WO2020113479A1 - 伪基站识别方法、装置、移动终端以及存储介质 - Google Patents

伪基站识别方法、装置、移动终端以及存储介质 Download PDF

Info

Publication number
WO2020113479A1
WO2020113479A1 PCT/CN2018/119414 CN2018119414W WO2020113479A1 WO 2020113479 A1 WO2020113479 A1 WO 2020113479A1 CN 2018119414 W CN2018119414 W CN 2018119414W WO 2020113479 A1 WO2020113479 A1 WO 2020113479A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
accessed
mobile terminal
cell
pseudo
Prior art date
Application number
PCT/CN2018/119414
Other languages
English (en)
French (fr)
Inventor
林进全
Original Assignee
深圳市欢太科技有限公司
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市欢太科技有限公司, Oppo广东移动通信有限公司 filed Critical 深圳市欢太科技有限公司
Priority to PCT/CN2018/119414 priority Critical patent/WO2020113479A1/zh
Priority to CN201880098375.2A priority patent/CN112771907B/zh
Publication of WO2020113479A1 publication Critical patent/WO2020113479A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Definitions

  • the present application relates to the technical field of mobile terminals, and more specifically, to a pseudo base station identification method, device, mobile terminal, and storage medium.
  • “Pseudo base station” is a fake base station.
  • the pseudo base station is generally composed of a host computer and a laptop computer. It can retrieve mobile phone card information centered on it and within a certain radius through the SMS group sender, SMS sender and other related equipment, using mobile communications.
  • the shortcomings of the system by disguising themselves as the base station of the operator, used the mobile phone numbers of others to forcibly send short messages such as scams and advertisement sales to the user's mobile phone.
  • this application proposes a pseudo base station identification method, device, mobile terminal, and storage medium to solve the above problems.
  • an embodiment of the present application provides a pseudo base station identification method, which is applied to a mobile terminal.
  • the method includes: within a specified time period, when the mobile terminal detects the first base station to be accessed, Whether the first base station to be accessed is a suspected 4G pseudo base station and obtain a first judgment result; when the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects a second base station to be accessed, a judgment is made Whether the second base station to be accessed is a suspected 2G pseudo base station and obtain a second judgment result; determine whether the mobile terminal receives an attack message sent by the second base station to be accessed and obtain a third judgment result; The first judgment result, the second judgment result, and the third judgment result determine whether the first base station to be accessed is a 4G pseudo base station.
  • an embodiment of the present application provides a pseudo base station identification device, which is applied to a mobile terminal, and the device includes: a first judgment module, configured to: when the mobile terminal detects a first When accessing a base station, determine whether the first base station to be accessed is a suspected 4G pseudo base station and obtain a first judgment result; a second judgment module is used when the first base station to be accessed is a suspected 4G pseudo base station and When the mobile terminal detects the second base station to be accessed, it determines whether the second base station to be accessed is a suspected 2G pseudo base station and obtains a second determination result; a third determination module is used to determine whether the mobile terminal has received An attack short message sent by the second base station to be accessed and obtain a third judgment result; a determination module is configured to determine the first based on the first judgment result, the second judgment result, and the third judgment result Whether the base station to be accessed is a 4G pseudo base station.
  • an embodiment of the present application provides a mobile terminal, including: a memory; one or more processors coupled to the memory; one or more programs, wherein the one or more application programs are Stored in the memory and configured to be executed by the one or more processors, the one or more programs are configured to perform the above method.
  • an embodiment of the present application provides a computer-readable storage medium.
  • the computer-readable storage medium stores program code, and the program code can be called by a processor to execute the above method.
  • the pseudo base station identification method, device, mobile terminal and storage medium provided in the embodiments of the present application determine whether the first base station to be accessed is a suspected 4G pseudo base station when the mobile terminal detects the first base station to be accessed within a specified time period The base station obtains the first judgment result.
  • the mobile terminal When the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects the second base station to be accessed, it determines whether the second base station to be accessed is a suspected 2G pseudo base station and obtains the first Two judgment results, judging whether the mobile terminal receives the attack short message sent by the second to-be-accessed base station and obtaining a third judgment result, and based on the first judgment result, the second judgment result, and the third judgment result, determining the first waiting Whether the access base station is a 4G pseudo base station, so as to determine whether the base station to be accessed is a 4G pseudo base station by synthesizing the judgment results of the 4G pseudo base station, the 2G pseudo base station and the attack message, thereby improving the judgment accuracy of the 4G pseudo base station and the information security of the mobile terminal .
  • FIG. 1 shows a schematic diagram of a system architecture of a mobile communication network provided by an embodiment of the present application
  • FIG. 2 shows a schematic diagram of another mobile communication network system architecture provided by an embodiment of the present application
  • FIG. 3 shows a schematic flowchart of a method for identifying a pseudo base station according to an embodiment of the present application
  • FIG. 4 shows a schematic flowchart of a pseudo base station identification method according to another embodiment of the present application.
  • FIG. 5 shows a schematic flowchart of a pseudo base station identification method according to yet another embodiment of the present application
  • FIG. 6 shows a schematic flowchart of step S304 of the pseudo base station identification method shown in FIG. 5 of the present application
  • step S308 of the pseudo base station identification method shown in FIG. 5 of the present application shows a schematic flowchart of step S308 of the pseudo base station identification method shown in FIG. 5 of the present application
  • FIG. 8 shows a block diagram of a device for identifying a pseudo base station according to an embodiment of the present application
  • FIG. 9 shows a block diagram of an electronic device used to perform a method for identifying a pseudo base station according to an embodiment of the present application.
  • FIG. 10 shows a storage unit for storing or carrying a program code for implementing a method for identifying a pseudo base station according to an embodiment of the present application.
  • the base station is A more important communication device.
  • GSM Global System for Mobile Communication
  • CDMA Code Division Multiple Access
  • LTE long term evolution
  • FIG. 1 a schematic diagram of the architecture of the 2G mobile communication system shown in FIG. 1.
  • the base station BTS base transceiver
  • BSC Base Station Controller
  • MSC mobile switching center
  • FIG. 2 Another example is the schematic diagram of the 4G mobile communication system architecture shown in FIG. 2.
  • the base station eNB evolved node B
  • MME Mobility Management Entity
  • the MME is connected to the serving gateway Serving Gateway. It can be seen from FIGS. 1 and 2 that in the mobile communication system, the base station, as a device that directly establishes a connection with the mobile terminal, has a relatively important position in the entire system architecture.
  • a base station generally refers to a "public mobile communication base station", and its role is mainly used to provide signals to mobile terminals such as mobile phones and tablet computers.
  • Base station facilities are not only in the hands of major operators and equipment manufacturers, they can often be seen in major universities, research institutes, and scientific research institutions, which accelerates the frequency of communication technology updates and shortens the commercial development. The transition time, therefore, and with the development of communication technology, the inventor discovered that a pseudo base station appeared.
  • Pseudo base station is a fake base station, which is an illegal base station outside the mobile communication network.
  • the pseudo base station is generally composed of a host computer and a laptop computer, and can be retrieved through a SMS group sender, a SMS sender and other related equipment within a certain radius.
  • Mobile phone card information using the defects of 2G mobile communication, by disguising as the base station of the operator, using the mobile phone number of others to forcibly send short messages such as fraud and advertising to the user's mobile phone.
  • the pseudo base station device is running, the wireless signal sent by the mobile terminal is forced to connect to the device, resulting in the mobile terminal not being able to use the services provided by the operator normally. The mobile terminal will temporarily go offline for 8 to 12 seconds and return to normal.
  • the inventor discovered after long-term research and proposed the pseudo base station identification method, device, mobile terminal, and storage medium provided by the embodiments of the present application, by synthesizing the judgment results of the 4G pseudo base station, 2G pseudo base station, and attacking short messages Determine whether the base station to be accessed is a 4G pseudo base station, improve the judgment accuracy of the 4G pseudo base station and the information security of the mobile terminal.
  • the specific pseudo base station identification method will be described in detail in subsequent embodiments.
  • FIG. 3 is a schematic flowchart of a method for identifying a pseudo base station according to an embodiment of the present application.
  • the pseudo base station identification method is used to determine whether the to-be-accessed base station is a 4G pseudo base station by synthesizing the judgment results of the 4G pseudo base station, the 2G pseudo base station, and the attack short message, so as to improve the judgment accuracy of the 4G pseudo base station and the information security of the mobile terminal.
  • the pseudo base station identification method is applied to the pseudo base station identification device 200 shown in FIG. 8 and the mobile terminal 100 (FIG. 9) configured with the pseudo base station identification device 200. As an example, the specific process of this embodiment will be described.
  • the mobile terminal applied in this embodiment may be a smart phone, a tablet computer, a wearable electronic device, etc., which is not specifically limited herein.
  • the process shown in FIG. 3 will be described in detail below.
  • the pseudo base station identification method may specifically include the following steps:
  • Step S101 During the specified time period, when the mobile terminal detects the first base station to be accessed, it is determined whether the first base station to be accessed is a suspected 4G pseudo base station and a first determination result is obtained.
  • the 4G pseudo base station induces the mobile terminal to reselect, and redirects to the 2G pseudo base station for illegal monitoring and SMS verification code.
  • the process occurs within the time period T. Therefore, in this embodiment, the time period T can be limited To specify the time period, it can be understood that when the time period T is within the specified time period, whether the base station detected by the mobile terminal is a pseudo base station can be detected and judged, when the time period T exceeds the specified time period , The detection of whether the base station detected by the mobile terminal is a pseudo base station can be stopped, or the detection and judgment of whether the detected base station is a pseudo base station can be re-initiated.
  • the network air interface is used to implement information interaction between the mobile terminal and the base station of the mobile communication network, and the information on the network air interface is carried by various logical channels.
  • logical channels are divided into two major categories: traffic channels (TCH, Traffic) and control channels (CCH, Control).
  • TCH mainly transmits services between the network and mobile terminals, such as voice and data.
  • CCH is used For transmitting signaling information and short packet data channels, the broadcast channel (BCH, Broadcast) in CCH is used to transmit information by broadcast, and the broadcast control channel (BCCH, Broadcast) in BCH is used by the base station to Mobile terminals broadcast common information, such as system messages.
  • the mobile terminal can detect the base station by monitoring the broadcast information of the base station, and judge whether the detected base station is a pseudo base station. Specifically, in this embodiment, the mobile terminal detects the base station, and when the mobile terminal detects the first base station to be accessed, determines whether the first base station to be accessed is a suspected 4G pseudo base station and obtains the first judgment As a result, it can be understood that the first judgment result includes: the first base station to be accessed is a suspected 4G pseudo base station or the first base station to be accessed is a non-suspected 4G pseudo base station.
  • the mobile terminal may acquire the broadcast information of the first base station to be accessed, and extract the identification information of the first base station to be accessed from the broadcast information, and determine whether the first base station to be accessed is based on the identification information Suspected 4G pseudo base station.
  • Step S102 When the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects a second base station to be accessed, determine whether the second base station to be accessed is a suspected 2G pseudo base station and obtain the first 2. Judgment result.
  • the first base station to be accessed when it is determined that the first base station to be accessed is a non-suspect 4G pseudo base station, it indicates that the first base station to be accessed is a legal base station or a normal base station.
  • the first base station to be accessed is a mobile communication base station.
  • the mobile terminal may access the first base station to be accessed to ensure the normal network usage of the mobile terminal.
  • the first base station to be accessed may induce the mobile terminal to redirect to the 2G pseudo base station.
  • the mobile terminal when it is determined that the first base station is to be accessed When the incoming base station is a suspected 4G pseudo base station and the mobile terminal detects a new base station, it can determine whether the new base station is a suspected 2G pseudo base station. In this embodiment, when it is determined that the first base station to be accessed is a suspected 4G pseudo base station When the base station and the mobile terminal detect the second base station to be accessed, the mobile terminal can determine whether the second base station to be accessed is a suspected 2G pseudo base station, and obtain a second determination result.
  • the mobile terminal can detect the new base station by detecting the broadcast information of the base station, and determine whether the detected new base station is a pseudo base station. Specifically, in this embodiment, the mobile terminal detects a new base station, and when the mobile terminal detects a second base station to be accessed, it determines whether the second base station to be accessed is a suspected 2G pseudo base station and obtains the first Two judgment results, understandably, the second judgment result includes: the second base station to be accessed is a suspected 2G pseudo base station or the second base station to be accessed is a non-suspected 2G pseudo base station.
  • the mobile terminal may acquire the broadcast information of the second base station to be accessed, and extract the identification information of the second base station to be accessed from the broadcast information, and determine whether the second base station to be accessed is based on the identification information Suspected 2G pseudo base station.
  • the identification information may include a cell location area (TAC, tracking area), a location area code (LAC, location area code), and a cell identification (CID, cell identity) of the second cell corresponding to the second base station to be accessed Therefore, as a way, when detecting the second base station to be accessed, the mobile terminal can calculate the TAC/LAC/CID of the base station cell corresponding to the second base station to be accessed and the mobile terminal’s recently successfully registered The difference between the TAC/LAC/CID of the base station cell. If the difference is greater than the set threshold, it can be determined that the second base station to be accessed detected by the mobile terminal is a suspected 2G pseudo base station.
  • TAC cell location area
  • LAC location area code
  • CID cell identity
  • Step S103 determine whether the mobile terminal receives the attack short message sent by the second base station to be accessed and obtain a third determination result.
  • the second base station to be accessed when it is judged that the second base station to be accessed is a non-suspect 2G pseudo base station, it indicates that the second base station to be accessed is a legal base station or a normal base station. At this time, the mobile terminal can access the second base station to be accessed Or re-detect the 4G base station to ensure the normal use of the mobile terminal network. Conversely, when it is determined that the second base station to be accessed is a suspected 2G pseudo base station, then the second base station to be accessed may send an attack message to the mobile terminal, so it can be determined whether the mobile terminal has received the second The attack short message sent by the base station to be accessed and obtain the third judgment result.
  • the third judgment result may include: the mobile terminal does not receive the short message sent by the second base station to be accessed, the mobile terminal receives the short message sent by the second base station to be accessed but the short message is not an attack short message, or the mobile terminal The short message sent by the second base station to be accessed is received and the short message is an attack short message, etc. It can be understood that when the mobile terminal receives the attack short message sent by the second base station to be accessed, it may be determined that the second base station to be accessed is a 2G pseudo base station; when the mobile terminal does not receive the 2.
  • the second base station to be accessed is a non-2G pseudo base station.
  • Step S104 Based on the first judgment result, the second judgment result, and the third judgment result, determine whether the first base station to be accessed is a 4G pseudo base station.
  • the first to-be-received may be determined based on the first judgment result, the second judgment result, and the third judgment result Whether the incoming base station is a 4G pseudo base station.
  • a voting method may be used to determine whether the first base station to be accessed is a 4G pseudo base station.
  • the second judgment result indicates When the second base station to be accessed is a suspected 2G pseudo base station and the third result indicates that the mobile terminal receives the attack message sent by the second base station to be accessed, it can be considered that the first base station to be accessed induces the mobile terminal to reselect, And it is redirected to the second base station to be accessed for illegal monitoring and short message verification codes. Therefore, it can be determined that the first base station to be accessed is a 4G pseudo base station.
  • the first judgment result indicates that the first base station to be accessed is a suspected 4G pseudo base station
  • the second judgment result indicates that the second base station to be accessed is a suspected 2G pseudo base station
  • the mobile terminal does not receive the second to be accessed
  • the attack message sent by the base station there may be a second base station to be accessed that attacks the mobile terminal by other means. Therefore, the first base station to be accessed may also be regarded as a 4G pseudo base station.
  • other voting methods may also be included, which will not be repeated here.
  • a mobile terminal when a mobile terminal detects a first base station to be accessed within a specified time period, it determines whether the first base station to be accessed is a suspected 4G pseudo base station and obtains the first judgment result.
  • the mobile terminal detects the second base station to be accessed, it is determined whether the second base station to be accessed is a suspected 2G pseudo base station and a second judgment result is obtained to determine the mobile terminal Whether an attack short message sent by a second base station to be accessed is received and a third judgment result is obtained, and based on the first judgment result, the second judgment result, and the third judgment result, it is determined whether the first base station to be accessed is a 4G pseudo base station.
  • the judgment accuracy of the 4G pseudo base station and the information security of the mobile terminal are improved.
  • FIG. 4 is a schematic flowchart of a pseudo base station identification method according to another embodiment of the present application. The process shown in FIG. 4 will be described in detail below.
  • the pseudo base station identification method may specifically include the following steps:
  • Step S201 During the specified time period, when the mobile terminal detects the first base station to be accessed, it is determined whether the first base station to be accessed is a suspected 4G pseudo base station and a first determination result is obtained.
  • Step S202 When the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects a second base station to be accessed, determine whether the second base station to be accessed is a suspected 2G pseudo base station and obtain the first 2. Judgment result.
  • Step S203 determine whether the mobile terminal receives the attack short message sent by the second base station to be accessed and obtain a third determination result.
  • steps S201-S203 please refer to steps S101-S103, which will not be repeated here.
  • Step S204 When the first judgment result is a suspected 4G pseudo base station and the second judgment result is a suspected 2G pseudo base station, determine that the first base station to be accessed is a 4G pseudo base station.
  • the first judgment result and the second judgment result are obtained separately, wherein, when the first judgment result indicates that the first base station to be accessed is a suspected 4G pseudo base station and the second judgment result indicates the second base station to be accessed
  • the first base station to be accessed may be determined to be a 4G pseudo base station. That is, when the first base station to be accessed is a suspected 4G pseudo base station and the second base station to be accessed is a suspected 2G pseudo base station, regardless of whether the mobile terminal receives an attack sent by the second base station to be accessed In the short message, it is determined that the first base station to be accessed is a 4G pseudo base station, and at this time, the third judgment result may no longer be executed.
  • Step S205 When it is determined that the first base station to be accessed is a 4G pseudo base station, the mobile terminal is prohibited from accessing the first base station to be accessed.
  • the mobile terminal may be prohibited from accessing the first base station to be accessed to prevent the mobile terminal from being attacked by the pseudo base station and improve the information security of the mobile terminal .
  • the mobile terminal may be prohibited from accessing the first base station to be accessed, and a warning prompt message is issued to remind the mobile terminal of the corresponding The user pays attention to the attack of 2G short messages.
  • the warning information can be output in the form of voice through the mobile terminal, can be displayed in the form of text through the mobile terminal, or can be output in the form of warning light through the mobile terminal, etc. limited.
  • Step S206 When the first judgment result is a suspected 4G pseudo base station, the second judgment result is a non-suspected 2G pseudo base station and the third judgment result is that the mobile terminal has not received the second to-be-accessed When the attack short message sent by the base station determines that the first base station to be accessed is a non-4G pseudo base station.
  • the first judgment result, the second judgment result, and the third judgment result are obtained respectively, wherein, when the first judgment result indicates that the first base station to be accessed is a suspected 4G pseudo base station, the second judgment result indicates When the second base station to be accessed is a non-suspect 2G pseudo base station and the third judgment result indicates that the mobile terminal has not received the attack short message sent by the second base station to be accessed, it may be determined that the first base station to be accessed is a non-4G pseudo base station .
  • the first base station to be accessed is a suspected 4G pseudo base station
  • the second base station to be accessed is a non-suspected 2G pseudo base station
  • the mobile terminal does not receive an attack message
  • the mobile terminal is in the first Induced by the incoming base station, it is redirected to the second base station to be accessed, but the mobile terminal is not attacked. Therefore, it can be considered that the first base station to be accessed is a non-4G pseudo base station.
  • a mobile terminal when a mobile terminal detects a first base station to be accessed, it determines whether the first base station to be accessed is a suspected 4G pseudo base station and obtains the first Judgment result, when the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects the second base station to be accessed, determine whether the second base station to be accessed is a suspected 2G pseudo base station and obtain a second judgment result, Determine whether the mobile terminal receives the attack short message sent by the second base station to be accessed and obtain a third judgment result.
  • the first judgment result is a suspected 4G pseudo base station and the second judgment result is a suspected 2G pseudo base station
  • determine the first The base station to be accessed is a 4G pseudo base station.
  • the mobile terminal is prohibited from accessing the first base station to be accessed.
  • the first judgment result is a suspected 4G pseudo base station
  • the second judgment result is a non-suspect 2G pseudo base station
  • the third judgment result is that the mobile terminal has not received the attack short message sent by the second base station to be accessed
  • it is determined that the first base station to be accessed is a non-4G pseudo base station.
  • the base station to be accessed is a 4G pseudo base station
  • the mobile terminal is prohibited from accessing the base station to be accessed, thereby improving the security of the mobile terminal information.
  • FIG. 5 is a schematic flowchart of a pseudo base station identification method according to another embodiment of the present application. The process shown in FIG. 5 will be described in detail below.
  • the pseudo base station identification method may specifically include the following steps:
  • Step S301 When the mobile terminal detects the first base station to be accessed, acquire at least two first characteristic information of the first cell corresponding to the first base station to be accessed.
  • the first cell may be regarded as a cell currently serving as a cell to be served by the mobile terminal.
  • the cell has a coverage area, and the coverage area refers to a signal of a first base station to be accessed corresponding to the first cell.
  • the coverage area refers to a signal of a first base station to be accessed corresponding to the first cell.
  • the first cell can be selected as its cell to be served. It can be understood that different base stations may have overlapping areas between coverage areas corresponding to different cells, or may be independent of each other.
  • the first characteristic information of the first cell corresponding to the first base station to be accessed may be used to indicate the current functional status of the first cell, and the first characteristic information may be, for example, priority, signal strength , Minimum access level, receiving relationship configuration, information delivery delay, supported service type, whether to initiate authentication, whether to request to obtain the mobile terminal identification, whether there is mode three interference, whether it has been successfully registered, whether there are multiple peers, etc. Public land mobile network, etc.
  • the cell feature information that can be obtained corresponding to the feature analysis strategy may be different.
  • the acquired Identify the type of feature information of the pseudo base station and perform subsequent feature analysis.
  • the mobile terminal may determine the first cell corresponding to the first base station to be accessed, and obtain first characteristic information of the first cell, where the mobile
  • the number of first feature information acquired by the terminal may be preset by the user or may be preset by the mobile terminal, which is not limited herein, wherein, in this embodiment, the number of first features acquired by the mobile terminal is at least For two.
  • Step S302 Determine at least two first feature values based on the at least two first feature information, and the at least two first feature values correspond one-to-one with the at least two first feature information.
  • At least two first feature values correspond to at least two first feature information, that is to say, each of the at least two first feature values corresponds to a first One feature information.
  • the first eigenvalue is used to quantify the possibility (probability) that the first base station to be accessed to which the first cell belongs is a suspected 4G pseudo base station.
  • multiple feature analysis strategies may be configured locally on the electronic device in advance. Different feature analysis strategies correspond to the analysis of different feature information. After acquiring at least two first feature information of the first cell, Corresponding feature analysis strategies are used to analyze the at least two first feature information, and converted into corresponding first feature values.
  • the value interval of the first feature value may be 0 to 1, and the magnitude of the value may represent the satisfaction degree of the corresponding first feature information to the judgment condition of the suspect 4G pseudo base station, when a certain first feature of the first cell
  • the first feature value of the information is 0, it may indicate that the first feature information does not satisfy the judgment condition of the suspected 4G pseudo base station; when the feature value of the first feature information is 1, it may indicate that the first feature information satisfies the suspected 4G Judgment condition of the pseudo base station.
  • the value of the first characteristic value may also be arbitrary, for example, may be a constant greater than 1, or may be a negative number, etc. This embodiment is not limited herein.
  • the first feature value is 1 and 0, where, when the first feature value is 1, the first feature information corresponding to the first feature value satisfies the determination that it is suspected to be 4G The condition of the pseudo base station. When the first feature value is 0, the first feature information corresponding to the first feature value does not satisfy the condition of determining that the 4G pseudo base station is suspected.
  • the first characteristic information may include at least two of the following: selection priority and signal strength of the first cell; neighbor cell configuration information of the first cell and commonly used cells; physical of the first cell Modular interference information of the cell identity and other cells that meet the specified conditions; the historical tracking area update registration information of the first cell and the peer public land mobile network configuration information of the first cell.
  • a 4G pseudo base station will raise the selection priority of its corresponding cell to the highest and the signal strength of its corresponding cell to the highest, so as to induce the mobile terminal to preferentially automatically select the corresponding 4G pseudo base station
  • the cell serves as the serving cell of the mobile terminal.
  • the first characteristic value of the priority and signal strength of the first cell is 1; when the selection priority of the first cell corresponding to the first base station to be accessed is not the highest and/or signal When the strength is not the maximum, it may be considered that the first cell does not have the condition of a suspected 4G pseudo base station. At this time, the first characteristic value of the priority and signal strength of the first cell may be determined to be 0.
  • the priority and the signal strength of the first The characteristic values are other non-zero and non-zero values.
  • the size of the first characteristic value can be related to the priority level and the signal strength. For example, when the priority is ranked second and the signal strength is ranked first At two, the first characteristic value of the priority and signal strength can be determined to be 0.8, and when the priority is ranked third and the signal strength is ranked third, the first characteristic value of the priority and signal strength can be determined 0.6, and so on.
  • a common cell is a 2G cell and the first cell is a 4G cell. Since the 4G pseudo base station cell is usually temporarily covered, there is no neighboring cell association with the commonly used 2G cell.
  • By pre-recording the neighbor cell configuration of the 2G cell that is normally used, and corresponding to the current first base station to be accessed When a cell is matched, it can reflect to a certain extent whether the current cell has the risk of a suspected 4G pseudo base station cell. Therefore, as a way, you can obtain the neighbor relationship configuration of the common cell, and then determine whether the neighbor relationship configuration of the first cell is included in the neighbor cell configuration.
  • the first cell when the common 2G cell does not have this When the neighbor relationship configuration of the first cell is configured, the first cell may be considered to have the condition of a suspected 4G pseudo base station. At this time, the first characteristic value of the neighbor relationship configuration of the first cell may be determined to be 1; When the 2G cell of the first cell includes the neighbor cell configuration of the first cell, it can be considered that the first cell does not have the condition of a suspected 4G pseudo base station. At this time, the first characteristic value of the neighbor cell configuration of the first cell can be determined 0.
  • the physical cell identifier (PCI) of the 4G pseudo base station cell usually has Mod3 interference with other currently covered cells that satisfy the preset selection condition. Therefore, when the physical cell identifier of the first cell interferes with other currently covered cells satisfying the preset selection condition, the first cell may be considered to have the condition of a suspected 4G pseudo base station.
  • PCI physical cell identifier
  • the first cell may be determined The first characteristic value of the modulo-3 interference of the cell is 1; when the physical cell identifier of the first cell does not have modulo-3 interference with other currently covered cells that meet the preset selection condition, the first cell may be considered as not having Under the condition that the 4G pseudo base station is suspected, at this time, it can be determined that the first characteristic value of the modulo-3 interference of the first cell is 0.
  • the magnitude of the first characteristic value of the modulo-3 interference may also be determined according to the strength of the modulo-3 interference existing in the physical cell identifier of the first cell and other currently covered cells that satisfy the preset selection condition, which is not described here. Repeat again.
  • the 4G pseudo base station cell will perform tracking area update rejection (TAU reject) to redirect the mobile terminal to the 2G pseudo base station. Therefore, the tracking initiated by the 4G pseudo base station cell District update registration may never be successful. Therefore, when the tracking area update registration initiated by the first cell has never been successfully registered, the first cell may be considered to have the condition of a suspected 4G pseudo base station.
  • TAU reject tracking area update rejection
  • the first feature of the tracking area update registration of the first cell may be determined The value is 1; when the tracking area update registration initiated by the first cell is successful, the first cell may not be considered to have the condition of a suspected 4G pseudo base station, and at this time, the first tracking area update registration of the first cell may be determined The characteristic value is 0.
  • the 4G pseudo base station cell is disguised as a legal cell, and usually there are multiple peer public land mobile network (EPLMN) configurations in the system messages it configures to induce electronic equipment Choose it. Therefore, when there are multiple peer-to-peer public land mobile network configurations in the system message of the first cell configuration, the first cell may be considered to have the condition of a suspected 4G pseudo base station, and at this time, the peer of the first cell may be determined
  • the first characteristic value of the public land mobile network configuration is 1, when there are no multiple peer public land mobile network configurations in the system message of the first cell configuration, the first cell may not be considered to have the condition of suspected 4G pseudo base station, At this time, it can be determined that the first characteristic value of the peer public land mobile network configuration of the first cell is 0.
  • the judgment of the suspected 4G pseudo base station may also include other first feature information, which will not be repeated here.
  • Step S303 Perform weighted calculation on the at least two first feature values to obtain a weighted calculated first weight total value.
  • the weights assigned to the first feature values corresponding to different types of first feature information may be the same or different, and the sum of the weights may be 1.
  • each of the five first feature values can be given a weight of 20%
  • the total value of the first weight finally obtained is (20%a+20%b+20%c+20%d+20%e);
  • the five first characteristic values can also be given different weights, for example, A characteristic value a is given 10%, a first characteristic value b is given 15%, a first characteristic value c is given 20%, a first characteristic value d is given 25%, and a first characteristic value e is given 30%.
  • the total value of the first weight is (10%a+15%b+20%c+25%d+30%e).
  • Step S304 Determine whether the first base station to be accessed is a suspected 4G pseudo base station according to the difference between the first total weight value and the first weight threshold.
  • FIG. 6 shows a schematic flowchart of step S304 of the pseudo base station identification method shown in FIG. 5 of the present application.
  • the process shown in FIG. 6 will be described in detail below.
  • the method may specifically include the following steps:
  • Step S3041 determine whether the total value of the first weight is greater than the first weight threshold.
  • Step S3042 When the total value of the first weight is greater than the first weight threshold, determine that the first base station to be accessed is a suspected 4G pseudo base station.
  • the first base station to be accessed is the base station to which the first cell belongs.
  • the first weight threshold can be used for threshold judgment on the obtained total value of the first weight.
  • the first base station to be accessed to which the first cell belongs can be determined as a suspect 4G pseudo base station, that is, the first base station to be accessed detected by the mobile terminal is completed Whether it is the identification of a suspected 4G pseudo base station; if the total value of the first weight does not exceed the first weight threshold, it can be considered that at least two first characteristic information of the first cell do not meet the necessary judgment conditions possessed by the cell of the suspected 4G pseudo base station
  • the first base station to be accessed to which the first cell belongs may be directly determined as a legitimate base station or a normal base station according to the size of the first total weight.
  • Step S305 When the first base station to be accessed is a 4G suspected pseudo base station and the mobile terminal detects the second base station to be accessed, obtain the second cell corresponding to the second base station to be accessed At least two second characteristic information.
  • Step S306 Determine at least two second feature values based on the at least two second feature information, and the at least two second feature values correspond one-to-one with the at least two second feature information.
  • Step S307 performing weighted calculation on the at least two second feature values to obtain a weighted calculated second weight total value.
  • Step S308 Determine whether the second base station to be accessed is a suspected 2G pseudo base station according to the difference between the second total weight value and the second weight threshold.
  • FIG. 7 is a schematic flowchart of step S308 of the pseudo base station identification method shown in FIG. 5 of the present application.
  • the process shown in FIG. 7 will be described in detail below.
  • the method may specifically include the following steps:
  • Step S3081 determine whether the total value of the second weight is greater than the second weight threshold.
  • Step S3082 When the total value of the second weight is greater than the second weight threshold, determine that the second base station to be accessed is a suspected 2G pseudo base station.
  • steps S305-S308 please refer to steps S301-S304.
  • the detection method of the suspected 2G pseudo base station may be similar to the detection method of the suspected 4G pseudo base station, which will not be repeated here.
  • Step S309 Determine whether the mobile terminal receives the short message sent by the second base station to be accessed.
  • it may be first monitored whether the mobile terminal receives the short message, and when the mobile terminal receives the short message, analyze the source of the short message to determine whether the short message is sent by the second base station to be accessed.
  • Step S310 When the mobile terminal receives a short message sent by the second base station to be accessed, the short message is input to a machine learning model stored locally in the mobile terminal to obtain the third judgment result, the The machine learning model is used to identify whether the short message is an attack short message.
  • the mobile terminal when it is determined that the mobile terminal receives the short message sent by the second base station to be accessed, it may be determined whether the short message is an attack short message. Specifically, the mobile terminal locally stores a machine learning model, where the machine learning model is used to identify whether the short message is an attack short message. As a way, the machine learning model can be generated in advance on the server using typical text training and generated After transmission to the mobile terminal, keep it locally. Of course, the machine learning model can be updated in real time on the server, and then transmitted to the mobile terminal to update the locally stored machine learning module after the update is completed. Understandably, by using the machine The learning model is stored locally, so that the SMS can be verified locally, avoiding the remote transmission of personal information, and ensuring information security.
  • the short message when the mobile terminal receives the short message sent by the second base station to be accessed, the short message can be input to a machine learning model stored locally in the mobile terminal, that is, input to the local analysis and recognition engine to output the first Three judgment results, so that it can be determined whether the mobile terminal receives the attack short message sent by the second base station to be accessed.
  • Step S311 Based on the first judgment result, the second judgment result, and the third judgment result, determine whether the first base station to be accessed is a 4G pseudo base station.
  • step S311 For the specific description of step S311, please refer to step S104, which will not be repeated here.
  • a mobile terminal when a mobile terminal detects a first base station to be accessed, it acquires at least two first characteristic information of a first cell corresponding to the first base station to be accessed, based on the At least two first feature information determine at least two first feature values, perform weighted calculation on the at least two first feature values, obtain a weighted calculated first weight total value, and according to the first weight total value and the first weight threshold The difference of determines whether the first base station to be accessed is a suspected 4G pseudo base station.
  • the mobile terminal detects the second base station to be accessed, acquiring at least two characteristic information of the second cell corresponding to the second base station to be accessed, based on the at least two
  • the two second feature information determine at least two second feature values, perform weighted calculation on the at least two second feature values, and obtain a weighted calculated second weight total value, according to the second weight total value and the second weight threshold
  • the difference determines whether the second base station to be accessed is a suspected 2G pseudo base station.
  • the mobile terminal Determine whether the mobile terminal receives the short message sent by the second base station to be accessed, and when the mobile terminal receives the short message sent by the second base station to be accessed, input the short message into a machine learning model stored locally in the mobile terminal to obtain the third
  • it is determined whether the first base station to be accessed is a 4G pseudo base station based on the determination of the first base station to be accessed, the second base station to be accessed, and the received short message.
  • the 4G pseudo base station and the 2G pseudo base station are judged by the weighting method, and the received short message is judged by the machine learning model to further improve the judgment accuracy of the pseudo base station and reduce The probability of the mobile terminal accessing the pseudo base station.
  • FIG. 8 shows a block diagram of a pseudo base station identification device 200 provided by an embodiment of the present application.
  • the pseudo base station identification device 200 is applied to the above mobile terminal, and the block diagram shown in FIG. 8 will be described below.
  • the pseudo base station identification device 200 includes: a first judgment module 210, a second judgment module 220, and a third judgment module 230 and the determination module 240, wherein:
  • the first determining module 210 is configured to determine whether the first base station to be accessed is a suspected 4G pseudo base station and obtain a first determination result when the mobile terminal detects the first base station to be accessed within a specified time period . Further, the first judgment module 210 includes: a first feature information acquisition sub-module, a first feature value acquisition sub-module, a first weight total value acquisition sub-module, and a 4G pseudo base station determination sub-module, wherein:
  • a first feature information obtaining submodule configured to obtain at least two first feature information of the first cell corresponding to the first base station to be accessed when the mobile terminal detects the first base station to be accessed .
  • a first feature value acquisition submodule configured to determine at least two first feature values based on the at least two first feature information, the at least two first feature values and the at least two first feature information one-to-one correspond.
  • the first eigenvalue acquisition submodule includes: a first eigenvalue determination unit, a neighbor relationship configuration acquisition unit, a second eigenvalue determination unit, a third eigenvalue determination unit, a fourth eigenvalue determination unit, and a third Five eigenvalue determination units, including:
  • a first characteristic value determining unit used when the selection priority of the first cell is the highest priority among all cells currently covered, and the signal strength of the first cell is the highest signal among all cells currently covered In the case of strength, the first characteristic value of determining the priority and signal strength of the first cell is 1.
  • the neighbor relationship configuration acquisition unit is configured to acquire the neighbor relationship configuration of the common cell.
  • the second characteristic value determining unit is configured to determine that the first characteristic value of the neighbor cell relationship configuration of the first cell is 1 when the neighbor cell relationship configuration of the first cell is not included in the neighbor cell relationship configuration.
  • a third eigenvalue determining unit configured to determine that the first eigenvalue of modulo-3 interference corresponding to the first cell is 1 when the physical cell identifier of the first cell and other cells satisfying the specified condition have modulo-3 interference .
  • the third characteristic value determining unit includes: a third characteristic value determining subunit, wherein:
  • a third eigenvalue determining subunit configured to determine the first eigenvalue of the modulo-3 interference of the first cell when the physical cell identifier of the first cell and other cells satisfying the lowest signal strength have modulo-3 interference 1.
  • the fourth characteristic value determining unit is configured to determine that the first characteristic value of the tracking area update registration of the first cell is 1 when the tracking area update registration initiated by the first cell has never been successfully registered.
  • a fifth characteristic value determining unit configured to determine the first characteristic of the peer public land mobile network configuration of the first cell when there are multiple peer public land mobile network configurations in the system message of the first cell configuration The value is 1.
  • the first weight total value obtaining sub-module is used to perform weighted calculation on the at least two first feature values to obtain a weighted calculated first weight total value.
  • the 4G pseudo base station determining sub-module is configured to determine whether the first base station to be accessed is a suspected 4G pseudo base station according to the difference between the first total weight value and the first weight threshold. Further, the 4G pseudo base station determination submodule includes: a first weight total value judgment unit and a 4G pseudo base station determination unit, wherein:
  • the first total weight determination unit is configured to determine whether the first total weight value is greater than the first weight threshold.
  • the 4G pseudo base station determining unit is configured to determine that the first base station to be accessed is a suspected 4G pseudo base station when the total value of the first weight is greater than the first weight threshold.
  • the second determination module 220 is used to determine whether the second base station to be accessed is suspected to be 2G when the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects the second base station to be accessed Pseudo base station and obtain the second judgment result. Further, the second judgment module 220 includes: a second feature information acquisition sub-module, a second feature value acquisition sub-module, a second weight total value acquisition sub-module, and a 2G pseudo base station determination sub-module, wherein:
  • a second feature information obtaining submodule configured to obtain the second base station to be accessed when the first base station to be accessed is a 4G suspected pseudo base station and the mobile terminal detects the second base station to be accessed At least two second characteristic information of the corresponding second cell.
  • a second feature value acquisition submodule configured to determine at least two second feature values based on the at least two second feature information, the at least two second feature values and the at least two second feature information one-to-one correspond.
  • the second weight total value obtaining submodule is configured to perform weighted calculation on the at least two second feature values to obtain a weighted calculated second weight total value. Further, the second weight total value obtaining submodule includes: a second weight total value judgment unit and a 2G pseudo base station determination unit, wherein: a second weight total value judgment unit and a 2G pseudo base station determination unit, wherein:
  • the second total weight determination unit is configured to determine whether the second total weight value is greater than the second weight threshold.
  • the 2G pseudo base station determining unit is configured to determine that the second base station to be accessed is a suspected 2G pseudo base station when the total value of the second weight is greater than the second weight threshold.
  • the 2G pseudo base station determining submodule is configured to determine whether the second base station to be accessed is a suspected 2G pseudo base station according to the difference between the total value of the second weight and the second weight threshold.
  • the third judgment module 230 is configured to judge whether the mobile terminal receives the attack short message sent by the second base station to be accessed and obtain a third judgment result. Further, the third judgment module includes: a short message judgment sub-module and a short message verification sub-module, wherein:
  • the short message determination sub-module is used to determine whether the mobile terminal receives the short message sent by the second base station to be accessed.
  • the short message verification sub-module is used to input the short message into the local machine learning model stored in the mobile terminal when the mobile terminal receives the short message sent by the second to-be-accessed base station to obtain the third judgment
  • the machine learning model is used to identify whether the short message is an attack short message.
  • the determining module 240 is configured to determine whether the first base station to be accessed is a 4G pseudo base station based on the first judgment result, the second judgment result, and the third judgment result. Further, the determination module 240 includes:
  • the first determining submodule is configured to determine that the first base station to be accessed is a 4G pseudo base station when the first judgment result is a suspected 4G pseudo base station and the second judgment result is a suspected 2G pseudo base station.
  • a second determination submodule used when the first judgment result is a suspected 4G pseudo base station, the second judgment result is a non-suspected 2G pseudo base station and the third judgment result is that the mobile terminal has not received the
  • the attack short message sent by the second base station to be accessed determines that the first base station to be accessed is a non-4G pseudo base station.
  • the pseudo base station identification device 200 further includes: a prohibition module, wherein:
  • the prohibition module is configured to prohibit the mobile terminal from accessing the first base station to be accessed when it is determined that the first base station to be accessed is a 4G pseudo base station. Further, the prohibition module includes: a prohibition submodule, wherein:
  • the prohibition sub-module is configured to prohibit the mobile terminal from accessing the first base station to be accessed and issue warning information when it is determined that the first base station to be accessed is a 4G pseudo base station.
  • the coupling between the modules may be electrical, mechanical, or other forms of coupling.
  • each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module.
  • the above integrated modules may be implemented in the form of hardware or software function modules.
  • FIG. 9 shows a structural block diagram of a mobile terminal 100 provided by an embodiment of the present application.
  • the mobile terminal 100 may be a mobile terminal capable of running application programs such as a smart phone, a tablet computer, and an e-book.
  • the mobile terminal 100 in this application may include one or more of the following components: a processor 110, a memory 120, and one or more application programs, where one or more application programs may be stored in the memory 120 and configured to be configured by one Executed by one or more processors 110, and one or more programs are configured to execute the method as described in the foregoing method embodiments.
  • the processor 110 may include one or more processing cores.
  • the processor 110 connects various parts of the entire mobile terminal 100 using various interfaces and lines, executes or executes instructions, programs, code sets or instruction sets stored in the memory 120, and calls data stored in the memory 120 to execute Various functions and processing data of the mobile terminal 100.
  • the processor 110 may adopt at least one of digital signal processing (Digital Signal Processing, DSP), field programmable gate array (Field-Programmable Gate Array, FPGA), programmable logic array (Programmable Logic Array, PLA) Various hardware forms.
  • the processor 110 may integrate one or a combination of one of a central processing unit (Central Processing Unit, CPU), a graphics processing unit (Graphics Processing Unit, GPU), and a modem.
  • CPU Central Processing Unit
  • GPU Graphics Processing Unit
  • modem modem
  • CPU mainly deals with operating system, user interface and application program, etc.
  • GPU is used for rendering and rendering of display content
  • modem is used for handling wireless communication. It can be understood that the above-mentioned modem may not be integrated into the processor 110, and may be implemented by a communication chip alone.
  • the memory 120 may include random access memory (RAM) or read-only memory (Read-Only Memory).
  • the memory 120 may be used to store instructions, programs, codes, code sets, or instruction sets.
  • the memory 120 may include a storage program area and a storage data area, where the storage program area may store instructions for implementing an operating system and instructions for implementing at least one function (such as a touch function, a sound playback function, an image playback function, etc.) , Instructions for implementing the following method embodiments.
  • the storage data area may also store data created by the terminal 100 in use (such as a phone book, audio and video data, and chat history data).
  • FIG. 10 shows a structural block diagram of a computer-readable storage medium provided by an embodiment of the present application.
  • the computer readable medium 300 stores program codes, and the program codes can be called by a processor to execute the method described in the above method embodiments.
  • the computer-readable storage medium 300 may be an electronic memory such as flash memory, EEPROM (Electrically Erasable Programmable Read Only Memory), EPROM, hard disk, or ROM.
  • the computer-readable storage medium 300 includes a non-transitory computer-readable storage medium.
  • the computer-readable storage medium 300 has a storage space for the program code 310 to perform any of the method steps described above. These program codes can be read from or written into one or more computer program products.
  • the program code 310 may be compressed in an appropriate form, for example.
  • the pseudo base station identification method, device, mobile terminal and storage medium determine that the first terminal to be accessed when the mobile terminal detects the first base station to be accessed within a specified period of time Whether it is a suspected 4G pseudo base station and obtains the first judgment result, when the first base station to be accessed is a suspected 4G pseudo base station and the mobile terminal detects a second base station to be accessed, it is determined whether the second base station to be accessed is a suspected 2G Pseudo base station and obtain the second judgment result, judge whether the mobile terminal receives the attack short message sent by the second base station to be accessed and obtain the third judgment result, based on the first judgment result, the second judgment result and the third judgment result Determine whether the first base station to be accessed is a 4G pseudo base station, so as to determine whether the base station to be accessed is a 4G pseudo base station by synthesizing the judgment results of the 4G pseudo base station, the 2G pseudo base station and the attack message,

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本申请实施例公开了一种伪基站识别方法、装置、移动终端以及存储介质。在指定时间段内,当移动终端探测到第一待接入基站时,判断第一待接入基站是否为疑似4G伪基站并获得第一判断结果,当第一待接入基站为疑似4G伪基站且该移动终端探测到第二待接入基站时,判断第二待接入基站是否为疑似2G伪基站并获得第二判断结果,判断该移动终端是否接收到第二待接入基站发送的攻击短信并获得第三判断结果,基于该第一判断结果、第二判断结果以及第三判断结果,确定该第一待接入基站是否为4G伪基站。本实施例通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。

Description

伪基站识别方法、装置、移动终端以及存储介质 技术领域
本申请涉及移动终端技术领域,更具体地,涉及一种伪基站识别方法、装置、移动终端以及存储介质。
背景技术
“伪基站”即假基站,伪基站一般由主机和笔记本电脑组成,通过短信群发器、短信发信机等相关设备能够搜取以其为中心、一定半径范围内的手机卡信息,利用移动通信的缺陷,通过伪装成运营商的基站,冒用他人手机号码强行向用户手机发送诈骗、广告推销等短信息。
发明内容
鉴于上述问题,本申请提出了一种伪基站识别方法、装置、移动终端以及存储介质,以解决上述问题。
第一方面,本申请实施例提供了一种伪基站识别方法,应用于移动终端,所述方法包括:在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果;当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果;判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果;基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
第二方面,本申请实施例提供了一种伪基站识别装置,应用于移动终端,所述装置包括:第一判断模块,用于在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果;第二判断模块,用于当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果;第三判断模块,用于判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果;确定模块,用于基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
第三方面,本申请实施例提供了一种移动终端,包括:存储器;一个或多个处理器,与所述存储器耦接;一个或多个程序,其中,所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个程序配置用于执行上述方法。
第四方面,本申请实施例提供了一种计算机可读取存储介质,所述计算机可读取存储介质中存储有程序代码,所述程序代码可被处理器调用执行上述方法。
本申请实施例提供的伪基站识别方法、装置、移动终端以及存储介质,在指定时间段内,当移动终端探测到第一待接入基站时,判断第一待接入基站是否为疑似4G伪基站并获得第一判断结果,当第一待接入基站为疑似4G伪基站且该移动终端探测到第二待接入基站时,判断第二待接入基站是否为疑似2G伪基站并获得第二判断结果,判断该移动终端是否接收到第二待接入基站发送的攻击短信并获得第三判断结果,基于该第一判断结果、第二判断结果以及第三判断结果,确定该第一待接入基站是否为4G伪基站,从而通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。
附图说明
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它 的附图。
图1示出了本申请实施例提供的一种移动通信网络的系统架构示意图;
图2示出了本申请实施例提供的另一种移动通信网络的系统架构示意图;
图3示出了本申请一个实施例提供的伪基站识别方法的流程示意图;
图4示出了本申请又一个实施例提供的伪基站识别方法的流程示意图;
图5示出了本申请再一个实施例提供的伪基站识别方法的流程示意图;
图6示出了本申请的图5所示的伪基站识别方法的步骤S304的流程示意图;
图7示出了本申请的图5所示的伪基站识别方法的步骤S308的流程示意图;
图8示出了本申请实施例提供的伪基站识别装置的模块框图;
图9示出了本申请实施例用于执行根据本申请实施例的伪基站识别方法的电子设备的框图;
图10示出了本申请实施例的用于保存或者携带实现根据本申请实施例的伪基站识别方法的程序代码的存储单元。
具体实施方式
为了使本技术领域的人员更好地理解本申请方案,下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述。
随着移动通信技术的长足发展,移动通信已经经历了2G、3G以及4G等多个版本的发展。而不论是早期2G时代的GSM(Global System for Mobile Communication)移动通信系统或者CDMA(Code Division Multiple Access)通信系统,还是到了后面4G时代的LTE(long term evolution,长期演进)系统架构,基站都是比较重要的一个通信设备。
例如,如图1所示的2G移动通信系统架构示意图。基站BTS(base transceiver station)作为移动通信通路的接入设备与BSC(Base Station Controller)连接,然后BSC再与MSC(mobile switching center,移动交换中心)连接。再例如图2所示的4G移动通信系统架构示意图。基站eNB(evolved node B)与MME(Mobility Management Entity)连接,而MME与服务网关Serving Gateway连接。可以从图1和图2看出,在移动通信系统中,基站作为直接与移动终端建立连接的设备,在整个系统架构中有着比较重要的地位。基站,一般是指“公用移动通信基站”,其作用主要用于给手机、平板电脑等移动终端提供信号。基站设施并不仅仅掌握在各大运营商与设备厂商的手中,各大高校、研究所、科研机构中经常可以看到它们的身影,这加速了通信技术更新换代的频率以及缩短了商用开发的过渡时间,因此,而随着通信技术的发展,发明人发现出现了伪基站。
伪基站即假基站,是移动通信网络之外的非法基站,伪基站一般由主机和笔记本电脑组成,通过短信群发器、短信发信机等相关设备能够搜取以其为中心、一定半径范围内的手机卡信息,利用2G移动通信的缺陷,通过伪装成运营商的基站,冒用他人手机号码强行向用户手机发送诈骗、广告推销等短信息。伪基站设备运行时,移动终端发送的无线信号被强制连接到该设备上,导致移动终端无法正常使用运营商提供的服务,移动终端一般会暂时脱网8~12秒后恢复正常,部分移动终端则必须开关机才能重新入网。此外,它还会导致移动终端用户频繁地更新位置,使得该区域的无线网络资源紧张并出现网络拥塞现象,影响用户的正常通信。另外,伪基站还存在干扰周边电磁环境,容易使用户陷入骗局,严重威胁国家安全等问题。
目前,大部分的公用电信网络主要是4G网络,但是,发明人经过调查研究发现,存在一种新型的4G伪基站攻击是一种潜在的风险,其危害要大于单纯的2G伪基站的危害。
具体地,由于在4G通信中,LTE协议需要双向鉴权,目前尚未存在有完全意义上的接入和注册型伪基站,但是,存在一种典型的4G伪基站利用SRB1(SRB,signalling radio bearers,信令无线承载)不需要进行鉴权的协议漏洞特征,在SRB2和DRB(data resource bearer,数据承载)发生前设立4G伪基站,诱发移动终端发起重选,在进行identity  request/response(身份请求/响应)之后,再进行TAU(tracking area update,跟踪区更新)reject和RRC(radio resource control,无线资源控制)release redirect(重定向)信令,把终端重定向到2G伪基站进行非法监控和短信验证码等行为。
针对上述问题,发明人经过长期的研究发现,并提出了本申请实施例提供的伪基站识别方法、装置、移动终端以及存储介质,通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。其中,具体的伪基站识别方法在后续的实施例中进行详细的说明。
实施例
请参阅图3,图3示出了本申请一个实施例提供的伪基站识别方法的流程示意图。所述伪基站识别方法用于通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。在具体的实施例中,所述伪基站识别方法应用于如图8所示的伪基站识别装置200以及配置有所述伪基站识别装置200的移动终端100(图9),下面将以移动终端为例,说明本实施例的具体流程,当然,可以理解的,本实施例所应用的移动终端可以为智能手机、平板电脑、穿戴式电子设备等,在此不做具体的限定。下面将针对图3所示的流程进行详细的阐述,所述伪基站识别方法具体可以包括以下步骤:
步骤S101:在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果。
其中,4G伪基站诱发移动终端发生重选,并重定向到2G伪基站进行非法监控和短信验证码等过程是在时间段T内发生的,因此,在本实施例中,可以限定该时间段T为指定时间段,可以理解的,在该时间段T在指定时间段内时,可以对移动终端所探测到的基站是否为伪基站进行检测并判断,当该时间段T超过该指定时间段时,可以停止对移动终端所探测到的基站是否为伪基站进行检测,或者重新发起对所探测到的基站是否为伪基站的检测并判断。
通常,网络空中接口用于实现移动终端和移动通信网络的基站之间的信息交互,并且网络空中接口上的信息由各种逻辑信道承载。其中,逻辑信道分为业务信道(TCH,Traffic Channel)和控制信道(CCH,Control Channel)两大类,其中,TCH主要在网络和移动终端间的传送业务,如语音、数据等;CCH是用于传送信令信息和短的分组数据的信道,CCH中广播信道(BCH,Broadcast Channel)用于通过广播的方式传输信息,在BCH中的广播控制信道(BCCH,Broadcast Control Channel)用于基站向移动终端广播公用的信息,例如系统消息等。
因此,移动终端可以通过监测基站的广播信息的方式对基站进行探测,并对所探测到的基站是否为伪基站进行判断。具体地,于本实施例中,移动终端对基站进行探测,并且当该移动终端探测到第一待接入基站时,判断该第一待接入基站是否为疑似4G伪基站并获取第一判断结果,可以理解的,该第一判断结果包括:该第一待接入基站为疑似4G伪基站或该第一待接入基站为非疑似4G伪基站。具体地,移动终端可以获取该第一待接入基站的广播信息,并从该广播信息中提取该第一待接入基站的标识信息,通过该标识信息判断该第一待接入基站是否为疑似4G伪基站。
步骤S102:当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果。
进一步地,当判断该第一待接入基站为非疑似4G伪基站时,表征该第一待接入基站为合法基站或正常基站,例如,该第一待接入基站为移动通信基站,此时,所述移动终端可以接入该第一待接入基站,以保证移动终端的正常用网。相反的,当判断该第一待接入基站为疑似4G伪基站时,那么,该第一待接入基站可能会诱发该移动终端重定向到2G伪基站,因此,当确定该第一待接入基站为疑似4G伪基站且该移动终端探测到新的基站时,可以判断该新的基站是否为疑似2G伪基站,在本实施例中,当确定该第一待接入基站为疑似4G伪基 站且该移动终端探测到第二待接入基站时,移动终端可以判断该第二待接入基站是否为疑似2G伪基站,并获得第二判断结果。
同样的,移动终端可以检测基站的广播信息的方式对基站进行新的基站进行探测,并对所探测到的新的基站是否为伪基站进行判断。具体地,在本实施例中,移动终端对新的基站进行探测,并且当该移动终端探测到第二待接入基站时,判断该第二待接入基站是否为疑似2G伪基站并获取第二判断结果,可以理解的,该第二判断结果包括:该第二待接入基站为疑似2G伪基站或该第二待接入基站为非疑似2G伪基站。具体地,移动终端可以获取该第二待接入基站的广播信息,并从该广播信息中提取该第二待接入基站的标识信息,通过该标识信息判断该第二待接入基站是否为疑似2G伪基站。
其中,该标识信息可以包括该第二待接入基站所对应的第二小区的小区位置区(TAC,tracking area)、位置区码(LAC,location area code)、小区标示(CID,cell identity)等,因此,作为一种方式,移动终端在探测到第二待接入基站时,可以计算该第二待接入基站所对应的基站小区的TAC/LAC/CID与移动终端最近成功注册过的基站小区的TAC/LAC/CID之间的差值,如果该差值大于设定门限,则可以确定该移动终端所探测到的第二待接入基站为疑似2G伪基站。
步骤S103:判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果。
进一步地,当判断该第二待接入基站为非疑似2G伪基站时,表征该第二待接入基站为合法基站或正常基站,此时,移动终端可以接入该第二待接入基站或者重新探测4G基站,以保证移动终端的正常用网。相反的,当判断该第二待接入基站为疑似2G伪基站时,那么,该第二待接入基站可能会发送攻击短信到移动终端,因此,可以判断该移动终端是否接收到该第二待接入基站发送的攻击短信并获得第三判断结果。具体地,该第三判断结果可以包括:移动终端没有接收到第二待接入基站发送的短信、移动终端接收到第二待接入基站发送的短信但该短信不是攻击短信、或该移动终端接收到第二待接入基站发送的短信且该短信是攻击短信等。可以理解的,当所述移动终端接收到所述第二待接入基站发送的攻击短信时,可以确定该第二待接入基站为2G伪基站;当所述移动终端没有接收到所述第二待接入基站发送的短信,或该移动终端接收到第二待接入基站发送的短信但该短信不是攻击短息时,可以确定该第二待接入基站为非2G伪基站。
步骤S104:基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
在本实施例中,在分别获取所述第一判断结果、第二判断结果以及第三判断结果后,可以基于该第一判断结果、第二判断结果以及第三判断结果确定该第一待接入基站是否为4G伪基站。作为一种方式,可以采用投票法确定该第一待接入基站是否为4G伪基站,具体地,当第一判断结果表征该第一待接入基站为疑似4G伪基站、第二判断结果表征该第二待接入基站为疑似2G伪基站且第三结果表征该移动终端接收到第二待接入基站发送的攻击短信时,可以认为该第一待接入基站诱导移动终端发生重选,并重定向到第二待接入基站进行非法监控和短信验证码等过程,因此,可以确定该第一待接入基站为4G伪基站。另外,当第一判断结果表征该第一待接入基站为疑似4G伪基站、第二判断结果表征该第二待接入基站为疑似2G伪基站,但移动终端没有接收到第二待接入基站发送的攻击短信时,可能存在第二待接入基站通过其他方式攻击移动终端,因此,同样可以认为第一待接入基站为4G伪基站。当然,在本实施例中,还可以包括其他投票方式,在此不再赘述。
本申请实施例提供的伪基站识别方法,在指定时间段内,当移动终端探测到第一待接入基站时,判断第一待接入基站是否为疑似4G伪基站并获得第一判断结果,当第一待接入基站为疑似4G伪基站且该移动终端探测到第二待接入基站时,判断第二待接入基站是否为疑似2G伪基站并获得第二判断结果,判断该移动终端是否接收到第二待接入基站发送的攻击短信并获得第三判断结果,基于该第一判断结果、第二判断结果以及第三判 断结果,确定该第一待接入基站是否为4G伪基站,从而通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。
请参阅图4,图4示出了本申请又一个实施例提供的伪基站识别方法的流程示意图。下面将针对图4所示的流程进行详细的阐述,所述伪基站识别方法具体可以包括以下步骤:
步骤S201:在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果。
步骤S202:当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果。
步骤S203:判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果。
其中,步骤S201-步骤S203的具体描述请参阅步骤S101-步骤S103,在此不再赘述。
步骤S204:当所述第一判断结果为疑似4G伪基站且所述第二判断结果为疑似2G伪基站时,确定所述第一待接入基站为4G伪基站。
作为一种方式,分别获取第一判断结果和第二判断结果,其中,当第一判断结果表征该第一待接入基站为疑似4G伪基站且第二判断结果表征该第二待接入基站为疑似2G伪基站时,可以确定该第一待接入基站为4G伪基站。也就是说,当所述第一待接入基站为疑似4G伪基站且所述第二待接入基站为疑似2G伪基站时,不管该移动终端是否接收到第二待接入基站发送的攻击短信,都确定该第一待接入基站为4G伪基站,此时,可以不再执行获取第三判断结果。
步骤S205:当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站。
进一步地,当确定该第一待接入基站为4G伪基站时,可以禁止该移动终端接入该第一待接入基站,以避免移动终受到伪基站的攻击,提升移动终端的信息安全性。另外,作为一种方式,当确定该第一待接入基站为4G伪基站时,可以禁止该移动终端接入该第一待接入基站,并且发出预警提示信息,以提示移动终端所对应的用户注意2G短信的攻击,其中,该预警提示信息可以通过移动终端以语音的形式输出、可以通过移动终端以文本的形式展示、也可以通过移动终端以警示灯的形式输出等,在此不做限定。
步骤S206:当所述第一判断结果为疑似4G伪基站,所述第二判断结果为非疑似2G伪基站且所述第三判断结果为所述移动终端没有接收到所述第二待接入基站发送的攻击短信时,确定所述第一待接入基站为非4G伪基站。
作为另一种方式,分别获取第一判断结果、第二判断结果以及第三判断结果,其中,当该第一判断结果表征该第一待接入基站为疑似4G伪基站,第二判断结果表征该第二待接入基站为非疑似2G伪基站且第三判断结果表征移动终端没有接收到第二待接入基站发送的攻击短信时,可以确定该第一待接入基站为非4G伪基站。也就是说,当所述第一待接入基站为疑似4G伪基站,第二待接入基站为非疑似2G伪基站且移动终端没有接收到攻击短信时,表征虽然移动终端在第一待接入基站的诱发下重定向到第二待接入基站,但是该移动终端没有受到攻击,因此,可以认为该第一待接入基站为非4G伪基站。
本申请又一个实施例提供的伪基站识别方法,在指定时间段内,当移动终端探测到第一待接入基站时,判断该第一待接入基站是否为疑似4G伪基站并获得第一判断结果,当第一待接入基站为疑似4G伪基站且该移动终端探测到第二待接入基站时,判断该第二待接入基站是否为疑似2G伪基站并获得第二判断结果,判断移动终端是否接收到第二待接入基站发送的攻击短信并获得第三判断结果,当该第一判断结果为疑似4G伪基站且第二判断结果为疑似2G伪基站时,确定该第一待接入基站为4G伪基站,当确定该第一待接入基站为4G伪基站时,禁止该移动终端接入该第一待接入基站,当第一判断结果为疑 似4G伪基站,第二判断结果为非疑似2G伪基站且第三判断结果为移动终端没有接收到第二待接入基站发送的攻击短信时,确定该第一待接入基站为非4G伪基站。相较于图3所示的伪基站识别方法,本实施例还在确定待接入基站为4G伪基站时,禁止移动终端接入该待接入基站,提升移动终端信息安全。
请参阅图5,图5示出了本申请再一个实施例提供的伪基站识别方法的流程示意图。下面将针对图5所示的流程进行详细的阐述,所述伪基站识别方法具体可以包括以下步骤:
步骤S301:当所述移动终端探测到所述第一待接入基站时,获取所述第一待接入基站所对应的第一小区的至少两个第一特征信息。
其中,该第一小区,可以认为是当前作为移动终端的待服务小区的小区,该小区具有一个覆盖区域,该覆盖区域是指与该第一小区对应的第一待接入基站的信号所能覆盖的区域,当移动终端位于该覆盖区域时,即可选择该第一小区作为其待服务小区。可以理解的,不同的基站对应不同的小区的覆盖区域之间可以具有重叠区域,也可以是相互独立的。
在本实施例中,第一待接入基站对应的第一小区的第一特征信息,可以用于表示该第一小区当前的各项功能状态,第一特征信息可以是例如优先级、信号强度、最小接入电平、领取关系配置、信息下发延时、支持业务类型、是否发起鉴权、是否请求获取移动终端标识、是否存在模三干扰、是否成功注册过、是否存在多家对等公用陆地移动网络等。
可以理解的,根据预先配置的特征分析策略的不同,可以获取的对应于特征分析策略的小区特征信息可以是不同的,通过扩展配置于移动终端本地的特征分析策略,可以扩展其获取的用于识别伪基站的特征信息的种类,并进行后续的特征分析。具体地,当所述移动终端探测到该第一待接入基站时,可以确定该第一待接入基站所对应的第一小区,并获取该第一小区的第一特征信息,其中,移动终端获取的第一特征信息的数量可以由用户预先设定、也可以由移动终端预先设定,在此不做限定,其中,在本实施例中,该移动终端获取的第一特征的数量至少为两个。
步骤S302:基于所述至少两个第一特征信息确定至少两个第一特征值,所述至少两个第一特征值与所述至少两个第一特征信息一一对应。
在本实施例中,至少两个第一特征值与至少两个第一特征信息一一对应,也就是说,该至少两个第一特征值中的每个第一特征值均对应有一个第一特征信息。其中,该第一特征值用于量化表征第一小区所属的第一待接入基站为疑似4G伪基站的可能性(概率)。在一些实施方式中,可以预先在电子设备本地配置多种特征分析策略,不同的特征分析策略对应于不同的特征信息的分析,当获取第一小区的至少两个第一特征信息后,即可对该至少两个第一特征信息分别采用对应的特征分析策略进行分析,并转换为对应的第一特征值。
作为一种方式,第一特征值的取值区间可以是0至1,数值的大小可以表征对应第一特征信息对疑似4G伪基站判定条件的满足程度,当第一小区的某一第一特征信息的第一特征值为0时,可以表示该第一特征信息不满足疑似4G伪基站的判定条件;当该第一特征信息的特征值为1时,可以表示该第一特征信息满足疑似4G伪基站的判定条件。可以理解的是,在其他可能的实施方式中,第一特征值的取值还可以是任意的,例如可以是大于1的常数,也可以是负数等,本实施例在此不作限定。可选的,在本实施例中,以第一特征值为1和0进行说明,其中,当第一特征值为1时,表征该第一特征值对应的第一特征信息满足判定为疑似4G伪基站的条件,当第一特征值为0时,表征该第一特征值对应的第一特征信息不满足判定位疑似4G伪基站的条件。
具体地,该第一特征信息可以包括以下至少两种:所述第一小区的选择优先级和信号强度;所述第一小区与常用小区的邻区关系配置信息;所述第一小区的物理小区标识与其他满足指定条件的小区的模三干扰信息;所述第一小区的历史跟踪区更新注册信息以及所述第一小区的对等公用陆地移动网络配置信息。
作为第一种方式,通常,4G伪基站会将其对应的小区的选择优先级提升为最高以及将其 对应的小区的信号强度提升为最高,以诱导移动终端优先自动选择该4G伪基站对应的小区作为移动终端的服务小区,因此,当所述第一待接入基站所对应的第一小区的选择优先级最高且信号强度最大时,则可以认为该第一小区具备了疑似4G伪基站的条件,此时,可以确定该第一小区的优先级和信号强度的第一特征值为1;当所述第一待接入基站所对应的第一小区的选择优先级不是最高和/或信号强度不是最大时,则可以认为该第一小区不具备疑似4G伪基站的条件,此时,可以确定该第一小区的优先级和信号强度的第一特征值为0。在一些实施方式中,当所述第一待接入基站所对应的第一小区的选择优先级不是最高和/或信号强度不是最大时,此时也可以确定该优先级和信号强度的第一特征值为其他非0和非0的值,例如,可以将该第一特征值的大小与优先级高低和信号强度大小相关联,例如,当该优先级排在第二且信号强度排在第二时,可以确定该优先级和信号强度的第一特征值为0.8,当该优先级排在第三且信号强度排在第三时,可以确定该优先级和信号强度的第一特征值为0.6,以此类推。
作为第二种方式,以常用小区为2G小区、第一小区为4G小区为例进行说明。由于4G伪基站小区通常为临时覆盖,其与常用的2G小区不存在邻区关联,通过预先记录正常使用的2G小区的邻区关系配置,并与当前的第一待接入基站所对应的第一小区进行匹配,即可从一定程度上反映当前小区是否具有疑似4G伪基站小区的风险。因此,作为一种方式,可以获取该常用小区的邻区关系配置,然后判断该邻区关系配置中是否包括该第一小区的邻区关系配置,可以理解的,当该常用的2G小区无此第一小区的临区关系配置时,则可认为第一小区具备了疑似4G伪基站的条件,此时,可以确定该第一小区的邻区关系配置的第一特征值为1;当该常用的2G小区包括该第一小区的邻区关系配置时,可以认为该第一小区不具备疑似4G伪基站的条件,此时,可以确定该第一小区的邻区关系配置的第一特征值为0。
作为第三种方式,4G伪基站小区的物理小区标识(physical cell identifier,PCI)通常会与当前覆盖的其他满足预设选择条件的小区存在模三(mod3)干扰。因此,当第一小区的物理小区标识与当前覆盖的其他满足预设选择条件的小区存在模三干扰时,则可认为第一小区具备了疑似4G伪基站的条件,此时,可确定第一小区的模三干扰的第一特征值为1;当第一小区的物理小区标识与当前覆盖的其他满足预设选择条件的额小区不存在模三干扰时,则可认为该第一小区不具备疑似4G伪基站的条件,此时,可确定第一小区的模三干扰的第一特征值为0。作为一种方式,还可以根据第一小区的物理小区标识与当前覆盖的其他满足预设选择条件的小区存在的模三干扰的强度,来确定模三干扰第一特征值的大小,在此不再赘述。
作为第四种方式,4G伪基站小区在诱发移动终端重选小区后,会进行跟踪区更新拒绝(TAU reject),以将移动终端重定向到2G伪基站,因此,4G伪基站小区发起的跟踪区更新注册可能从未注册成功过。因此,当第一小区发起的跟踪区更新注册从未注册成功过,则可认为第一小区具备了疑似4G伪基站的条件,此时,可确定第一小区的跟踪区更新注册的第一特征值为1;当第一小区发起的跟踪区更新注册成功过,则可认为该第一小区不具备疑似4G伪基站的条件,此时,可以确定该第一小区的跟踪区更新注册的第一特征值为0。
作为第五种方式,4G伪基站小区为伪装成合法小区,通常会在其配置的系统消息中,存在多家对等公用陆地移动网络(equivalent public land mobile network,EPLMN)配置,以诱导电子设备对其进行选择。因此,当第一小区配置的系统消息中存在多家对等公用陆地移动网络配置时,则可认为第一小区具备了疑似4G伪基站的条件,此时,即可确定第一小区的对等公用陆地移动网络配置的第一特征值为1,当第一小区配置的系统消息中不存在多家对等公用陆地移动网络配置时,则可认为第一小区不具备疑似4G伪基站的条件,此时,即可确定第一小区的对等公用陆地移动网络配置的第一特征值为0。
当然,可以理解的,对于疑似4G伪基站的判断还可以包括其他第一特征信息,在此不再赘述。
步骤S303:对所述至少两个第一特征值进行加权计算,获得加权计算的第一权重总值。
作为一种方式,对不同类型的第一特征信息对应的第一特征值赋予的权重,可以是相同 的,也可以是不同的,各项权重之和可以为1。例如,当获取了5种不同类型的第一特征信息,并确定了5个第一特征值a、b、c、d、e后,可以对5个第一特征值分别赋予20%的权重,最终获得的第一权重总值即为(20%a+20%b+20%c+20%d+20%e);也可以对5个第一特征值分别赋予不同的权重,例如对第一特征值a赋予10%,第一特征值b赋予15%,第一特征值c赋予20%,第一特征值d赋予25%,第一特征值e赋予30%,此时经过计算获得的第一权重总值即为(10%a+15%b+20%c+25%d+30%e)。
步骤S304:根据所述第一权重总值与第一权重阈值的差值确定所述第一待接入基站是否为疑似4G伪基站。
请参阅图6,图6示出了本申请的图5所示的伪基站识别方法的步骤S304的流程示意图。下面将针对图6所示的流程进行详细的阐述,所述方法具体可以包括以下步骤:
步骤S3041:判断所述第一权重总值是否大于所述第一权重阈值。
步骤S3042:当所述第一权重总值大于所述第一权重阈值时,确定所述第一待接入基站为疑似4G伪基站。
本实施例中,第一待接入基站为第一小区所属基站。第一权重阈值,可以用于对获得的第一权重总值进行阈值判断,当第一权重总值超出该第一权重阈值后,即可认为第一小区的至少两个第一特征信息满足了疑似4G伪基站的小区所具有的判定条件,此时可将第一小区所属的第一待接入基站判定为疑似4G伪基站,即完成了对移动终端所探测到的第一待接入基站是否为疑似4G伪基站识别;若第一权重总值没有超出该第一权重阈值,可认为第一小区的至少两个第一特征信息未满足疑似4G伪基站的小区所具有的必要的判定条件,此时可根据第一权重总值的大小将第一小区所属的第一待接入基站直接判定为合法基站或正常基站。
步骤S305:当所述第一待接入基站为4G疑似伪基站且所述移动终端探测到所述第二待接入基站时,获取所述第二待接入基站所对应的第二小区的至少两个第二特征信息。
步骤S306:基于所述至少两个第二特征信息确定至少两个第二特征值,所述至少两个第二特征值与所述至少两个第二特征信息一一对应。
步骤S307:对所述至少两个第二特征值进行加权计算,获得加权计算的第二权重总值。
步骤S308:根据所述第二权重总值与第二权重阈值的差值确定所述第二待接入基站是否为疑似2G伪基站。
请参阅图7,图7示出了本申请的图5所示的伪基站识别方法的步骤S308的流程示意图。下面将针对图7所示的流程进行详细的阐述,所述方法具体可以包括以下步骤:
步骤S3081:判断所述第二权重总值是否大于所述第二权重阈值。
步骤S3082:当所述第二权重总值大于所述第二权重阈值时,确定所述第二待接入基站为疑似2G伪基站。
其中,步骤S305-步骤S308的具体描述请参阅步骤S301-步骤S304,疑似2G伪基站的检测方法与疑似4G伪基站的检测方法可以相似,在此不再赘述。
步骤S309:判断所述移动终端是否接收到所述第二待接入基站发送的短信。
作为一种方式,对移动终端在指定时间段内是否接收到第二待接入基站发送的短信进行检测。其中,可以首先监测移动终端是否接收到短信,并且在监测到移动终端接收到短信时,对该短信的来源进行分析,以判断该短信是否为第二待接入基站发送。
步骤S310:当所述移动终端接收到所述第二待接入基站发送的短信时,将所述短信输入存储在所述移动终端本地的机器学习模型,获得所述第三判断结果,所述机器学习模型用于识别所述短信是否为攻击短信。
进一步地,当确定所述移动终端接收到该第二待接入基站发送的短信时,可以对该短信是否为攻击短信进行判断。具体地,移动终端本地存储有机器学习模型,其中,该机器学习模型用于识别该短信是否为攻击短信,作为一种方式,该机器学习模型可以预先在服务器利用典型文本训练生成,并在生成后传输至移动终端保持在本地,当然,该机器学习模型可以 在服务器实时更新,并在更新完成后再传输至移动终端本地对本地存储的机器学习模块进行更新处理,可以理解的,通过将机器学习模型存储在本地,那么,可以实现在本地对短信进行验证,避免进行个人信息的远程传输,保证信息安全。
在本实施例中,在移动终端接收到第二待接入基站发送的短信时,可以将该短信输入存储在移动终端本地的机器学习模型,即输入存储在本地的分析识别引擎,以输出第三判断结果,从而可以确定该移动终端是否接收到第二待接入基站发送的攻击短信。
步骤S311:基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
其中,步骤S311的具体描述请参阅步骤S104,在此不再赘述。
本申请再一个实施例提供的伪基站识别方法,当移动终端探测到第一待接入基站时,获取第一待接入基站所对应的第一小区的至少两个第一特征信息,基于该至少两个第一特征信息确定至少两个第一特征值,对至少两个第一特征值进行加权计算,获得加权计算的第一权重总值,根据该第一权重总值与第一权重阈值的差值确定该第一待接入基站是否为疑似4G伪基站。当该第一待接入基站为疑似伪基站且该移动终端探测到第二待接入基站时,获取该第二待接入基站所对应的第二小区的至少两个特征信息,基于该至少两个第二特征信息确定至少两个第二特征值,对该至少两个第二特征值进行加权计算,获得加权计算的第二权重总值,根据第二权重总值与第二权重阈值的差值确定该第二待接入基站是否为疑似2G伪基站。判断该移动终端是否接收到第二待接入基站发送的短信,当该移动终端接收到第二待接入基站发送的短信时,将该短信输入存储在移动终端本地的机器学习模型获得第三判断结果,基于对第一待接入基站、第二待接入基站以及接收短信的判断确定该第一待接入基站是否为4G伪基站。相较于图2所示的伪基站识别方法,本实施例还通过加权法对4G伪基站和2G伪基站进行判断,并通过机器学习模型对接收短信进行判断,进一步提升伪基站判断精度,降低移动终端接入伪基站的几率。
请参阅图8,图8示出了本申请实施例提供的伪基站识别装置200的模块框图。所述伪基站识别装置200应用于上述移动终端,下面将针对图8所示的框图进行阐述,所述伪基站识别装置200包括:第一判断模块210、第二判断模块220、第三判断模块230以及确定模块240,其中:
第一判断模块210,用于在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果。进一步地,所述第一判断模块210包括:第一特征信息获取子模块、第一特征值获取子模块、第一权重总值获取子模块以及4G伪基站确定子模块,其中:
第一特征信息获取子模块,用于当所述移动终端探测到所述第一待接入基站时,获取所述第一待接入基站所对应的第一小区的至少两个第一特征信息。
第一特征值获取子模块,用于基于所述至少两个第一特征信息确定至少两个第一特征值,所述至少两个第一特征值与所述至少两个第一特征信息一一对应。进一步地,所述第一特征值获取子模块包括:第一特征值确定单元、邻区关系配置获取单元、第二特征值确定单元、第三特征值确定单元、第四特征值确定单元以及第五特征值确定单元,其中:
第一特征值确定单元,用于当所述第一小区的选择优先级为当前覆盖的所有小区中的最高优先级,且所述第一小区的信号强度为当前覆盖的所有小区中的最高信号强度时,确定所述第一小区的优先级和信号强度的第一特征值为1。
邻区关系配置获取单元,用于获取所述常用小区的邻区关系配置。
第二特征值确定单元,用于当所述邻区关系配置中不包括所述第一小区的邻区关系配置时,确定所述第一小区的邻区关系配置的第一特征值为1。
第三特征值确定单元,用于当所述第一小区的物理小区标识与其他满足指定条件的小区存在模三干扰时,确定对应所述第一小区的模三干扰的第一特征值为1。进一步地,所述第三特征值确定单元包括:第三特征值确定子单元,其中:
第三特征值确定子单元,用于当所述第一小区的物理小区标识与其他满足最低信号强度的小区存在模三干扰时,确定所述第一小区的模三干扰的第一特征值为1。
第四特征值确定单元,用于当所述第一小区发起的跟踪区更新注册从未注册成功时,确定所述第一小区的跟踪区更新注册的第一特征值为1。
第五特征值确定单元,用于当所述第一小区配置的系统消息中存在多家对等公用陆地移动网络配置时,确定所述第一小区的对等公用陆地移动网络配置的第一特征值为1。
第一权重总值获取子模块,用于对所述至少两个第一特征值进行加权计算,获得加权计算的第一权重总值。
4G伪基站确定子模块,用于根据所述第一权重总值与第一权重阈值的差值确定所述第一待接入基站是否为疑似4G伪基站。进一步地,所述4G伪基站确定子模块包括:第一权重总值判断单元和4G伪基站确定单元,其中:
第一权重总值判断单元,用于判断所述第一权重总值是否大于所述第一权重阈值。
4G伪基站确定单元,用于当所述第一权重总值大于所述第一权重阈值时,确定所述第一待接入基站为疑似4G伪基站。
第二判断模块220,用于当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果。进一步地,所述第二判断模块220包括:第二特征信息获取子模块、第二特征值获取子模块、第二权重总值获取子模块以及2G伪基站确定子模块,其中:
第二特征信息获取子模块,用于当所述第一待接入基站为4G疑似伪基站且所述移动终端探测到所述第二待接入基站时,获取所述第二待接入基站所对应的第二小区的至少两个第二特征信息。
第二特征值获取子模块,用于基于所述至少两个第二特征信息确定至少两个第二特征值,所述至少两个第二特征值与所述至少两个第二特征信息一一对应。
第二权重总值获取子模块,用于对所述至少两个第二特征值进行加权计算,获得加权计算的第二权重总值。进一步地,所述第二权重总值获取子模块包括:第二权重总值判断单元和2G伪基站确定单元,其中:第二权重总值判断单元和2G伪基站确定单元,其中:
第二权重总值判断单元,用于判断所述第二权重总值是否大于所述第二权重阈值。
2G伪基站确定单元,用于当所述第二权重总值大于所述第二权重阈值时,确定所述第二待接入基站为疑似2G伪基站。
2G伪基站确定子模块,用于根据所述第二权重总值与第二权重阈值的差值确定所述第二待接入基站是否为疑似2G伪基站。
第三判断模块230,用于判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果。进一步地,所述第三判断模块包括:短信判断子模块和短信验证子模块,其中:
短信判断子模块,用于判断所述移动终端是否接收到所述第二待接入基站发送的短信。
短信验证子模块,用于当所述移动终端接收到所述第二待接入基站发送的短信时,将所述短信输入存储在所述移动终端本地的机器学习模型,获得所述第三判断结果,所述机器学习模型用于识别所述短信是否为攻击短信。
确定模块240,用于基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。进一步地,所述确定模块240包括:
第一确定子模块,用于当所述第一判断结果为疑似4G伪基站且所述第二判断结果为疑似2G伪基站时,确定所述第一待接入基站为4G伪基站。
第二确定子模块,用于当所述第一判断结果为疑似4G伪基站,所述第二判断结果为非疑似2G伪基站且所述第三判断结果为所述移动终端没有接收到所述第二待接入基站发送的攻击短信时,确定所述第一待接入基站为非4G伪基站。
进一步地,所述伪基站识别装置200还包括:禁止模块,其中:
禁止模块,用于当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站。进一步地,所述禁止模块包括:禁止子模块,其中:
禁止子模块,用于当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站,以及发出预警提示信息。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述装置和模块的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,模块相互之间的耦合可以是电性,机械或其它形式的耦合。
另外,在本申请各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。
请参阅图9,其示出了本申请实施例提供的一种移动终端100的结构框图。该移动终端100可以是智能手机、平板电脑、电子书等能够运行应用程序的移动终端。本申请中的移动终端100可以包括一个或多个如下部件:处理器110、存储器120以及一个或多个应用程序,其中一个或多个应用程序可以被存储在存储器120中并被配置为由一个或多个处理器110执行,一个或多个程序配置用于执行如前述方法实施例所描述的方法。
其中,处理器110可以包括一个或者多个处理核。处理器110利用各种接口和线路连接整个移动终端100内的各个部分,通过运行或执行存储在存储器120内的指令、程序、代码集或指令集,以及调用存储在存储器120内的数据,执行移动终端100的各种功能和处理数据。可选地,处理器110可以采用数字信号处理(Digital Signal Processing,DSP)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)、可编程逻辑阵列(Programmable Logic Array,PLA)中的至少一种硬件形式来实现。处理器110可集成中央处理器(Central Processing Unit,CPU)、图形处理器(Graphics Processing Unit,GPU)和调制解调器等中的一种或几种的组合。其中,CPU主要处理操作系统、用户界面和应用程序等;GPU用于负责显示内容的渲染和绘制;调制解调器用于处理无线通信。可以理解的是,上述调制解调器也可以不集成到处理器110中,单独通过一块通信芯片进行实现。
存储器120可以包括随机存储器(Random Access Memory,RAM),也可以包括只读存储器(Read-Only Memory)。存储器120可用于存储指令、程序、代码、代码集或指令集。存储器120可包括存储程序区和存储数据区,其中,存储程序区可存储用于实现操作系统的指令、用于实现至少一个功能的指令(比如触控功能、声音播放功能、图像播放功能等)、用于实现下述各个方法实施例的指令等。存储数据区还可以存储终端100在使用中所创建的数据(比如电话本、音视频数据、聊天记录数据)等。
请参阅图10,其示出了本申请实施例提供的一种计算机可读存储介质的结构框图。该计算机可读介质300中存储有程序代码,所述程序代码可被处理器调用执行上述方法实施例中所描述的方法。
计算机可读存储介质300可以是诸如闪存、EEPROM(电可擦除可编程只读存储器)、EPROM、硬盘或者ROM之类的电子存储器。可选地,计算机可读存储介质300包括非易失性计算机可读介质(non-transitory computer-readable storage medium)。计算机可读存储介质300具有执行上述方法中的任何方法步骤的程序代码310的存储空间。这些程序代码可以从一个或者多个计算机程序产品中读出或者写入到这一个或者多个计算机程序产品中。程序代码310可以例如以适当形式进行压缩。
综上所述,本申请实施例提供的伪基站识别方法、装置、移动终端以及存储介质,在指定时间段内,当移动终端探测到第一待接入基站时,判断第一待接入基站是否为疑似4G伪基站并获得第一判断结果,当第一待接入基站为疑似4G伪基站且该移动终端探测到第二待接入基站时,判断第二待接入基站是否为疑似2G伪基站并获得第二判断结果,判断该移动终端是否接收到第二待接入基站发送的攻击短信并获得第三判断结果,基于 该第一判断结果、第二判断结果以及第三判断结果,确定该第一待接入基站是否为4G伪基站,从而通过综合4G伪基站、2G伪基站以及攻击短信的判断结果来确定待接入基站是否为4G伪基站,提高4G伪基站的判断精度和移动终端的信息安全。
最后应说明的是:以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不驱使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。

Claims (20)

  1. 一种伪基站识别方法,其特征在于,应用于移动终端,所述方法包括:
    在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果;
    当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果;
    判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果;
    基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
  2. 根据权利要求1所述的方法,其特征在于,所述基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站之后,还包括:
    当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站。
  3. 根据权利要求2所述的方法,其特征在于,所述当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站,包括:
    当确定所述第一待接入基站为4G伪基站时,禁止所述移动终端接入所述第一待接入基站,以及发出预警提示信息。
  4. 根据权利要求1-3任一项所述的方法,其特征在于,所述基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站,包括:
    当所述第一判断结果为疑似4G伪基站且所述第二判断结果为疑似2G伪基站时,确定所述第一待接入基站为4G伪基站。
  5. 根据权利要求1-4任一项所述的方法,其特征在于,所述基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站,还包括:
    当所述第一判断结果为疑似4G伪基站,所述第二判断结果为非疑似2G伪基站且所述第三判断结果为所述移动终端没有接收到所述第二待接入基站发送的攻击短信时,确定所述第一待接入基站为非4G伪基站。
  6. 根据权利要求1-5任一项所述的方法,其特征在于,所述当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果,包括:
    当所述移动终端探测到所述第一待接入基站时,获取所述第一待接入基站所对应的第一小区的至少两个第一特征信息;
    基于所述至少两个第一特征信息确定至少两个第一特征值,所述至少两个第一特征值与所述至少两个第一特征信息一一对应;
    对所述至少两个第一特征值进行加权计算,获得加权计算的第一权重总值;
    根据所述第一权重总值与第一权重阈值的差值确定所述第一待接入基站是否为疑似4G伪基站。
  7. 根据权利要求6所述的方法,其特征在于,所述至少两个第一特征信息包括以下至少两种:
    所述第一小区的选择优先级和信号强度;
    所述第一小区与常用小区的邻区关系配置信息;
    所述第一小区的物理小区标识与其他满足指定条件的小区的模三干扰信息;
    所述第一小区的历史跟踪区更新注册信息;
    所述第一小区的对等公用陆地移动网络配置信息。
  8. 根据权利要求7所述的方法,其特征在于,基于所述第一特征信息确定第一特征值,包括:
    当所述第一小区的选择优先级为当前覆盖的所有小区中的最高优先级,且所述第一小区的信号强度为当前覆盖的所有小区中的最高信号强度时,确定所述第一小区的优先级和信号强度的第一特征值为1。
  9. 根据权利要求7所述的方法,其特征在于,基于所述第一特征信息确定第一特征值,包括:
    获取所述常用小区的邻区关系配置;
    当所述邻区关系配置中不包括所述第一小区的邻区关系配置时,确定所述第一小区的邻区关系配置的第一特征值为1。
  10. 根据权利要求7所述的方法,其特征在于,基于所述第一特征信息确定第一特征值,包括:
    当所述第一小区的物理小区标识与其他满足指定条件的小区存在模三干扰时,确定对应所述第一小区的模三干扰的第一特征值为1。
  11. 根据权利要求10所述的方法,其特征在于,所述当所述第一小区的物理小区标识与其他满足指定条件的小区存在模三干扰时,确定所述第一小区的模三干扰的第一特征值为1,包括:
    当所述第一小区的物理小区标识与其他满足最低信号强度的小区存在模三干扰时,确定所述第一小区的模三干扰的第一特征值为1。
  12. 根据权利要求7所述的方法,其特征在于,基于所述第一特征信息确定第一特征值,包括:
    当所述第一小区发起的跟踪区更新注册从未注册成功时,确定所述第一小区的跟踪区更新注册的第一特征值为1。
  13. 根据权利要求7所述的方法,其特征在于,基于所述第一特征信息确定第一特征值,包括:
    当所述第一小区配置的系统消息中存在多家对等公用陆地移动网络配置时,确定所述第一小区的对等公用陆地移动网络配置的第一特征值为1。
  14. 根据权利要求6-13任一项所述的方法,其特征在于,所述根据所述第一权重总值与第一权重阈值的差值确定所述第一待接入伪基站是否为疑似4G伪基站,包括:
    判断所述第一权重总值是否大于所述第一权重阈值;
    当所述第一权重总值大于所述第一权重阈值时,确定所述第一待接入基站为疑似4G伪基站。
  15. 根据权利要求1-5任一项所述的方法,其特征在于,所述当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到所述第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果,包括:
    当所述第一待接入基站为4G疑似伪基站且所述移动终端探测到所述第二待接入基站时,获取所述第二待接入基站所对应的第二小区的至少两个第二特征信息;
    基于所述至少两个第二特征信息确定至少两个第二特征值,所述至少两个第二特征值与所述至少两个第二特征信息一一对应;
    对所述至少两个第二特征值进行加权计算,获得加权计算的第二权重总值;
    根据所述第二权重总值与第二权重阈值的差值确定所述第二待接入基站是否为疑似2G伪基站。
  16. 根据权利要求15所述的方法,其特征在于,所述根据所述第二权重总值与第二权重阈值的差值确定所述第二待接入基站是否为疑似2G伪基站,包括:
    判断所述第二权重总值是否大于所述第二权重阈值;
    当所述第二权重总值大于所述第二权重阈值时,确定所述第二待接入基站为疑似2G伪基站。
  17. 根据权利要求1-5任一项所述的方法,其特征在于,所述判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果,包括:
    判断所述移动终端是否接收到所述第二待接入基站发送的短信;
    当所述移动终端接收到所述第二待接入基站发送的短信时,将所述短信输入存储在所述移动终端本地的机器学习模型,获得所述第三判断结果,所述机器学习模型用于识别所述短信是否为攻击短信。
  18. 一种伪基站识别装置,其特征在于,应用于移动终端,所述装置包括:
    第一判断模块,用于在指定时间段内,当所述移动终端探测到第一待接入基站时,判断所述第一待接入基站是否为疑似4G伪基站并获得第一判断结果;
    第二判断模块,用于当所述第一待接入基站为疑似4G伪基站且所述移动终端探测到第二待接入基站时,判断所述第二待接入基站是否为疑似2G伪基站并获得第二判断结果;
    第三判断模块,用于判断所述移动终端是否接收到所述第二待接入基站发送的攻击短信并获得第三判断结果;
    确定模块,用于基于所述第一判断结果、所述第二判断结果以及所述第三判断结果,确定所述第一待接入基站是否为4G伪基站。
  19. 一种移动终端,其特征在于,包括:
    存储器;
    一个或多个处理器,与所述存储器耦接;
    一个或多个程序,其中,所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个程序配置用于执行如权利要求1-17任一项所述的方法。
  20. 一种计算机可读取存储介质,其特征在于,所述计算机可读取存储介质中存储有程序代码,所述程序代码可被处理器调用执行如权利要求1-17任一项所述的方法。
PCT/CN2018/119414 2018-12-05 2018-12-05 伪基站识别方法、装置、移动终端以及存储介质 WO2020113479A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2018/119414 WO2020113479A1 (zh) 2018-12-05 2018-12-05 伪基站识别方法、装置、移动终端以及存储介质
CN201880098375.2A CN112771907B (zh) 2018-12-05 2018-12-05 伪基站识别方法、装置、移动终端以及存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/119414 WO2020113479A1 (zh) 2018-12-05 2018-12-05 伪基站识别方法、装置、移动终端以及存储介质

Publications (1)

Publication Number Publication Date
WO2020113479A1 true WO2020113479A1 (zh) 2020-06-11

Family

ID=70973840

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/119414 WO2020113479A1 (zh) 2018-12-05 2018-12-05 伪基站识别方法、装置、移动终端以及存储介质

Country Status (2)

Country Link
CN (1) CN112771907B (zh)
WO (1) WO2020113479A1 (zh)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358199A (zh) * 2016-09-30 2017-01-25 维沃移动通信有限公司 一种移动终端识别伪基站的方法及移动终端
CN106572450A (zh) * 2016-11-03 2017-04-19 华为技术有限公司 伪基站识别方法及装置
CN106686601A (zh) * 2017-03-16 2017-05-17 珠海市魅族科技有限公司 伪基站防护方法及装置
CN107071775A (zh) * 2017-05-15 2017-08-18 奇酷互联网络科技(深圳)有限公司 移动终端及其重定向接入基站的方法和装置
CN108696872A (zh) * 2017-03-06 2018-10-23 中国移动通信有限公司研究院 一种重定向方法及装置

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9628994B1 (en) * 2015-12-30 2017-04-18 Argela Yazilim ve Bilisim Teknolojileri San. ve Tic. A.S. Statistical system and method for catching a man-in-the-middle attack in 3G networks
CN106028341A (zh) * 2016-07-29 2016-10-12 努比亚技术有限公司 一种伪基站的识别系统、方法、终端和云端服务器

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358199A (zh) * 2016-09-30 2017-01-25 维沃移动通信有限公司 一种移动终端识别伪基站的方法及移动终端
CN106572450A (zh) * 2016-11-03 2017-04-19 华为技术有限公司 伪基站识别方法及装置
CN108696872A (zh) * 2017-03-06 2018-10-23 中国移动通信有限公司研究院 一种重定向方法及装置
CN106686601A (zh) * 2017-03-16 2017-05-17 珠海市魅族科技有限公司 伪基站防护方法及装置
CN107071775A (zh) * 2017-05-15 2017-08-18 奇酷互联网络科技(深圳)有限公司 移动终端及其重定向接入基站的方法和装置

Also Published As

Publication number Publication date
CN112771907B (zh) 2023-09-08
CN112771907A (zh) 2021-05-07

Similar Documents

Publication Publication Date Title
WO2017185742A1 (zh) 一种伪基站的识别方法、装置以及终端
KR102417184B1 (ko) 기지국의 진위를 식별하기 위한 무선 장치 및 이의 동작 방법
TWI675602B (zh) 偽基地台小區之識別方法與裝置
CN106488456B (zh) 一种基站注册方法和装置、及移动终端
CN112806073B (zh) 通信处理方法、装置、移动终端及存储介质
WO2020113519A1 (zh) 伪基站的识别方法、装置、移动终端及存储介质
US20210329519A1 (en) Cell Connection Processing Method and Mobile Terminal
CN112789877B (zh) 小区干扰检测方法、装置、移动终端以及存储介质
WO2019047170A1 (zh) 伪基站识别方法和终端
CN112806043B (zh) 伪基站的识别方法、装置、移动终端及存储介质
WO2020087418A1 (zh) 伪基站处理方法、装置、移动终端以及存储介质
WO2020087419A1 (zh) 伪基站处理方法、装置、移动终端以及存储介质
WO2020113477A1 (zh) 伪基站识别方法、装置、电子设备及计算机可读取存储介质
WO2020113479A1 (zh) 伪基站识别方法、装置、移动终端以及存储介质
US10367608B2 (en) Wireless communication channel scan
WO2020087415A1 (zh) 伪基站识别方法、装置以及移动终端
CN105122926B (zh) 一种电路域回落用户设备识别的方法及设备
CN107241719B (zh) 移动终端网络切换控制方法及装置
WO2020087417A1 (zh) 伪基站识别方法、装置、移动终端及存储介质
WO2020087416A1 (zh) 伪基站识别方法、装置、移动终端及存储介质
CN117715133B (zh) 频点优先级的优化方法、设备及存储介质
CN112889315B (zh) 小区信息处理方法、装置、电子设备及可读取存储介质
WO2020133117A1 (zh) 小区连接处理方法、装置、移动终端及存储介质
CN112312398A (zh) 一种小区接入的方法、装置和系统
JP2015154432A (ja) 無線基地局および通信システム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18942363

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 15/10/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18942363

Country of ref document: EP

Kind code of ref document: A1