CN110149599A - A kind of short message means of defence and terminal device - Google Patents
A kind of short message means of defence and terminal device Download PDFInfo
- Publication number
- CN110149599A CN110149599A CN201910244987.4A CN201910244987A CN110149599A CN 110149599 A CN110149599 A CN 110149599A CN 201910244987 A CN201910244987 A CN 201910244987A CN 110149599 A CN110149599 A CN 110149599A
- Authority
- CN
- China
- Prior art keywords
- terminal device
- short message
- network
- link
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/126—Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/37—Managing security policies for mobile devices or for controlling mobile applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Abstract
The application provides a kind of short message means of defence and terminal device, is related to field of communication technology, the safety of the short message for improving terminal device.This method comprises: determining that the terminal device meets preset condition, the preset condition includes that the terminal device is in 2G network when terminal device receives short message;The terminal device opens short message safeguard function, wherein when the short message safeguard function of the terminal device is opened, the terminal device at least can not receive short message under the 2G network.
Description
Technical field
This application involves field of communication technology more particularly to a kind of short message means of defences and terminal device.
Background technique
In recent years, the case of a lot of payment accounts and the stolen brush of correspondent bank card occurs in society, victim is usually in milli
In unwitting situation, the stolen brush of Alipay, wechat and associated bank card, fund disappears suddenly.To find out its cause, mainly attacking
The person of hitting is linked into pseudo-base station by pseudo-base station technology, by the mobile phone nearby under 2G network, and then gets the mobile phone of user
Number;The relevant informations such as name, identification card number, the bank's card number of user are obtained by illegally other means such as purchase again;Finally
The payment short message verification code of user is obtained by short message sniff technology, to steal the payment of brush user by payment short message verification code
Account or correspondent bank card etc..
Currently, pseudo-base station Interception Technology can prevent user mobile phone from accessing or residing in pseudo-base station, to avoid attacker
Subscriber phone number is obtained by pseudo-base station, and then prevents the payment short message verification code of attacker acquisition user.But work as attack
Person does not obtain the phone number of user by pseudo-base station, but by illegally buying, stealing the means such as network platform user information
When obtaining the phone number of user, it still is able to obtain the payment verification code of user through the above way.Therefore, how to guarantee user
The safety of short message is a critical issue of urgent need to resolve.
Summary of the invention
The application provides a kind of short message means of defence and terminal device, the safety of the short message for improving terminal device.
In order to achieve the above objectives, the application adopts the following technical scheme that
In a first aspect, the application provides a kind of short message guard system, comprising: short message sniff equipment and terminal device;This is short
Believe that sniff equipment is used to send short message to terminal device, and determines that short message sniff equipment and terminal device reside in together according to short message
One cell;The terminal device, for when receiving short message, determining that terminal device meets preset condition, which includes
Terminal device is in 2G network;The terminal device is also used to open short message safeguard function, wherein when the short message of terminal device is anti-
When protective function is opened, terminal device can not at least receive short message under 2G network.In above-mentioned technical proposal, when the terminal device is full
When sufficient preset condition, for instance under 2G network, then the terminal device opens short message safeguard function, so that terminal device is in 2G net
Short message can not be received under network, so as to reduce terminal device short message by the risk of sniff, improve the peace of the short message of terminal device
Quan Xing, and then ensure that terminal device and user information and property safety, improve user experience.
In a kind of possible implementation of first aspect, when the short message safeguard function of the terminal device is in opening state
When state, terminal device also meets one or more in the following conditions under 2G network: short message can not be sent, can not answer or
It makes a phone call, or mobile data network upload or downloading data can not be passed through.In above-mentioned possible implementation, when the terminal
When opening of device short message protects state, it is arranged by the state to terminal device in 2G network, can be improved terminal device peace
Quan Xing, and then improve user experience.
In a kind of possible implementation of first aspect, short message comes from short message sniff equipment, and short message is for detecting end
End equipment and short message sniff equipment reside in same cell.In above-mentioned possible implementation, come when the terminal device receives
From the short message of sniff equipment, show that the terminal device exists by the risk of short message sniff, so that terminal device execution is set accordingly
It sets to guarantee the terminal device safety, and then improves user experience.
In a kind of possible implementation of first aspect, terminal device is also used to execute following steps: to network side
The first instruction information is sent, the short message that the first instruction information is used to indicate terminal device receives ability and is in off state.It is above-mentioned can
In the implementation of energy, by sending the first instruction information to network side, Lai Zhihang terminal device short message receives the closing of ability,
It can be improved the terminal device safety, and then improve user experience.
In a kind of possible implementation of first aspect, is carried in the first instruction information and short message is not supported to receive ability
Field.In above-mentioned possible implementation, by carrying relevant field in the first instruction information, it is short to reach terminal device
Believe the closing of reception ability, to improve the flexibility of the terminal device safety and terminal device setting, and then improves user
Experience.
In a kind of possible implementation of first aspect, terminal device is also used to execute following steps: receiving network
The request for building link that side is sent, request for building link is for establishing communication link;When according to request for building link, determining communication
When the corresponding data type of link is short message type, refuse to establish response to network side transmission link.Above-mentioned possible realization side
It in formula, is established and is responded to network side transmission link by refusal, reach the closing that terminal device short message receives ability, to improve
The flexibility of the terminal device safety and terminal device setting, and then improve user experience.
In a kind of possible implementation of first aspect, terminal device is also used to execute following steps: according to link
It establishes and requests corresponding paging message type, determine that the corresponding data type of communication link is short message type.Above-mentioned possible reality
In existing mode, by the judgement of the request for building link sent to network side, reach the closing that terminal device short message receives ability,
To improve the flexibility of the terminal device safety and terminal device setting, and then improve user experience.
In the alternatively possible implementation of first aspect, terminal device is also used to execute following steps: according to chain
Road, which is established, requests corresponding Service Access point identifier SAPI value, determines that the corresponding data type of communication link is short message type.
In above-mentioned possible implementation, by the judgement of the request for building link sent to network side, reaches terminal device short message and connect
The closing of receipts ability to improve the flexibility of the terminal device safety and terminal device setting, and then improves user's body
It tests.
In a kind of possible implementation of first aspect, terminal device is also used to execute following steps: according to link
It establishes and requests corresponding signaling process feature, determine that the corresponding data type of communication link is short message type.Above-mentioned possible reality
It in existing mode, is established and is responded to network side transmission link by refusal, reach the closing that terminal device short message receives ability, thus
The flexibility of the terminal device safety and terminal device setting is improved, and then improves user experience.
In a kind of possible implementation of first aspect, preset condition further includes at least one of following: being received quiet
Silent short message, in no service state, receive identifying code short message, in the screen state/standby mode/screen lock state that goes out, in quiet
Only state/movement speed is less than or equal to pre-set velocity threshold value, current time is located at special time period.Above-mentioned possible realization side
In formula, judgement by terminal device to a variety of preset conditions, for determining whether to execute the unlatching that short message receives ability, thus
The flexibility of the terminal device safety and terminal device setting is improved, and then improves user experience.
In a kind of possible implementation of first aspect, terminal device is also used to execute following steps: whole when determining
When end equipment is unsatisfactory for preset condition, short message safeguard function is closed.In above-mentioned possible implementation, by terminal device to more
The judgement of kind preset condition receives the closing of ability for determining whether to execute short message, so that the terminal device safety is improved,
The flexibility being arranged with terminal device, and then improve user experience.
Second aspect, the application provide a kind of terminal device of short message protection, which includes processor, Yi Jiyu
Processor connection memory, memory for storing instruction, when instruction is executed by processor so that terminal device execute with
Lower step: when receiving the short message from other equipment, determine that terminal device meets preset condition, preset condition includes described
Terminal device is in 2G network;Open short message safeguard function, wherein when the short message safeguard function of terminal device is opened, terminal
Equipment can not at least receive short message under 2G network.In above-mentioned technical proposal, when the terminal device meets preset condition, such as
Under 2G network, then the terminal device opens short message safeguard function, so that terminal device can not receive short message under 2G network,
So as to reduce the terminal device short message by the risk of sniff, the information and property peace of the terminal device and user ensure that
Entirely, and then user experience is improved.
In a kind of possible implementation of second aspect, when the short message safeguard function of the terminal device is in opening state
When state, terminal device also meets one or more in the following conditions under 2G network: short message can not be sent, can not answer or
It makes a phone call, or mobile data network upload or downloading data can not be passed through.In above-mentioned possible implementation, when the terminal
When opening of device short message protects state, it is arranged by the state to terminal device in 2G network, can be improved terminal device peace
Quan Xing, and then improve user experience.
In a kind of possible implementation of second aspect, short message comes from short message sniff equipment, and short message is for detecting end
End equipment and short message sniff equipment reside in same cell.In above-mentioned possible implementation, come when the terminal device receives
From the short message of sniff equipment, show that the terminal device exists by the risk of short message sniff, so that terminal device execution is set accordingly
It sets to guarantee the terminal device safety, and then improves user experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: to network side
The first instruction information is sent, the short message that the first instruction information is used to indicate terminal device receives ability and is in off state.It is above-mentioned can
In the implementation of energy, by sending the first instruction information to network side, Lai Zhihang terminal device short message receives the closing of ability,
It can be improved the terminal device safety, and then improve user experience.
In a kind of possible implementation of second aspect, is carried in the first instruction information and short message is not supported to receive ability
Field.In above-mentioned possible implementation, by carrying relevant field in the first instruction information, it is short to reach terminal device
Believe the closing of reception ability, to improve the flexibility of the terminal device safety and terminal device setting, and then improves user
Experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: receiving network
The request for building link that side is sent, request for building link is for establishing communication link;When according to request for building link, determining communication
When the corresponding data type of link is short message type, refuse to establish response to network side transmission link.Above-mentioned possible realization side
It in formula, is established and is responded to network side transmission link by refusal, reach the closing that terminal device short message receives ability, to improve
The flexibility of the terminal device safety and terminal device setting, and then improve user experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: according to link
It establishes and requests corresponding paging message type, determine that the corresponding data type of communication link is short message type.Above-mentioned possible reality
In existing mode, by the judgement of the request for building link sent to network side, reach the closing that terminal device short message receives ability,
To improve the flexibility of the terminal device safety and terminal device setting, and then improve user experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: according to link
It establishes and requests corresponding Service Access point identifier SAPI value, determine that the corresponding data type of communication link is short message type.On
It states in possible implementation, by the judgement of the request for building link sent to network side, reaches the reception of terminal device short message
The closing of ability to improve the flexibility of the terminal device safety and terminal device setting, and then improves user experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: according to link
It establishes and requests corresponding signaling process feature, determine that the corresponding data type of communication link is short message type.Above-mentioned possible reality
It in existing mode, is established and is responded to network side transmission link by refusal, reach the closing that terminal device short message receives ability, thus
The flexibility of the terminal device safety and terminal device setting is improved, and then improves user experience.
In a kind of possible implementation of second aspect, preset condition further includes at least one of following: being received quiet
Silent short message, in no service state, receive identifying code short message, in the screen state/standby mode/screen lock state that goes out, in quiet
Only state/movement speed is less than or equal to pre-set velocity threshold value, current time is located at special time period.Above-mentioned possible realization side
In formula, judgement by terminal device to a variety of preset conditions, for determining whether to execute the unlatching that short message receives ability, thus
The flexibility of the terminal device safety and terminal device setting is improved, and then improves user experience.
In a kind of possible implementation of second aspect, terminal device is also used to execute following steps: whole when determining
When end equipment is unsatisfactory for preset condition, short message safeguard function is closed.In above-mentioned possible implementation, by terminal device to more
The judgement of kind preset condition receives the closing of ability for determining whether to execute short message, so that the terminal device safety is improved,
The flexibility being arranged with terminal device, and then improve user experience.
The third aspect, the application provide a kind of short message means of defence, comprising: when terminal device receives short message, determine
Terminal device meets preset condition, and preset condition includes that terminal device is in 2G network;Terminal device opens short message safeguard function,
Wherein, when the short message safeguard function of terminal device is opened, terminal device can not at least receive short message under 2G network.
In a kind of possible implementation of the third aspect, when the short message safeguard function of terminal device is in the open state
When, terminal device also meets one or more in the following conditions under 2G network: can not send short message, can not answer or dial
It makes a phone call, or mobile data network upload or downloading data can not be passed through.
In a kind of possible implementation of the third aspect, the short message comes from short message sniff equipment, and short message is for short
Letter sniff equipment detection terminal device and short message sniff equipment reside in same cell;
In a kind of possible implementation of the third aspect, terminal device opens short message safeguard function, comprising: terminal is set
Standby to send the first instruction information to network side, the short message that the first instruction information is used to indicate terminal device receives ability to close shape
State.
In a kind of possible implementation of the third aspect, is carried in the first instruction information and short message is not supported to receive ability
Field.
In a kind of possible implementation of the third aspect, terminal device opens short message safeguard function, comprising: terminal is set
The standby request for building link for receiving network side and sending, request for building link is for establishing communication link;When terminal device is according to chain
Request is established on road, and when determining that the corresponding data type of communication link is short message type, terminal device is refused to network side send chain
Response is established on road.
In a kind of possible implementation of the third aspect, terminal device determines communication chain according to request for building link
The corresponding data type in road is short message type, comprising: terminal device is according to the corresponding paging message type of request for building link, really
Determining the corresponding data type of communication link is short message type.
In a kind of possible implementation of the third aspect, terminal device determines communication chain according to request for building link
The corresponding data type in road is short message type, comprising: terminal device is identified according to the corresponding Service Access point of request for building link
SAPI value is accorded with, determines that the corresponding data type of communication link is short message type.
In a kind of possible implementation of the third aspect, terminal device determines communication chain according to request for building link
The corresponding data type in road is short message type, comprising: terminal device is according to the corresponding signaling process feature of request for building link, really
Determining the corresponding data type of communication link is short message type.
In a kind of possible implementation of the third aspect, preset condition further includes at least one of following: being received quiet
Silent short message, in no service state, receive identifying code short message, in the screen state/standby mode/screen lock state that goes out, in quiet
Only state/movement speed is less than or equal to pre-set velocity threshold value, current time is located at special time period.
In a kind of possible implementation of the third aspect, when determining that terminal device is unsatisfactory for preset condition, close
Short message safeguard function.
Fourth aspect, the application provide a kind of readable storage medium storing program for executing, instruction are stored in readable storage medium storing program for executing, deposit when readable
When storage media is run on the terminal device, so that terminal device executes above-mentioned second aspect or any possibility of second aspect is real
Short message means of defence provided by existing mode.
5th aspect, the application provides a kind of computer program product, when computer program product is run on computers
When, so that computer executes short message protection side provided by any possible implementation of above-mentioned second aspect or second aspect
Method.
It is to be appreciated that any short message means of defence, readable storage medium storing program for executing and the computer program product of above-mentioned offer,
It can be realized by corresponding terminal device presented above, therefore, the attainable beneficial effect of institute can refer to above
Beneficial effect in provided corresponding terminal device, details are not described herein again.
Detailed description of the invention
Figure 1A is a kind of structural schematic diagram of communication system provided by the embodiments of the present application;
Figure 1B is the structural schematic diagram of another communication system provided by the embodiments of the present application;
Fig. 1 C is a kind of operating system software configuration diagram of terminal device provided by the embodiments of the present application;
Fig. 2 is a kind of interface schematic diagram one of short message safeguard function provided by the embodiments of the present application;
Fig. 3 is a kind of interface schematic diagram two of short message safeguard function provided by the embodiments of the present application;
Fig. 4 is a kind of interface schematic diagram three of short message safeguard function provided by the embodiments of the present application;
Fig. 5 is a kind of interface schematic diagram four of short message safeguard function provided by the embodiments of the present application;
Fig. 6 is a kind of interface schematic diagram five of short message safeguard function provided by the embodiments of the present application;
Fig. 7 is a kind of interface schematic diagram six of short message safeguard function provided by the embodiments of the present application;
Fig. 8 is a kind of interface schematic diagram seven of short message safeguard function provided by the embodiments of the present application;
Fig. 8 A is the process that a kind of short message sniff equipment provided by the embodiments of the present application sends silent short message to terminal device
Schematic diagram;
Fig. 9 is a kind of flow diagram for realizing short message safeguard function provided by the embodiments of the present application;
Figure 10 is a kind of structural schematic diagram of terminal device provided by the embodiments of the present application.
Specific embodiment
Figure 1A is a kind of structural schematic diagram of communication system provided by the embodiments of the present application, referring to Figure 1A, the communication system
Including base station 101 and terminal device 102, base station 101 can be one kind and be deployed in wireless access network for being terminal device 102
The device of wireless communication function is provided, base station 101 can cover multiple terminal devices 102 or mention for multiple terminal devices 102
For service.In addition, multiple terminal devices 102 can be located in one or more serving cell of base station 101, for example, as schemed
Shown in 1A, base station 101 includes two serving cells, i.e. cell 1 and cell 2, and multiple terminal devices 102 include being located in cell 1
Two terminal devices and two terminal devices in cell 2.
Wherein, base station 101 may include various forms of macro base stations, micro-base station (being referred to as small station or micro- station),
Relay node or access point etc..Terminal device 102 may include the various smart phones with wireless communication function, individual
Digital assistants computer, plate computer, calculate equipment, mobile unit, wearable device, user equipment (user equipment,
UE) and terminal etc., for ease of description, being referred to as terminal device in the embodiment of the present application.
In the embodiment of the present application, base station 101 can communicate between terminal device 102.In a kind of possibility
Embodiment in, the relevant information of the available terminal device 102 in base station 101, for example, obtain terminal device 102 identity know
Other code, the identity code may include the equipment mark code of terminal device 102, the user's body being mounted on terminal device 102
The identification code of part identification card (Subscriber Identification Module, SIM card) and the corresponding communication of SIM card
Number (being referred to as phone number) etc..In alternatively possible embodiment, base station 101 can be sent out to terminal device 102
Control signaling is sent, and transmits data etc. between terminal device 102, for example, base station 101 can be short to terminal device transmission
Letter, or forwarding short message (receives the short message that a terminal device is sent, and by the short message between two terminal devices 102
It is transmitted to another terminal device), or the calling based on a terminal device 102 establishes between two terminal devices 102
Call conversation etc..Specifically, can actively search for neighbouring base station information, and select according to SIM card when terminal device 102 is switched on
Select corresponding operator base station.It connects after base station 101 gets signal, when having short message or phone comes, base station 101 passes through
The mode of broadcast issues neighbouring terminal device 102, and each terminal device 102 has one of verification process, this process can protect
Demonstrate,prove short message and phone that each terminal device receives only oneself.
On the basis of above-mentioned communication system, there is a kind of pseudo-base station.The pseudo-base station that the application mentions is by illegal group
It knits or the base station of personal control, except the pseudo-base station is independently of public mobile network, passes through certain mobile communication carrier that disguises oneself as
Base station, such as broadcast the PLMN ID of certain mobile operator, terminal (or terminal device, mobile terminal, movement can be inveigled
Platform, mobile phone, user equipment etc.) to its initiation network registry or position updating request, and then the information of terminal is extracted, such as
IMSI, TMSI or IMEI can also carry out the transmitting etc. of information with terminal, such as send fraud text message, hostile network to terminal
Link or harassing and wrecking short message etc..Pseudo-base station can carry out network registry deception to terminal, can forge arbitrary numbers and send to terminal
Short message, therefore, pseudo-base station are not only a base station, are also equipped with certain mobile network core network function.Pseudo-base station transmitting is stronger
Wireless signal, the covering of one or more cellular cells (cellular cell) signal can be formed, and each cell can be changed
The system broadcasts parameter such as cell ID.Cell selection (or search net) process or cell re-selection procedure of the terminal in the standard of execution
When, the Target cell of selection may be the cell (abbreviation pseudo-base station cell, or pseudo- cell) that some pseudo-base station is formed.Terminal choosing
After selecting Target cell, network registry, resident, service request or the band of position can be can be carried out and updated.
The basic principle of all kinds of pseudo-base stations work is similar, and the principle is general are as follows: pseudo-base station disguises oneself as a legitimate base station, so
After emit stronger cell signal, attract terminal to come be resident and register, issue forgery short message to end after obtaining the IMSI of terminal
End, and it is able to record the terminal for having sent and having forged short message, it avoids repeating to send, and terminal is kicked out of the cell in due course.
Pseudo-base station Interception Technology is a kind of technology for preventing user mobile phone from accessing or residing in pseudo-base station.Specifically, pseudo- base
Interception Technology of standing can identify whether user mobile phone is connected to by the bottom-layer design of user mobile phone or Design Internet Applications etc.
Pseudo-base station prevents user mobile phone and pseudo-base station from establishing connection, and intercepts the short message received during doubtful pseudo-base station, to make
User mobile phone does not access pseudo-base station or is not reside in pseudo-base station.Wherein, pseudo-base station identification can specifically pass through following several method
It realizes.
Method one, using characteristic matching or intercept problems short message etc..For example, (or special in characteristic matching
Levy parameter matching) anti-fake base station methods in, specifically, the artificial system based on pseudo-base station cell system broadcast parameter sample data
Meter and experience select several cell system broadcast parameters, and determine pseudo-base station cell to the common of these system broadcasts parameters
Value range (often differs greatly with true base station cell, these parameters are because being referred to herein as characteristic), if target to be assessed is small
Several system broadcasts parameters in area match the common value range of the characteristic of pseudo-base station cell, then determine (or determination)
The base station of the Target cell is pseudo-base station, and Target cell is pseudo- cell in other words.The system broadcasts of pseudo-base station cell above-mentioned are joined
Several common value ranges, for example, LAC value 0,65535, minimum receives level, maximum power level and cell reselection offset
(cell reselect offset, CRO) is often set as 0 etc..Problem SMS interception is by cloud short message big data analysis
It identifies fraud text message, hostile network link or harassing and wrecking short message, and extracts the characteristic information of these problems short message, it is then that problem is short
Letter characteristic information is sent to the problem SMS interception application in terminal, which applies and examine to the short message that terminal receives
It surveys, if compliance problem short message characteristic information, is placed in intercepted state for short message, not can be appreciated that at normal short-message users interface
Intercepted problem short message.Problem short message may be from legal operator mobile network or pseudo-base station.Problem SMS interception
Only have the function of suitably reducing pseudo-base station harm, but cannot identify pseudo-base station, not can avoid terminal and inveigled by pseudo-base station.
Method two: terminal selection target cell, after terminal gets the characteristic of Target cell, terminal is small according to target
The characteristic in area runs pseudo-base station recognizer, obtains confidence level.Wherein, confidence level is used to indicate that the base station of Target cell to be
The credibility of pseudo-base station, produced by pseudo-base station recognizer is trained as machine learning algorithm.It can be to mesh according to the confidence level
It marks cell and carries out truth identification, when confidence level is greater than or equal to the first confidence threshold value, terminal determines the base station of Target cell
It is pseudo- cell for pseudo-base station, namely determination Target cell.Terminal determines that the base station of the Target cell is executable phase after pseudo-base station
Operation is closed, pseudo-base station bring is avoided to endanger.The pseudo-base station recognizer is a large amount of very by machine learning algorithm use, pseudo-base station is small
Produced by the sample data (referred to as true base station data, pseudo-base station data) in area is trained, recognition performance is high, and can be continuous
Training, quickly follow up pseudo-base station technological evolvement, so that the recognition success rate to pseudo-base station can be improved.
In addition, terminal can forbid again in preset duration after terminal determines the base station of Target cell for pseudo-base station
Secondary selection Target cell.Wherein, preset duration can be fixed time span, such as can be 10 seconds, 1 minute, 2 points
Clock etc. is also possible to the time span that dynamic adjusts, such as was adjusted to 2 minutes etc. from 10 seconds according to the actual situation.It can manage
Solution, preset duration can determines according to actual conditions, the application to this with no restriction.Terminal can identify target by cell ID
Cell, such as cell id, LAC+cell id, mobile network code (Mobile Network Code, MNC)+LAC+cell
Id or Mobile Country Code MCC (Mobile Country Code, MCC)+MNC+LAC+cell id.Terminal is likely encountered spoofed
True base station cell, so preset duration will rationally so that terminal encounters spoofed true base station cell in the preset duration
Probability is very low.Further, when terminal determines that the base station of Target cell is pseudo-base station, terminal records first where terminal
Confidence breath, in preset duration, terminal obtains the second location information where terminal, when second location information and first position are believed
The distance between breath is less than pre-determined distance, and terminal gets the cell for the cell ID that cell ID is the Target cell again
When signal, terminal forbids selecting the cell again.This allows for terminal may be mobile in the preset duration, if terminal is detached from
The overlay area of Target cell, into the coverage for the true base station pretended to be by the pseudo-base station of Target cell, then terminal can stop
Only forbid reselection target cell.Wherein, the pre-determined distance for example can be 300 meters etc., the application to this with no restriction.
In recent years, the case of a lot of payment accounts and the stolen brush of correspondent bank card has occurred in society, victim usually exists
In the case where knowing nothing, stolen brush, the fund such as Alipay, wechat and associated bank card disappear suddenly.To find out its cause, main
It is that attacker by a kind of fund of the realizations such as pseudo-base station technology and short message sniff technology steals activity.Specifically, attacker is logical
Pseudo-base station technology is crossed, the user mobile phone nearby under 2G network is linked into pseudo-base station, and then get the hand of a certain user
Machine number;The relevant informations such as the name, identification card number, bank's card number of the user are obtained by illegally other means such as purchase again;
Further, the payment short message verification code of the user is obtained by short message sniff technology, to steal brush by payment short message verification code
The payment accounts of the user or correspondent bank card etc..
Short message sniff described above is a kind of technology that short message of mobile telephone of user is obtained using gsm system loophole.Attack
Person obtains the detailed process of short message of mobile telephone of user by short message sniff technology are as follows: attacker is using short message sniff equipment in certain model
The interior search and monitoring for carrying out full range point all channel is enclosed, when searching a certain channel under a certain frequency point, attacker can pass through
Short message sniff equipment is monitored and intercepts and captures the GSM signal of all user mobile phones using the channel communication, when the GSM signaling bearer
When data are short message, since the short message under gsm system is that (data i.e. without any encryption) are transmitted in plain text, attack
Person can be directly according to the short message content of the GSM signal acquisition user mobile phone.
It illustratively, as shown in Figure 1B, is a kind of knot using pseudo-base station technology and the communication system of short message sniff technology
Structure schematic diagram, the system include pseudo-base station, short message sniff equipment and by attack terminal, and short message sniff equipment may include that channel is visited
Survey machine and short message receiving-transmitting machine.Channel detection machine is used to search for frequency point and channel used in the terminal device attacked, and short message is received
Hair machine can be the terminal device that function is sended and received with short message, for example, short message receiving-transmitting machine can be mobile phone, computer, meter
Calculation machine, tablet computer etc..Specifically, attacker is obtained using pseudo-base station, by the phone number of attack terminal, (specific acquisition is eventually
The process of the phone number at end see above in associated description about pseudo-base station), then by channel detection machine in a certain range
The interior search and monitoring for carrying out full range point all channel, to obtain the frequency point used in attack terminal and channel, later, utilization is short
The GSM signal of the frequency point He the channel is monitored and intercepted and captured to letter transceiver, to obtain by the short message content of attack terminal.
Currently, pseudo-base station Interception Technology goes out whether user mobile phone is connected to pseudo-base station by intelligent recognition, can intercept big
Partial pseudo-base station makes user mobile phone not access or be not reside in pseudo-base station, to prevent offender from obtaining by pseudo-base station
Take the phone number of user mobile phone.But pseudo-base station Interception Technology can only avoid attacker from obtaining user mobile phone by pseudo-base station
Number, or intercept the refuse messages that pseudo-base station is sent.However, in practical applications, in addition to pseudo-base station technology, attacker may be used also
To pass through phone number social workers' means such as illegally bought, steal network platform user information and obtain user.If attacker is not
The phone number for obtaining by pseudo-base station technology but by social worker's means user, then still be able to through said short message sniff technology
The payment verification code of user is obtained, and then steals the fund of user.
In addition, current user mobile phone mostly has SMS interception function, for protecting the short message content of user mobile phone.But
It is that this SMS interception function is to get up not after user mobile phone receives short message using the short message as refuse messages shielding
It is shown to user, user can check or delete in SMS interception record.And base station to user mobile phone send short message when, be to pass through
The mode of broadcast issues neighbouring all user mobile phones, and each user mobile phone has one of verification process, this process can guarantee
Each user mobile phone receives only the short message and phone of oneself, if bypassing this road verification process, can monitor by this
All short messages of base station.Short message sniff technology is just being to bypass this road verification process, by monitoring and intercepting and capturing all user mobile phones
Short message, to obtain by the short message content of attack terminal.Therefore, no matter whether user mobile phone opens SMS interception function, attacker
The short message of user mobile phone can be obtained by short message sniff technology.
Based on this, the embodiment of the present application provides a kind of short message safeguard function applied to terminal device, for preventing user
The leakage of short message improves the safety of user's short message, thus effective protection privacy of user and fund security.Herein described terminal
Equipment can be the smart phone with wireless communication function, personal digital assistant computer, plate computer, calculating equipment, vehicle
Carry equipment, wearable device, user equipment and terminal etc..
Further, which can be Android (Android) operating system, the operating system be one with
Mobile device operation system based on Linux, and combine the various functions of hardware realization of user terminal.In the following, will
The software architecture of the operating system of the storage is described in detail.It should be noted that the embodiment of the present application is only with Android operation system
Illustrate that terminal device will realize the required software environment of the technical solution of the present embodiment for example, those skilled in the art can
To understand, the embodiment of the present application can also be realized in other operating systems.
Illustratively, Fig. 1 C is that a kind of software architecture of Android operation system that may operate in above-mentioned terminal device is shown
It is intended to.The software architecture can be divided into four layers, respectively application layer, application framework layer, in function library layer and Linux
Stratum nucleare.
1, application program (Applications) layer
Application layer is most upper one layer of operating system, the native applications program including operating system, such as electronics postal
Part client, short message, call, setting, calendar, browser, contact person etc..Certainly, for developer, developer can be compiled
It writes application program and is installed to the layer.In general, application program is developed using Java language, by calling application program frame
Application programming interface provided by rack-layer (application programming interface, API) is completed.
2, application framework (Application Framework) layer
Application framework layer mainly provides various API used in accessible application program for developer, opens
Originator can be interacted by application framework come the bottom (such as function library, linux kernel etc.) with operating system, be opened
From oneself application program.The application framework is mainly a series of service and management system of Android operation system.
Application framework mainly includes following infrastructure service:
Active manager (Activity Manager): for managing application program life cycle and providing common navigation
Backward Function;
Content Provider (Content Providers): for managing the data sharing and access between different application;
Notification manager (Notification Manager): for controlling application program in status bar, locking screen interface etc.
Display reminding information (such as warning (Alerts), notice (Notifications) etc.) gives user;
Resource manager (Resource Manager): non-code resource (such as character string, figure and topology file are provided
(Layout file) etc.) it is used for application program;
Clipbook manager (Clipboard Manager): main to provide inside application program or between application program
Duplication or paste functionality;
View (View): there is abundant, expansible view set, can be used for constructing an application program.It is specific
Including multiple types such as list (list), grid (grid), text (text), button (button) and pictures (image).
Wherein, the major function of image view is presented generally in the form of not Compilatory control in the gui for showing picture,
The major function of text view is presented in the gui generally in the form of Compilatory control for showing character string.
Location manager (Location Manager): mainly allow application program accessible to geography locating for terminal
Position.
3, function library (Libraries) layer
Function library layer is the support of application framework, is connect application framework layer and Linux inner core important
Tie.Function library layer includes some function libraries compiled by computer program C language or C Plus Plus, these function libraries can be grasped
The different components made in system use, they provide service by application framework layer for developer.Specifically, function library
It may include libc function library, it is exclusively for the device customizing based on embedded linux;Function library can also include
Multimedia gallery (Media Framework), the library are supported the playback and recording of the audio or video of a variety of coded formats, are propped up simultaneously
Hold static image file and common audio or video coded format.Function library further includes interface management library (Surface
Manager), it is mainly responsible for the access that management is directed to display system, is specifically used for when executing multiple application programs, is responsible for pipe
In addition reason display and interacting between accessing operation are also responsible for 2D and draw to draw with 3D carrying out display and synthesizing.
It can also include other function libraries for realizing each function of mobile phone in function library layer, such as: SGL
(Scalable Graphics Library): it is based on the 2D graphic diagram of XML (Extensible Markup Language) file
As processing engine;SSL (Secure Sockets Layer): between TVP/IP agreement and various application layer protocols, for number
Support is provided according to communication;The support of OpenGL/ES:3D effect;SQLite: relational database engine;Webkit:Web browsing
Device engine;FreeType: bitmap and vector fonts are supported;Etc..
Android Runtime is a kind of running environment in Android operation system, is Android operation system
The new virtual machine of used one kind.In Android Runtime, using AOT (Ahead-Of-Time) technology, using journey
For sequence when installing first time, the bytecode of the application program will be compiled into advance machine code, and application program is allowed to become
Really locally applied, the step for running again later, just eliminate compiling, starting and execution can all become more quickly.
In some other embodiment of the application, Android Runtime can also be by core function library (Core
Libraries it) is replaced with Dalvik virtual machine (Dalvik Virtual Machine).Core function library provides Java language
Most of functions in API, the main mode by the primary interface Java (Java native interface, JNI) is to application
Process block rack-layer provides the interface for calling underlying programs library.Some Core APIs of the operating system are also contained simultaneously, such as
Android.os, android.net, android.media etc..Dalvik virtual machine uses a kind of JIT (Just-in-
Time the mechanism of compiling at runtime), one process of starting requires virtual machine and recompilates bytecode on backstage every time, can be right
Starting speed has a certain impact.Each application program operates in, each
A Dalvik virtual machine example is all an independent process space.Dalvik virtual machine is designed to can be efficient in an equipment
Ground runs multiple virtual machines.Dalvik virtual machine executable file format is .dex, and dex format is aim at Dalvik design one
Kind compressed format, is suitble to memory and the limited system of processor speed.It should be mentioned that Dalvik virtual machine depends on Linux
Kernel provides basic function (thread, bottom memory management).It is understood that Android Runtime, Dalvik belong to not
The virtual machine of same type, those skilled in the art can select various forms of virtual machines in varied situations.
4, linux kernel (Linux Kernel) layer
This layer provides the core system service of operating system, such as safety, memory management, management of process, network protocol stack
Linux kernel is all based on driving model etc..Linux kernel is simultaneously also as the level of abstraction between hardware and software stack.The layer
There are many driver relevant to mobile device, main driving has: display driving;Frame buffered-display driver based on Linux;Make
For the keyboard drive of input equipment;The Flash driving of technical equipment based on memory;Camera driving;Audio driven;Bluetooth is driven
It is dynamic;WI-FI driving etc..
After having introduced the software architecture of the terminal device, below to the correlation of short message safeguard function provided by the present application
Content is described in detail.
Wherein, opening or closing for short message safeguard function provided by the embodiments of the present application can be arranged by user, can also
To be automatically turned on by terminal device or be closed short message safeguard function.Hereinafter by taking terminal device is mobile phone 200 as an example, terminal is set
The standby process for opening or closing short message safeguard function is illustrated.
Illustratively, when terminal device short message safeguard function is when opening or closing by user to be arranged, as shown in Fig. 2,
User can do clicking operation, such as single-click operation to " setting " application icon on 200 desktop of mobile phone.Mobile phone 200 responds user
To the clicking operation of " setting " application icon, mobile phone 200 can show mobile phone set interface.It can wrap in the mobile phone set interface
Include option " offline mode ", " WLAN ", " mobile network " " phone ", " short message protection " and " bluetooth " option etc..Wherein, " flight
The concrete function of the options such as mode ", " WLAN ", " bluetooth " and " mobile network " can with reference to the specific descriptions in routine techniques,
It will not go into details here for the embodiment of the present application." short message protection " function choosing-item that the page is arranged to mobile phone 200 in user does clicking operation,
Such as single-click operation.Mobile phone 200 responds user to the clicking operation of " short message protection " function choosing-item, can show short message protection setting
Interface.The short message protects the switch button 201 in set interface including " short message protection " function.Click the realization of switch button 201
Short message safeguard function opens or closes, and the switch button 201 in Fig. 2 is shown as the open state of default.It should be noted that
Above-mentioned " setting " application icon can be for modifying the setting icon of system setup option in mobile phone 200, in practical applications,
User can also realize opening or closing for short message safeguard function by operating the setting options of sms center.
Further, which can be to automatically turn on by user setting, such as Fig. 3, short message protection setting circle
Face can also include the switch button 301 of " automatically turning on short message protection " function, click switch button 301 and realize mobile phone 200 certainly
Dynamic to execute opening or closing for short message safeguard function, the switch button 301 in Fig. 3 is shown as the closed state of default.Switch is pressed
The simple introduction that the function can be shown below button 301 facilitates user according to understanding and uses corresponding function.
Further, short message protection set interface can also include the function choosing of " setting automatic short message guard time "
, as shown in figure 4, user can also click choice box 401, the specific time is selected, setting short message safeguard function automatically turns on
Period, such as may be configured as 00:00-06:00 or 23:00-05:00 etc..Further, which protects set interface also
It may include that user's setting for selecting degree of protection is provided, which can be according to different degree of protection using different
Protection setting.Detailed description about degree of protection function is specifically shown in related introduction hereinafter.
Further, user, which can according to need, is independently configured opening or closing for short message safeguard function, can also be with
When being that terminal device detects the presence of the risk by sniff, terminal device issues the user with alarm prompt, and user is prompted to set
Set or open short message safeguard function.Alternatively, terminal device automatically turns on short message protection when detecting the presence of the risk by sniff.
Wherein, above-mentioned alarm prompt can be the form of notification message, can be the form of pop-up message box, or with function history note
The mode of record etc. reminds user.
Further, when terminal device meets certain specific preset condition, terminal device can be to pop up message box
Form remind user, to ask the user whether to open short breath interception function, for example, preset condition can be when terminal device from
4G network falls back to 3G network and cell is resident the case where no change has taken place.
As shown in figure 5, alarm prompt is the notification bar 501 for being shown in interface the top in the form of notification message, user
Pulling operation can be done in notification bar, check the specific notification message page, and do relevant operation, user also can choose suddenly
Depending on, close or delete this notice.In the notification message page, clicks specific short message protection and notify 502, set into short message protection
Interface is set, switch button 201 or switch button 301 are clicked, carries out opening or closing for short message safeguard function.
As shown in fig. 6, alarm prompt, in the interface display message 601 of terminal device, is used in the form of popping up message box
Family can click " entrance " button 602 of the message, protect set interface into short message, click switch button 201 or switch is pressed
Button 301 carries out opening or closing for short message safeguard function.If selection is not turned on short message protection, the Close button 603 is clicked, then
Pop-up message box is closed, short message protection is not opened.
As shown in fig. 7, alarm prompt is in a manner of function historical record, user can protect history by clicking short message
Record 701 checks the specific historical record of short message protection, short message guard time, and doubtful pseudo-base station sends content, protection risk etc.
Content, to prompt the risk of the potential short message leakage of user.
Above-mentioned terminal device detects that it exists by the risk of sniff, may include detecting that the terminal device is in 2G net
Network.Further, can also include detect the terminal device meet in following unlocking condition at least one of: receive silence
Short message, terminal device remain static or small range fine motion state, no service state, screen state of going out, receive identifying code short message,
Or in special time period etc..
Specifically, the condition that is met of terminal device can be by user's self-setting or selection, showing user in Fig. 8 can
With the multiple unlocking conditions chosen, click button 800 and enter " unlocking condition is set automatically " page, can specifically include 801 to
806 totally six kinds of unlocking conditions, are introduced explanation separately below.
801: terminal device receives silent short message.Silent short message is that one kind is not shown in the display interface of terminal device,
But the short message that terminal device can detecte, i.e., for the user of terminal device, silent short message be a kind of user perception not
The short message arrived.Attacker may send silent short message using short message sniff equipment, to test whether to set with the terminal attacked
It is standby in the same cell or same geographical location, so being opened automatic anti-when detecting that terminal device receives silent short message
A possibility that shield can be effectively reduced by short message sniff.In one possible implementation, as shown in Figure 8 A, attacker utilizes short
The process that letter sniff equipment sends silent short message is specifically as follows: S811. short message sniff equipment carries out complete under resident cell
Frequency point and all channel search, it is subsequent to be known as mesh to obtain channel used in the terminal device under the resident cell of terminal device
Mark channel;S812. short message sniff equipment sends silent short message to the terminal device attacked;S813. short message sniff equipment is monitored
Destination channel, to intercept and capture the reception short message of the terminal device under resident cell;S814. when determining the silence short message and the reception
When the content of short message is consistent, it is determined that the terminal device and short message sniff equipment attacked are in same cell.
Wherein, said short message sniff equipment generally includes channel detection machine and short message receiving-transmitting machine, and channel detection machine is for searching
Frequency point used in the terminal device that rope is attacked and channel, short message receiving-transmitting machine, which can be, sends and receivees function with short message
Terminal device, for example, short message receiving-transmitting machine can be mobile phone, computer, computer, tablet computer etc., short message receiving-transmitting machine be used for
The terminal device attacked sends silent short message, and monitors the reception short message of the terminal device under persistent district.
802: terminal device remains static or small range fine motion state, and small range fine motion state here can refer to
The movement speed of the terminal device is less than or equal to pre-set velocity threshold value.Because when terminal device remains static or small range
When fine motion state, terminal device ought be in the same cell for the previous period under normal conditions, at this time short message sniff equipment
It has the ball at one's feet and captures short message, if terminal device is in the movement of position, i.e., terminal device moves in different cells, then
Short message sniff equipment is the short message for being difficult to obtain terminal device.In one possible implementation, it is set in the terminal device
It is equipped with motion sensor, can detecte the movement speed of the terminal device by motion sensor, when the movement speed is zero, or
When person's movement speed is less than or equal to pre-set velocity threshold value, determine that the terminal device remains static or small range fine motion shape
State.
803: terminal device is currently no service state.In one possible implementation, which can be with
Refer to one or more in the cellular services not being currently running on the terminal device, WiFi business or bluetooth service.
In alternatively possible implementation, which can be the terminal device and transmits currently without the data of uplink;
Alternatively, user actively initiates business not over the terminal device;It is mounted on the terminal device alternatively, user is not turned on
Application program, for example, voice software, chat software, video software, shopping software and financing software etc..
804: terminal device is in go out screen state, standby mode or screen lock state etc..In a kind of possible implementation
In, can specifically refer to that the terminal device meets one or more in the following conditions: the display screen of the terminal device does not have
It is lit, user does not have real time business etc. currently without operating on the terminal device or the terminal device.
805: terminal device receives identifying code short message.Terminal device can pass through hardware or software mode, automatic identification
Short message verification code is received out.Terminal device receives identifying code short message under 2G network, and there are one kind may be, and non-user
The identifying code short message for operating and receiving, in this case, it is most likely that triggered by attacker's hijack accounts information.Cause
This, can be set as according to user demand when detecting that terminal device receives identifying code short message, open automatic protection, to prevent
Only account is stolen and generates economic loss.In one possible implementation, which can be in the following manner
It detects identifying code short message: being detected by the transmission source of identifying code short message, or the content detection etc. for passing through identifying code short message.Than
Such as, when the transmission source for determining the short message received is short message centre number, determine that the short message is identifying code short message;Alternatively, working as
When determining the contents such as the number including " identifying code " or fixed digit in the short message received, determine that the short message is that identifying code is short
Letter.
806: current time is special time period (for example, current time is 00:00-06:00).User's seldom operating terminal
The period of equipment is the high-incidence time of attacker's crime, and user can according to actual needs be configured the period, or
By terminal device default setting.
Illustratively, such as Fig. 8, when the automatic protection unlocking condition of mobile phone 200 is set the condition chosen such as figure by user
When, when mobile phone 200 is in 2G network, and when being detected simultaneously by it and meeting the unlocking condition that user is chosen, then automatically turn on short
Believe safeguard function.
Further, short message safeguard function can also be automatically closed in terminal device.For example, when detecting that terminal device is current
It is not at 2G network, then short message automatic protection function can be automatically closed;Alternatively, when user is in terminal device short message safeguard function
After the setting page has chosen above-mentioned unlocking condition, when detect be not currently in 2G network and all conditions that are checked not
When meeting, then short message automatic protection function can be automatically closed in terminal device, and terminal device is enabled to normally receive short message.
Further, short message safeguard function provided by the embodiment of the present application can also include different degree of protection, when
When the short message safeguard function is arranged to different degree of protection, the safety of the terminal device and user right can not
Together.Wherein, when degree of protection is higher, the safety of the terminal device is higher, user right is then lower, when degree of protection is lower
When, the safety of the terminal device is lower, user right is then higher.
Illustratively, which may include two kinds of degree of protection, and the first order closes subscriber identification card
(Subscriber Identification Module, SIM card);Short message receive capabilities are closed in the second level.
The first order, the as degree of protection of higher level, terminal device can execute the operation for closing SIM card.Terminal is set
Standby SIM card of closing can specifically refer to the communication function for closing SIM card, then corresponding user authority setting can be that cannot receive
Or short message is sent, it cannot answer or make a phone call, cannot be surfed the Internet by mobile data network etc., but terminal device connection WLAN
It can surf the Internet under state.
In addition, first order degree of protection, may be set to be the 2G function of being simply turned off SIM card.I.e. terminal device closes SIM
The 2G function of card, so that losing communication function under terminal device connection 2G network, user cannot receive or send short message, Bu Nengjie
It listens or makes a phone call, cannot be surfed the Internet by mobile data network etc., but can surf the Internet in the state of terminal device connection WLAN.?
It closes under the 2G function setting of SIM card, terminal device connects 3G/4G network can be with normal communication.
The second level, as normal degree of protection, terminal device execute the operation for closing short message receive capabilities.Terminal device
Short message receive capabilities are closed, then corresponding user authority setting can be that cannot receive any short message, other function of terminal device
It can be unaffected.
It should be noted that it is above-mentioned only to be illustrated for the degree of protection of the first order and the second level, in practical application
When, it can also include the grade of other more multi-grades or different user permission, the embodiment of the present application is not especially limited this.Separately
Outside, the setting of different degree of protection can be by user's unrestricted choice, perhaps by terminal device default setting or by terminal device
For user's recommendation.
Illustratively, degree of protection can be arranged in the set interface of short message safeguard function in user.Terminal device can also be with
Default setting is user's recommended setting degree of protection, for example, can opening according to the short message protection for judging terminal device satisfaction
Condition setting degree of protection is opened, the unlocking condition of satisfaction is more, then the degree of protection or terminal device defaulted are user's recommendation
Protection level it is higher, the unlocking condition of satisfaction is fewer, then it is anti-that the degree of protection or terminal device defaulted are that user recommends
It is lower to protect rank.
Fig. 9 is a kind of flow diagram for the method for realizing said short message safeguard function provided by the embodiments of the present application, ginseng
See Fig. 9, this method may include following steps.
S901: when terminal device receives short message, determining that terminal device meets preset condition, which includes eventually
End equipment is in 2G network.
Wherein it is determined that terminal device meets preset condition can also include detect terminal device main card or vice card extremely
Few one is in 2G network.In addition, the preset condition can also meet one or more described above including terminal device
The unlocking condition of short message safeguard function.For example, the short message safeguard function when terminal device is set as automatically turning on, and automatically turn on
Period when being set as 00:00-06:00, when the vice card of terminal device is in 2G network and appointing in 00:00-06:00 time
When the meaning time, as meet preset condition.
For example, (being received silent short when the unlocking condition that the short message safeguard function of terminal device automatically turns on is set as 801
Letter) when, when the vice card for detecting terminal device be in 2G network, and detect that terminal device receives one or more silence short message
When, as meet preset condition.
For example, (being received silent short when the unlocking condition that the short message safeguard function of terminal device automatically turns on is set as 801
Letter) and when 803 (are in no service state), when the two conditions of terminal device meet simultaneously, it is, terminal ought be detected
The vice card of equipment is in 2G network, and terminal device receives one or more silent short message, and terminal device is currently no business shape
When state, as meet preset condition.
S902: terminal device opens short message safeguard function, wherein when the short message safeguard function of terminal device is opened, eventually
End equipment can not at least receive short message under 2G network.
Wherein, it when opening short message safeguard function, can be opened according to the degree of protection of above-mentioned setting corresponding anti-
Protective function.For example, by taking above-mentioned degree of protection includes the first order and the second level as an example, if the degree of protection opened is the first order,
Close SIM card;If the degree of protection opened is the second level, short message receive capabilities are closed.
Wherein, SIM card is closed, " network limitation " and " user's limitation " function in setting mobile phone can be passed through.For example, eventually
End equipment is double card double standby mobile phone, main card SIM-1, mobile operator, vice card SIM-2, telecom operators.Close main card
After SIM-1, the SIM-1 user authority setting of terminal device is that cannot send and receive short message, cannot answer and make a phone call, no
It can surf the Internet by states such as mobile data network online, but in the state of terminal device connection WLAN.The use of vice card SIM-2
Family permission is unaffected, can normally receive/send short message, answer/make phone, be surfed the Internet by mobile data network etc..
Specifically, closing short message receive capabilities can be realized by following two mode, it is specific as follows shown.
The first, close short message receive capabilities specifically can by terminal device to network side report short message receive ability be
Closed state is realized.Illustratively, terminal device sends to network side and requests, which is used to indicate the terminal device and does not prop up
It holds short message and receives ability, for example, the terminal device can not support the field of short message reception ability by carrying in the request,
After receiving the request to network side equipment, short message is not sent to the terminal device.
Wherein, above-mentioned terminal device reports short message to receive ability and can be touched by the application layer of terminal device to network side
Hair, the triggering of application framework layer or baseband chip (Modem) triggering.The application is not specifically limited in this embodiment.
Second, closing short message receive capabilities can also be reached by the communication link of terminal device interruption and network side
Reject the purpose of short message.Illustratively, terminal device receives the paging message from network side equipment, and the paging message is for referring to
Show that network side equipment issues handshake request to terminal device and sends request of data;Terminal device judges what network side equipment was sent
Data type then refuses the handshake request of network side equipment, so that network side is set if it is determined that the data type is short message type
Short message is sent for no normal direction terminal device, achievees the purpose that reject short message.
Wherein, whether the data type that terminal device judges that network side is sent is short message type, can be paged by judgement
Type, Service Access point identifier (service access point indicator, SAPI) value or the signaling flow of message
The judgement of the means such as Cheng Tezheng, the application are not specifically limited in this embodiment.
Illustratively, by taking SABM signaling as an example, the effect of SABM signaling is to establish Asynchronous Balanced Mode to premises equipment requests,
To guarantee that terminal device can accurately receive and be successfully established link, after network side sends SABM signaling, terminal device is waited to return
After answering without number response (unnumbered answer, UA) frame, that is, complete the foundation of link.Therefore, in the embodiment of the present application,
Terminal device when determining that sending data is short message type, then can not be returned by judging the SAPI value in the SABM signaling that receives
Multiple UA frame, so that link can not be established, so that short message cannot be sent to the terminal device.
Figure 10 provides a kind of structural schematic diagram of terminal device for the embodiment of the present application, which may include storage
Device 1001 and processor 1002.Memory 1001 is used to store the instruction and data of the terminal device.Processor 1002 for pair
Terminal device movement carries out control management, for example, processor 1002 is for supporting the terminal device executes the above method to implement
One or more step in example, and/or other processes for techniques described herein.In addition, the terminal device is also
Including communication interface 1003 and bus 1004, processor 1002, communication interface 1003 and memory 1001 pass through bus 1004
It is connected with each other;Communication interface 1003 is for supporting that the terminal device is communicated.
Specifically, processor 1002 can be by executing the instruction stored in memory 1001, so that terminal device executes
Following steps: when receiving the short message from other equipment, and determining that terminal device meets preset condition, which can be with
2G network is in including terminal device;Open short message safeguard function;Wherein, it is opened when the short message safeguard function of the terminal device is in
When opening state, which can not at least receive short message under 2G network.
Optionally, when the short message safeguard function of the terminal device is in the open state, the terminal device is under 2G network
Also meet one or more in the following conditions: short message can not be sent, can not answer or make a phone call, or shifting can not be passed through
Dynamic data network uploads or downloading data.
In one possible implementation, the received short message of terminal device comes from short message sniff equipment, which is used for
Detection terminal device and short message sniff equipment reside in same cell.
Further, the processor 1002 of the terminal device is also used to execute following steps: sending first to network side and refers to
Show that information, the short message that the first instruction information is used to indicate terminal device receive ability and is in off state.Optionally, the first instruction letter
The field for not supporting short message to receive ability can be carried in breath.
Alternatively, the processor 1002 of the terminal device is also used to execute following steps: receiving the link that network side is sent and build
Vertical request, request for building link is for establishing communication link;When determining the corresponding data of communication link according to request for building link
When type is short message type, refuse to establish response to network side transmission link.Specifically, the processor 1002 of the terminal device has
Body is used for: according to the corresponding paging message type of request for building link, determining that the corresponding data type of communication link is short message class
Type;Alternatively, determining the corresponding data class of communication link according to the corresponding Service Access point identifier SAPI value of request for building link
Type is short message type;Alternatively, determining the corresponding data class of communication link according to the corresponding signaling process feature of request for building link
Type is short message type.
Further, preset condition further includes at least one of following: receive silent short message, in no service state, connect
Receive identifying code short message, in the screen state/standby mode/screen lock state that goes out, remain static/movement speed is less than or equal to
Pre-set velocity threshold value, current time are located at special time period.
Further, the processor 1002 of the terminal device is also used to execute following steps: when determining that terminal device is discontented
When sufficient preset condition, short message safeguard function is closed.
Wherein, processor 1002 can be central processor unit, general processor, digital signal processor, dedicated collection
At circuit, chip, field programmable gate array or other programmable logic device, transistor logic, Hardware Subdivision are handled
Part or any combination thereof.It, which may be implemented or executes, combines various such as logics described in the embodiment of the present application disclosure
Box, module and circuit.Processor 1002 is also possible to realize the combination of computing function, such as includes one or more micro processs
Device combination, digital signal processor and the combination of microprocessor etc..Memory 1001 can be volatile memory or non-
Volatile memory etc..
Implement it should be noted that the specific implementation process that the terminal device executes above-mentioned steps may refer to method above
Associated description in example, details are not described herein for the embodiment of the present application.
In the embodiment of the present application, which may determine that when meeting preset condition, open short message protective capacities,
So that the terminal device can not receive short breath under 2G state, terminal device is avoided by the risk of short message sniff, so as to
The safety of the short message of the terminal device is improved, and then protects the safety of user information and property, improves user's body
It tests.
In several embodiments provided herein, it should be understood that disclosed method and terminal device, Ke Yitong
Other modes are crossed to realize.For example, terminal device embodiment described above is only schematical, for example, the module
Or the division of unit, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple lists
Member or component may be combined or can be integrated into another device, or some features can be ignored or not executed.Another point,
Shown or discussed mutual coupling, direct-coupling or communication connection can be through some interfaces, device or unit
Indirect coupling or communication connection, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown can be a physical unit or multiple physical units, it can and it is in one place, or may be distributed over
Multiple and different places.Some or all of unit therein can be selected to realize this embodiment scheme according to the actual needs
Purpose.
It, can also be in addition, each function element in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more devices.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a read/write memory medium.Based on this understanding, the technical solution of the embodiment of the present application is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
Embody, which is stored in a storage medium, including some instructions with so that terminal to execute the application each
The all or part of the steps of a embodiment the method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, ROM, RAM, magnetic
The various media that can store program code such as dish or CD.
Finally, it should be noted that described above, the only specific embodiment of the application, but the protection scope of the application is simultaneously
Not limited to this, any change or replacement within the technical scope of the present application should all cover the protection model in the application
Within enclosing.Therefore, the protection scope of the application should be based on the protection scope of the described claims.
Claims (25)
1. a kind of short message guard system, which is characterized in that the system comprises: short message sniff equipment and terminal device;
The short message sniff equipment for sending short message to the terminal device, and determines that the short message is smelt according to the short message
It visits equipment and the terminal device resides in same cell;
The terminal device, it is described default for when receiving the short message, determining that the terminal device meets preset condition
Condition includes that the terminal device is in 2G network;
The terminal device is also used to open short message safeguard function, wherein when the short message safeguard function of the terminal device is opened
When, the terminal device at least can not receive short message under the 2G network.
2. a kind of terminal device, it is characterised in that the terminal device includes processor and memory connected to the processor,
The memory for storing instruction, when described instruction is executed by the processor so that the terminal device execute it is following
Step:
When receiving the short message from other equipment, determine that the terminal device meets preset condition, the preset condition packet
It includes the terminal device and is in 2G network;
Open short message safeguard function, wherein when the short message safeguard function of the terminal device is opened, the terminal device is at least
Short message can not be received under the 2G network.
3. terminal device according to claim 2, which is characterized in that when the short message safeguard function of the terminal device is in
When open state, the terminal device also meets one or more in the following conditions under the 2G network: can not send
Short message can not be answered or be made a phone call, or can not pass through mobile data network upload or downloading data.
4. terminal device according to claim 2 or 3, which is characterized in that wherein, the short message is set from short message sniff
Standby, the short message resides in same cell for detecting the terminal device and the short message sniff equipment.
5. according to the described in any item terminal devices of claim 2-4, which is characterized in that the terminal device be also used to execute with
Lower step:
The first instruction information is sent to network side, the short message that the first instruction information is used to indicate the terminal device receives energy
Power is in off state.
6. terminal device according to claim 5, which is characterized in that carried in the first instruction information and do not support short message
The field of reception ability.
7. terminal device according to claim 2 or 3, which is characterized in that the terminal device is also used to execute following step
It is rapid:
The request for building link that network side is sent is received, the request for building link is for establishing communication link;
When according to the request for building link, determining the corresponding data type of the communication link is short message type, refuse to
The network side transmission link establishes response.
8. terminal device according to claim 7, which is characterized in that the terminal device is also used to execute following steps:
According to the corresponding paging message type of the request for building link, determine that the corresponding data type of the communication link is short
Believe type.
9. terminal device according to claim 7, which is characterized in that the terminal device is also used to execute following steps:
According to the corresponding Service Access point identifier SAPI value of the request for building link, the corresponding number of the communication link is determined
It is short message type according to type.
10. terminal device according to claim 7, which is characterized in that the terminal device is also used to execute following steps:
According to the corresponding signaling process feature of the request for building link, determine that the corresponding data type of the communication link is short
Believe type.
11. according to the described in any item terminal devices of claim 2-10, which is characterized in that the preset condition further includes following
At least one of: receive silent short message, in no service state, receive identifying code short message, in screen state of going out/standby shape
State/screen lock state, remain static/movement speed is less than or equal to pre-set velocity threshold value, current time and is located at specific time
Section.
12. according to the described in any item terminal devices of claim 2-11, which is characterized in that the terminal device is also used to execute
Following steps:
When determining that the terminal device is unsatisfactory for preset condition, the short message safeguard function is closed.
13. a kind of short message means of defence, which is characterized in that the described method includes:
When terminal device receives short message, determine that the terminal device meets preset condition, the preset condition includes described
Terminal device is in 2G network;
The terminal device opens short message safeguard function, wherein described when the short message safeguard function of the terminal device is opened
Terminal device at least can not receive short message under the 2G network.
14. according to the method for claim 13, which is characterized in that opened when the short message safeguard function of the terminal device is in
When opening state, the terminal device also meets one or more in the following conditions under the 2G network: can not send short
Letter, can not answer or make a phone call, or can not pass through mobile data network upload or downloading data.
15. method described in 3 or 14 according to claim 1, which is characterized in that wherein, the short message comes from short message sniff equipment,
The short message detects the terminal device for the short message sniff equipment and the short message sniff equipment resides in same cell.
16. the described in any item methods of 3-15 according to claim 1, which is characterized in that the terminal device opens short message protection
Function, comprising:
The terminal device sends the first instruction information to network side, and the first instruction information is used to indicate the terminal device
Short message receive ability be in off state.
17. according to the method for claim 16, which is characterized in that carried in the first instruction information and short message is not supported to connect
The field of receipts ability.
18. method described in 3 or 14 according to claim 1, which is characterized in that the terminal device opens short message safeguard function,
Include:
The terminal device receives the request for building link that network side is sent, and the request for building link is for establishing communication chain
Road;
When the terminal device is according to the request for building link, determine that the corresponding data type of the communication link is short message class
When type, the terminal device, which is refused to establish to the network side transmission link, to be responded.
19. according to the method for claim 18, which is characterized in that the terminal device according to the request for building link,
Determine that the corresponding data type of the communication link is short message type, comprising:
The terminal device determines that the communication link is corresponding according to the corresponding paging message type of the request for building link
Data type is short message type.
20. according to the method for claim 18, which is characterized in that the terminal device according to the request for building link,
Determine that the corresponding data type of the communication link is short message type, comprising:
The terminal device determines the communication according to the corresponding Service Access point identifier SAPI value of the request for building link
The corresponding data type of link is short message type.
21. according to the method for claim 18, which is characterized in that the terminal device according to the request for building link,
Determine that the corresponding data type of the communication link is short message type, comprising:
The terminal device determines that the communication link is corresponding according to the corresponding signaling process feature of the request for building link
Data type is short message type.
22. the described in any item methods of 3-21 according to claim 1, which is characterized in that the preset condition further include with down toward
One item missing: receive silent short message, in no service state, receive identifying code short message, in the screen state/standby mode that goes out/
Screen lock state, remain static/movement speed is less than or equal to pre-set velocity threshold value, current time and is located at special time period.
23. the described in any item methods of 3-22 according to claim 1, which is characterized in that the method also includes:
When determining that the terminal device is unsatisfactory for preset condition, the short message safeguard function is closed.
24. a kind of readable storage medium storing program for executing, which is characterized in that be stored with instruction in the readable storage medium storing program for executing, readable deposited when described
When storage media is run on the terminal device, so that the terminal device perform claim requires the described in any item short messages of 13-23 anti-
Maintaining method.
25. a kind of computer program product, which is characterized in that when the computer program product is run on computers, make
It obtains the computer perform claim and requires the described in any item short message means of defences of 13-23.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910244987.4A CN110149599B (en) | 2019-03-28 | 2019-03-28 | Short message protection method and terminal equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910244987.4A CN110149599B (en) | 2019-03-28 | 2019-03-28 | Short message protection method and terminal equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110149599A true CN110149599A (en) | 2019-08-20 |
CN110149599B CN110149599B (en) | 2021-04-20 |
Family
ID=67588242
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910244987.4A Active CN110149599B (en) | 2019-03-28 | 2019-03-28 | Short message protection method and terminal equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110149599B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111770083A (en) * | 2020-06-28 | 2020-10-13 | 中国联合网络通信集团有限公司 | Method and device for sending short message verification code |
CN111885517A (en) * | 2020-07-20 | 2020-11-03 | 中国联合网络通信集团有限公司 | Short message verification code sniffing prevention method and device |
CN113407959A (en) * | 2021-06-11 | 2021-09-17 | 维沃移动通信(杭州)有限公司 | Operation execution method and device and electronic equipment |
CN113556741A (en) * | 2020-04-21 | 2021-10-26 | ***通信有限公司研究院 | Security interception method and device |
CN113613182A (en) * | 2021-08-10 | 2021-11-05 | 中国平安财产保险股份有限公司 | Short message sending method, computer equipment and readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080020747A (en) * | 2006-09-01 | 2008-03-06 | 노수홍 | Message board |
WO2011140698A1 (en) * | 2010-05-10 | 2011-11-17 | 华为技术有限公司 | Method, device and system for processing short messages |
CN104581731A (en) * | 2014-12-25 | 2015-04-29 | 中国科学院信息工程研究所 | Determining method and system for mobile phone terminal hijack process by pseudo base station |
CN108235262A (en) * | 2016-12-12 | 2018-06-29 | ***通信有限公司研究院 | A kind of method and device for identifying pseudo-base station note |
CN108271159A (en) * | 2017-01-04 | 2018-07-10 | ***通信集团四川有限公司 | Communication processing method, apparatus and system, safety communicating method and device |
-
2019
- 2019-03-28 CN CN201910244987.4A patent/CN110149599B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080020747A (en) * | 2006-09-01 | 2008-03-06 | 노수홍 | Message board |
WO2011140698A1 (en) * | 2010-05-10 | 2011-11-17 | 华为技术有限公司 | Method, device and system for processing short messages |
CN104581731A (en) * | 2014-12-25 | 2015-04-29 | 中国科学院信息工程研究所 | Determining method and system for mobile phone terminal hijack process by pseudo base station |
CN108235262A (en) * | 2016-12-12 | 2018-06-29 | ***通信有限公司研究院 | A kind of method and device for identifying pseudo-base station note |
CN108271159A (en) * | 2017-01-04 | 2018-07-10 | ***通信集团四川有限公司 | Communication processing method, apparatus and system, safety communicating method and device |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556741A (en) * | 2020-04-21 | 2021-10-26 | ***通信有限公司研究院 | Security interception method and device |
CN111770083A (en) * | 2020-06-28 | 2020-10-13 | 中国联合网络通信集团有限公司 | Method and device for sending short message verification code |
CN111770083B (en) * | 2020-06-28 | 2022-04-26 | 中国联合网络通信集团有限公司 | Method and device for sending short message verification code |
CN111885517A (en) * | 2020-07-20 | 2020-11-03 | 中国联合网络通信集团有限公司 | Short message verification code sniffing prevention method and device |
CN111885517B (en) * | 2020-07-20 | 2021-11-09 | 中国联合网络通信集团有限公司 | Short message verification code sniffing prevention method and device |
CN113407959A (en) * | 2021-06-11 | 2021-09-17 | 维沃移动通信(杭州)有限公司 | Operation execution method and device and electronic equipment |
CN113613182A (en) * | 2021-08-10 | 2021-11-05 | 中国平安财产保险股份有限公司 | Short message sending method, computer equipment and readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN110149599B (en) | 2021-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110149599A (en) | A kind of short message means of defence and terminal device | |
Li et al. | FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild. | |
EP3296917B1 (en) | Electromagnetic persona generation based on radio frequency fingerprints | |
US20180234852A1 (en) | Systems and methods for dynamically assessing and mitigating risk of an insured entity | |
CN109246072A (en) | Network safety system with adaptive machine learning feature | |
EP2417755B1 (en) | System and method for identity protection using mobile device signaling network derived location pattern recognition | |
CN106686544B (en) | A kind of location-based information early warning method, terminal and system | |
CN103368941B (en) | A kind of method and apparatus of the protection based on subscriber network access scene | |
CN109302434B (en) | Prompt message pushing method and device, service platform and storage medium | |
CN100571157C (en) | A kind of method and system thereof that realizes the travelling carriage security control | |
US20140004829A1 (en) | Mobile device and method to monitor a baseband processor in relation to the actions on an applicaton processor | |
US20140004817A1 (en) | Cell phone detection and alert information system | |
CN104244281A (en) | Base station detection method and base station detection device | |
US10638270B2 (en) | Location-based wireless tracking | |
CN109583898A (en) | The intelligent terminal and method paid based on TEE and block chain | |
CN112804240B (en) | Function control method, device, server, storage medium and product | |
Bu-Pasha et al. | EU law perspectives on location data privacy in smartphones and informed consent for transparency | |
CN107665313A (en) | Sensitive information methods of exhibiting, device, storage medium and computer equipment | |
Hou et al. | Discovering emergency call pitfalls for cellular networks with formal methods | |
CN109495891A (en) | Pseudo-base station recognition methods, equipment and computer readable storage medium | |
US20210360407A1 (en) | Network-based protection against scam applications | |
KR101206153B1 (en) | Sytstem and method for protecting phishing by authenticaion of calling number | |
Ziayi et al. | YAICD: Yet another IMSI catcher detector in GSM | |
CN111372245A (en) | LTE network interception method and system | |
CN110366184A (en) | A kind of method and intelligent terminal identifying pseudo-base station note |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |