CN113099456B - Pseudo base station identification method, device, device and storage medium - Google Patents

Pseudo base station identification method, device, device and storage medium Download PDF

Info

Publication number
CN113099456B
CN113099456B CN202110520651.3A CN202110520651A CN113099456B CN 113099456 B CN113099456 B CN 113099456B CN 202110520651 A CN202110520651 A CN 202110520651A CN 113099456 B CN113099456 B CN 113099456B
Authority
CN
China
Prior art keywords
base station
terminal
base stations
uploaded
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110520651.3A
Other languages
Chinese (zh)
Other versions
CN113099456A (en
Inventor
李张铮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110520651.3A priority Critical patent/CN113099456B/en
Publication of CN113099456A publication Critical patent/CN113099456A/en
Application granted granted Critical
Publication of CN113099456B publication Critical patent/CN113099456B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本申请提供一种伪基站识别方法、装置、设备及存储介质,其中,该方法通过第一区块链接收终端上传的终端身份标识和基站的第一行为特征数据,并对终端进行身份验证,验证通过后,接收上述第一行为特征数据,进而确定基站的第二行为数据并发送至第二区块链,以使第二区块链基于上述第二行为数据,确定基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,该方法不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,该对终端进行身份验证,即确定终端为合法终端时才接收上报数据,保障上报数据的真实有效,防止非法终端上报伪造数据导致系统误判,将伪基站识别为正常基站。

Figure 202110520651

The present application provides a pseudo base station identification method, device, device and storage medium, wherein the method receives the terminal identification uploaded by the terminal and the first behavior characteristic data of the base station through the first blockchain, and performs identity verification on the terminal, After the verification is passed, the above-mentioned first behavior characteristic data is received, and then the second behavior data of the base station is determined and sent to the second blockchain, so that the second blockchain can determine whether the base station is a pseudo base station based on the above-mentioned second behavior data, There is no need for manual participation, time and manpower are saved, and pseudo base stations can be discovered in time. Moreover, the method not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, thereby improving the identification accuracy of the pseudo base station. In addition, the identity verification of the terminal is performed, that is, the reported data is received only when the terminal is determined to be a legitimate terminal, so as to ensure the authenticity and validity of the reported data, prevent the illegal terminal from reporting forged data and cause the system to misjudge, and identify the fake base station as a normal base station.

Figure 202110520651

Description

伪基站识别方法、装置、设备及存储介质Pseudo base station identification method, device, device and storage medium

技术领域technical field

本申请涉及通信技术领域,尤其涉及一种伪基站识别方法、装置、设备及存储介质。The present application relates to the field of communication technologies, and in particular, to a method, apparatus, device, and storage medium for identifying a pseudo base station.

背景技术Background technique

随着移动通信技术的不断发展,从2G时代到5G时代除了正规通信运营商的基站设备为用户终端提供合法服务外,社会上也出现了不少用于非法目的伪基站在干扰影响用户终端的正常使用。With the continuous development of mobile communication technology, from the 2G era to the 5G era, in addition to the regular communication operators' base station equipment providing legal services for user terminals, there have also been many pseudo base stations used for illegal purposes in the society that interfere with and affect user terminals. Normal use.

伪基站即假基站,一般由主机和笔记本电脑组成,通过短信群发器、短信发信机等相关设备能够捜取以其为中心、一定半径范围内的手机等终端信息,通过伪装成运营商的基站,冒用他人手机号码等信息强行向用户手机等终端发送诈骗、广告推销等短信息。此类设备运行时,用户终端信号被强制连接到该设备上,无法连接到公用电信网络,以致影响终端的正常使用,使用户无法正常使用正常业务。A pseudo base station is a fake base station, which is generally composed of a host computer and a laptop computer. Through SMS group senders, SMS transmitters and other related equipment, terminal information such as mobile phones within a certain radius can be obtained by disguising it as the operator. Base stations, fraudulently use other people's mobile phone numbers and other information to forcibly send short messages such as fraud and advertising to terminals such as users' mobile phones. When this type of equipment is running, the signal of the user terminal is forced to be connected to the equipment and cannot be connected to the public telecommunication network, which affects the normal use of the terminal and prevents the user from using normal services.

现有识别伪基站的方式主要依托于运营商的人工力量和相关部门的配合。若运营商在一段时间内发现很多无记录可查的垃圾短信投诉案例,则可初步判定为存在伪基站发送垃圾短信的行为。通过对重点区域的海量信令分析,发现伪基站大致位置(无线小区、街道)。但是这种识别伪基站的方法,耗费大量时间和人力,且无法及时发现伪基站,导致不法分子通过伪基站发送垃圾短信的事件时有发生,造成用户的经济损失,甚至人身伤害。The existing methods for identifying pseudo base stations mainly rely on the operator's manual force and the cooperation of relevant departments. If the operator finds a lot of unrecorded spam SMS complaint cases within a period of time, it can be preliminarily determined that there is a false base station sending spam SMS. The approximate location (wireless cell, street) of the pseudo base station is found by analyzing massive signaling in key areas. However, this method of identifying fake base stations consumes a lot of time and manpower, and it is impossible to detect fake base stations in time. As a result, criminals frequently send spam text messages through fake base stations, resulting in economic losses and even personal injury to users.

发明内容SUMMARY OF THE INVENTION

为解决现有技术中存在的问题,本申请提供一种伪基站识别方法、装置、设备及存储介质。In order to solve the problems existing in the prior art, the present application provides a pseudo base station identification method, apparatus, device and storage medium.

第一方面,本申请实施例提供一种伪基站识别方法,该方法应用于第一区块链,该方法包括如下步骤:In a first aspect, an embodiment of the present application provides a pseudo base station identification method, the method is applied to the first blockchain, and the method includes the following steps:

接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;Receive the ciphertext, the identity identifier and the first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by the terminal i is after the terminal i encrypts the identity identifier of the terminal i based on the assigned identity private key, In the obtained encrypted ciphertext, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2, . . . n, n is equal to the multiple the number of terminals;

根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,并基于所述身份公钥对所述终端i上传的密文进行解密;According to the identity identifier of the terminal i, determine the identity public key assigned to the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the identity public key;

若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据;If the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, receive the first behavior feature data uploaded by the terminal i, and summarize the preset time period according to the first behavior feature data uploaded by the terminal i The first behavior feature data uploaded by all connected terminals under multiple base stations in the system;

根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,并将所述多个基站的第二行为特征数据发送至第二区块链,以使所述第二区块链根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。Determine the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations, and send the second behavior feature data of the multiple base stations to the second block chain, so that the second block chain determines whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations.

在一种可能的实现方式中,所述根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,包括:In a possible implementation manner, the determining the identity public key allocated to the terminal i according to the identity of the terminal i includes:

获取预存的终端的身份标识与身份公钥的对应关系;Obtain the correspondence between the pre-stored terminal's identity identifier and the identity public key;

根据所述对应关系,确定所述终端i的身份标识对应的身份公钥。According to the corresponding relationship, the identity public key corresponding to the identity identifier of the terminal i is determined.

在一种可能的实现方式中,所述终端i上传的第一行为特征数据包括所述终端i已接入的基站的基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量;In a possible implementation manner, the first behavior feature data uploaded by the terminal i includes the base station identifier of the base station that the terminal i has accessed, the time of accessing the base station, the time of leaving the base station, the signal level of the base station, the voice call traffic and data traffic;

所述基站j的第二行为特征数据包括基站j的基站标识、平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量,其中,j=1,2,……m,m等于所述多个基站的数量;The second behavior characteristic data of the base station j includes the base station identifier of the base station j, the average dwell time, the number of base station terminal users, the average signal level of the base station, the generated base station voice traffic and the base station data traffic, where j=1 ,2,...m, m is equal to the number of the multiple base stations;

所述根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,包括:The determining of the second behavior characteristic data of the multiple base stations according to the first behavior characteristic data uploaded by all connected terminals under the multiple base stations includes:

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站标识,确定所述基站j的基站标识和基站终端用户数;Determine the base station identity of the base station j and the number of base station terminal users according to the base station identity of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的接入基站时间和离开基站时间,确定所述基站j的平均驻留时长;Determine the average dwell time of the base station j according to the time of accessing the base station and the time of leaving the base station uploaded by all the accessing terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站信号电平,确定所述基站j的基站信号平均电平;Determine the average base station signal level of the base station j according to the base station signal level of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的语音话务量和数据流量,确定所述基站j产生的基站语音话务量和基站数据流量。Determine the base station voice traffic and base station data traffic generated by the base station j according to the voice traffic and data traffic of the base stations to which the terminals have accessed uploaded by all connected terminals under the multiple base stations.

第二方面,本申请实施例提供另一种伪基站识别方法,该方法应用于第二区块链,该方法包括如下步骤:In a second aspect, an embodiment of the present application provides another pseudo base station identification method, the method is applied to the second blockchain, and the method includes the following steps:

接收第一区块链上传的多个基站的第二行为特征数据,所述多个基站的第二行为特征数据为所述第一区块链根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定的第二行为特征数据,所述多个基站下所有接入的终端上传的第一行为特征数据为所述第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,并根据终端i的身份标识,确定所述终端i被分配的身份公钥,基于所述身份公钥对所述终端i上传的密文进行解密后,若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总的预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;Receive second behavior characteristic data of multiple base stations uploaded by the first blockchain, where the second behavior characteristic data of the multiple base stations are uploaded by the first blockchain according to all connected terminals under the multiple base stations The first behavior feature data of the first behavioral feature data, the second behavioral feature data determined, the first behavioral feature data uploaded by all connected terminals under the multiple base stations are the ciphertexts uploaded by the first blockchain receiving multiple terminals, The identity identifier and the first behavior characteristic data, and according to the identity identifier of the terminal i, determine the identity public key assigned to the terminal i, and after decrypting the ciphertext uploaded by the terminal i based on the identity public key, if the decryption The identity identifier obtained later is consistent with the identity identifier of the terminal i, then the first behavior characteristic data uploaded by the terminal i is received, and according to the first behavior characteristic data uploaded by the terminal i, the aggregated preset time period The first behavioral feature data uploaded by all connected terminals under multiple base stations, wherein the ciphertext uploaded by terminal i is obtained after the terminal i encrypts the identity identifier of the terminal i based on the assigned identity private key. The encrypted ciphertext of , the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2,...n, n is equal to the multiple terminals quantity;

根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。According to the second behavior characteristic data of the multiple base stations, it is determined whether the multiple base stations are pseudo base stations.

在一种可能的实现方式中,所述根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站,包括:In a possible implementation manner, the determining whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations includes:

判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,其中,j=1,2,……m,m等于所述多个基站的数量;Judging whether the second behavior characteristic data of base station j satisfies a preset pseudo base station identification rule, where j=1, 2, ... m, m is equal to the number of the multiple base stations;

若所述基站j的第二行为特征数据满足所述预设的伪基站识别规则,则确定所述基站j为伪基站。If the second behavior characteristic data of the base station j satisfies the preset pseudo base station identification rule, the base station j is determined to be a pseudo base station.

在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:

接收终端发送的查询请求,所述查询请求携带待查询基站的标识;receiving a query request sent by the terminal, where the query request carries the identifier of the base station to be queried;

根据所述多个基站是否为伪基站的确定结果和所述待查询基站的标识,确定所述待查询基站是否为伪基站,并返回所述终端所述待查询基站的查询结果。Determine whether the base station to be queried is a pseudo base station according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried, and return the query result of the base station to be queried by the terminal.

第三方面,本申请实施例提供一种伪基站识别装置,所述装置应用于第一区块链,所述装置包括:In a third aspect, an embodiment of the present application provides a pseudo base station identification device, the device is applied to the first blockchain, and the device includes:

第一接收模块,用于接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;The first receiving module is used to receive the ciphertext, the identity identifier and the first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by terminal i is the pairing of the terminal i based on the assigned identity private key to the terminal i. The encrypted ciphertext obtained after encrypting the identity of the terminal i, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2,...n , n is equal to the number of the multiple terminals;

第一确定模块,用于根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,并基于所述身份公钥对所述终端i上传的密文进行解密;a first determining module, configured to determine the identity public key assigned to the terminal i according to the identity of the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the identity public key;

汇总模块,用于若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据;a summary module, configured to receive the first behavior characteristic data uploaded by the terminal i if the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, and according to the first behavior characteristic data uploaded by the terminal i, Summarize the first behavior feature data uploaded by all connected terminals under multiple base stations within a preset time period;

第二确定模块,用于根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,并将所述多个基站的第二行为特征数据发送至第二区块链,以使所述第二区块链根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。The second determining module is configured to determine the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations, and determine the second behavior feature data of the multiple base stations. The behavior characteristic data is sent to the second blockchain, so that the second blockchain determines whether the plurality of base stations are pseudo base stations according to the second behavior characteristic data of the plurality of base stations.

在一种可能的实现方式中,所述第一确定模块,具体用于:In a possible implementation manner, the first determining module is specifically used for:

获取预存的终端的身份标识与身份公钥的对应关系;Obtain the correspondence between the pre-stored terminal's identity identifier and the identity public key;

根据所述对应关系,确定所述终端i的身份标识对应的身份公钥。According to the corresponding relationship, the identity public key corresponding to the identity identifier of the terminal i is determined.

在一种可能的实现方式中,所述终端i上传的第一行为特征数据包括所述终端i已接入的基站的基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量;In a possible implementation manner, the first behavior feature data uploaded by the terminal i includes the base station identifier of the base station that the terminal i has accessed, the time of accessing the base station, the time of leaving the base station, the signal level of the base station, the voice call traffic and data traffic;

所述基站j的第二行为特征数据包括基站j的基站标识、平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量,其中,j=1,2,……m,m等于所述多个基站的数量。The second behavior characteristic data of the base station j includes the base station identifier of the base station j, the average dwell time, the number of base station terminal users, the average signal level of the base station, the generated base station voice traffic and the base station data traffic, where j=1 ,2,...m, m is equal to the number of the plurality of base stations.

所述第二确定模块,具体用于:The second determining module is specifically used for:

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站标识,确定所述基站j的基站标识和基站终端用户数;Determine the base station identity of the base station j and the number of base station terminal users according to the base station identity of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的接入基站时间和离开基站时间,确定所述基站j的平均驻留时长;Determine the average dwell time of the base station j according to the time of accessing the base station and the time of leaving the base station uploaded by all the accessing terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站信号电平,确定所述基站j的基站信号平均电平;Determine the average base station signal level of the base station j according to the base station signal level of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的语音话务量和数据流量,确定所述基站j产生的基站语音话务量和基站数据流量。Determine the base station voice traffic and base station data traffic generated by the base station j according to the voice traffic and data traffic of the base stations to which the terminals have accessed uploaded by all connected terminals under the multiple base stations.

第四方面,本申请实施例提供另一种伪基站识别装置,所述装置应用于第二区块链,所述装置包括:In a fourth aspect, an embodiment of the present application provides another pseudo base station identification device, the device is applied to the second blockchain, and the device includes:

第二接收模块,用于接收第一区块链上传的多个基站的第二行为特征数据,所述多个基站的第二行为特征数据为所述第一区块链根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定的第二行为特征数据,所述多个基站下所有接入的终端上传的第一行为特征数据为所述第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,并根据终端i的身份标识,确定所述终端i被分配的身份公钥,基于所述身份公钥对所述终端i上传的密文进行解密后,若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总的预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;The second receiving module is configured to receive the second behavior feature data of multiple base stations uploaded by the first blockchain, where the second behavior feature data of the multiple base stations is the first block chain according to the multiple base stations. The first behavior characteristic data uploaded by all the connected terminals under the base station, the second behavior characteristic data determined, and the first behavior characteristic data uploaded by all the connected terminals under the multiple base stations is the first block chain receiving multiple data. The ciphertext, identity identifier and first behavior feature data uploaded by each terminal, and according to the identity identifier of terminal i, determine the identity public key assigned to the terminal i, and based on the identity public key, the encrypted password uploaded by the terminal i is determined. After the document is decrypted, if the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, then receive the first behavior characteristic data uploaded by the terminal i, and according to the first behavior characteristic data uploaded by the terminal i, The first behavioral feature data uploaded by all connected terminals under a plurality of base stations within the aggregated preset time period, wherein the ciphertext uploaded by terminal i is the ciphertext uploaded by terminal i based on the assigned identity private key to the terminal i. After the identity identifier is encrypted, the obtained encrypted ciphertext, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2,...n, n is equal to the number of the plurality of terminals;

第三确定模块,用于根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。The third determining module is configured to determine whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations.

在一种可能的实现方式中,所述第三确定模块,具体用于:In a possible implementation manner, the third determining module is specifically used for:

判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,其中,j=1,2,……m,m等于所述多个基站的数量;Judging whether the second behavior characteristic data of base station j satisfies a preset pseudo base station identification rule, where j=1, 2, ... m, m is equal to the number of the multiple base stations;

若所述基站j的第二行为特征数据满足所述预设的伪基站识别规则,则确定所述基站j为伪基站。If the second behavior characteristic data of the base station j satisfies the preset pseudo base station identification rule, the base station j is determined to be a pseudo base station.

在一种可能的实现方式中,所述第二接收模块还用于:In a possible implementation manner, the second receiving module is further configured to:

接收终端发送的查询请求,所述查询请求携带待查询基站的标识;receiving a query request sent by the terminal, where the query request carries the identifier of the base station to be queried;

根据所述多个基站是否为伪基站的确定结果和所述待查询基站的标识,确定所述待查询基站是否为伪基站,并返回所述终端所述待查询基站的查询结果。Determine whether the base station to be queried is a pseudo base station according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried, and return the query result of the base station to be queried by the terminal.

第五方面,本申请实施例提供一种伪基站识别设备,包括:In a fifth aspect, an embodiment of the present application provides a pseudo base station identification device, including:

处理器;processor;

存储器;以及memory; and

计算机程序;Computer program;

其中,所述计算机程序被存储在所述存储器中,并且被配置为由所述处理器执行,所述计算机程序包括用于执行如第一方面所述的方法的指令。Wherein the computer program is stored in the memory and configured to be executed by the processor, the computer program comprising instructions for performing the method of the first aspect.

第六方面,本申请实施例提供一种伪基站识别设备,包括:In a sixth aspect, an embodiment of the present application provides a pseudo base station identification device, including:

处理器;processor;

存储器;以及memory; and

计算机程序;Computer program;

其中,所述计算机程序被存储在所述存储器中,并且被配置为由所述处理器执行,所述计算机程序包括用于执行如第二方面所述的方法的指令。Wherein the computer program is stored in the memory and configured to be executed by the processor, the computer program comprising instructions for performing the method of the second aspect.

第七方面,本申请实施例提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序使得服务器执行第一方面所述的方法。In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program causes a server to execute the method described in the first aspect.

第八方面,本申请实施例提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序使得服务器执行第二方面所述的方法。In an eighth aspect, an embodiment of the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program causes a server to execute the method of the second aspect.

第九方面,本申请实施例提供一种计算机程序产品,包括计算机指令,所述计算机指令被处理器执行第一方面所述的方法。In a ninth aspect, embodiments of the present application provide a computer program product, including computer instructions, where the computer instructions are executed by a processor to execute the method of the first aspect.

第十方面,本申请实施例提供一种计算机程序产品,包括计算机指令,所述计算机指令被处理器执行第二方面所述的方法。In a tenth aspect, embodiments of the present application provide a computer program product, including computer instructions, where the computer instructions are executed by a processor to execute the method of the second aspect.

本申请实施例提供的伪基站识别方法、装置、设备及存储介质,该方法通过第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,其中,该密文为终端基于被分配的身份私钥对终端的身份标识进行加密后,获得的密文,然后第一区块链根据终端的身份标识,确定终端被分配的身份公钥,并基于该身份公钥对上述密文进行解密,如果解密后得到的身份标识与上述身份标识一致,则接收终端上传的第一行为特征数据,从而汇总出预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,进而确定多个基站的第二行为特征数据发送至第二区块链,以使第二区块链根据第二行为特征数据,确定多个基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,本申请实施例不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,本申请实施例在解密后得到的身份标识与上述身份标识一致时,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。In the pseudo base station identification method, device, device, and storage medium provided in the embodiments of the present application, the method receives, through the first blockchain, ciphertext, identity identifiers, and first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext is After the terminal encrypts the identity of the terminal based on the assigned identity private key, the obtained ciphertext, and then the first blockchain determines the assigned public key of the terminal according to the identity of the terminal, and based on the identity public key pair The above-mentioned ciphertext is decrypted, and if the identity identifier obtained after decryption is consistent with the above-mentioned identity identifier, the first behavior characteristic data uploaded by the terminal is received, so as to summarize the first data uploaded by all the terminals connected to multiple base stations within the preset time period. One behavior feature data, and then determine that the second behavior feature data of multiple base stations is sent to the second blockchain, so that the second blockchain can determine whether the multiple base stations are pseudo base stations according to the second behavior feature data. Participate, save time and manpower, and be able to detect pseudo base stations in time. Moreover, the embodiment of the present application not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, in the embodiment of the present application, when the identity identifier obtained after decryption is consistent with the above-mentioned identity identifier, that is, it is determined that the terminal is a legitimate terminal before receiving the reported data, which ensures the authenticity and effectiveness of the reported data, and prevents the illegal terminal from reporting forged data and causing system errors. Then, identify the pseudo base station as a normal base station.

附图说明Description of drawings

为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the following briefly introduces the accompanying drawings required for the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments of the present application, and for those of ordinary skill in the art, other drawings can also be obtained from these drawings without any creative effort.

图1为本申请实施例提供的伪基站识别系统架构示意图;FIG. 1 is a schematic diagram of the architecture of a pseudo base station identification system provided by an embodiment of the present application;

图2为本申请实施例提供的一种伪基站识别方法的流程示意图;2 is a schematic flowchart of a method for identifying a pseudo base station according to an embodiment of the present application;

图3为本申请实施例提供的另一种伪基站识别方法的流程示意图;3 is a schematic flowchart of another pseudo base station identification method provided by an embodiment of the present application;

图4为本申请实施例提供的再一种伪基站识别方法的流程示意图;FIG. 4 is a schematic flowchart of still another pseudo base station identification method provided by an embodiment of the present application;

图5为本申请实施例提供的一种伪基站识别装置的结构示意图;FIG. 5 is a schematic structural diagram of an apparatus for identifying a pseudo base station according to an embodiment of the present application;

图6为本申请实施例提供的另一种伪基站识别装置的结构示意图;FIG. 6 is a schematic structural diagram of another pseudo base station identification device provided by an embodiment of the present application;

图7A为本申请提供的一种伪基站识别设备的基本硬件架构示意图;7A is a schematic diagram of a basic hardware architecture of a pseudo base station identification device provided by the present application;

图7B为本申请提供的另一种伪基站识别设备的基本硬件架构示意图。FIG. 7B is a schematic diagram of the basic hardware architecture of another pseudo base station identification device provided by the present application.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”及“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的本申请的实施例能够以除了在这里图示或描述的那些以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third" and "fourth", etc. (if any) in the description and claims of the present application and the above-mentioned drawings are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It is to be understood that data so used may be interchanged under appropriate circumstances so that the embodiments of the application described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having" and any variations thereof, are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those expressly listed Rather, those steps or units may include other steps or units not expressly listed or inherent to these processes, methods, products or devices.

现有识别伪基站的方式主要依托于运营商的人工力量和相关部门的配合。若运营商在一段时间内发现很多无记录可查的垃圾短信投诉案例,则可初步判定为存在伪基站发送垃圾短信的行为。通过对重点区域的海量信令分析,发现伪基站大致位置(无线小区、街道)。但是这种识别伪基站的方法,耗费大量时间和人力,且无法及时发现伪基站,导致不法分子通过伪基站发送垃圾短信的事件时有发生,造成用户的经济损失,甚至人身伤害。The existing methods for identifying pseudo base stations mainly rely on the operator's manual force and the cooperation of relevant departments. If the operator finds a lot of unrecorded spam SMS complaint cases within a period of time, it can be preliminarily determined that there is a false base station sending spam SMS. The approximate location (wireless cell, street) of the pseudo base station is found by analyzing massive signaling in key areas. However, this method of identifying fake base stations consumes a lot of time and manpower, and it is impossible to detect fake base stations in time. As a result, criminals frequently send spam text messages through fake base stations, resulting in economic losses and even personal injury to users.

为了解决上述问题,现有提供一种自动识别伪基站的技术,通过用户终端将查询请求发送至基站数据库,基站数据库根据查询请求,对预设的合法基站数据库进行遍历,得到与查询请求对应的合法基站集合,并将合法基站集合发送至用户终端,用户终端将其当前连接的当前基站与合法基站集合进行匹配,当当前基站与合法基站集合不匹配时,则用户终端从合法基站集合中选择任一基站进行连接。In order to solve the above problems, a technology for automatically identifying pseudo base stations is provided in the prior art. A query request is sent to a base station database through a user terminal. Set of legal base stations, and send the set of legal base stations to the user terminal. The user terminal matches the current base station it is currently connected to with the set of legal base stations. When the current base station does not match the set of legal base stations, the user terminal selects from the set of legal base stations. connect to any base station.

然而,上述技术识别伪基站仅使用基站信息包括该基站的标识、基站的终端设备号等信息,无法避免伪基站有可能伪造盗用这些身份信息,导致终端识别错误。而且,上述技术依赖于现有的基站数据库中的基站数据,若该数据库出现异常或数据错误,则会对终端的正常接入造成影响。However, the above technologies only use the base station information including the identity of the base station, the terminal equipment number of the base station and other information to identify the pseudo base station. Moreover, the above technology relies on the base station data in the existing base station database. If the database is abnormal or has data errors, the normal access of the terminal will be affected.

因此,本申请实施例提出一种伪基站识别方法,可以通过第一区块链接收终端上传的终端身份标识和基站的第一行为特征数据,并对终端进行身份验证,验证通过后,接收上述基站的第一行为特征数据,并基于该第一行为特征数据,确定基站的第二行为数据并发送至第二区块链,以使第二区块链基于上述第二行为数据,确定基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,本申请实施例不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,本申请实施例对终端进行身份验证,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。Therefore, an embodiment of the present application proposes a pseudo base station identification method, which can receive the terminal identity identifier uploaded by the terminal and the first behavior characteristic data of the base station through the first blockchain, and perform identity verification on the terminal. The first behavior characteristic data of the base station, and based on the first behavior characteristic data, determine the second behavior data of the base station and send it to the second blockchain, so that the second blockchain can determine whether the base station is based on the second behavior data. It is a pseudo base station, which does not need manual participation, saves time and manpower, and can discover the pseudo base station in time. Moreover, the embodiment of the present application not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, the embodiment of the present application performs identity verification on the terminal, that is, only when it is determined that the terminal is a legitimate terminal, the reported data is received, which ensures the authenticity and validity of the reported data, prevents the illegal terminal from reporting forged data and causes the system to misjudge, and identifies the pseudo base station as normal. base station.

可选地,本申请提供的一种伪基站识别方法,可以适用于图1所示的伪基站识别系统架构示意图,如图1所示,该系统可以包括第一区块链11、第二区块链12和多个终端,这里,该多个终端以第一终端13、第二终端14和第三终端15为例。Optionally, a pseudo base station identification method provided by the present application can be applied to the schematic diagram of the pseudo base station identification system shown in FIG. 1 . As shown in FIG. 1 , the system may include a first blockchain 11 , a second area The block chain 12 and multiple terminals, here, the multiple terminals take the first terminal 13 , the second terminal 14 and the third terminal 15 as examples.

可以理解的是,本申请实施例示意的结构并不构成对伪基站识别系统架构的具体限定。在本申请另一些可行的实施方式中,上述架构可以包括比图示更多或更少的部件,或者组合某些部件,或者拆分某些部件,或者不同的部件布置,具体可根据实际应用场景确定,在此不做限制。图1所示的部件可以以硬件,软件,或软件与硬件的组合实现。It can be understood that the structures illustrated in the embodiments of the present application do not constitute a specific limitation on the architecture of the pseudo base station identification system. In some other feasible embodiments of the present application, the above architecture may include more or less components than shown in the figure, or combine some components, or separate some components, or arrange different components, depending on the actual application. The scene is determined, and there is no restriction here. The components shown in Figure 1 may be implemented in hardware, software, or a combination of software and hardware.

在具体实现过程中,本申请实施例中第一终端13、第二终端14和第三终端15可以分别为不同用户的终端设备,例如第一终端13为用户1的终端设备,第二终端14为用户2的终端设备,第三终端15为用户3的终端设备,第一终端13发送上述第一终端的身份标识和第一行为特征数据至第一区块链11,第二终端14发送第二终端的身份标识和第一行为特征数据至第一区块链11,第三终端15发送第三终端的身份标识和第一行为特征数据至第一区块链11。在上述应用场景中,用户(例如用户1、用户2和用户3)可以登录终端应用程序(Application,APP),获取终端的身份标识和终端已接入的基站的第一行为特征数据,并将获取的数据发送至第一区块链11。第一区块链11对终端(例如上述第一终端13、第二终端14和第三终端15)进行身份验证,验证通过后,接收基站的第一行为特征数据,并基于该第一行为特征数据,确定基站的第二行为数据并发送至第二区块链12。第二区块链12基于上述第二行为数据,确定基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,上述确定过程中不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,第一区块链对终端进行身份验证,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。In the specific implementation process, in this embodiment of the present application, the first terminal 13 , the second terminal 14 and the third terminal 15 may be terminal devices of different users, respectively, for example, the first terminal 13 is the terminal device of user 1 , and the second terminal 14 It is the terminal device of user 2, the third terminal 15 is the terminal device of user 3, the first terminal 13 sends the above-mentioned first terminal's identity identifier and the first behavior characteristic data to the first blockchain 11, and the second terminal 14 sends the first The identification of the second terminal and the characteristic data of the first behavior are sent to the first blockchain 11 , and the third terminal 15 sends the identification of the third terminal and the characteristic data of the first behavior to the first blockchain 11 . In the above application scenario, users (such as user 1, user 2, and user 3) can log in to the terminal application (Application, APP), obtain the identity of the terminal and the first behavior characteristic data of the base station to which the terminal has accessed, and use the The acquired data is sent to the first blockchain 11 . The first blockchain 11 performs identity verification on the terminals (for example, the above-mentioned first terminal 13, second terminal 14 and third terminal 15). After the verification is passed, it receives the first behavior characteristic data of the base station, and based on the first behavior characteristic data, determine the second behavior data of the base station and send it to the second blockchain 12 . The second blockchain 12 determines whether the base station is a pseudo base station based on the above-mentioned second behavior data, in which no manual participation is required, time and manpower are saved, and the pseudo base station can be discovered in time. Moreover, in the above determination process, not only the terminal identity but also the behavior characteristic data of the base station is used to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, the first blockchain verifies the identity of the terminal, that is, it only receives the reported data when it is determined that the terminal is a legitimate terminal, which ensures the authenticity and validity of the reported data, and prevents the illegal terminal from reporting forged data resulting in misjudgment by the system, and the pseudo base station is identified as normal base station.

在本申请实施例中,上述各终端可以为手持设备、车载设备、可穿戴设备、计算设备,以及各种形式的用户设备(User Equipment,UE)等安装有伪基站识别功能APP的设备。In the embodiments of the present application, the above-mentioned terminals may be handheld devices, vehicle-mounted devices, wearable devices, computing devices, and various forms of user equipment (User Equipment, UE) and other devices installed with a pseudo base station identification function APP.

另外,本申请实施例描述的系统架构以及业务场景是为了更加清楚的说明本申请实施例的技术方案,并不构成对于本申请实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请实施例提供的技术方案对于类似的技术问题,同样适用。In addition, the system architecture and business scenarios described in the embodiments of the present application are for the purpose of illustrating the technical solutions of the embodiments of the present application more clearly, and do not constitute limitations on the technical solutions provided by the embodiments of the present application. With the evolution of the network architecture and the emergence of new service scenarios, the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems.

下面以几个实施例为例对本申请的技术方案进行描述,对于相同或相似的概念或过程可能在某些实施例不再赘述。The technical solutions of the present application are described below by taking several embodiments as examples, and the same or similar concepts or processes may not be repeated in some embodiments.

图2为本申请实施例提供了一种伪基站识别方法的流程示意图,本实施例的执行主体可以为图1所示实施例中的第一区块链,如图2所示,该方法可以包括:FIG. 2 provides a schematic flowchart of a pseudo base station identification method according to an embodiment of the present application. The execution subject of this embodiment may be the first blockchain in the embodiment shown in FIG. 1 . As shown in FIG. 2 , the method may be include:

S201:接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为终端i基于被分配的身份私钥对终端i的身份标识进行加密后,获得的加密密文,终端i上传的第一行为特征数据为终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于上述多个终端的数量。S201: Receive ciphertext, identity identifiers and first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by terminal i is obtained after terminal i encrypts the identity identifier of terminal i based on the assigned identity private key Encrypted ciphertext, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2, . . . n, n is equal to the number of the above-mentioned multiple terminals.

这里,运营商服务器可以为每个合法终端用户分配唯一的身份公钥、身份私钥对和身份标识,并将该身份公钥和身份标识存储到第一区块链。Here, the operator server can assign a unique identity public key, identity private key pair and identity identifier to each legal end user, and store the identity public key and identity identifier in the first blockchain.

示例性的,运营商服务器在每个终端入网时可以分配给终端唯一的身份公钥和身份私钥。其中,运营商服务器可以利用非对称加密算法,例如是RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等,生成上述公钥私钥对。运营商服务器还可以将终端的身份公钥和身份标识打包作为终端区块的一部分加入到第一区块链中。Exemplarily, the operator server may assign a unique identity public key and identity private key to each terminal when each terminal accesses the network. Wherein, the operator server may use an asymmetric encryption algorithm, such as RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc., to generate the above public key and private key pair. The operator server may also package the identity public key and identity of the terminal as part of the terminal block and add it to the first blockchain.

这里,第一区块链的作用是存储每个终端数据的区块,每个区块可以包含终端的身份公钥、身份标识及第一行为特征数据。Here, the function of the first blockchain is to store the block of each terminal data, and each block may contain the terminal's identity public key, identity identifier and first behavior characteristic data.

另外,终端i上传的第一行为特征数据可以包括终端i已接入的基站的基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量等。In addition, the first behavior feature data uploaded by the terminal i may include the base station identifier of the base station that the terminal i has accessed, the time of accessing the base station, the time of leaving the base station, the signal level of the base station, the volume of voice traffic and data traffic, and the like.

终端i接入基站后,终端i可以采集驻留基站的基站标识,基站标识可以是基站编号、基站设备序列号等。接入基站时间指的是终端i重选或切换入该基站的时间戳。离开基站时间指的是终端i重选或切换出该基站的时间戳。基站信号电平指的是终端i接收到基站发出的信号的电平,比如3G网络的接收信号码功率(Received Signal Code Power,RSCP)或4G网络的参考信号接收功率(Reference Signal Receiving Power,RSRP)。语音话务量指的是终端i在基站驻留期间发起语音通话产生的话务量。数据流量指的是终端i在基站驻留期间发起的数据业务产生的流量。终端驻留时长指的是终端i接入基站到终端i离开基站的时间间隔。终端i每次离开驻留基站后,可以将上述基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量等数据打包,生成第一行为特征数据,准备上传第一区块链。After the terminal i accesses the base station, the terminal i can collect the base station identifier of the resident base station, and the base station identifier may be the base station number, the serial number of the base station equipment, and the like. The access time to the base station refers to the time stamp when the terminal i reselection or handover to the base station. The time of leaving the base station refers to the time stamp at which the terminal i reselection or handover out of the base station. The signal level of the base station refers to the level at which the terminal i receives the signal sent by the base station, such as the received signal code power (Received Signal Code Power, RSCP) of the 3G network or the Reference Signal Receiving Power (RSRP) of the 4G network ). The voice traffic refers to the traffic generated by the voice call initiated by the terminal i during the camping period of the base station. The data traffic refers to the traffic generated by the data service initiated by the terminal i during the base station camping period. The terminal dwell time refers to the time interval from when terminal i accesses the base station to when terminal i leaves the base station. Each time the terminal i leaves the resident base station, it can package the above-mentioned base station identification, access time to the base station, time to leave the base station, base station signal level, voice traffic and data traffic, etc., to generate the first behavior characteristic data, ready to upload The first blockchain.

S202:根据终端i的身份标识,确定终端i被分配的身份公钥,并基于该身份公钥对终端i上传的密文进行解密。S202: According to the identity identifier of the terminal i, determine the identity public key allocated to the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the identity public key.

这里,第一区块链在接收多个终端上传的密文、身份标识和第一行为特征数据后,为了防止伪基站使用非法终端上报伪造的第一行为特征数据,终端在向第一区块链发起数据上传请求时需要向第一区块链验证自己是合法终端。即第一区块链获取预存的终端的身份标识与身份公钥的对应关系,进而,根据该对应关系,确定终端i的身份标识对应的身份公钥,从而,基于该身份公钥对终端i上传的密文进行解密,判断解密后得到的身份标识与终端i的身份标识是否一致。如果一致,则第一区块链确定上述终端为运营商合法终端,第一区块链接收上述终端上传的第一行为特征数据,否则,确定为非法终端,第一区块链不接收该终端上传的数据。Here, after the first blockchain receives the ciphertext, identity identifier and first behavior feature data uploaded by multiple terminals, in order to prevent the pseudo base station from using the illegal terminal to report the forged first behavior feature data, the terminal sends the first block chain to the first block chain. When the chain initiates a data upload request, it needs to verify to the first blockchain that it is a legitimate terminal. That is, the first blockchain obtains the pre-stored correspondence between the terminal's identity and the identity public key, and then, according to the correspondence, determines the identity public key corresponding to the identity of the terminal i, and thus, based on the identity public key, determines the identity public key of the terminal i. The uploaded ciphertext is decrypted, and it is judged whether the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i. If they are consistent, the first blockchain determines that the terminal is a legitimate terminal of the operator, and the first blockchain receives the first behavior feature data uploaded by the terminal; otherwise, it is determined to be an illegal terminal, and the first blockchain does not accept the terminal uploaded data.

S203:若解密后得到的身份标识与终端i的身份标识一致,则接收终端i上传的第一行为特征数据,并根据终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据。S203: If the identity identifier obtained after decryption is consistent with the identity identifier of terminal i, receive the first behavior feature data uploaded by terminal i, and summarize multiple base stations within a preset time period according to the first behavior feature data uploaded by terminal i The first behavior feature data uploaded by all connected terminals.

如果解密后得到的身份标识与终端i的身份标识一致,上述终端为运营商合法终端,第一区块链接收终端i上传的第一行为特征数据,进而,根据接收的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据。If the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, the above-mentioned terminal is a legitimate terminal of the operator, and the first blockchain receives the first behavior characteristic data uploaded by the terminal i, and then, according to the received first behavior characteristic data, The first behavior feature data uploaded by all connected terminals under multiple base stations within a preset time period is aggregated.

其中,预设时间段可以根据实际情况确定,本申请实施例对此不做特别限制。The preset time period may be determined according to the actual situation, which is not particularly limited in this embodiment of the present application.

S204:根据上述多个基站下所有接入的终端上传的第一行为特征数据,确定上述多个基站的第二行为特征数据,并将上述多个基站的第二行为特征数据发送至第二区块链,以使第二区块链根据上述多个基站的第二行为特征数据,确定上述多个基站是否为伪基站。S204: Determine the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations, and send the second behavior feature data of the multiple base stations to the second area block chain, so that the second block chain determines whether the plurality of base stations are pseudo base stations according to the second behavior characteristic data of the plurality of base stations.

其中,基站j的第二行为特征数据包括基站j的基站标识、平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量,其中,j=1,2,……m,m等于上述多个基站的数量。Wherein, the second behavior characteristic data of base station j includes base station identity of base station j, average dwell time, number of base station terminal users, base station signal average level, generated base station voice traffic and base station data traffic, where j=1 ,2,...m, m is equal to the number of the above-mentioned multiple base stations.

这里,第一区块链在汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据后,可以基于该第一行为特征数据,确定上述多个基站的第二行为特征数据。例如第一区块链可以根据上述多个基站下所有接入的终端上传的终端已接入的基站的基站标识,确定基站j的基站标识和基站终端用户数,根据上述多个基站下所有接入的终端上传的接入基站时间和离开基站时间,确定基站j的平均驻留时长,根据上述多个基站下所有接入的终端上传的终端已接入的基站的基站信号电平,确定基站j的基站信号平均电平,根据上述多个基站下所有接入的终端上传的终端已接入的基站的语音话务量和数据流量,确定基站j产生的基站语音话务量和基站数据流量等。Here, after aggregating the first behavior feature data uploaded by all connected terminals under multiple base stations within a preset time period, the first blockchain can determine the second behavior of the above-mentioned multiple base stations based on the first behavior feature data characteristic data. For example, the first blockchain can determine the base station identity of base station j and the number of base station terminal users according to the base station identity of the base station to which the terminal has accessed uploaded by all connected terminals under the above-mentioned multiple base stations. According to the time of accessing the base station and the time of leaving the base station uploaded by the incoming terminal, the average dwell time of base station j is determined. The average level of the base station signal of j, according to the voice traffic and data traffic of the base station that the terminal has accessed uploaded by all the connected terminals under the above-mentioned multiple base stations, determine the base station voice traffic and base station data traffic generated by the base station j Wait.

第一区块链在确定上述多个基站的第二行为特征数据后,可以将上述多个基站的第二行为特征数据发送至第二区块链。第二区块链可以判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,如果基站j的第二行为特征数据满足上述预设的伪基站识别规则,则确定基站j为伪基站。After determining the second behavior characteristic data of the plurality of base stations, the first blockchain may send the second behavior characteristic data of the plurality of base stations to the second blockchain. The second blockchain can determine whether the second behavior characteristic data of base station j satisfies the preset pseudo base station identification rules, and if the second behavior characteristic data of base station j satisfies the above preset pseudo base station identification rules, then determine that base station j is pseudo base station base station.

其中,上述预设的伪基站识别规则可以根据实际情况确定,例如当平均驻留时长小于1分钟、基站终端用户数大于500个、基站信号平均电平大于-90dBm、产生的基站语音话务量低于0.01爱尔兰且基站数据流量低于50MB时可以判断为伪基站。The above preset pseudo base station identification rules can be determined according to the actual situation, for example, when the average dwell time is less than 1 minute, the number of base station terminal users is greater than 500, the average signal level of the base station is greater than -90dBm, and the generated base station voice traffic When it is lower than 0.01 Ireland and the data traffic of the base station is lower than 50MB, it can be judged as a pseudo base station.

示例性的,上述第二区块链可以使用机器学习的分类算法进行分析,收集已知的伪基站和正常基站的平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量等行为特征样本,将每个样本打上伪基站正负样本标签进行机器学习模型训练。这里使用的机器学习模型可以是最邻近分类算法(K-Nearest Neighbor,KNN)、支持向量机(Support Vector Machine,SVM)、逻辑回归或神经网络模型。模型训练好后,将上述第二行为特征数据为特征样本输入模型进行预测,得到伪基站识别结果。Exemplarily, the above-mentioned second blockchain can be analyzed using a machine learning classification algorithm to collect the known average residence time of pseudo base stations and normal base stations, the number of base station terminal users, the average signal level of the base station, and the generated base station voice. For behavioral feature samples such as traffic volume and base station data traffic, each sample is labeled with positive and negative samples of pseudo base station for machine learning model training. The machine learning model used here can be the nearest neighbor classification algorithm (K-Nearest Neighbor, KNN), support vector machine (Support Vector Machine, SVM), logistic regression or neural network model. After the model is trained, the above-mentioned second behavior characteristic data is input into the model as a characteristic sample for prediction, and a pseudo base station identification result is obtained.

另外,上述第二区块链在确定上述多个基站是否为伪基站以后,为了方便后续处理,可以添加伪基站判断标识,例如伪基站判断标识为1表示伪基站,0表示非伪基站。In addition, after the second blockchain determines whether the plurality of base stations are pseudo base stations, a pseudo base station judgment identifier may be added to facilitate subsequent processing. For example, a pseudo base station judgment identifier of 1 indicates a pseudo base station, and 0 indicates a non-pseudo base station.

这里,第二区块链的作用是存储每个基站数据的区块,每个区块可以包含每个基站的第二行为特征数据和伪基站判断标识。第二区块链可以将收到的第二行为特征数据添加一个伪基站判断标识后生成一个新基站区块加入第二区块链,其中伪基站判断标识为1表示伪基站,0表示非伪基站。Here, the role of the second block chain is to store the block of data of each base station, and each block may contain the second behavior characteristic data of each base station and the judgment identifier of the pseudo base station. The second blockchain can add a pseudo base station judgment identifier to the received second behavior characteristic data, and then generate a new base station block and add it to the second blockchain, where the pseudo base station judgment identification is 1 for pseudo base station, and 0 for non-pseudo base station. base station.

终端在接入基站前,可以发送查询请求至第二区块链,查询第二区块链上是否存在上述接入基站信息且该基站的伪基站判断标识为0,若是,则接入;否则,不接入。Before accessing the base station, the terminal can send a query request to the second blockchain to query whether the above-mentioned access base station information exists on the second blockchain and the pseudo base station judgment identifier of the base station is 0, if yes, then access; otherwise , do not access.

这里,本申请实施例通过第一区块链和第二区块链,实现了终端链和基站链两条行为特征链,保障了每个基站行为特征的可回溯性和可信度,及时筛选识别伪基站。Here, the embodiment of the present application realizes two behavior feature chains of the terminal chain and the base station chain through the first blockchain and the second blockchain, ensuring the traceability and credibility of the behavior characteristics of each base station, and timely screening Identify pseudo base stations.

本申请实施例通过第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,其中,该密文为终端基于被分配的身份私钥对终端的身份标识进行加密后,获得的密文,然后第一区块链根据终端的身份标识,确定终端被分配的身份公钥,并基于该身份公钥对上述密文进行解密,如果解密后得到的身份标识与上述身份标识一致,则接收终端上传的第一行为特征数据,从而汇总出预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,进而确定多个基站的第二行为特征数据发送至第二区块链,以使第二区块链根据第二行为特征数据,确定多个基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,本申请实施例不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,本申请实施例在解密后得到的身份标识与上述身份标识一致时,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。The embodiment of the present application receives the ciphertext, the identity identifier, and the first behavior characteristic data uploaded by multiple terminals through the first blockchain, wherein the ciphertext is obtained after the terminal encrypts the identity identifier of the terminal based on the assigned identity private key. , the obtained ciphertext, and then the first blockchain determines the identity public key assigned to the terminal according to the terminal's identity, and decrypts the above ciphertext based on the identity public key. If the decrypted identity and the above-mentioned identity If the identifiers are consistent, the first behavior characteristic data uploaded by the terminal is received, so as to summarize the first behavior characteristic data uploaded by all connected terminals under the multiple base stations within the preset time period, and then determine the second behavior characteristic data of the multiple base stations. It is sent to the second blockchain, so that the second blockchain can determine whether multiple base stations are pseudo base stations according to the second behavior characteristic data, which does not require manual participation, saves time and manpower, and can detect pseudo base stations in time. Moreover, the embodiment of the present application not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, in the embodiment of the present application, when the identity identifier obtained after decryption is consistent with the above-mentioned identity identifier, that is, it is determined that the terminal is a legitimate terminal before receiving the reported data, which ensures the authenticity and effectiveness of the reported data, and prevents the illegal terminal from reporting forged data and causing system errors. Then, identify the pseudo base station as a normal base station.

以上实施例从第一区块链侧详细描述了根据本申请实施例的伪基站识别的方法,下面将结合以下实施例从第二区块链侧详细描述根据本申请实施例提供的伪基站识别的方法。应理解,第一区块链侧描述的某些概念、特性等与第二区块链侧的描述相应,为了简洁,适当省略重复的描述。The above embodiments describe in detail the method for identifying a pseudo base station according to the embodiment of the present application from the first blockchain side, and the following will describe in detail the pseudo base station identification method provided according to the embodiment of the present application from the second blockchain side with reference to the following embodiments Methods. It should be understood that some concepts, characteristics, etc. described on the first blockchain side correspond to the descriptions on the second blockchain side, and repeated descriptions are appropriately omitted for brevity.

图3为本申请实施例提供的另一种伪基站识别方法的流程示意图,本实施例的执行主体可以为图1中的第二区块链,如图3所示,该方法可以包括如下步骤:FIG. 3 is a schematic flowchart of another pseudo base station identification method provided by an embodiment of the present application. The execution body of this embodiment may be the second blockchain in FIG. 1 . As shown in FIG. 3 , the method may include the following steps :

S301:接收第一区块链上传的多个基站的第二行为特征数据,该多个基站的第二行为特征数据为第一区块链根据上述多个基站下所有接入的终端上传的第一行为特征数据,确定的第二行为特征数据,上述多个基站下所有接入的终端上传的第一行为特征数据为第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,并根据终端i的身份标识,确定终端i被分配的身份公钥,基于该身份公钥对终端i上传的密文进行解密后,若解密后得到的身份标识与终端i的身份标识一致,则接收终端i上传的第一行为特征数据,并根据终端i上传的第一行为特征数据,汇总的预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,其中,终端i上传的密文为终端i基于被分配的身份私钥对终端i的身份标识进行加密后,获得的加密密文,终端i上传的第一行为特征数据为终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于上述多个终端的数量。S301: Receive second behavior feature data of multiple base stations uploaded by the first blockchain, where the second behavior feature data of the multiple base stations are the first block chain uploaded according to all the terminals connected to the multiple base stations. One behavioral feature data, the second determined behavioral feature data, the first behavioral feature data uploaded by all connected terminals under the above-mentioned multiple base stations is the ciphertext, identity identifier and the first block chain received by the multiple terminals uploaded. Behavior characteristic data, and according to the identity of terminal i, determine the identity public key assigned to terminal i, and decrypt the ciphertext uploaded by terminal i based on the identity public key. If the identifiers are the same, the first behavior characteristic data uploaded by terminal i is received, and according to the first behavior characteristic data uploaded by terminal i, the first behavior characteristic data uploaded by all connected terminals under multiple base stations within a preset time period are summarized. , where the ciphertext uploaded by the terminal i is the encrypted ciphertext obtained after the terminal i encrypts the identity of the terminal i based on the assigned identity private key, and the first behavioral feature data uploaded by the terminal i is that the terminal i has accessed The first behavior characteristic data of the base station, i=1, 2, ... n, n is equal to the number of the above-mentioned multiple terminals.

S302:根据上述多个基站的第二行为特征数据,确定上述多个基站是否为伪基站。S302: Determine whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations.

这里,第二区块链可以判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,其中,j=1,2,……m,m等于上述多个基站的数量。如果基站j的第二行为特征数据满足上述预设的伪基站识别规则,则第二区块链确定基站j为伪基站。Here, the second blockchain can determine whether the second behavior characteristic data of base station j satisfies the preset pseudo base station identification rule, where j=1, 2, . . . m, m is equal to the number of the above-mentioned multiple base stations. If the second behavior characteristic data of the base station j satisfies the foregoing preset pseudo base station identification rule, the second blockchain determines that the base station j is a pseudo base station.

第二区块链还可以接收终端发送的查询请求,该查询请求携带待查询基站的标识,进而,根据上述多个基站是否为伪基站的确定结果和上述待查询基站的标识,确定上述待查询基站是否为伪基站,并返回上述终端上述待查询基站的查询结果,从而,上述终端可以基于该查询结果确定是否接入上述待查询基站。例如,上述查询结果是上述待查询基站是伪基站,则上述终端不接入上述待查询基站,避免不法分子通过伪基站发送垃圾短信,减少用户的经济损失和人身伤害。The second blockchain may also receive a query request sent by the terminal, where the query request carries the identifier of the base station to be queried, and then, according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried, determine the to-be-queried base station Whether the base station is a pseudo base station, and returns the query result of the base station to be queried by the terminal, so that the terminal can determine whether to access the base station to be queried based on the query result. For example, if the query result is that the base station to be queried is a fake base station, the terminal does not access the base station to be queried, so as to prevent criminals from sending spam text messages through the fake base station, and reduce economic losses and personal injury of users.

本申请实施例通过第一区块链接收终端上传的终端身份标识和基站的第一行为特征数据,并对终端进行身份验证,验证通过后,接收上述基站的第一行为特征数据,并基于该第一行为特征数据,确定基站的第二行为数据并发送至第二区块链,以使第二区块链基于上述第二行为数据,确定基站是否为伪基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,本申请实施例不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,本申请实施例对终端进行身份验证,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。This embodiment of the present application receives the terminal identity identifier uploaded by the terminal and the first behavior characteristic data of the base station through the first blockchain, and performs identity verification on the terminal. After the verification is passed, the first behavior characteristic data of the base station is received, and based on this The first behavior feature data, determine the second behavior data of the base station and send it to the second block chain, so that the second block chain can determine whether the base station is a pseudo base station based on the second behavior data, which does not require manual participation and saves time And manpower, can detect the fake base station in time. Moreover, the embodiment of the present application not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, the embodiment of the present application performs identity verification on the terminal, that is, only when it is determined that the terminal is a legitimate terminal, the reported data is received, which ensures the authenticity and validity of the reported data, prevents the illegal terminal from reporting forged data and causes the system to misjudge, and identifies the pseudo base station as normal. base station.

另外,本申请实施例还提供再一种伪基站识别方法,从第一区块链、第二区块链和多个终端交互进行说明,如图4所示,该方法可以包括:In addition, the embodiments of the present application also provide yet another pseudo base station identification method, which is described from the interaction of the first blockchain, the second blockchain and multiple terminals. As shown in FIG. 4 , the method may include:

S401:多个终端上传密文、身份标识和第一行为特征数据至第一区块链其中,终端i上传的密文为终端i基于被分配的身份私钥对终端i的身份标识进行加密后,获得的加密密文,终端i上传的第一行为特征数据为终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于上述多个终端的数量。S401: Multiple terminals upload ciphertext, identity identifier, and first behavior characteristic data to the first blockchain, wherein the ciphertext uploaded by terminal i is after terminal i encrypts the identity identifier of terminal i based on the assigned identity private key , the obtained encrypted ciphertext, the first behavior characteristic data uploaded by terminal i is the first behavior characteristic data of the base station accessed by terminal i, i=1, 2, ... n, n is equal to the number of the above-mentioned multiple terminals.

这里,运营商服务器可以为每个合法终端用户分配唯一的身份公钥、身份私钥对和身份标识,并将该身份公钥和身份标识存储到第一区块链。Here, the operator server can assign a unique identity public key, identity private key pair and identity identifier to each legal end user, and store the identity public key and identity identifier in the first blockchain.

S402:第一区块链接收上述密文、身份标识和第一行为特征数据,根据终端i的身份标识,确定终端i被分配的身份公钥,并基于该身份公钥对终端i上传的密文进行解密。S402: The first block chain receives the above-mentioned ciphertext, the identity identifier and the first behavior characteristic data, determines the identity public key assigned to the terminal i according to the identity identifier of the terminal i, and based on the identity public key, compares the secret key uploaded by the terminal i to the terminal i. The text is decrypted.

S403:若解密后得到的身份标识与终端i的身份标识一致,则第一区块链接收终端i上传的第一行为特征数据,并根据终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据。S403: If the identity identifier obtained after decryption is consistent with the identity identifier of terminal i, the first blockchain receives the first behavior characteristic data uploaded by terminal i, and summarizes the preset time according to the first behavior characteristic data uploaded by terminal i The first behavior feature data uploaded by all connected terminals under multiple base stations in the segment.

S404:第一区块链根据上述多个基站下所有接入的终端上传的第一行为特征数据,确定上述多个基站的第二行为特征数据。S404: The first block chain determines the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations.

S405:第一区块链将上述多个基站的第二行为特征数据发送至第二区块链。S405: The first blockchain sends the second behavior characteristic data of the plurality of base stations to the second blockchain.

S406:第二区块链根据上述多个基站的第二行为特征数据,确定上述多个基站是否为伪基站。S406: The second blockchain determines whether the plurality of base stations are pseudo base stations according to the second behavior characteristic data of the plurality of base stations.

S407:终端i发送查询请求至第二区块链,该查询请求携带待查询基站的标识。S407: Terminal i sends a query request to the second blockchain, where the query request carries the identifier of the base station to be queried.

S408:第二区块链根据上述多个基站是否为伪基站的确定结果和上述待查询基站的标识,确定上述待查询基站是否为伪基站。S408: The second blockchain determines whether the base station to be queried is a pseudo base station according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried.

S409:第二区块链返回上述终端i上述待查询基站的查询结果。S409: The second blockchain returns the query result of the base station to be queried by the terminal i.

S410:终端i基于该查询结果确定是否接入上述待查询基站。例如,上述查询结果是上述待查询基站是伪基站,则上述终端i不接入上述待查询基站。S410: The terminal i determines whether to access the base station to be queried based on the query result. For example, if the query result is that the base station to be queried is a pseudo base station, the terminal i does not access the base station to be queried.

本申请实施例可以通过第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,其中,该密文为终端基于被分配的身份私钥对终端的身份标识进行加密后,获得的密文,然后第一区块链根据终端的身份标识,确定终端被分配的身份公钥,并基于该身份公钥对上述密文进行解密,如果解密后得到的身份标识与上述身份标识一致,则接收终端上传的第一行为特征数据,从而汇总出预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,进而确定多个基站的第二行为特征数据发送至第二区块链,以使第二区块链根据第二行为特征数据,确定多个基站是否为伪基站,从而后续终端可以基于第二区块链中的确定结果接入基站,其中无需人工参与,节省时间和人力,能够及时发现伪基站。而且,本申请实施例不仅使用终端身份标识还结合了基站的行为特征数据来判断是否为伪基站,提高伪基站识别准确性。另外,本申请实施例在解密后得到的身份标识与上述身份标识一致时,即确定终端为合法终端时才接收上报数据,保障了上报数据的真实有效,防止非法终端上报伪造数据导致系统的误判,将伪基站识别为正常基站。In this embodiment of the present application, the ciphertext, the identity identifier and the first behavior characteristic data uploaded by multiple terminals can be received through the first blockchain, where the ciphertext is the terminal encrypting the identity identifier of the terminal based on the assigned identity private key Then, the first blockchain determines the identity public key assigned to the terminal according to the terminal's identity, and decrypts the above ciphertext based on the identity public key. If the decrypted identity is the same as the above If the identities are the same, the first behavior feature data uploaded by the terminal is received, so as to summarize the first behavior feature data uploaded by all connected terminals under the multiple base stations within the preset time period, and then determine the second behavior feature of the multiple base stations. The data is sent to the second blockchain, so that the second blockchain can determine whether multiple base stations are pseudo base stations according to the second behavior characteristic data, so that subsequent terminals can access the base stations based on the determination results in the second blockchain, There is no need for manual participation, time and manpower are saved, and pseudo base stations can be discovered in time. Moreover, the embodiment of the present application not only uses the terminal identification but also combines the behavior characteristic data of the base station to determine whether it is a pseudo base station, so as to improve the identification accuracy of the pseudo base station. In addition, in the embodiment of the present application, when the identity identifier obtained after decryption is consistent with the above-mentioned identity identifier, that is, it is determined that the terminal is a legitimate terminal before receiving the reported data, which ensures the authenticity and effectiveness of the reported data, and prevents the illegal terminal from reporting forged data and causing system errors. Then, identify the pseudo base station as a normal base station.

对应于上文实施例的伪基站识别方法,图5为本申请实施例提供的伪基站识别装置的结构示意图。为了便于说明,仅示出了与本申请实施例相关的部分。图5为本申请实施例提供的一种伪基站识别装置的结构示意图,该伪基站识别装置50包括:第一接收模块501、第一确定模块502、汇总模块503以及第二确定模块504。这里的伪基站识别装置可以是上述第一区块链本身,或者是实现上述第一区块链的功能的芯片或者集成电路。这里需要说明的是,第一接收模块、第一确定模块、汇总模块以及第二确定模块的划分只是一种逻辑功能的划分,物理上两者可以是集成的,也可以是独立的。Corresponding to the pseudo base station identification method of the above embodiment, FIG. 5 is a schematic structural diagram of a pseudo base station identification apparatus provided by an embodiment of the present application. For the convenience of description, only the parts related to the embodiments of the present application are shown. FIG. 5 is a schematic structural diagram of a pseudo base station identification device according to an embodiment of the present application. The pseudo base station identification device 50 includes: a first receiving module 501 , a first determining module 502 , a summarizing module 503 and a second determining module 504 . The pseudo base station identification device here may be the first blockchain itself, or a chip or integrated circuit that implements the functions of the first blockchain. It should be noted here that the division of the first receiving module, the first determining module, the summarizing module, and the second determining module is only a logical function division, and the two may be physically integrated or independent.

其中,第一接收模块501,用于接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量。Wherein, the first receiving module 501 is configured to receive ciphertext, identity identifier and first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by terminal i is the pair of ciphertexts uploaded by terminal i based on the assigned identity private key. The encrypted ciphertext obtained after the identity of the terminal i is encrypted, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1,2, ...n, where n is equal to the number of the plurality of terminals.

第一确定模块502,用于根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,并基于所述身份公钥对所述终端i上传的密文进行解密。The first determining module 502 is configured to determine, according to the identity of the terminal i, the public key of the identity assigned to the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the public key of the identity.

汇总模块503,用于若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据。The summarizing module 503 is configured to receive the first behavior characteristic data uploaded by the terminal i if the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, and according to the first behavior characteristic data uploaded by the terminal i , and summarize the first behavior feature data uploaded by all connected terminals under multiple base stations within a preset time period.

第二确定模块504,用于根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,并将所述多个基站的第二行为特征数据发送至第二区块链,以使所述第二区块链根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。The second determining module 504 is configured to determine the second behavior characteristic data of the multiple base stations according to the first behavior characteristic data uploaded by all the connected terminals under the multiple base stations, and determine the first behavior characteristic data of the multiple base stations The second behavior characteristic data is sent to the second block chain, so that the second block chain determines whether the plurality of base stations are pseudo base stations according to the second behavior characteristic data of the plurality of base stations.

在一种可能的实现方式中,所述第一确定模块502,具体用于:In a possible implementation manner, the first determining module 502 is specifically configured to:

获取预存的终端的身份标识与身份公钥的对应关系;Obtain the correspondence between the pre-stored terminal's identity identifier and the identity public key;

根据所述对应关系,确定所述终端i的身份标识对应的身份公钥。According to the corresponding relationship, the identity public key corresponding to the identity identifier of the terminal i is determined.

在一种可能的实现方式中,所述终端i上传的第一行为特征数据包括所述终端i已接入的基站的基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量;In a possible implementation manner, the first behavior feature data uploaded by the terminal i includes the base station identifier of the base station that the terminal i has accessed, the time of accessing the base station, the time of leaving the base station, the signal level of the base station, the voice call traffic and data traffic;

所述基站j的第二行为特征数据包括基站j的基站标识、平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量,其中,j=1,2,……m,m等于所述多个基站的数量。The second behavior characteristic data of the base station j includes the base station identifier of the base station j, the average dwell time, the number of base station terminal users, the average signal level of the base station, the generated base station voice traffic and the base station data traffic, where j=1 ,2,...m, m is equal to the number of the plurality of base stations.

所述第二确定模块504,具体用于:The second determining module 504 is specifically used for:

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站标识,确定所述基站j的基站标识和基站终端用户数;Determine the base station identity of the base station j and the number of base station terminal users according to the base station identity of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的接入基站时间和离开基站时间,确定所述基站j的平均驻留时长;Determine the average dwell time of the base station j according to the time of accessing the base station and the time of leaving the base station uploaded by all the accessing terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站信号电平,确定所述基站j的基站信号平均电平;Determine the average base station signal level of the base station j according to the base station signal level of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations;

根据所述多个基站下所有接入的终端上传的终端已接入的基站的语音话务量和数据流量,确定所述基站j产生的基站语音话务量和基站数据流量。Determine the base station voice traffic and base station data traffic generated by the base station j according to the voice traffic and data traffic of the base stations to which the terminals have accessed uploaded by all connected terminals under the multiple base stations.

本申请实施例提供的装置,可用于执行上述图2方法实施例的技术方案,其实现原理和技术效果类似,本申请实施例此处不再赘述。The apparatus provided in this embodiment of the present application can be used to implement the technical solution of the above-mentioned method embodiment in FIG. 2 , and its implementation principle and technical effect are similar, and details are not described herein again in this embodiment of the present application.

图6为本申请实施例提供的另一种伪基站识别装置的结构示意图。该伪基站识别装置60包括:第二接收模块601以及第三确定模块602。这里的伪基站识别装置可以是上述第二区块链本身,或者是实现上述第二区块链的功能的芯片或者集成电路。这里需要说明的是,第二接收模块以及第三确定模块的划分只是一种逻辑功能的划分,物理上两者可以是集成的,也可以是独立的。FIG. 6 is a schematic structural diagram of another apparatus for identifying a pseudo base station according to an embodiment of the present application. The pseudo base station identification device 60 includes: a second receiving module 601 and a third determining module 602 . The pseudo base station identification device here may be the second blockchain itself, or a chip or integrated circuit that implements the functions of the second blockchain. It should be noted here that the division of the second receiving module and the third determining module is only a division of logical functions, and the two may be physically integrated or independent.

其中,第二接收模块601,用于接收第一区块链上传的多个基站的第二行为特征数据,所述多个基站的第二行为特征数据为所述第一区块链根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定的第二行为特征数据,所述多个基站下所有接入的终端上传的第一行为特征数据为所述第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,并根据终端i的身份标识,确定所述终端i被分配的身份公钥,基于所述身份公钥对所述终端i上传的密文进行解密后,若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总的预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量。The second receiving module 601 is configured to receive the second behavior feature data of multiple base stations uploaded by the first blockchain, and the second behavior feature data of the multiple base stations is the first blockchain according to the The first behavior feature data uploaded by all connected terminals under multiple base stations, and the determined second behavior feature data, and the first behavior feature data uploaded by all connected terminals under the multiple base stations is the first block. The chain receives the ciphertext, identity identifier and first behavior feature data uploaded by multiple terminals, and determines the identity public key assigned to the terminal i according to the identity identifier of the terminal i, and determines the identity public key assigned to the terminal i based on the identity public key After the uploaded ciphertext is decrypted, if the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, the first behavior feature data uploaded by the terminal i is received, and the first behavior uploaded by the terminal i is received. Feature data, the first behavior feature data uploaded by all connected terminals under multiple base stations within the aggregated preset time period, wherein, the ciphertext uploaded by terminal i is the pair of said terminal i based on the assigned identity private key. After the identity of terminal i is encrypted, the encrypted ciphertext obtained, the first behavior feature data uploaded by the terminal i is the first behavior feature data of the base station that the terminal i has accessed, i=1,2,... ...n, where n is equal to the number of the plurality of terminals.

第三确定模块602,用于根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。The third determining module 602 is configured to determine whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations.

在一种可能的设计中,所述第三确定模块602,具体用于:In a possible design, the third determining module 602 is specifically configured to:

判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,其中,j=1,2,……m,m等于所述多个基站的数量;Judging whether the second behavior characteristic data of base station j satisfies a preset pseudo base station identification rule, where j=1, 2, ... m, m is equal to the number of the multiple base stations;

若所述基站j的第二行为特征数据满足所述预设的伪基站识别规则,则确定所述基站j为伪基站。If the second behavior characteristic data of the base station j satisfies the preset pseudo base station identification rule, the base station j is determined to be a pseudo base station.

在一种可能的实现方式中,所述第二接收模块601还用于:In a possible implementation manner, the second receiving module 601 is further configured to:

接收终端发送的查询请求,所述查询请求携带待查询基站的标识;receiving a query request sent by the terminal, where the query request carries the identifier of the base station to be queried;

根据所述多个基站是否为伪基站的确定结果和所述待查询基站的标识,确定所述待查询基站是否为伪基站,并返回所述终端所述待查询基站的查询结果。Determine whether the base station to be queried is a pseudo base station according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried, and return the query result of the base station to be queried by the terminal.

本申请实施例提供的装置,可用于执行上述图3方法实施例的技术方案,其实现原理和技术效果类似,本申请实施例此处不再赘述。The apparatus provided in this embodiment of the present application can be used to implement the technical solution of the above-mentioned method embodiment in FIG. 3 , and its implementation principle and technical effect are similar, and details are not described herein again in this embodiment of the present application.

可选地,图7A和7B示意性地分别提供本申请所述伪基站识别设备的一种可能的基本硬件架构。Optionally, FIGS. 7A and 7B schematically provide a possible basic hardware architecture of the pseudo base station identification device described in the present application, respectively.

参见图7A和7B,伪基站识别设备包括至少一个处理器701以及通信接口703。进一步可选的,还可以包括存储器702和总线704。Referring to FIGS. 7A and 7B , the pseudo base station identification device includes at least one processor 701 and a communication interface 703 . Further optionally, a memory 702 and a bus 704 may also be included.

其中,伪基站识别设备中,处理器701的数量可以是一个或多个,图7A和7B仅示意了其中一个处理器701。可选地,处理器701,可以是中央处理器(central processingunit,CPU)、图形处理器(graphics processing unit,GPU)或者数字信号处理器(digitalsignal processor,DSP)。如果伪基站识别设备具有多个处理器701,多个处理器701的类型可以不同,或者可以相同。可选地,伪基站识别设备的多个处理器701还可以集成为多核处理器。Wherein, in the pseudo base station identification device, the number of processors 701 may be one or more, and FIG. 7A and 7B only illustrate one of the processors 701 . Optionally, the processor 701 may be a central processing unit (central processing unit, CPU), a graphics processing unit (graphics processing unit, GPU), or a digital signal processor (digital signal processor, DSP). If the pseudo base station identification device has multiple processors 701, the types of the multiple processors 701 may be different, or may be the same. Optionally, the multiple processors 701 of the pseudo base station identification device may also be integrated into a multi-core processor.

存储器702存储计算机指令和数据;存储器702可以存储实现本申请提供的上述伪基站识别方法所需的计算机指令和数据,例如,存储器702存储用于实现上述伪基站识别方法的步骤的指令。存储器702可以是以下存储介质的任一种或任一种组合:非易失性存储器(例如只读存储器(ROM)、固态硬盘(SSD)、硬盘(HDD)、光盘),易失性存储器。The memory 702 stores computer instructions and data; the memory 702 may store computer instructions and data required to implement the above pseudo base station identification method provided by the present application, for example, the memory 702 stores instructions for implementing the steps of the above pseudo base station identification method. The memory 702 may be any one or any combination of the following storage media: non-volatile memory (eg read only memory (ROM), solid state drive (SSD), hard disk (HDD), optical disk), volatile memory.

通信接口703可以为所述至少一个处理器提供信息输入/输出。也可以包括以下器件的任一种或任一种组合:网络接口(例如以太网接口)、无线网卡等具有网络接入功能的器件。Communication interface 703 may provide information input/output for the at least one processor. It may also include any one or any combination of the following devices: a network interface (eg, an Ethernet interface), a wireless network card, and other devices with network access functions.

可选的,通信接口703还可以用于伪基站识别设备与其它计算设备或者终端进行数据通信。Optionally, the communication interface 703 may also be used for data communication between the pseudo base station identification device and other computing devices or terminals.

进一步可选的,图7A和7B用一条粗线表示总线704。总线704可以将处理器701与存储器702和通信接口703连接。这样,通过总线704,处理器701可以访问存储器702,还可以利用通信接口703与其它计算设备或者终端进行数据交互。Further optionally, the bus 704 is represented by a thick line in FIGS. 7A and 7B. A bus 704 may connect the processor 701 with the memory 702 and the communication interface 703 . In this way, through the bus 704, the processor 701 can access the memory 702, and can also use the communication interface 703 to perform data interaction with other computing devices or terminals.

在本申请中,伪基站识别设备执行存储器702中的计算机指令,使得伪基站识别设备实现本申请提供的上述伪基站识别方法,或者使得伪基站识别设备部署上述的伪基站识别装置。In this application, the pseudo base station identification device executes the computer instructions in the memory 702, so that the pseudo base station identification device implements the pseudo base station identification method provided in the present application, or the pseudo base station identification device deploys the pseudo base station identification device described above.

从逻辑功能划分来看,示例性的,如图7A所示,存储器702中可以包括第一接收模块501、第一确定模块502、汇总模块503以及第二确定模块504。这里的包括仅仅涉及存储器中所存储的指令被执行时可以分别实现第一接收模块、第一确定模块、汇总模块以及第二确定模块的功能,而不限定是物理上的结构。From the perspective of logical function division, exemplarily, as shown in FIG. 7A , the memory 702 may include a first receiving module 501 , a first determining module 502 , a summarizing module 503 and a second determining module 504 . The inclusion here only refers to that the functions of the first receiving module, the first determining module, the summarizing module and the second determining module can be implemented respectively when the instructions stored in the memory are executed, and are not limited to physical structures.

一种可能设计,如图7B所示,存储器702中包括第二接收模块601以及第三确定模块602,这里的包括仅仅涉及存储器中所存储的指令被执行时可以分别实现第二接收模块以及第三确定模块的功能,而不限定是物理上的结构。A possible design, as shown in FIG. 7B , the memory 702 includes a second receiving module 601 and a third determining module 602, and the inclusion here only involves that the second receiving module and the third determining module can be implemented respectively when the instructions stored in the memory are executed. 3. Determine the function of the module, not limited to the physical structure.

另外,上述的伪基站识别装置除了可以像上述图7A和7B通过软件实现外,也可以作为硬件模块,或者作为电路单元,通过硬件实现。In addition, the above-mentioned pseudo base station identification device can be implemented as a hardware module, or as a circuit unit, in addition to being implemented by software as in the above-mentioned FIGS. 7A and 7B .

本申请提供一种计算机可读存储介质,所述计算机程序产品包括计算机指令,所述计算机指令指示计算设备执行本申请提供的上述伪基站识别方法。The present application provides a computer-readable storage medium, and the computer program product includes computer instructions, and the computer instructions instruct a computing device to execute the above pseudo base station identification method provided by the present application.

本申请提供一种芯片,包括至少一个处理器和通信接口,所述通信接口为所述至少一个处理器提供信息输入和/或输出。进一步,所述芯片还可以包含至少一个存储器,所述存储器用于存储计算机指令。所述至少一个处理器用于调用并运行该计算机指令,以执行本申请提供的上述伪基站识别方法。The present application provides a chip comprising at least one processor and a communication interface, wherein the communication interface provides information input and/or output for the at least one processor. Further, the chip may also include at least one memory for storing computer instructions. The at least one processor is configured to invoke and execute the computer instruction to execute the above pseudo base station identification method provided in this application.

在本申请所提供的几个实施例中,应该理解到,所揭露的装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

Claims (9)

1.一种伪基站识别方法,其特征在于,所述方法应用于第一区块链,所述方法包括:1. A method for identifying a pseudo base station, wherein the method is applied to a first blockchain, and the method comprises: 接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;Receive the ciphertext, the identity identifier and the first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by the terminal i is after the terminal i encrypts the identity identifier of the terminal i based on the assigned identity private key, In the obtained encrypted ciphertext, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1, 2,...n, n is equal to the multiple the number of terminals; 根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,并基于所述身份公钥对所述终端i上传的密文进行解密;According to the identity identifier of the terminal i, determine the identity public key assigned to the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the identity public key; 若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据;If the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, receive the first behavior feature data uploaded by the terminal i, and summarize the preset time period according to the first behavior feature data uploaded by the terminal i The first behavior feature data uploaded by all connected terminals under multiple base stations in the system; 根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,并将所述多个基站的第二行为特征数据发送至第二区块链,以使所述第二区块链根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。Determine the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations, and send the second behavior feature data of the multiple base stations to the second block chain, so that the second block chain determines whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations. 2.根据权利要求1所述的方法,其特征在于,所述根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,包括:2. The method according to claim 1, wherein the determining, according to the identity of the terminal i, the identity public key allocated to the terminal i comprises: 获取预存的终端的身份标识与身份公钥的对应关系;Obtain the correspondence between the pre-stored terminal's identity identifier and the identity public key; 根据所述对应关系,确定所述终端i的身份标识对应的身份公钥。According to the corresponding relationship, the identity public key corresponding to the identity identifier of the terminal i is determined. 3.根据权利要求1或2所述的方法,其特征在于,所述终端i上传的第一行为特征数据包括所述终端i已接入的基站的基站标识、接入基站时间、离开基站时间、基站信号电平、语音话务量和数据流量;3. The method according to claim 1 or 2, wherein the first behavior characteristic data uploaded by the terminal i comprises the base station identifier of the base station that the terminal i has accessed, the time of accessing the base station, and the time of leaving the base station , base station signal level, voice traffic and data traffic; 基站j的第二行为特征数据包括所述基站j的基站标识、平均驻留时长、基站终端用户数、基站信号平均电平、产生的基站语音话务量和基站数据流量,其中,j=1,2,……m,m等于所述多个基站的数量;The second behavior characteristic data of the base station j includes the base station identifier of the base station j, the average dwell time, the number of base station terminal users, the average signal level of the base station, the generated base station voice traffic and the base station data traffic, where j=1 ,2,...m, m is equal to the number of the multiple base stations; 所述根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,包括:The determining of the second behavior characteristic data of the multiple base stations according to the first behavior characteristic data uploaded by all connected terminals under the multiple base stations includes: 根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站标识,确定所述基站j的基站标识和基站终端用户数;Determine the base station identity of the base station j and the number of base station terminal users according to the base station identity of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations; 根据所述多个基站下所有接入的终端上传的接入基站时间和离开基站时间,确定所述基站j的平均驻留时长;Determine the average dwell time of the base station j according to the time of accessing the base station and the time of leaving the base station uploaded by all the accessing terminals under the multiple base stations; 根据所述多个基站下所有接入的终端上传的终端已接入的基站的基站信号电平,确定所述基站j的基站信号平均电平;Determine the average base station signal level of the base station j according to the base station signal level of the base station to which the terminal has accessed uploaded by all connected terminals under the multiple base stations; 根据所述多个基站下所有接入的终端上传的终端已接入的基站的语音话务量和数据流量,确定所述基站j产生的基站语音话务量和基站数据流量。Determine the base station voice traffic and base station data traffic generated by the base station j according to the voice traffic and data traffic of the base stations to which the terminals have accessed uploaded by all connected terminals under the multiple base stations. 4.一种伪基站识别方法,其特征在于,所述方法应用于第二区块链,所述方法包括:4. A method for identifying a pseudo base station, wherein the method is applied to a second blockchain, and the method comprises: 接收第一区块链上传的多个基站的第二行为特征数据,所述多个基站的第二行为特征数据为所述第一区块链根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定的第二行为特征数据,所述多个基站下所有接入的终端上传的第一行为特征数据为所述第一区块链接收多个终端上传的密文、身份标识和第一行为特征数据,并根据终端i的身份标识,确定所述终端i被分配的身份公钥,基于所述身份公钥对所述终端i上传的密文进行解密后,若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总的预设时间段内多个基站下所有接入的终端上传的第一行为特征数据,其中,所述终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;Receive second behavior characteristic data of multiple base stations uploaded by the first blockchain, where the second behavior characteristic data of the multiple base stations are uploaded by the first blockchain according to all connected terminals under the multiple base stations The first behavior feature data of the first behavioral feature data, the second behavioral feature data determined, the first behavioral feature data uploaded by all connected terminals under the multiple base stations are the ciphertexts uploaded by the first blockchain receiving multiple terminals, The identity identifier and the first behavior characteristic data, and according to the identity identifier of the terminal i, determine the identity public key assigned to the terminal i, and after decrypting the ciphertext uploaded by the terminal i based on the identity public key, if the decryption The identity identifier obtained later is consistent with the identity identifier of the terminal i, then the first behavior characteristic data uploaded by the terminal i is received, and according to the first behavior characteristic data uploaded by the terminal i, the aggregated preset time period The first behavioral feature data uploaded by all connected terminals under a plurality of base stations, wherein the ciphertext uploaded by the terminal i is after the terminal i has encrypted the identity of the terminal i based on the assigned identity private key. , the obtained encrypted ciphertext, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1,2,...n, n is equal to the multiple the number of terminals; 根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。According to the second behavior characteristic data of the multiple base stations, it is determined whether the multiple base stations are pseudo base stations. 5.根据权利要求4所述的方法,其特征在于,所述根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站,包括:The method according to claim 4, wherein the determining whether the multiple base stations are pseudo base stations according to the second behavior characteristic data of the multiple base stations comprises: 判断基站j的第二行为特征数据是否满足预设的伪基站识别规则,其中,j=1,2,……m,m等于所述多个基站的数量;Judging whether the second behavior characteristic data of base station j satisfies a preset pseudo base station identification rule, where j=1, 2, ... m, m is equal to the number of the multiple base stations; 若所述基站j的第二行为特征数据满足所述预设的伪基站识别规则,则确定所述基站j为伪基站。If the second behavior characteristic data of the base station j satisfies the preset pseudo base station identification rule, the base station j is determined to be a pseudo base station. 6.根据权利要求4或5所述的方法,其特征在于,所述方法还包括:6. The method according to claim 4 or 5, wherein the method further comprises: 接收终端发送的查询请求,所述查询请求携带待查询基站的标识;receiving a query request sent by the terminal, where the query request carries the identifier of the base station to be queried; 根据所述多个基站是否为伪基站的确定结果和所述待查询基站的标识,确定所述待查询基站是否为伪基站,并返回所述终端所述待查询基站的查询结果。Determine whether the base station to be queried is a pseudo base station according to the determination result of whether the plurality of base stations are pseudo base stations and the identifier of the base station to be queried, and return the query result of the base station to be queried by the terminal. 7.一种伪基站识别装置,其特征在于,所述装置应用于第一区块链,所述装置包括:7. A pseudo base station identification device, wherein the device is applied to a first blockchain, and the device comprises: 第一接收模块,用于接收多个终端上传的密文、身份标识和第一行为特征数据,其中,终端i上传的密文为所述终端i基于被分配的身份私钥对所述终端i的身份标识进行加密后,获得的加密密文,所述终端i上传的第一行为特征数据为所述终端i已接入的基站的第一行为特征数据,i=1,2,……n,n等于所述多个终端的数量;The first receiving module is used to receive the ciphertext, the identity identifier and the first behavior characteristic data uploaded by multiple terminals, wherein the ciphertext uploaded by terminal i is the pairing of the terminal i based on the assigned identity private key to the terminal i. The encrypted ciphertext obtained after encrypting the identity of the terminal i, the first behavior characteristic data uploaded by the terminal i is the first behavior characteristic data of the base station that the terminal i has accessed, i=1,2,...n , n is equal to the number of the multiple terminals; 第一确定模块,用于根据所述终端i的身份标识,确定所述终端i被分配的身份公钥,并基于所述身份公钥对所述终端i上传的密文进行解密;a first determining module, configured to determine the identity public key assigned to the terminal i according to the identity of the terminal i, and decrypt the ciphertext uploaded by the terminal i based on the identity public key; 汇总模块,用于若解密后得到的身份标识与所述终端i的身份标识一致,则接收所述终端i上传的第一行为特征数据,并根据所述终端i上传的第一行为特征数据,汇总预设时间段内多个基站下所有接入的终端上传的第一行为特征数据;a summary module, configured to receive the first behavior characteristic data uploaded by the terminal i if the identity identifier obtained after decryption is consistent with the identity identifier of the terminal i, and according to the first behavior characteristic data uploaded by the terminal i, Summarize the first behavior feature data uploaded by all connected terminals under multiple base stations within a preset time period; 第二确定模块,用于根据所述多个基站下所有接入的终端上传的第一行为特征数据,确定所述多个基站的第二行为特征数据,并将所述多个基站的第二行为特征数据发送至第二区块链,以使所述第二区块链根据所述多个基站的第二行为特征数据,确定所述多个基站是否为伪基站。The second determining module is configured to determine the second behavior feature data of the multiple base stations according to the first behavior feature data uploaded by all connected terminals under the multiple base stations, and determine the second behavior feature data of the multiple base stations. The behavior characteristic data is sent to the second blockchain, so that the second blockchain determines whether the plurality of base stations are pseudo base stations according to the second behavior characteristic data of the plurality of base stations. 8.一种伪基站识别设备,其特征在于,包括:8. A pseudo base station identification device, comprising: 处理器;processor; 存储器;以及memory; and 计算机程序;Computer program; 其中,所述计算机程序被存储在所述存储器中,并且被配置为由所述处理器执行,所述计算机程序包括用于执行如权利要求1-3任一项所述的方法的指令。wherein the computer program is stored in the memory and configured to be executed by the processor, the computer program comprising instructions for performing the method of any of claims 1-3. 9.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机程序,所述计算机程序使得服务器执行权利要求1-3任一项所述的方法。9. A computer-readable storage medium, wherein the computer-readable storage medium stores a computer program, and the computer program causes a server to execute the method of any one of claims 1-3.
CN202110520651.3A 2021-05-13 2021-05-13 Pseudo base station identification method, device, device and storage medium Active CN113099456B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110520651.3A CN113099456B (en) 2021-05-13 2021-05-13 Pseudo base station identification method, device, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110520651.3A CN113099456B (en) 2021-05-13 2021-05-13 Pseudo base station identification method, device, device and storage medium

Publications (2)

Publication Number Publication Date
CN113099456A CN113099456A (en) 2021-07-09
CN113099456B true CN113099456B (en) 2022-05-03

Family

ID=76665391

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110520651.3A Active CN113099456B (en) 2021-05-13 2021-05-13 Pseudo base station identification method, device, device and storage medium

Country Status (1)

Country Link
CN (1) CN113099456B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112020065B (en) * 2020-08-04 2023-05-19 深圳传音控股股份有限公司 Information processing method, terminal equipment, server and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358198A (en) * 2016-09-05 2017-01-25 努比亚技术有限公司 Method and device for recognizing false base station
CN107580326A (en) * 2017-10-17 2018-01-12 奇酷互联网络科技(深圳)有限公司 Parameter regulation means, device and mobile terminal in pseudo-base station identification
CN108513302A (en) * 2018-03-16 2018-09-07 广东欧珀移动通信有限公司 Method and device for identifying pseudo base station and mobile terminal
CN109041064A (en) * 2018-08-28 2018-12-18 中科创达软件科技(深圳)有限公司 A kind of recognition methods of pseudo-base station, device and mobile terminal
CN110753349A (en) * 2019-10-29 2020-02-04 西安交通大学 Method and device for identifying pseudo base station
CN111107552A (en) * 2018-10-25 2020-05-05 中国移动通信有限公司研究院 Method and system for identifying pseudo base station

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109548027B (en) * 2017-08-17 2023-12-05 北京三星通信技术研究有限公司 Method and device for identifying pseudo base station in mobile terminal

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358198A (en) * 2016-09-05 2017-01-25 努比亚技术有限公司 Method and device for recognizing false base station
CN107580326A (en) * 2017-10-17 2018-01-12 奇酷互联网络科技(深圳)有限公司 Parameter regulation means, device and mobile terminal in pseudo-base station identification
CN108513302A (en) * 2018-03-16 2018-09-07 广东欧珀移动通信有限公司 Method and device for identifying pseudo base station and mobile terminal
CN109041064A (en) * 2018-08-28 2018-12-18 中科创达软件科技(深圳)有限公司 A kind of recognition methods of pseudo-base station, device and mobile terminal
CN111107552A (en) * 2018-10-25 2020-05-05 中国移动通信有限公司研究院 Method and system for identifying pseudo base station
CN110753349A (en) * 2019-10-29 2020-02-04 西安交通大学 Method and device for identifying pseudo base station

Also Published As

Publication number Publication date
CN113099456A (en) 2021-07-09

Similar Documents

Publication Publication Date Title
CN109104279B (en) Encryption method and system for electric power data and terminal equipment
JP5682083B2 (en) Suspicious wireless access point detection
CN107770182A (en) The date storage method and home gateway of home gateway
CN110611723A (en) A method and device for scheduling service resources
CN103415004B (en) A kind of method and device detecting junk short message
WO2021168652A1 (en) Terminal device information transmission method, device fingerprint generation method, and related product
CN104244254A (en) Method and device for detecting pseudo base station based on short message center number
CN105262773B (en) A kind of verification method and device of Internet of things system
WO2018010480A1 (en) Network locking method for esim card, terminal, and network locking authentication server
CN107733639A (en) Key management method, device and readable storage medium storing program for executing
CN112823503A (en) Data access method, data access device and mobile terminal
Ariyapala et al. A host and network based intrusion detection for android smartphones
CN110351358A (en) A kind of car networking safe information transmission and intelligent early-warning system
US11979413B2 (en) Identity verification method and apparatus
CN115208705A (en) Encryption and decryption method and device based on link data self-adaptive adjustment
CN110621016A (en) User identity protection method, user terminal and base station
CN112699391B (en) Target data sending method and privacy computing platform
CN108282551B (en) Message identification processing method and device, monitoring equipment and readable storage medium
CN113099456B (en) Pseudo base station identification method, device, device and storage medium
CN113795002A (en) Method and device for intercepting junk short messages and computer readable storage medium
CN114095220A (en) Telephone communication verification method, device, equipment and storage medium
CN117749446A (en) Attack object source tracing methods, devices, equipment and media
CN110730447B (en) User identity protection method, user terminal and core network
CN112995413B (en) Number information traceability method, device and server
CN111597545A (en) A kind of authorization management method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant