CN113904851A - Network information processing method, user plane function system, medium, and electronic device - Google Patents

Network information processing method, user plane function system, medium, and electronic device Download PDF

Info

Publication number
CN113904851A
CN113904851A CN202111181065.7A CN202111181065A CN113904851A CN 113904851 A CN113904851 A CN 113904851A CN 202111181065 A CN202111181065 A CN 202111181065A CN 113904851 A CN113904851 A CN 113904851A
Authority
CN
China
Prior art keywords
information
network traffic
network
preset sensitive
traffic information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202111181065.7A
Other languages
Chinese (zh)
Inventor
伍运珍
刘开开
池炜成
李嵩田
张金娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202111181065.7A priority Critical patent/CN113904851A/en
Publication of CN113904851A publication Critical patent/CN113904851A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9535Search customisation based on user profiles and personalisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Data Mining & Analysis (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The disclosure provides a network information processing method, a user plane function system, a medium and an electronic device, and relates to the technical field of computers. The network flow information processing method directly screens the received network flow at the user function system, screens and filters the sensitive information from the source, can effectively avoid the problem that the network flow information containing the sensitive information further flows into a large network and is difficult to control, and greatly improves the screening efficiency for the sensitive information; meanwhile, the network traffic information processing method can not only shield the network traffic information containing the sensitive information, but also shield the user corresponding to the network traffic information containing the sensitive information so as to prevent the user from sending the network traffic information containing the sensitive information again, or further package or convert the sensitive information and then continue to send the sensitive information, thereby effectively improving the processing safety and the processing reliability aiming at the sensitive information.

Description

Network information processing method, user plane function system, medium, and electronic device
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a network information processing method, a user plane function system, a medium, and an electronic device.
Background
With the continuous development of information technology, a large part of daily communication and exchange of people is transferred to network information exchange, but various sensitive information which endangers public safety such as violence, politics, horror, pornography and the like can be involved in the exchange process of network information, and the sensitive information needs to be removed in time to ensure network civilization and public safety.
At present, the removing methods aiming at the sensitive information mainly comprise the following two methods: the first mode is that sensitive information existing in network information is screened through manual review, and although the method is high in accuracy, manual screening is long in time consumption and low in efficiency; the second method is that after the network information is sent to each operator server, each operator screens the received network information in its own server to shield the sensitive information, but the operators corresponding to different network communication software or network information platforms are different, and the servers are also distributed across the country, so that they cannot be processed uniformly, and the efficiency is low.
Therefore, the screening efficiency for sensitive information is low at present.
Disclosure of Invention
The present disclosure provides a network information processing method, a user plane function system, a medium, and an electronic device, thereby improving screening efficiency for sensitive information.
In a first aspect, an embodiment of the present disclosure provides a network information processing method, which is applied to a user plane function system, and the method includes:
acquiring network flow information sent by a user terminal based on an information acquisition interface;
performing semantic matching on the network traffic information and preset sensitive information to obtain a matching result;
judging whether the network traffic information contains preset sensitive information or not according to the matching result;
and if the network traffic information contains preset sensitive information, shielding the network traffic information and shielding a user corresponding to the network traffic information.
In an optional embodiment of the present disclosure, the information obtaining interface is configured with a security control switch, and obtaining network traffic information sent by a user terminal based on the information obtaining interface includes:
detecting whether a user terminal generates network flow information in real time;
and if the user terminal generates the network flow information, the safety control switch is turned on, and the network flow information sent by the user terminal is acquired based on the information acquisition interface.
In an optional embodiment of the present disclosure, the preset sensitive information is a preset sensitive vocabulary, and performing semantic matching on the network traffic information and the preset sensitive information to obtain a matching result, where the matching result includes:
preprocessing the network flow information, and converting the network flow information into text information to be processed;
performing vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies;
and respectively determining the matching degree of each information vocabulary and a preset sensitive vocabulary based on the semantic matching model to obtain a matching result.
In an optional embodiment of the present disclosure, determining whether the network traffic information includes preset sensitive information according to the matching result includes:
if all the matching degrees are smaller than a preset threshold value, determining that the network flow information does not contain preset sensitive information;
and if at least one matching degree is not smaller than a preset threshold value, determining that the network flow information contains preset sensitive information.
In an optional embodiment of the present disclosure, the number of the preset sensitive words is multiple, the preset sensitive information is the preset sensitive words, and the semantic matching is performed on the network traffic information and the preset sensitive information to obtain a matching result, where the matching result includes:
preprocessing the network flow information, and converting the network flow information into text information to be processed;
performing vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies;
and respectively determining the characteristic frequency of each preset sensitive vocabulary appearing in the plurality of information vocabularies.
In an optional embodiment of the present disclosure, determining whether the network traffic information includes preset sensitive information according to the matching result includes:
if the characteristic frequency corresponding to each preset sensitive vocabulary is 0, determining that the network traffic information does not contain preset sensitive information;
and if the characteristic frequency corresponding to at least one preset sensitive vocabulary is not 0, determining that the network traffic information contains preset sensitive information corresponding to the characteristic frequency not 0.
In an optional embodiment of the present disclosure, the step of shielding the user corresponding to the network traffic information, where the network traffic information includes the user identity, includes:
searching a target authority configuration file corresponding to the user identity from a user data management system based on the user identity;
configuring the message sending authority in the target authority configuration file to prohibit sending the message.
In a second aspect, an embodiment of the present disclosure provides a user plane function system, including:
the acquisition module is used for acquiring the network flow information sent by the user terminal based on the information acquisition interface;
the matching module is used for performing semantic matching on the network traffic information and preset sensitive information to obtain a matching result;
the judging module is used for judging whether the network flow information contains preset sensitive information according to the matching result;
and the shielding module is used for shielding the network traffic information and shielding a user corresponding to the network traffic information if the network traffic information contains preset sensitive information.
In a third aspect, an embodiment of the present disclosure provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the method as above.
In a fourth aspect, an embodiment of the present disclosure provides an electronic device, including: a processor; and a memory for storing executable instructions for the processor; wherein the processor is configured to perform the above method via execution of the executable instructions.
The technical scheme of the disclosure has the following beneficial effects:
according to the network flow information processing method, the received network flow is directly screened and filtered at the user function system, and the sensitive information is directly screened and filtered from the source, so that the network flow information containing the sensitive information can be effectively prevented from further flowing into a large network and being difficult to control, and the screening efficiency for the sensitive information is greatly improved; meanwhile, the network traffic information processing method provided by the embodiment of the disclosure can not only shield the network traffic information containing the sensitive information, but also shield the user corresponding to the network traffic information containing the sensitive information, so as to prevent the user from sending the network traffic information containing the sensitive information again, or further package or convert the sensitive information and then continue sending the sensitive information, thereby effectively improving the processing security and the processing reliability for the sensitive information.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is apparent that the drawings in the following description are only some embodiments of the present disclosure, and that other drawings can be obtained from those drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram illustrating an application scenario of a network traffic information processing method in the present exemplary embodiment;
fig. 2 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 3 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 4 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 5 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 6 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 7 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
fig. 8 shows a flowchart of a network traffic information processing method in the present exemplary embodiment;
FIG. 9 is a schematic diagram of a user plane functional system architecture in the exemplary embodiment;
fig. 10 shows a schematic structural diagram of an electronic device in the present exemplary embodiment.
Detailed Description
Exemplary embodiments will now be described more fully with reference to the accompanying drawings. The exemplary embodiments, however, may be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the steps. For example, some steps may be decomposed, and some steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
In the related art, with the continuous development of information technology, a large part of daily communication and communication of people is transferred to network information communication, but various sensitive information which endangers public safety such as violence, politics, horror, pornography and the like may be involved in the communication process of network information, and the sensitive information must be removed in time to ensure network civilization and public safety.
At present, the removing methods aiming at the sensitive information mainly comprise the following two methods: the first mode is that sensitive information existing in network information is screened through manual review, and although the method is high in accuracy, manual screening is long in time consumption and low in efficiency; the second method is that after the network information is sent to each operator server, each operator screens the received network information in its own server to shield the sensitive information, but the operators corresponding to different network communication software or network information platforms are different, and the servers are also distributed across the country, so that they cannot be processed uniformly, and the efficiency is low.
Therefore, the screening efficiency for sensitive information is low at present.
In view of the above problems, the embodiments of the present disclosure provide a network traffic information processing method, which directly performs screening of sensitive information on received network traffic in a user function system, and directly performs screening and filtering on the sensitive information from a source, so that it can effectively avoid that the network traffic information including the sensitive information further flows into a large network and is difficult to control, thereby greatly improving the efficiency of screening the sensitive information; meanwhile, the network traffic information processing method provided by the embodiment of the disclosure can not only shield the network traffic information containing the sensitive information, but also shield the user corresponding to the network traffic information containing the sensitive information, so as to prevent the user from sending the network traffic information containing the sensitive information again, or further package or convert the sensitive information and then continue sending the sensitive information, thereby effectively improving the processing security and the processing reliability for the sensitive information.
The following briefly introduces an application environment of the network information processing method provided by the embodiment of the present disclosure:
referring to fig. 1, an embodiment of the present disclosure is applied to a communication safety control system 10, where the communication safety control system 10 at least includes: a plurality of user terminals 101 and a control terminal 102. The number of the user terminals 101 is multiple, and the user terminals are respectively used for corresponding users to send network information or receive network information; the control terminal 102 refers to a management terminal of a communication carrier. It should be noted that the control terminal 102 is configured with a User Plane Function (UPF) system, which is one of the 5G core network systems, and the gsnodeb and the like are logically interconnected through an NG3 interface to implement packet routing and forwarding, packet inspection, User Plane partial policy implementation, and the like. The structure of the user plane function system comprises: the system comprises an information acquisition interface, a strategy configuration module, an information processing module, a packet routing and forwarding module and the like. The information acquisition interface is used for acquiring network flow information from external equipment; the strategy configuration module is open to the outside and is used for the staff to configure the strategies of the internal information, the modules and the like; the information processing module is used for filtering, shielding, converting and the like on the received information or the generated information; the packet routing and forwarding module is used for performing packet routing on the received information or the information processed by the information processing module, or forwarding the received information or the information to other equipment.
The following description will take the control terminal 102 as an execution main body, apply the network information processing method to the control terminal 102, and perform security control on the network traffic information transmitted by the user terminal 101 as an example. Referring to fig. 2, a network information processing method provided in the embodiment of the present disclosure includes the following steps 201 to 204:
step 201, the control terminal acquires the network traffic information sent by the user terminal based on the information acquisition interface.
The network traffic information refers to information used for communication and communication sent by a user through a user terminal, for example, instant information such as QQ, WeChat, and short message, or platform communication information such as a bar, a forum, and a microblog, and this embodiment is not particularly limited. One user terminal can send one or more pieces of network flow information corresponding to one user; for example, a computer may log in multiple QQ accounts at the same time, and different QQ accounts send respective QQ messages, or a mobile phone may insert multiple SIM cards at the same time, and different accounts corresponding to different SIM cards send respective network traffic information such as short messages, flyings, and WeChats.
The user sends the network flow information to the control terminal through the user terminal, and the control terminal obtains the network flow information sent by the user terminal in real time or according to a certain period through an information obtaining interface in an internally configured user plane function system.
Step 202, the control terminal performs semantic matching on the network traffic information and preset sensitive information to obtain a matching result.
After the control terminal acquires the network traffic information from the information acquisition interface, semantic matching can be performed in the following ways:
in the first mode, the control terminal inputs the network traffic information into a semantic recognition model obtained by pre-training, and then preset sensitive information in the network traffic information can be directly recognized and obtained through the semantic recognition model; the semantic recognition model is obtained based on a large amount of preset sensitive information training; in the second mode, the control terminal searches the network traffic information one by one based on the preset sensitive information to determine whether the network traffic information contains the preset sensitive information; and in the third mode, word segmentation processing is carried out on the network traffic information, and then the matching degree of each word segmentation and preset sensitive information is judged respectively.
And 203, the control terminal judges whether the network flow information contains preset sensitive information according to the matching result.
And the control terminal determines whether the network flow information contains preset sensitive information according to the matching result. For example:
aiming at the first mode, the semantic recognition model directly outputs a result of whether the result contains preset sensitive information, the control terminal directly obtains a judgment result through the semantic recognition model without further judgment, the recognition effect is better, and the efficiency is higher;
for the second manner, if the characteristic frequency of any one piece of preset sensitive information appearing in the network traffic information is not 0, it is determined that the network traffic information contains the preset sensitive information; if the characteristic frequency of all the preset sensitive information in the network traffic information is 0, determining that the network traffic information does not contain the preset sensitive information; the retrieval mode is simple and the accuracy is high.
For the third method, if the matching degree of any word segmentation and the preset sensitive information is greater than a preset threshold, for example, 70%, 80%, and the like, it is determined that the network traffic information includes the preset sensitive information; and if the matching degree of all the participles and the preset sensitive information is smaller than or equal to a preset threshold value, determining that the network traffic information does not contain the preset sensitive information. Through the word segmentation mode, whether the preset sensitive information is contained in the network flow information or not can be determined efficiently, the sensitive information in the network information can be accurately positioned, and the identification effect of the sensitive information is better.
And 204, if the network traffic information contains preset sensitive information, the control terminal shields the network traffic information and shields users corresponding to the network traffic information.
Once the control terminal finds that certain network traffic information contains preset sensitive information, the control terminal shields the network traffic information. The shielding in the embodiment of the present disclosure means that the user plane function system prevents the network traffic information from being further issued to the routing or forwarding module, so as to prevent the network traffic information including the sensitive information from entering the large network. For example, Network traffic information may be prevented from being forwarded to a Destination Network (DN). Meanwhile, the control device further shields the user corresponding to the network traffic information while shielding the network traffic information so as to prevent the user from continuously sending other sensitive information or packaging or converting the sensitive information and sending the sensitive information again.
The network flow information processing method provided by the embodiment of the disclosure directly screens the received network flow at the user function system, and directly screens and filters the sensitive information from the source, so that the network flow information containing the sensitive information can be effectively prevented from further flowing into a large network and being difficult to control, and the efficiency of screening and detecting the sensitive information is greatly improved; meanwhile, the network traffic information processing method provided by the embodiment of the disclosure can not only shield the network traffic information containing the sensitive information, but also shield the user corresponding to the network traffic information containing the sensitive information, so as to prevent the user from sending the network traffic information containing the sensitive information again, or further package or convert the sensitive information and then continue sending the sensitive information, thereby effectively improving the processing security and the processing reliability for the sensitive information.
Referring to fig. 3, in an optional embodiment of the present disclosure, the information obtaining interface is configured with a security control switch, and the step 201, where the control terminal obtains the network traffic information sent by the user terminal based on the information obtaining interface, includes the following steps 301 to 302:
step 301, the control terminal detects whether the user terminal generates the network traffic information in real time.
The control terminal may detect whether the user terminal generates the network traffic information in the following two ways: in the first mode, each user terminal monitors the state of the network traffic information thereof in real time, updates the state of the network traffic information thereof immediately once the new network traffic information is added, and sends a state updating instruction to the control terminal, the control terminal determines that the current user terminal has the newly generated network traffic information once receiving the state updating instruction, and determines that the user terminal does not have the newly generated network traffic information currently if not receiving the state updating instruction. In the second mode, a terminal information acquisition interface configuration information detection program is controlled, and whether network flow information is accessed is detected in real time based on the information detection program; the information detection program is used for detecting whether network flow is generated at present, and if the network flow access is detected, the user terminal is determined to generate network flow information; and if the network flow access is not detected, determining that the user terminal does not generate the network flow information.
And step 302, if the user terminal generates the network flow information, the control terminal opens the safety control switch and acquires the network flow information sent by the user terminal based on the information acquisition interface.
Once the control terminal determines that the user terminal generates the network traffic information through step 301, the control terminal turns on the security control switch configured in the information acquisition interface, and acquires the network traffic information sent by the user terminal through the information acquisition interface.
In the embodiment of the disclosure, when the user terminal generates the network traffic information, the security control switch is turned on to receive the network traffic information sent by the user terminal, and in other cases, the security control development is turned off to avoid that the user plane functional system receives too much other useless information to affect the information processing efficiency thereof, so as to further ensure the processing efficiency of the network traffic information processing method provided by the embodiment of the disclosure.
In an optional embodiment, a worker may set a switching period for the safety control switch according to historical data or historical experience, and configure the safety control switch to be in a closed state in a preset period, so that the worker can conveniently modify and test internal information; and keeping the safety control in an open state in other time intervals outside the preset period so as to acquire the network flow information sent by the user terminal in real time through the information acquisition interface. Of course, in another alternative embodiment, the state control of the safety control switch can be opened to the outside, and the control can be flexibly controlled by the staff.
Referring to fig. 4, in an optional embodiment of the present disclosure, the preset sensitive information is a preset sensitive vocabulary, and the step 202 of semantically matching the network traffic information and the preset sensitive information by the control terminal to obtain a matching result includes the following steps 401 to 403:
step 401, the control terminal preprocesses the network traffic information and converts the network traffic information into text information to be processed.
The form of the network flow information may include characters, pictures, videos, audios and the like, and the control terminal performs format conversion after receiving the network flow information and converts the network flow information into a text form so as to facilitate processing. If the network traffic information is a picture, extracting the character information in the picture through a pre-stored character recognition model to form text information to be processed; if the network flow information is in a video or audio form, the voice information in the network flow information is converted into text information through video or audio conversion software.
And step 402, the control terminal performs vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies.
After the control terminal obtains the text information to be processed through step 401, the control terminal performs vocabulary segmentation processing on the text information to be processed based on the text vocabulary segmentation model stored in advance, so that a plurality of information vocabularies are obtained. The text word segmentation model can be a word model such as a hidden Markov model, a conditional random field model and the like, and the embodiment is not particularly limited, can be specifically selected according to actual conditions, and only needs to realize the function of segmenting text information to be processed into a plurality of information words.
And step 403, the control terminal respectively determines the matching degree of each information vocabulary and a preset sensitive vocabulary based on the semantic matching model to obtain a matching result.
The word segmentation is performed on the network traffic information, and then the matching degree between each information vocabulary and the preset sensitive vocabulary is determined in the third manner in the step 202. The matching degree between each information word and the preset sensitive word is calculated one by one based on a semantic matching model, wherein the semantic matching model can be an LSTM matching model, an MV-DSSM [3] model, an ESIM [4] model and the like, the embodiment is not limited at all, and can be specifically selected according to actual conditions, and only the matching degree between each information word and the preset sensitive word needs to be determined.
According to the embodiment of the disclosure, the network flow information is preprocessed into the text information to be processed, so that subsequent unified processing can be facilitated, and the information processing efficiency can be effectively improved; meanwhile, the text information to be processed is divided into a plurality of information vocabularies based on the text word segmentation model, and finally, the matching degree of each information vocabulary and the preset sensitive vocabulary is determined respectively based on the semantic matching model, so that the matching result is accurate, and the matching accuracy is higher. Therefore, the embodiment of the present disclosure improves matching efficiency from multiple dimensions on the premise of improving matching accuracy, and further improves network information processing efficiency for the embodiment of the present disclosure on the premise of ensuring information processing accuracy.
Referring to fig. 5, in an optional embodiment of the present disclosure, the step 203 of determining, by the control terminal, whether the network traffic information includes preset sensitive information according to the matching result includes the following steps 501 to 502:
step 501, if all the matching degrees are smaller than a preset threshold, the control terminal determines that the network traffic information does not contain preset sensitive information.
As shown in step 203, for example, the preset threshold is 80%, and if the matching degrees of all the information vocabularies and the preset sensitive information are less than or equal to 80%, it is determined that the network traffic information does not include the preset sensitive information. Of course, the specific value of the preset threshold is not specifically limited in this embodiment, and may be specifically set according to the actual situation.
Step 502, if at least one matching degree is not less than a preset threshold, the control terminal determines that the network traffic information contains preset sensitive information.
As in step 501, if the matching degree between any information participle and the preset sensitive information is greater than 80%, it is determined that the network traffic information includes the preset sensitive information.
According to the method and the device for identifying the network traffic information, word segmentation is firstly carried out, then the relative size between the matching degree of each information word segmentation and the preset sensitive information and the preset threshold value is judged to determine whether the network traffic information contains the preset sensitive information, through the word segmentation mode, whether the network traffic information contains the preset sensitive information can be efficiently determined, the sensitive information in the network information can be accurately positioned, and the identification effect of the sensitive information is better.
Referring to fig. 6, in an optional embodiment of the present disclosure, the number of the preset sensitive words is multiple, the preset sensitive information is the preset sensitive words, and the step 202, where the control terminal performs semantic matching on the network traffic information and the preset sensitive information to obtain a matching result, includes the following steps 601 to 603:
step 601, the control terminal preprocesses the network traffic information and converts the network traffic information into text information to be processed.
As shown in step 401, the form of the network traffic information may include characters, pictures, videos, audios, and the like, and the control terminal performs format conversion after receiving the network traffic information, and converts the format into a text form for convenient processing. If the network traffic information is a picture, extracting the character information in the picture through a pre-stored character recognition model to form text information to be processed; if the network flow information is in a video or audio form, the voice information in the network flow information is converted into text information through video or audio conversion software.
Step 602, the control terminal performs vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies.
As shown in step 402, after the control terminal obtains the text information to be processed, the control terminal performs vocabulary segmentation processing on the text information to be processed based on the text vocabulary segmentation model stored in advance, so as to obtain a plurality of information vocabularies. The text word segmentation model can be a word model such as a hidden Markov model, a conditional random field model and the like, and the embodiment is not particularly limited, can be specifically selected according to actual conditions, and only needs to realize the function of segmenting text information to be processed into a plurality of information words. For example, the text to be processed is "i just see that there is a section in" this statement "that someone does b things at a", and the information of the text to be processed is input into the text word segmentation model, so that the 14 information words "i/just/see/this day/say/medium/have a section/yes/someone/at/a/do/b things" can be obtained.
Step 603, the control terminal determines the characteristic frequency of each preset sensitive vocabulary in the plurality of information vocabularies respectively.
After the control terminal obtains the plurality of information words, the control terminal searches the plurality of information words one by one based on the preset sensitive words so as to determine the characteristic frequency of each word appearing in the plurality of information words. For example, the preset sensitive words include "b things" and "c things", and for the 14 information words "i/just/see/this day/say/in/have one/fragment/be/someone/at/a/do/b things" in the above step 602, the frequency of occurrence of "b things" in the 14 information words is first found to be 1; then, the feature frequency of 'things c' in the 14 information words is searched for to be 0.
The method comprises the steps of firstly converting network flow information into text information to be processed, then carrying out vocabulary segmentation processing on the text information to be processed based on a text word segmentation model to obtain a plurality of information vocabularies, finally respectively determining the characteristic frequency of each preset sensitive vocabulary in the plurality of information vocabularies, and determining whether the network flow information contains the preset sensitive information based on the characteristic frequency. When the preset sensitive information is less, the method can greatly improve the searching speed of the sensitive information, is beneficial to carrying out statistical analysis on the occurrence weight of each sensitive information, can improve the processing efficiency of the network flow information at this time, and is also beneficial to carrying out information analysis processing at the later stage.
Referring to fig. 7, in an optional embodiment of the present disclosure, the step 203 of determining, by the control terminal, whether the network traffic information includes preset sensitive information according to the matching result includes the following steps 701 to 702:
step 701, if the characteristic frequency corresponding to each preset sensitive vocabulary is 0, the control terminal determines that the network traffic information does not contain the preset sensitive information.
For example, if the number of the preset sensitive words is 5, and the frequency of occurrence of the 5 words is 0, it is determined that the network traffic information does not include the preset sensitive information, and the information can be normally processed, for example, the information is issued or forwarded by the routing forwarding module.
Step 702, if the characteristic frequency corresponding to at least one preset sensitive word is not 0, the control terminal determines that the network traffic information includes preset sensitive information corresponding to the characteristic frequency which is not 0.
For example, in step 603, if the characteristic frequency of the sensitive word "things c" is 0, but the characteristic frequency of "things b" is 1, it is determined that the piece of network traffic information still includes the preset sensitive information, and the piece of network traffic information needs to be processed, such as further screening, masking or blocking.
The embodiment of the disclosure determines whether the network traffic information contains the preset sensitive information based on whether the characteristic frequencies are all 0, and when the preset sensitive information is less, the searching speed of the sensitive information and the reliability of the determination of the sensitive information can be greatly improved.
Referring to fig. 8, in an optional embodiment of the present disclosure, the network traffic information includes a user identity, and the step 204 and the control terminal shield the user corresponding to the network traffic information, which includes the following steps 801 to 802:
step 801, the control terminal searches a target permission configuration file corresponding to the user identity from the user data management system based on the user identity.
The user data management system stores the signing information of different users and the authority configuration files of the users, and the authority configuration files correspond to the user identities one by one. The User Data management system may be a User Data Request (UDR) system, the network traffic information received by the control terminal includes a User identity, and the User identity may be an ID, an identity account, or the like. The control terminal queries in the user management system based on the user identity, and obtains a target authority configuration file corresponding to the user identity based on the one-to-one correspondence relationship between the user identity and the authority configuration file, wherein the authority configuration file refers to functional items executable by the user, such as sending messages, receiving messages and the like.
And step 802, the control terminal configures the message sending authority in the target authority configuration file into a forbidden message sending state.
Once the control terminal determines that the network traffic information contains the preset sensitive information, the control terminal finds out a target permission configuration file of a user corresponding to the network traffic information based on step 801, and modifies permission of sending a message in the target permission configuration file into prohibition so as to prevent the user from continuously sending a message related to the sensitive information.
The method and the device for prohibiting the message sending authority of the user directly use the target authority configuration file in the user data management system to prohibit the message sending authority of the user, not only shields the network flow information containing sensitive information, but also prohibits the message sending authority of the corresponding user, and can effectively prevent the user from further sending some bad information, thereby improving the processing effect of the sensitive information and ensuring the safety and reliability of network communication.
Referring to fig. 9, in order to implement the service processing method, in an embodiment of the present disclosure, a user plane function system 900 is provided. Fig. 9 shows a schematic architecture diagram of a user plane functionality system 900.
Wherein the user plane functionality 900 comprises: an obtaining module 910, a matching module 920, a judging module 930, and a shielding module 940.
An obtaining module 910, configured to obtain network traffic information sent by a user terminal based on an information obtaining interface;
the matching module 920 is configured to perform semantic matching on the network traffic information and preset sensitive information to obtain a matching result;
a determining module 930, configured to determine whether the network traffic information includes preset sensitive information according to the matching result;
the shielding module 940 is configured to shield the network traffic information and shield a user corresponding to the network traffic information if the network traffic information includes preset sensitive information.
In an optional embodiment, the information obtaining interface is configured with a security control switch, and the obtaining module 910 is specifically configured to detect whether the user terminal generates the network traffic information in real time; and if the user terminal generates the network flow information, the safety control switch is turned on, and the network flow information sent by the user terminal is acquired based on the information acquisition interface.
In an optional embodiment, the preset sensitive information is a preset sensitive vocabulary, and the matching module 920 is specifically configured to preprocess the network traffic information and convert the network traffic information into text information to be processed; performing vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies; and respectively determining the matching degree of each information vocabulary and a preset sensitive vocabulary based on the semantic matching model to obtain a matching result.
In an optional embodiment, the determining module 930 is specifically configured to determine that the network traffic information does not include the preset sensitive information if all the matching degrees are smaller than the preset threshold; and if at least one matching degree is not smaller than a preset threshold value, determining that the network flow information contains preset sensitive information.
In an optional embodiment, the number of the preset sensitive words is multiple, the preset sensitive information is preset sensitive words, and the matching module 920 is specifically configured to preprocess the network traffic information and convert the network traffic information into text information to be processed; performing vocabulary segmentation processing on the text information to be processed based on the text word segmentation model to obtain a plurality of information vocabularies; and respectively determining the characteristic frequency of each preset sensitive vocabulary appearing in the plurality of information vocabularies.
In an optional embodiment, the determining module 930 is specifically configured to determine that the network traffic information does not include the preset sensitive information if the characteristic frequency corresponding to each preset sensitive word is 0; and if the characteristic frequency corresponding to at least one preset sensitive vocabulary is not 0, determining that the network traffic information contains preset sensitive information corresponding to the characteristic frequency not 0.
In an optional embodiment, the shielding module 940 is specifically configured to search, based on the user identity, a target permission configuration file corresponding to the user identity from the user data management system; configuring the message sending authority in the target authority configuration file to prohibit sending the message.
Exemplary embodiments of the present disclosure also provide a computer-readable storage medium, which may be implemented in the form of a program product, including program code for causing an electronic device to perform the steps according to various exemplary embodiments of the present disclosure described in the above-mentioned "exemplary method" section of this specification, when the program product is run on the electronic device. In one embodiment, the program product may be embodied as a portable compact disc read only memory (CD-ROM) and include program code, and may be run on an electronic device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider). In the embodiments of the present disclosure, the program code stored in the computer-readable storage medium may implement any one of the steps in the network traffic information processing method as described above when executed.
Referring to fig. 10, an exemplary embodiment of the present disclosure further provides an electronic device 1000, which may be a background server of an information platform. The electronic apparatus 1000 will be described with reference to fig. 10. It should be understood that the electronic device 1000 shown in fig. 10 is only an example and should not bring any limitations to the function and scope of use of the embodiments of the present disclosure.
As shown in fig. 10, the electronic device 1000 is embodied in the form of a general purpose computing device. The components of the electronic device 1000 may include, but are not limited to: at least one processing unit 1010, at least one memory unit 1020, and a bus 1030 that couples various system components including the memory unit 1020 and the processing unit 1010.
Where the storage unit stores program code that may be executed by the processing unit 1010 to cause the processing unit 1010 to perform the steps according to various exemplary embodiments of the present invention described in the "exemplary methods" section above in this specification. For example, the processing unit 1010 may perform the method steps as shown in fig. 2, and the like.
The memory unit 1020 may include volatile memory units such as a random access memory unit (RAM)1021 and/or a cache memory unit 1022, and may further include a read only memory unit (ROM) 1023.
Storage unit 1020 may also include a program/utility 1024 having a set (at least one) of program modules 1025, such program modules 1025 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 1030 may include a data bus, an address bus, and a control bus.
The electronic device 1000 may also communicate with one or more external devices 1100 (e.g., keyboard, pointing device, bluetooth device, etc.), which may be through input/output (I/O) interfaces 1040. The electronic device 1000 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) through the network adapter 1050. As shown, the network adapter 1050 communicates with the other modules of the electronic device 1000 via a bus 1030. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 1000, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
In the embodiment of the present disclosure, when executed, the program code stored in the electronic device may implement any step of the network traffic information processing method as described above.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functions of two or more modules or units described above may be embodied in one module or unit, according to exemplary embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system. Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is to be limited only by the following claims.

Claims (10)

1. A network information processing method is applied to a user plane function system, and the method comprises the following steps:
acquiring network flow information sent by a user terminal based on an information acquisition interface;
semantic matching is carried out on the network flow information and preset sensitive information to obtain a matching result;
judging whether the network flow information contains the preset sensitive information or not according to the matching result;
and if the network traffic information contains the preset sensitive information, shielding the network traffic information and shielding a user corresponding to the network traffic information.
2. The network information processing method according to claim 1, wherein the information obtaining interface is configured with a security control switch, and the obtaining of the network traffic information sent by the user terminal based on the information obtaining interface comprises:
detecting whether the user terminal generates the network flow information in real time;
and if the network flow information is generated by the user terminal, the safety control switch is turned on, and the network flow information sent by the user terminal is acquired based on the information acquisition interface.
3. The network information processing method according to claim 1, wherein the preset sensitive information is a preset sensitive vocabulary, and the semantic matching between the network traffic information and the preset sensitive information to obtain a matching result comprises:
preprocessing the network flow information, and converting the network flow information into text information to be processed;
performing vocabulary segmentation processing on the text information to be processed based on a text word segmentation model to obtain a plurality of information vocabularies;
and respectively determining the matching degree of each information vocabulary and the preset sensitive vocabulary based on a semantic matching model to obtain the matching result.
4. The method according to claim 3, wherein the determining whether the network traffic information includes the preset sensitive information according to the matching result includes:
if all the matching degrees are smaller than a preset threshold value, determining that the network traffic information does not contain the preset sensitive information;
and if at least one matching degree is not smaller than the preset threshold value, determining that the network traffic information contains the preset sensitive information.
5. The network information processing method according to claim 1, wherein the number of the preset sensitive words is plural, the preset sensitive information is a preset sensitive word, and the semantic matching between the network traffic information and the preset sensitive information to obtain a matching result comprises:
preprocessing the network flow information, and converting the network flow information into text information to be processed;
performing vocabulary segmentation processing on the text information to be processed based on a text word segmentation model to obtain a plurality of information vocabularies;
and respectively determining the characteristic frequency of each preset sensitive vocabulary appearing in the plurality of information vocabularies.
6. The method according to claim 5, wherein the determining whether the network traffic information includes the preset sensitive information according to the matching result includes:
if the characteristic frequency corresponding to each preset sensitive vocabulary is 0, determining that the network traffic information does not contain the preset sensitive information;
if the characteristic frequency corresponding to at least one preset sensitive vocabulary is not 0, determining that the network traffic information contains the preset sensitive information corresponding to the characteristic frequency which is not 0.
7. The method according to claim 1, wherein the network traffic information includes a user identity, and the shielding the user corresponding to the network traffic information includes:
searching a target authority configuration file corresponding to the user identity from a user data management system based on the user identity;
configuring the message sending authority in the target authority configuration file to prohibit sending messages.
8. A user plane function system, characterized in that,
the acquisition module is used for acquiring the network flow information sent by the user terminal based on the information acquisition interface;
the matching module is used for performing semantic matching on the network traffic information and preset sensitive information to obtain a matching result;
the judging module is used for judging whether the network flow information contains the preset sensitive information or not according to the matching result;
and the shielding module is used for shielding the network traffic information and shielding a user corresponding to the network traffic information if the network traffic information contains the preset sensitive information.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 7.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1 to 7 via execution of the executable instructions.
CN202111181065.7A 2021-10-11 2021-10-11 Network information processing method, user plane function system, medium, and electronic device Withdrawn CN113904851A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111181065.7A CN113904851A (en) 2021-10-11 2021-10-11 Network information processing method, user plane function system, medium, and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111181065.7A CN113904851A (en) 2021-10-11 2021-10-11 Network information processing method, user plane function system, medium, and electronic device

Publications (1)

Publication Number Publication Date
CN113904851A true CN113904851A (en) 2022-01-07

Family

ID=79191245

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111181065.7A Withdrawn CN113904851A (en) 2021-10-11 2021-10-11 Network information processing method, user plane function system, medium, and electronic device

Country Status (1)

Country Link
CN (1) CN113904851A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117294526A (en) * 2023-11-22 2023-12-26 深圳大智软件技术有限公司 Communication information sharing method and system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9805204B1 (en) * 2015-08-25 2017-10-31 Symantec Corporation Systems and methods for determining that files found on client devices comprise sensitive information
CN108984530A (en) * 2018-07-23 2018-12-11 北京信息科技大学 A kind of detection method and detection system of network sensitive content
CN109740053A (en) * 2018-12-26 2019-05-10 广州灵聚信息科技有限公司 Sensitive word screen method and device based on NLP technology
CN112307770A (en) * 2020-10-13 2021-02-02 深圳前海微众银行股份有限公司 Sensitive information detection method and device, electronic equipment and storage medium
WO2021027533A1 (en) * 2019-08-13 2021-02-18 平安国际智慧城市科技股份有限公司 Text semantic recognition method and apparatus, computer device, and storage medium
CN112559672A (en) * 2021-02-22 2021-03-26 深圳市优讯通信息技术有限公司 Information detection method, electronic device and computer storage medium
CN112733057A (en) * 2020-11-27 2021-04-30 杭州安恒信息安全技术有限公司 Network content security detection method, electronic device and storage medium
CN112968842A (en) * 2021-03-11 2021-06-15 东莞深证通信息技术有限公司 Novel network flow acquisition and analysis method and system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9805204B1 (en) * 2015-08-25 2017-10-31 Symantec Corporation Systems and methods for determining that files found on client devices comprise sensitive information
CN108984530A (en) * 2018-07-23 2018-12-11 北京信息科技大学 A kind of detection method and detection system of network sensitive content
CN109740053A (en) * 2018-12-26 2019-05-10 广州灵聚信息科技有限公司 Sensitive word screen method and device based on NLP technology
WO2021027533A1 (en) * 2019-08-13 2021-02-18 平安国际智慧城市科技股份有限公司 Text semantic recognition method and apparatus, computer device, and storage medium
CN112307770A (en) * 2020-10-13 2021-02-02 深圳前海微众银行股份有限公司 Sensitive information detection method and device, electronic equipment and storage medium
CN112733057A (en) * 2020-11-27 2021-04-30 杭州安恒信息安全技术有限公司 Network content security detection method, electronic device and storage medium
CN112559672A (en) * 2021-02-22 2021-03-26 深圳市优讯通信息技术有限公司 Information detection method, electronic device and computer storage medium
CN112968842A (en) * 2021-03-11 2021-06-15 东莞深证通信息技术有限公司 Novel network flow acquisition and analysis method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HUAWEI, HISILICON: "S3-202499 "New SID on Study on Security Enhancement of UPF deployed in the customer side"", 3GPP TSG_SA\\WG3_SECURITY, no. 3, pages 3 - 4 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117294526A (en) * 2023-11-22 2023-12-26 深圳大智软件技术有限公司 Communication information sharing method and system
CN117294526B (en) * 2023-11-22 2024-03-12 深圳大智软件技术有限公司 Communication information sharing method and system

Similar Documents

Publication Publication Date Title
CN110928931B (en) Sensitive data processing method and device, electronic equipment and storage medium
US9323839B2 (en) Classification rule generation device, classification rule generation method, classification rule generation program, and recording medium
CN106713067B (en) Sensitive file circulation monitoring method based on DPI
CN109800304A (en) Processing method, device, equipment and the medium of case notes
CN112163072B (en) Data processing method and device based on multiple data sources
CN111079408B (en) Language identification method, device, equipment and storage medium
CN106790206A (en) The protocol analysis method and device of operation system
CN109582954A (en) Method and apparatus for output information
CN111314063A (en) Big data information management method, system and device based on Internet of things
CN113904851A (en) Network information processing method, user plane function system, medium, and electronic device
CN109597996B (en) Semantic analysis method, device, equipment and medium
CN104765784A (en) Key words list maintenance method and system
US9672819B2 (en) Linguistic model database for linguistic recognition, linguistic recognition device and linguistic recognition method, and linguistic recognition system
CN110688558B (en) Webpage searching method, device, electronic equipment and storage medium
CN116821903A (en) Detection rule determination and malicious binary file detection method, device and medium
JP2009509229A (en) Message conversion system and method with enhanced context recognition
KR20240013640A (en) Method for detecting harmful url
CN113076932B (en) Method for training audio language identification model, video detection method and device thereof
CN115913655A (en) Shell command injection detection method based on flow analysis and semantic analysis
CN113050987B (en) Method and device for generating interface document, storage medium and electronic equipment
CN113378222A (en) File encryption method and system based on data content identification
CN117473511B (en) Edge node vulnerability data processing method, device, equipment and storage medium
CN115277046B (en) 5G capability open security control method, device, equipment and storage medium
US11941625B2 (en) Systems and methods for real-time classification and verification of data using hierarchal state machines
US20240146744A1 (en) System and method to identify cyber threat intelligence from a group of information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20220107