CN112788016A - Illegal user identification method and device, electronic equipment and storage medium - Google Patents

Illegal user identification method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN112788016A
CN112788016A CN202011623451.2A CN202011623451A CN112788016A CN 112788016 A CN112788016 A CN 112788016A CN 202011623451 A CN202011623451 A CN 202011623451A CN 112788016 A CN112788016 A CN 112788016A
Authority
CN
China
Prior art keywords
user
broadband user
flow
internet
voice call
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011623451.2A
Other languages
Chinese (zh)
Other versions
CN112788016B (en
Inventor
薛瑞锋
丁正
顾晓东
董伟
周荣
蔡子衿
杨正敏
赵学哲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Xinfang Software Co ltd
Shanghai Cintel Intelligent System Co ltd
Original Assignee
Shanghai Xinfang Software Co ltd
Shanghai Cintel Intelligent System Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Xinfang Software Co ltd, Shanghai Cintel Intelligent System Co ltd filed Critical Shanghai Xinfang Software Co ltd
Priority to CN202011623451.2A priority Critical patent/CN112788016B/en
Publication of CN112788016A publication Critical patent/CN112788016A/en
Application granted granted Critical
Publication of CN112788016B publication Critical patent/CN112788016B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides an illegal user identification method, an illegal user identification device, electronic equipment and a storage medium, wherein the method comprises the following steps: acquiring an internet flow log of a home broadband user within a latest preset time; the network flow log comprises a family broadband user identifier, a communication protocol and a data length; according to the communication protocol and the data length included in the internet flow log of the home broadband user, counting the total data flow of the home broadband user and the data flow belonging to the voice call; and calculating the ratio of the data traffic belonging to the voice call to the total data traffic, and if the ratio is greater than a preset threshold, determining that the family broadband user is an illegal user. The invention can accurately identify the illegal user and has lower cost.

Description

Illegal user identification method and device, electronic equipment and storage medium
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method and an apparatus for identifying an illegal user, an electronic device, and a storage medium.
Background
The increasingly mature internet technology and the increasingly large internet scale provide society with a new life of "internet +". The internet brings convenience to the aspects of our lives, and various threats come after all. Lawbreakers are progressing with the times, and fraud patterns are in a great range, showing the development trend from "telephone fraud" to "telecommunication fraud", and the GOIP technology is widely applied to telecommunication fraud by criminals.
The GOIP equipment is a hardware equipment for network communication, supports the access of a mobile phone card, can convert traditional telephone signals into network signals, can be used for simultaneously operating hundreds of mobile phone SIM cards, can remotely control the SIM cards and the GOIP equipment which are not in the same place through a server, and sends out a telephone or a short message, thereby realizing the separation of the GOIP equipment and the SIM and achieving the purposes of hiding identities and avoiding attacks.
The telecom network fraud using the GOIP equipment is high in confusion and liquidity, interception and signal tracing can be controlled reversely, and the evidence obtaining difficulty is high, so that the difficulty of fighting fraud crimes by law enforcement departments is increased.
Disclosure of Invention
In view of the above, the present invention provides an illegal user identification method, an illegal user identification device, an electronic device, and a storage medium, which can accurately identify an illegal user and have a low cost.
In order to achieve the purpose, the invention provides the following technical scheme:
an illegal user identification method comprising:
acquiring an internet flow log of a home broadband user within a preset time length; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
according to the communication protocol and the data length included in the internet flow log of the home broadband user, counting the total data flow of the home broadband user and the data flow belonging to the voice call;
and calculating the ratio of the data traffic belonging to the voice call to the total data traffic, and if the ratio is greater than a preset threshold, determining that the family broadband user is an illegal user.
An illegal user identification device comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an internet traffic log of a home broadband user within a preset duration; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
the statistical unit is used for counting the total data traffic of the family broadband user and the data traffic belonging to the voice call according to the communication protocol and the data length included in the internet traffic log of the family broadband user;
and the decision unit is used for calculating the ratio of the data traffic belonging to the voice call to the total data traffic, and if the ratio is greater than a preset threshold value, determining that the family broadband user is an illegal user.
An electronic device, comprising: a processor and a memory;
the memory for storing one or more computer programs executable by the processor; the processor, when executing the one or more computer programs, performs the steps in the above-described illegal user identification method.
A non-transitory computer readable storage medium storing instructions that, when executed by a processor, cause the processor to perform the steps in the above-described illegal user identification method.
According to the technical scheme, after the internet traffic log of the home broadband user is obtained, the traffic proportion of the home broadband user belonging to the voice call is counted according to the internet traffic log of the home broadband user, and whether the home broadband user is an illegal user is judged according to the traffic proportion. According to the method and the device, the household broadband user with abnormal traffic ratio of the voice call can be determined as an illegal user by counting the traffic ratio of the household broadband user belonging to the voice call.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
FIG. 1 is a flow chart of an illegal user identification method according to an embodiment of the present invention;
FIG. 2 is a flowchart of an illegal user identification method according to a second embodiment of the present invention;
FIG. 3 is a flow chart of a third illegal user identification method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an illegal user identification device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of an illegal user identification method according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
step 101, obtaining an internet flow log of a home broadband user within a preset duration; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
in this embodiment, the preset time period may be the latest preset time period, for example, the latest 1 month.
102, according to a communication protocol and a data length included in an internet flow log of the home broadband user, counting total data flow of the home broadband user and data flow belonging to voice call;
step 103, calculating a ratio of data traffic belonging to the voice call to total data traffic, and if the ratio is greater than a preset threshold, determining that the home broadband user is an illegal user.
As can be seen from the method shown in fig. 1, in the embodiment of the present invention, the internet traffic log of the home broadband user within the preset duration is obtained, and the traffic proportion of the home broadband user belonging to the voice call is counted according to the internet traffic log of the home broadband user, so that the traffic proportion of the home broadband user belonging to the voice call in the internet traffic exceeds a certain threshold, and the home broadband user with an obvious abnormality is determined as an illegal user. Because the GOIP equipment is usually installed in a house and accessed to the network through the family broadband when an illegal user implements illegal behaviors through the GOIP equipment, the illegal user can remotely control the GOIP equipment to dial out or send short messages.
Referring to fig. 2, fig. 2 is a flowchart of an illegal user identification method according to a second embodiment of the present invention, as shown in fig. 2, the method includes the following steps:
step 201, obtaining an internet flow log of a home broadband user within a latest preset time duration from a DPI device; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
in this embodiment, the DPI device is deployed at a traffic outlet of a telecommunications carrier network, and is configured to perform traffic analysis on communication data passing through the traffic outlet of the telecommunications carrier network, and record an internet traffic log generated based on a traffic analysis result.
In this embodiment, the traffic outlet of the telecommunication operator network refers to a network interface in the telecommunication operator network for transmitting data to another network, and may specifically be an IDC outlet, a backbone outlet, a provincial network outlet, an provincial network outlet, and an outlet between provincial networks in the telecommunication operator network.
In this embodiment, the preset time period may be the latest preset time period, for example, the latest 1 month.
The above step 201 is a detailed refinement of step 101 shown in fig. 1.
Step 2021, counting the sum of data lengths in all internet traffic logs, and determining a statistical result as the total data traffic of the home broadband user;
step 2022, searching the internet traffic logs of which the communication protocol is the h.323 protocol or the SIP protocol in the internet traffic logs of the home broadband user, counting the sum of the data lengths in all the searched internet traffic logs, and determining the counted result as the data traffic of the home broadband user belonging to the voice call.
In this embodiment, the communication protocol includes: voice call protocols and non-voice call protocols; the voice call protocols include the h.323 protocol and the SIP protocol.
The above steps 2021 to 2022 are detailed refinements of the step 102 shown in fig. 1.
Step 203, calculating a ratio of data traffic belonging to the voice call to total data traffic, and if the ratio is greater than a preset threshold, determining that the home broadband user is an illegal user.
As can be seen from the method shown in fig. 2, in the embodiment of the present invention, the internet traffic log of the home broadband user within the preset duration is obtained from the DPI device deployed at the traffic outlet of the telecom operator network, and the traffic proportion of the home broadband user belonging to the voice call is counted according to the communication protocol and the data length in the internet traffic log of the home broadband user, so that the traffic proportion belonging to the voice call in the internet traffic exceeds a certain threshold, and the home broadband user with an abnormality is determined as an illegal user. Because the GOIP equipment is usually installed in a house and accessed to the network through the family broadband when an illegal user implements illegal behaviors through the GOIP equipment, the illegal user can remotely control the GOIP equipment to dial out or send short messages.
Referring to fig. 3, fig. 3 is a flowchart of a third illegal user identification method according to an embodiment of the present invention, as shown in fig. 3, the method includes the following steps:
301, obtaining an internet traffic log of a home broadband user within a preset time duration; the network flow log comprises a family broadband user identifier, a communication protocol and a data length; wherein the home broadband user identification can be represented by a home broadband user account.
In this embodiment, the preset time period may be the latest preset time period, for example, the latest 1 month.
Step 302, according to the communication protocol and data length included in the log of the internet traffic of the home broadband user, counting the total data traffic of the home broadband user and the data traffic belonging to the voice call;
step 303, calculating a ratio of data traffic belonging to the voice call to total data traffic, and if the ratio is greater than a preset threshold, determining that the home broadband user is an illegal user.
In this embodiment, after determining that the home broadband user is an illegal user, step 304 may be further performed to obtain registration information corresponding to the home broadband user account from the home broadband network service system, so as to assist law enforcement departments in finding the illegal user more conveniently.
Step 304, obtaining registration information corresponding to the family broadband user account from a family broadband network service system; the registration information includes a user name, a user number, and a user address.
As can be seen from the method shown in fig. 3, in the embodiment of the present invention, the internet traffic log of the home broadband user within the preset duration is obtained, and the traffic proportion of the home broadband user belonging to the voice call is counted according to the internet traffic log of the home broadband user, so that the traffic proportion of the voice call in the internet traffic exceeds a certain threshold, the home broadband user with an obvious abnormality is determined as an illegal user, and the registration information registered by the illegal user in the home broadband network service system is further obtained, thereby assisting law enforcement departments to find the illegal user more conveniently. Because the GOIP equipment is usually installed in a house and accessed to the network through the family broadband when an illegal user implements illegal behaviors through the GOIP equipment, the illegal user can remotely control the GOIP equipment to dial out or send short messages.
The above describes in detail the illegal user identification method provided by the embodiment of the present invention, and the embodiment of the present invention also provides an illegal user identification device, which is described in detail below with reference to fig. 4.
Referring to fig. 4, fig. 4 is a schematic structural diagram of an illegal user identification device according to an embodiment of the present invention, and as shown in fig. 4, the device includes:
an obtaining unit 401, configured to obtain an internet traffic log of a home broadband user within a latest preset duration; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
a counting unit 402, configured to count total data traffic of the home broadband user and data traffic belonging to a voice call according to a communication protocol and a data length included in an internet traffic log of the home broadband user;
a decision unit 403, configured to calculate a ratio between data traffic belonging to a voice call and total data traffic, and if the ratio is greater than a preset threshold, determine that the home broadband user is an illegal user.
In the arrangement shown in figure 4 of the drawings,
the acquiring unit 401 acquires the internet traffic log of the home broadband user within the latest preset duration, including:
obtaining an internet flow log of a home broadband user within a latest preset time duration from a DPI device; the DPI equipment is deployed at a flow outlet of a telecommunication operator network and used for carrying out flow analysis on communication data passing through the flow outlet of the telecommunication operator network and recording an internet flow log generated based on a flow analysis result.
In the arrangement shown in figure 4 of the drawings,
the communication protocol comprises: voice call protocols and non-voice call protocols; the voice call protocol comprises an H.323 protocol and an SIP protocol;
the counting unit 402 counts the total data traffic of the home broadband user and the data traffic belonging to the voice call according to the communication protocol and the data length included in the internet traffic log of the home broadband user, and includes:
counting the sum of data lengths in all internet flow logs, and determining a counting result as the total data flow of the household broadband user;
searching the internet traffic logs with the communication protocol of H.323 protocol or SIP protocol, counting the sum of the data lengths in all the searched internet traffic logs, and determining the counting result as the data traffic of the family broadband user belonging to the voice call.
In the arrangement shown in figure 4 of the drawings,
the home broadband user identification is a home broadband user account;
after determining that the home broadband user is an illegal user, the decision unit 403 further includes: acquiring registration information corresponding to a home broadband user account from a home broadband network service system; the registration information includes a user name, a user number, and a user address.
An embodiment of the present invention further provides an electronic device, as shown in fig. 5, where the electronic device includes: a processor 501 and a memory 502;
the memory 502 for storing one or more computer programs executable by the processor 501; the processor 501, when executing the one or more computer programs, implements the steps of the illegal user identification method as shown in any of the flowcharts of fig. 1-3.
Embodiments of the present invention also provide a non-transitory computer readable storage medium storing instructions that, when executed by a processor, cause the processor to perform the steps in the illegal user identification method as shown in any of the flowcharts of fig. 1-3.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method for identifying an unauthorized user, the method comprising:
acquiring an internet flow log of a home broadband user within a preset time length; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
according to the communication protocol and the data length included in the internet flow log of the home broadband user, counting the total data flow of the home broadband user and the data flow belonging to the voice call;
and calculating the ratio of the data traffic belonging to the voice call to the total data traffic, and if the ratio is greater than a preset threshold, determining that the family broadband user is an illegal user.
2. The method of claim 1,
the method for acquiring the internet flow logs of the family broadband users within the preset duration comprises the following steps:
obtaining an internet flow log of a home broadband user within a preset time duration from DPI equipment; the DPI equipment is deployed at a flow outlet of a telecommunication operator network and used for carrying out flow analysis on communication data passing through the flow outlet of the telecommunication operator network and recording an internet flow log generated based on a flow analysis result.
3. The method of claim 1,
the communication protocol comprises: voice call protocols and non-voice call protocols; the voice call protocol comprises an H.323 protocol and an SIP protocol;
according to the communication protocol and the data length included in the log of the internet traffic of the home broadband user, the method for counting the total data traffic of the home broadband user and the data traffic belonging to the voice call comprises the following steps:
counting the sum of data lengths in all internet flow logs, and determining a counting result as the total data flow of the household broadband user;
searching the internet traffic logs with the communication protocol of H.323 protocol or SIP protocol, counting the sum of the data lengths in all the searched internet traffic logs, and determining the counting result as the data traffic of the family broadband user belonging to the voice call.
4. The method of claim 1,
the home broadband user identification is a home broadband user account;
after determining that the home broadband user is an illegal user, the method further comprises the following steps: acquiring registration information corresponding to the home broadband network account from a home broadband network service system; the registration information includes a user name, a user number, and a user address.
5. An illegal user identification device, characterized in that the device comprises:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an internet traffic log of a home broadband user within a preset duration; the network flow log comprises a family broadband user identifier, a communication protocol and a data length;
the statistical unit is used for counting the total data traffic of the family broadband user and the data traffic belonging to the voice call according to the communication protocol and the data length included in the internet traffic log of the family broadband user;
and the decision unit is used for calculating the ratio of the data traffic belonging to the voice call to the total data traffic, and if the ratio is greater than a preset threshold value, determining that the family broadband user is an illegal user.
6. The apparatus of claim 5,
the acquiring unit acquires the internet access flow log of the home broadband user within a preset time duration, and includes:
obtaining an internet flow log of a home broadband user within a preset time duration from DPI equipment; the DPI equipment is deployed at a flow outlet of a telecommunication operator network and used for carrying out flow analysis on communication data passing through the flow outlet of the telecommunication operator network and recording an internet flow log generated based on a flow analysis result.
7. The apparatus of claim 6,
the communication protocol comprises: voice call protocols and non-voice call protocols; the voice call protocol comprises an H.323 protocol and an SIP protocol;
the statistical unit, according to communication protocol and data length that internet traffic log of the broadband user of said family included, count the total data traffic of the broadband user of said family and belong to the data traffic of the voice call, including:
counting the sum of data lengths in all internet flow logs, and determining a counting result as the total data flow of the household broadband user;
searching the internet traffic logs with the communication protocol of H.323 protocol or SIP protocol, counting the sum of the data lengths in all the searched internet traffic logs, and determining the counting result as the data traffic of the family broadband user belonging to the voice call.
8. The apparatus of claim 5,
the home broadband user identification is a home broadband user account;
after the determining unit determines that the home broadband user is an illegal user, the method further includes: acquiring registration information corresponding to a home broadband user account from a home broadband network service system; the registration information includes a user name, a user number, and a user address.
9. An electronic device, comprising: a processor and a memory;
the memory for storing one or more computer programs executable by the processor; the processor, when executing the one or more computer programs, implements the steps in the illegal user identification method according to any of claims 1-4.
10. A non-transitory computer readable storage medium storing instructions which, when executed by a processor, cause the processor to perform the steps in the illegal user identification method of any of claims 1-4.
CN202011623451.2A 2020-12-31 2020-12-31 Illegal user identification method and device, electronic equipment and storage medium Active CN112788016B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011623451.2A CN112788016B (en) 2020-12-31 2020-12-31 Illegal user identification method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011623451.2A CN112788016B (en) 2020-12-31 2020-12-31 Illegal user identification method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112788016A true CN112788016A (en) 2021-05-11
CN112788016B CN112788016B (en) 2023-04-18

Family

ID=75754420

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011623451.2A Active CN112788016B (en) 2020-12-31 2020-12-31 Illegal user identification method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112788016B (en)

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1756179A (en) * 2004-09-27 2006-04-05 华为技术有限公司 Method for preventing unlawful VoIP service in communication network
CN101035157A (en) * 2006-03-10 2007-09-12 北京中创信测科技股份有限公司 IP network based voice detection and control method and system
US20090007220A1 (en) * 2007-06-29 2009-01-01 Verizon Services Corp. Theft of service architectural integrity validation tools for session initiation protocol (sip)-based systems
JP2010161589A (en) * 2009-01-07 2010-07-22 Neikusu:Kk Caller's phone number acquiring device for call type fraud warning, method thereof, and call type fraud warning system
US20130260743A1 (en) * 2011-11-25 2013-10-03 Huawei Technologies Co., Ltd. Method and device for identifying very annoying people in mobile communication network
CN103873712A (en) * 2014-04-14 2014-06-18 中国人民解放军信息工程大学 VoIP gateway detection method and multi-core processing device
CN107231494A (en) * 2017-07-10 2017-10-03 北京亿赛通网络安全技术有限公司 A kind of acquisition methods of user communication characteristic, storage medium and electronic equipment
CN108156334A (en) * 2018-02-01 2018-06-12 天津市国瑞数码安全系统股份有限公司 A kind of control system that swindle scene is obtained based on internet
CN109429230A (en) * 2017-08-28 2019-03-05 中国移动通信集团浙江有限公司 A kind of communication swindle recognition methods and system
CN109995668A (en) * 2018-01-02 2019-07-09 中国移动通信有限公司研究院 Flow control methods and device, storage medium
WO2019144803A1 (en) * 2018-01-25 2019-08-01 中兴通讯股份有限公司 Traffic statistics method and apparatus, storage medium, and electronic apparatus
CN111278014A (en) * 2019-12-31 2020-06-12 中移(杭州)信息技术有限公司 Fraud prevention system, method, server and storage medium
WO2020134523A1 (en) * 2018-12-29 2020-07-02 中兴通讯股份有限公司 User identification method and device
CN111541645A (en) * 2020-03-24 2020-08-14 国家计算机网络与信息安全管理中心 VoIP service knowledge base construction method and system
CN111885270A (en) * 2020-07-09 2020-11-03 恒安嘉新(北京)科技股份公司 Abnormal communication detection method, device, equipment and storage medium

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1756179A (en) * 2004-09-27 2006-04-05 华为技术有限公司 Method for preventing unlawful VoIP service in communication network
CN101035157A (en) * 2006-03-10 2007-09-12 北京中创信测科技股份有限公司 IP network based voice detection and control method and system
US20090007220A1 (en) * 2007-06-29 2009-01-01 Verizon Services Corp. Theft of service architectural integrity validation tools for session initiation protocol (sip)-based systems
JP2010161589A (en) * 2009-01-07 2010-07-22 Neikusu:Kk Caller's phone number acquiring device for call type fraud warning, method thereof, and call type fraud warning system
US20130260743A1 (en) * 2011-11-25 2013-10-03 Huawei Technologies Co., Ltd. Method and device for identifying very annoying people in mobile communication network
CN103873712A (en) * 2014-04-14 2014-06-18 中国人民解放军信息工程大学 VoIP gateway detection method and multi-core processing device
CN107231494A (en) * 2017-07-10 2017-10-03 北京亿赛通网络安全技术有限公司 A kind of acquisition methods of user communication characteristic, storage medium and electronic equipment
CN109429230A (en) * 2017-08-28 2019-03-05 中国移动通信集团浙江有限公司 A kind of communication swindle recognition methods and system
CN109995668A (en) * 2018-01-02 2019-07-09 中国移动通信有限公司研究院 Flow control methods and device, storage medium
WO2019144803A1 (en) * 2018-01-25 2019-08-01 中兴通讯股份有限公司 Traffic statistics method and apparatus, storage medium, and electronic apparatus
CN108156334A (en) * 2018-02-01 2018-06-12 天津市国瑞数码安全系统股份有限公司 A kind of control system that swindle scene is obtained based on internet
WO2020134523A1 (en) * 2018-12-29 2020-07-02 中兴通讯股份有限公司 User identification method and device
CN111278014A (en) * 2019-12-31 2020-06-12 中移(杭州)信息技术有限公司 Fraud prevention system, method, server and storage medium
CN111541645A (en) * 2020-03-24 2020-08-14 国家计算机网络与信息安全管理中心 VoIP service knowledge base construction method and system
CN111885270A (en) * 2020-07-09 2020-11-03 恒安嘉新(北京)科技股份公司 Abnormal communication detection method, device, equipment and storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
刘红星等: "声纹识别和意图理解技术在电信诈骗检测中的应用研究", 《广东通信技术》 *
刘鹏: "VoIP安全技术研究", 《河南财政税务高等专科学校学报》 *
王啸虎: "浅析电信诈骗案件中VOIP技术关键设备的取证要点", 《网络安全技术与应用》 *

Also Published As

Publication number Publication date
CN112788016B (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN101426203B (en) Method and equipment for recognizing vicious disturbance call
CN111885270B (en) Abnormal communication detection method, device, equipment and storage medium
CN110839216B (en) Method and device for identifying communication information fraud
CN101686444A (en) System and method for detecting spam SMS sender number in real time
CN104639770A (en) Telephone reporting method, device and system based on mobile terminal
CN104219672A (en) Incoming call or message identification method and device
CN114168423A (en) Abnormal number calling monitoring method, device, equipment and storage medium
CN112788016B (en) Illegal user identification method and device, electronic equipment and storage medium
CN109587357B (en) Crank call identification method
CN108810289B (en) Internet label canceling method and device
CN109121137B (en) Method and device for identifying user number use type of double-card terminal
CN114374769B (en) Abnormal number acquisition method and device, server and storage medium
CN112688939B (en) Method and device for determining illegal organization information, electronic equipment and storage medium
CN107483700B (en) Method and device for identifying bad number
KR20150047378A (en) Device of blocking voice phishing calls
US11108914B2 (en) Method and system for revenue maximization in a communication network
CN113596260B (en) Abnormal telephone number detection method and electronic equipment
CN114189866A (en) Multi-card fraud detection method and device
CN112311933A (en) Sensitive information shielding method and system
CN112040068B (en) False international number identification method, device, equipment and readable storage medium
CN113286035B (en) Abnormal call detection method, device, equipment and medium
CN111064850A (en) System and method for realizing prevention, control and reminding of crank calls based on communication network
CN113965932A (en) Illegal user identification method, device and storage medium
CN111131626B (en) Group harmful call detection method and device based on stream data atlas and readable medium
KR102611390B1 (en) Phishing Detection System Using Voice Call and Text Trap Server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant