connection type of the second network connection is ims, so that an APN connection of default type may be established as the first network connection, and an APN connection of ims type may be established as the second network connection.
In another embodiment, when the first access point type parameter is null, the second access point type parameter is ims and the second network connection is not connected, it may be determined that the connection type of the first network connection is a non-null type, and the connection type of the second network connection is an ims type, so that an APN connection of the non-null type may be established as the first network connection, and an APN connection of the ims type may be established as the second network connection.
In another embodiment, if the second network connection is connected and the second access point type parameter is ims, the first network connection may be established directly according to the first access point type parameter corresponding to the first access network request. For example, the first access point TYPE parameter is null, it may be determined that the connection TYPE of the first network connection is apn_type_all, and an APN connection of the apn_type_all TYPE is established as the first network connection. And if the first access point type parameter is default, determining that the connection type of the first network connection is default, and establishing an APN connection of the default as the first network connection.
The fact that the TYPE field is null indicates that the TYPE field is not configured is generally defined as apn_type_all, and a network established by using the apn_type_all has ALL network capabilities, for example, may have capabilities of accessing the Internet, sending multimedia messages, voice, video, data, and the like at the same time. The specific type of the non-null type in this embodiment is not limited, and may be, for example, default type, mms type, sublevel type, dun type, hipri type, fota type, or the like.
It should be noted that, the mobile terminal 100 of this embodiment supports an ims type APN connection by default, that is, when the mobile terminal 100 is in an environment with an ims network, an ims type APN connection may be established based on the acquired ims connection request, or an ims type APN connection may be automatically established by default. The ims connection request may be the aforementioned second access network request, and the corresponding second access point type parameter is ims. The second network connection of this embodiment takes an ims type APN connection and a non-type APN connection as an example, and the second access point type parameter may be ims or non-ims accordingly.
The vulnerability prevention and control method comprises the steps of obtaining a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the loopholes of the prior art are overcome.
In another embodiment, as shown in fig. 3, a flow diagram of a vulnerability prevention and control method is provided. The present embodiment is mainly applied to the mobile terminal 100 in fig. 1, and the second network connection is exemplified by an ims type APN connection and a non-ims type APN connection, and the connection states are exemplified by connection and non-connection.
Step 310, obtaining a connection state of the first access network request and the second network connection.
Step 320, if the connection status of the second network connection is unconnected, step 330 is executed, otherwise step 340 is executed.
Step 330, a first network connection is established according to the first access point type parameter and the second access point type corresponding to the second access network request.
In some scenarios, it is necessary for the mobile terminal 100 to support ALL network capabilities, and in order to simplify the operation, the TYPE field may be directly configured as null, and a long connection of apn_type_all may be established, so as to meet the application requirements. For example, in region a, the same network needs to be used to support all functions, and the type field can be configured as null, i.e., null characters. Since the second network connection is not currently connected either, there may be a case where a long connection of apn_type_all is multiplexed, resulting in failure of the data switch. For this purpose the present embodiment refines step 330.
In one embodiment, if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a network connection of a non-null type is established as a first network connection.
The second access point type is a type corresponding to a second access point type parameter, for example, when the second access point type parameter is ims, the second access point type is ims, and when the second access point type parameter is non-ims, the second access point type is non-ims. Specifically, when the second access point TYPE is an ims TYPE and the first access point TYPE parameter is null, in order to avoid that the second network connection multiplexes the long connection of apn_type_all and causes the data switch to fail, the embodiment does not parse the first access point TYPE parameter to be null, but to parse the first access point TYPE parameter to be non-null, such as default TYPE. Under normal conditions, the APN connection of the default type is not multiplexed by the second network connection, so that the defects of the prior art are overcome, and the problem of failure of a data switch caused by user operation is also solved. At this time, an ims type APN connection may be established as a second network connection, and when the data switch is turned off, the first network connection is also disconnected, and the second network connection may maintain normal operation.
In another embodiment, if the second access point type is an ims type and the first access point type parameter is non-null, the first access point type parameter is parsed to obtain a third access point type, the third access point type is consistent with the first access point type parameter; and establishing a network connection of a third access point type as the first network connection.
Specifically, when the second access point TYPE is an ims TYPE, if the first network connection is a long connection of apn_type_all, a case where the second network connection multiplexes the first network connection may occur, and if the first network connection is a non-null TYPE APN connection, a case where the second network connection multiplexes the first network connection may not occur. For example, in this embodiment, when the first access point type parameter is not null, the third access point type obtained by analyzing the first access point type parameter is consistent with the first access point type parameter, for example, when the first access point type parameter is default, the third access point type is default; and if the first access point type parameter is mms, the third access point type parameter is mms. At this time, APN connection of a third access point type can be respectively established as a first network connection, and APN connection of an ims type can be established as a second network connection.
In another embodiment, if the second access point type is non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; and establishing a network connection of a fourth access point type as the first network connection.
Specifically, if the second access point TYPE is a non-ims TYPE, the analysis of the first access point TYPE parameter is not affected, that is, the fourth access point TYPE obtained by analyzing the first access point TYPE parameter is consistent with the first access point TYPE parameter, for example, when the first access point TYPE parameter is empty, the third access point TYPE is an apn_type_all TYPE; and if the first access point type parameter is mms, the third access point type parameter is mms. When the first access point TYPE parameter is null, the non-ims TYPE second network connection can multiplex long connection of APN_TYPE_ALL without affecting the effect of the data switch.
Step 340, establishing the first network connection according to the first access point type parameter.
If the connection state of the second network connection is connected, whether the second access point type is an ims type or not does not affect the establishment of the first network connection, and at this time, the corresponding APN connection can be established as the first network connection directly according to the first access point type parameter.
In one embodiment, the first access point type parameter may be parsed to obtain a fifth access point type, the fifth access point type being consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
For example, when the first access point TYPE parameter is null, the first access point TYPE parameter may be parsed into apn_type_all, and an APN connection is established based on the apn_type_all, and when the user closes the data switch, the background cannot use the data traffic any more, so that the security of the user may be ensured.
It should be noted that, when the mobile terminal 100 requests to configure the APN parameter based on the first access network, if the first access point type parameter set by the user is non-null, but the operator corresponding to the mobile terminal 100 is not matched, at this time, the mobile terminal 100 may select a type field from the default APN library in the system, if the successfully matched type field is null, at this time, the type field needs to be replaced, and a type field of non-null type matched with the operator is reselected, so as to prevent the vulnerability from occurring.
In one embodiment, as shown in fig. 4, a schematic implementation flow chart of a vulnerability prevention and control method is provided. Fig. 4 is an example in which the user sets a type field, and the connection state of the second network connection is unconnected, and the type field set by the user is matched with the operator corresponding to the mobile terminal 100.
Analyzing a first access point type parameter in a first access network request, further determining whether a second access point type is an ims type if the first access point type parameter is null, analyzing the first access point type parameter as default if the second access point type is the ims type, and establishing an APN connection of the default type as a first network connection and an APN connection of the ims type as a second network connection. If the second access point TYPE is non-ims TYPE, analyzing the first access point TYPE parameter into APN_TYPE_ALL, and establishing APN connection of APN_TYPE_ALL TYPE as first network connection, wherein the second network connection can multiplex APN connection of APN_TYPE_ALL TYPE. If the first access point type parameter is non-null, directly establishing non-null APN connection as a first network connection, and simultaneously establishing APN connection of a second access point type as a second network connection.
It should be understood that, although the steps in the flowcharts of fig. 2-3 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in fig. 2-3 may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor do the order in which the sub-steps or stages are performed necessarily occur sequentially, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or steps.
In one embodiment, as shown in fig. 5, a structural block diagram of a vulnerability prevention and control device is provided, where the vulnerability prevention and control device includes an obtaining module 51 and an establishing module 52, where:
the obtaining module 51 is configured to obtain a connection state of a first access network request and a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request.
And an establishing module 52, configured to establish a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
The vulnerability prevention and control device acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the loopholes of the prior art are overcome.
Based on the above embodiment, the building module 52 includes: a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if the connection state of the second network connection is unconnected; and the second establishing unit is used for establishing the first network connection according to the first access point type parameter if the connection state of the second network connection is connected.
On the basis of the above embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; and establishing a non-null type network connection as the first network connection.
On the basis of the above embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; and establishing a network connection of a third access point type as the first network connection.
On the basis of the above embodiment, the first establishing unit is specifically configured to: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; and establishing a network connection of a fourth access point type as the first network connection.
On the basis of the above embodiment, the second establishing unit is specifically configured to: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; and establishing a network connection of a fifth access point type as the first network connection.
For specific limitations of the vulnerability control apparatus, reference may be made to the above limitation of the vulnerability control method, and no further description is given here. All or part of the modules in the vulnerability prevention and control device can be realized by software, hardware and a combination thereof. The above modules may be embedded in hardware or independent of a controller in the mobile terminal, or may be stored in software in a memory in the mobile terminal, so that the controller may call and execute operations corresponding to the above modules.
In one embodiment, as shown in fig. 6, an internal structure diagram of a mobile terminal, which may be a smart phone, is provided, the internal structure of which is shown in fig. 6. The mobile terminal comprises a memory 61, a controller 62, a communication interface 63, a display 64 and an input device 65, which are connected via a system bus. Wherein the controller 62 is used to provide computing and control capabilities. The memory of the mobile terminal includes a non-volatile storage medium storing an operating system and a computer program, and an internal memory. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The communication interface 63 of the mobile terminal is used for performing wired or wireless communication with an external terminal, and the wireless communication can be implemented through WIFI, an operator network, near Field Communication (NFC) or other technologies. The computer program, when executed by the controller 62, implements a vulnerability prevention and control method. The display screen 64 of the mobile terminal may be a liquid crystal display screen or an electronic ink display screen, and the input device 65 of the mobile terminal may be a touch layer covered on the display screen 64, or may be a key, a track ball or a touch pad arranged on the casing of the mobile terminal, or may be an external keyboard, a touch pad or a mouse.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: establishing a first network connection corresponding to a first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is unconnected, establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; if the connection state of the second network connection is connected, the first network connection is established according to the first access point type parameter.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, including: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a network connection of a non-null type is established as a first network connection.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, including: if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; and establishing a network connection of a third access point type as the first network connection.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; and establishing a network connection of a fourth access point type as the first network connection.
In one embodiment, the mobile terminal, when executing the computer program, performs the steps of: establishing a first network connection according to the first access point type parameter, including: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The mobile terminal obtains a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the loopholes of the prior art are overcome.
It will be appreciated by persons skilled in the art that the architecture shown in fig. 6 is merely a block diagram of some of the architecture associated with the present inventive arrangements and is not limiting of the mobile terminal to which the present inventive arrangements are applied, and that a particular mobile terminal may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a controller, performs the steps of: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection corresponding to a first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is unconnected, establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; if the connection state of the second network connection is connected, the first network connection is established according to the first access point type parameter. In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, including: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a network connection of a non-null type is established as a first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, including: if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; and establishing a network connection of a third access point type as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; and establishing a network connection of a fourth access point type as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter, including: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The computer program obtains a connection state of a first access network request and a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the connection state of the first access point type parameter and the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch is possibly invalid due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the loopholes of the prior art are overcome.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms, such as static random access memory (Static Random Access Memory, SRAM), dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims (9)

1. A vulnerability prevention and control method, the method comprising:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection;
the establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection includes:
if the connection state of the second network connection is unconnected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request;
the establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request includes:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
and establishing a non-null type network connection as the first network connection.
2. The method of claim 1, wherein the establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection comprises:
and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
3. The method of claim 1, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
and establishing a network connection of a third access point type as the first network connection.
4. The method of claim 1, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
and establishing a network connection of a fourth access point type as the first network connection.
5. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter comprises:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
and establishing a network connection of a fifth access point type as the first network connection.
6. A vulnerability prevention and control apparatus, the apparatus comprising:
the system comprises an acquisition module, a control module and a control module, wherein the acquisition module is used for acquiring a first access network request and a connection state of a second network connection, the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
the establishing module is used for establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection;
the establishing module comprises:
a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if the connection state of the second network connection is unconnected;
the first establishing unit is specifically configured to, when establishing the first network connection according to the first access point type parameter and the second access point type corresponding to the second access network request:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
and establishing a non-null type network connection as the first network connection.
7. The apparatus of claim 6, wherein the means for establishing comprises:
and the second establishing unit is used for establishing the first network connection according to the first access point type parameter if the connection state of the second network connection is connected.
8. A mobile terminal comprising a memory and a controller, the memory storing a computer program, characterized in that the controller implements the steps of the vulnerability control method of any one of claims 1-5 when executing the computer program.
9. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a controller, implements the steps of the vulnerability control method of any one of claims 1 to 5.
CN202010560880.3A 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium Active CN111757326B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010560880.3A CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010560880.3A CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN111757326A CN111757326A (en) 2020-10-09
CN111757326B true CN111757326B (en) 2023-10-13

Family

ID=72676345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010560880.3A Active CN111757326B (en) 2020-06-18 2020-06-18 Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN111757326B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103299684A (en) * 2011-01-13 2013-09-11 瑞典爱立信有限公司 Roaming control for IMS APN
CN106817193A (en) * 2015-11-30 2017-06-09 华为技术有限公司 The method and access point of a kind of access point communication
CN110933770A (en) * 2019-11-27 2020-03-27 惠州Tcl移动通信有限公司 Connection request sending method and device, storage medium and electronic equipment
CN111225451A (en) * 2018-11-26 2020-06-02 中国电信股份有限公司 Halt processing method, system, MME and computer readable storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090182871A1 (en) * 2008-01-14 2009-07-16 Qualmcomm Incorporated Backup paging for wireless communication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103299684A (en) * 2011-01-13 2013-09-11 瑞典爱立信有限公司 Roaming control for IMS APN
CN106817193A (en) * 2015-11-30 2017-06-09 华为技术有限公司 The method and access point of a kind of access point communication
CN111225451A (en) * 2018-11-26 2020-06-02 中国电信股份有限公司 Halt processing method, system, MME and computer readable storage medium
CN110933770A (en) * 2019-11-27 2020-03-27 惠州Tcl移动通信有限公司 Connection request sending method and device, storage medium and electronic equipment

Also Published As

Publication number Publication date
CN111757326A (en) 2020-10-09

Similar Documents

Publication Publication Date Title
US11153746B2 (en) Method and terminal for keeping subscriber identity module card in standby state
CN105763723B (en) Mobile terminal and method for upgrading system
CN107493375B (en) Mobile terminal expansion screen projection method and screen projection system
US8996065B2 (en) Method for automatically transferring an application in a mobile communication terminal of telecommunication networks
US20170099285A1 (en) METHODS AND APPARATUS TO SUPPORT GLOBALPLATFORM USAGE ON AN EMBEDDED UICC (eUICC)
US7421287B2 (en) Mobile communication terminal and method for managing use-history information
US8260355B2 (en) Portable communication terminal, program executed by portable communication terminal
WO2018000834A1 (en) Wifi hotspot information modification method and device
JP6401280B2 (en) Method and apparatus for accessing services
CN108616979B (en) Dual-card network system control method and device, computer equipment and storage medium
WO2019010734A1 (en) Method and system for guiding service application traffic
KR20110103398A (en) Method and apparatus for obtaining location information using smart card
WO2016173349A1 (en) Network access method and mobile communications terminal
CN112153678B (en) Session management method, session management device, related equipment and storage medium
EP2727384B1 (en) Method for accessing at least one service and corresponding system
CN101516087A (en) Storage system of mobile terminal and access control method
CN111757326B (en) Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium
WO2017148337A1 (en) Methods of providing and acquiring terminal service, device, and terminal
KR101365889B1 (en) Control method of connecting to mobile-network for smart phone, the system and the computer readable medium able running the program thereof
US20120324117A1 (en) Electronic device and method for providing network connections using the electronic device
CN116980878B (en) Network access communication method, terminal, storage medium and smart card
CN113840313B (en) Network mode control method and device of mobile terminal and computer equipment
US20230073492A1 (en) Connecting method, apparatus of screen transmission device based on nfc, and computer device
WO2021228228A1 (en) Number calling method, apparatus and communication device, and storage medium
WO2020113531A1 (en) Data recovery method and device, and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant