CN117319999A - Communication device identification method, communication system and electronic device - Google Patents
Communication device identification method, communication system and electronic device Download PDFInfo
- Publication number
- CN117319999A CN117319999A CN202210704850.4A CN202210704850A CN117319999A CN 117319999 A CN117319999 A CN 117319999A CN 202210704850 A CN202210704850 A CN 202210704850A CN 117319999 A CN117319999 A CN 117319999A
- Authority
- CN
- China
- Prior art keywords
- communication
- time delay
- communication equipment
- authentication
- response time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 297
- 238000000034 method Methods 0.000 title claims abstract description 111
- 230000004044 response Effects 0.000 claims abstract description 104
- 230000008569 process Effects 0.000 claims abstract description 42
- 238000000926 separation method Methods 0.000 claims abstract description 32
- 230000005540 biological transmission Effects 0.000 claims abstract description 10
- 238000004590 computer program Methods 0.000 claims description 10
- 230000011664 signaling Effects 0.000 description 9
- 238000007726 management method Methods 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000013500 data storage Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000001934 delay Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000002245 particle Substances 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a communication equipment identification method, a communication system and electronic equipment, wherein the method comprises the following steps: after receiving a startup attachment request sent by communication equipment, carrying out attachment operation on the communication equipment, wherein the attachment operation comprises an authentication process between the communication system and the communication equipment; acquiring an authentication response time delay in an authentication process between the communication system and the communication equipment, wherein the authentication response time delay is used for representing a time interval from the transmission of an authentication request to the communication equipment by the communication system to the reception of an authentication reply message transmitted by the communication equipment; and obtaining a first identification result based on the authentication response time delay, wherein the first identification result is used for indicating whether the communication equipment is in a machine-card separation mode.
Description
[ field of technology ]
The present invention relates to the field of communications technologies, and in particular, to a communications device identification method, a communications system, and an electronic device.
[ background Art ]
The GoIP equipment (such as a gateway and the like) is wireless communication equipment which can bridge VoIP (Voice over Internet Protocol) calls and wireless network calls and support multi-SIM card to use multi-line concurrent calls, has the characteristics of easy installation, strong concealment, large harm and the like, is easy to be used for telecommunication fraud activities and has a tendency of spreading. According to the related requirements of the superior units on the management of GoIP and other related equipment, the monitoring and identification of the GoIP equipment are completed, and the GoIP equipment is effectively positioned.
With the development of technology, the GoIP device has two forms of 'integrated organic card' and 'separated organic card'. In the prior art, the GoIP device can be monitored and identified, but the GoIP device cannot be distinguished in which use mode of 'integrated machine and card' and 'separated machine and card' is adopted.
[ invention ]
In view of the above, the embodiments of the present invention provide a communication device identification method, a communication system, and an electronic device, which can identify whether the communication device is in a card separation mode.
In a first aspect, an embodiment of the present invention provides a method for identifying a communication device, which is applied to a communication system, where the method includes:
after receiving a startup attachment request sent by communication equipment, carrying out attachment operation on the communication equipment, wherein the attachment operation comprises an authentication process between the communication system and the communication equipment;
acquiring an authentication response time delay in an authentication process between the communication system and the communication equipment, wherein the authentication response time delay is used for representing a time interval from the transmission of an authentication request to the communication equipment by the communication system to the reception of an authentication reply message transmitted by the communication equipment;
and obtaining a first identification result based on the authentication response time delay, wherein the first identification result is used for indicating whether the communication equipment is in a machine-card separation mode.
In one possible implementation manner, the obtaining a first identification result based on the authentication response time delay includes:
if the authentication response time delay is greater than a time delay threshold, the first identification result is that the communication equipment is in a machine-card separation form;
and if the authentication response time delay is smaller than or equal to a time delay threshold, the first identification result is that the communication equipment is in a machine-card integrated form.
In one possible implementation manner, the attaching operation further includes a security mode negotiation process between the communication system and the communication device, and the obtaining a first identification result based on the authentication response time delay includes:
acquiring a negotiation response delay in a process of carrying out a secure mode negotiation between the communication system and the communication equipment, wherein the negotiation response delay is used for representing a time interval from the transmission of a secure mode negotiation request from the communication system to the communication equipment to the reception of a secure mode negotiation reply message transmitted by the communication equipment;
and obtaining a first identification result based on the authentication response time delay and the negotiation response time delay.
In one possible implementation manner, the obtaining a first identification result based on the authentication response time delay and the negotiation response time delay includes:
if the difference value between the authentication response time delay and the negotiation response time delay is larger than a difference value threshold, the first identification result is that the communication equipment is in a machine-card separation mode;
and if the difference value between the authentication response time delay and the negotiation response time delay is smaller than or equal to a difference value threshold value, the first identification result is that the communication equipment is in a machine-card integrated form.
In one possible implementation manner, the power-on attachment request includes identity information of the communication device, and after receiving the power-on attachment request sent by the communication device, performing an attachment operation on the communication device includes:
sending an authentication request to the communication equipment according to the identity information of the communication equipment;
receiving an authentication reply message sent by the communication device;
sending a security mode negotiation request to the communication device;
receiving a security mode negotiation reply message sent by the communication device;
transmitting an attach accept message to the communication device;
an attach complete message sent by the communication device is received.
In one possible implementation manner, the method further includes:
when an authentication request is sent to the communication equipment, a first moment is obtained;
obtaining a second moment when receiving an authentication reply message sent by the communication device;
obtaining authentication response time delay according to the difference value between the first time and the second time;
and/or, the method further comprises:
when a security mode negotiation request is sent to the communication equipment, a third moment is obtained;
obtaining a fourth moment when receiving a security mode negotiation reply message sent by the communication device;
and obtaining negotiation response time delay according to the difference value between the third time and the fourth time.
In one possible implementation manner, the communication system further includes a gateway device identification model, and the method further includes:
identifying the communication equipment by using the gateway equipment identification model to obtain a second identification result, wherein the second identification result is used for indicating whether the communication equipment is gateway equipment or not;
and outputting a third identification result based on the first identification result and the second identification result, wherein the third identification result is used for indicating whether the communication equipment is a gateway equipment in a machine-card separation mode.
In a second aspect, the present application provides a communication system comprising:
the communication device comprises an attaching module, a communication module and a communication module, wherein the attaching module is used for attaching the communication device after receiving a startup attaching request sent by the communication device, and the attaching operation comprises an authentication process of the communication system and the communication device;
the time delay acquisition module is used for acquiring authentication response time delay in the authentication process of the communication system and the communication equipment, and the authentication response time delay is used for representing a time interval from the transmission of an authentication request to the communication equipment by the communication system to the reception of an authentication reply message transmitted by the communication equipment;
the identification module is used for obtaining a first identification result based on the authentication response time delay, and the first identification result is used for indicating whether the communication equipment is in a machine-card separation mode.
In a third aspect, an embodiment of the present invention provides an electronic device, including: memory and processor:
the memory is used for storing a computer program;
the processor is configured to execute a computer program stored in the memory, so as to cause the electronic device to perform the method according to the first aspect.
In a fourth aspect, embodiments of the present invention provide a computer readable storage medium comprising a program or instructions which, when run on a computer, performs a method as described in the first aspect.
Compared with the prior art, the technical scheme has at least the following beneficial effects:
the communication equipment identification method, the communication equipment identification system and the electronic equipment disclosed by the embodiment of the invention can distinguish GoIP equipment in two forms of 'integrated machine and card' and 'separated machine and card'.
[ description of the drawings ]
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of a method for identifying a communication device according to embodiment 1 of the present invention;
fig. 2 is a schematic diagram of a startup attachment signaling flow in the communication device identification method provided in embodiment 1 of the present invention;
fig. 3 is a key hierarchy structural diagram in the communication device identification method provided in embodiment 1 of the present invention;
fig. 4 is a schematic structural diagram of a communication system according to embodiment 2 of the present invention.
Reference numerals:
10-attaching a module; 20-a time delay acquisition module; 30-an identification module.
[ detailed description ] of the invention
For a better understanding of the technical solution of the present invention, the following detailed description of the embodiments of the present invention refers to the accompanying drawings.
It should be understood that the described embodiments are merely some, but not all, embodiments of the invention. All other embodiments, based on the embodiments of the invention, which a person of ordinary skill in the art would obtain without making any inventive effort, are within the scope of the invention.
In the related art, a GoIP device monitoring model is provided for configuring a main feature-designated identification policy, which is that a telecommunication fraud partner uses a GoIP device to generate a large number of call records, through information such as a call duration, a call number, and the number of devices in an area, so as to monitor and identify whether a communication device is a GoIP device. Specifically, the GoIP device monitoring model mainly includes the following features for identifying the GoIP device:
1. number of single day call times, calling duty ratio and called dispersion degree are all higher than a certain threshold value;
2. numbers conforming to the first characteristic are concentrated to talk in the same cell, or a plurality of main active cells are consistent, or concentrated roaming is carried out to a high-risk roaming place, or a plurality of numbers and a plurality of IMEIs are mutually associated;
3. numbers conforming to the first feature in cells with 15 minutes granularity traffic increased by 500% or reduced by 80%;
4. the number conforming to the first feature is a cell with a 500% increase in 15-minute granularity power on or power off.
However, the GoIP device monitoring model can monitor and identify the GoIP device and locate the GoIP device, but cannot distinguish which of the two modes of "integrated machine and card separation" the GoIP device is in.
Therefore, the application provides a communication equipment identification method, a communication equipment identification system and electronic equipment, which can identify whether the communication equipment is in a machine-card separation mode.
Example 1
The embodiment 1 of the invention provides a communication device identification method, as shown in fig. 1, the method is applied to a communication system, the communication system can provide a wireless call function, and a plurality of communication devices can perform wireless call by accessing the communication system. The communication device may include a user terminal UE (e.g., a mobile phone, a telephone watch, etc.) or a gateway device (e.g., a GoIP device), etc., and the communication device may include a set-card integrated configuration and a set-card separated configuration, and the communication device identification method may identify whether the communication device is in the set-card separated configuration.
According to the communication equipment identification method provided by the embodiment of the application, the communication equipment in the machine-card separation state can be identified by performing characteristic analysis on the process of starting up the communication equipment (such as 4G equipment and the like) and attaching the communication equipment to a communication system.
In this embodiment, the communication system may include a plurality of core network elements, such as a mobility management network element (Mobility Managemengt Entity, MME for short) and a subscription data storage network element (Home Subscriber SERVER, HSS for short). The mobility management network element MME is mainly responsible for the functions of access control, mobility management, session management, routing and the like. The subscription data storage network element HSS is a server for storing subscription information of users, and is mainly responsible for managing subscription data of users and location information of mobile users.
As shown in fig. 1, the communication device identification method may include the steps of:
s101, after receiving a startup attachment request sent by communication equipment, attaching the communication equipment, wherein the attachment operation comprises an authentication process of the communication system and the communication equipment.
In this embodiment, step S101 is used to represent an operation performed on the communication system side in a power-on attach signaling procedure of the communication device and the communication system, where, as shown in fig. 2, the power-on attach signaling procedure may include the following processes:
(1) The communication equipment sends a startup attachment request to the MME, wherein the startup attachment request can contain identity information of the communication equipment, such as equipment name, ID and the like; (2) MME obtains authentication vector from HSS according to identity information of communication equipment; (3) the MME completes bidirectional authentication with the communication equipment; (4) the MME completes the security mode negotiation with the communication equipment; (5) MME reports the current state information of the communication equipment, such as positioning position information and the like, to HSS; (6) the MME acknowledging the attach request completion with the communication device.
That is, the process (3) of the power-on attach signaling procedure may be used to represent an authentication procedure of the communication system and the communication device, and the process (4) of the power-on attach signaling procedure may be used to represent a security mode negotiation procedure of the communication device and the communication device.
Specifically, step S101 may include:
s201, according to the identity information of the communication equipment, an authentication request is sent to the communication equipment;
s202, receiving an authentication reply message sent by the communication equipment;
s203, sending a security mode negotiation request to the communication equipment;
s204, receiving a security mode negotiation reply message sent by the communication equipment;
s205, sending an attachment acceptance message to the communication equipment;
s206, receiving an attachment completion message sent by the communication equipment.
That is, step S201 and step S202 correspond to the authentication procedure of the startup attachment signaling procedure, step S203 and step S204 correspond to the security mode negotiation procedure of the startup attachment signaling procedure, and step S205 and step S206 correspond to the confirmation attachment request completion procedure of the startup attachment signaling procedure.
S102, acquiring authentication response time delay in the authentication process of the communication system and the communication equipment.
In this embodiment, the authentication response time delay may be used to represent a time interval from the transmission of an authentication request by the communication system to the communication device to the reception of an authentication reply message transmitted by the communication device.
Specifically, the method further comprises:
s301, when an authentication request is sent to the communication equipment, a first moment is obtained;
s302, when receiving an authentication reply message sent by the communication equipment, obtaining a second moment;
s303, obtaining authentication response time delay according to the difference value between the first time and the second time.
That is, the first time is used to represent the time when the communication system transmits an authentication request to the communication device, and the second time is used to represent the time when the communication system receives an authentication reply message transmitted by the communication device. The difference between the first time instant and the second time instant may be used to represent an authentication response delay.
Considering that for the communication device in the form of machine-card separation, the communication device needs to acquire the information of the SIM card (SubscriberIdentity Module, subscriber identity module card) through the internet before performing the startup attachment, and the information is used for providing the identity information of the communication device, completing the authentication process and completing the security mode negotiation process in the processes (1), (3) and (4) of the startup attachment signaling flow respectively. As shown in fig. 3, according to the requirements of the protocol specifications such as 3gpp TS 33.401, the identity data such as IMSI (International Mobile Subscriber IdentificationNumber, international mobile subscriber identity) in procedure (1) and the like and the intermediate key K in procedure (4) are used ASME The derived NAS/AS layer encryption/integrity protection keys can be sent from the SIM card to the communication device and stored in the communication device, where the NAS layer is a non-access layer of the communication system and the NS layer is an access layer of the communication system. While the root key K required for computing key data such as AUTN (Authentication Token ) and RES (encryption algorithm) in the authentication process of the process (3) must be always stored in the SIM card.
That is, for the communication device in the form of a separate set-top box, the second interaction with the SIM card data needs to be completed through the internet in the authentication process of the process (3), while the communication device in the form of an integral set-top box does not need to complete the second interaction with the SIM card data through the internet in the authentication process of the process (3). Therefore, the authentication response time delay of the communication equipment in the machine-card separation mode in the authentication process is relatively high.
S103, obtaining a first identification result based on the authentication response time delay.
In this embodiment, the first identification result is used to indicate whether the communication device is in a card-separation mode. That is, since the authentication response delay of the communication device in the form of machine-card separation in the authentication process is higher than the authentication response delay of the communication device in the form of machine-card integration in the authentication process, it can be judged whether the communication device is in the form of machine-card separation according to the magnitude of the authentication response delay.
In one possible implementation manner, step S103 may include:
s401, if the authentication response time delay is larger than a time delay threshold, the first identification result is that the communication equipment is in a machine-card separation mode;
s402, if the authentication response time delay is smaller than or equal to a time delay threshold, the first identification result is that the communication equipment is in a machine-card integrated form.
The time delay threshold may be obtained according to an authentication response time delay of the communication device in the integrated form of the machine and the card in the authentication process, for example, the time delay threshold may be obtained by calculating a maximum value of authentication response time delays of a plurality of communication devices in the integrated form of the machine and the card in the authentication process, or the time delay threshold is an empirical value, etc., which is not limited herein.
In this embodiment, considering that the quality of the wireless network may affect the authentication response delay of the communication device in the authentication process to a certain extent, for example, that the quality of the wireless network is poor, the authentication response delay will be increased, thereby resulting in poor recognition accuracy. Therefore, to improve the recognition accuracy, interference of wireless network quality needs to be removed from the communication device with higher authentication response time delay.
In one possible implementation manner, step S103 may include:
s501, acquiring negotiation response time delay in a security mode negotiation process of the communication system and the communication equipment;
s502, obtaining a first identification result based on the authentication response time delay and the negotiation response time delay.
In this embodiment, the negotiation response time delay is used to represent a time interval from the transmission of a security mode negotiation request from the communication system to the communication apparatus to the reception of a security mode negotiation reply message transmitted by the communication apparatus.
In one possible implementation manner, the method may further include:
s601, when a security mode negotiation request is sent to the communication equipment, a third moment is obtained;
s602, obtaining a fourth time when receiving a security mode negotiation reply message sent by the communication equipment;
and S603, obtaining negotiation response time delay according to the difference value between the third time and the fourth time.
That is, the third time is used to represent the time when the communication system transmits the security mode negotiation request to the communication device, and the fourth time is used to represent the time when the communication system receives the security mode negotiation reply message transmitted by the communication device. The difference between the third time and the fourth time may be used to represent the negotiation response delay.
Since the time interval between the communication device replying to the MME during the authentication procedure of procedure (3) and the secure mode negotiation procedure of procedure (4) is typically only tens of milliseconds, no cell handover will typically occur during procedures (3) (4) according to the radio network specification requirements, and the number of bytes of the authentication reply message is typically smaller than the number of bytes of the secure mode negotiation reply message. Thus, in the same cell, the wireless network quality has relatively less impact on the authentication response delay or is similar to the negotiation response delay when the communication device sends an authentication reply message to the communication system in process (3) than when it sends a security mode negotiation reply message to the communication system in process (4).
Therefore, a control variable method is adopted, and the influence of the network quality on the authentication response time delay is removed according to the difference value of the authentication response time delay and the negotiation response time delay, so that the identification accuracy and reliability are improved.
Specifically, in step S502, it may include:
s701, if the difference value between the authentication response time delay and the negotiation response time delay is greater than a difference value threshold, the first identification result is that the communication equipment is in a machine-card separation form;
s702, if the difference value between the authentication response time delay and the negotiation response time delay is smaller than or equal to a difference value threshold, the first identification result is that the communication equipment is in a machine-card integrated form.
That is, in the power-on attachment process, if the authentication response delay and the negotiation response delay of the communication device are both longer and have no difference (i.e., the difference is smaller than or equal to the difference threshold), it indicates that the authentication response delay is caused by poor wireless network quality, and if the authentication response delay of the communication device is higher than the negotiation response delay and the difference is greater (i.e., the difference is greater than the difference threshold), it indicates that the network quality of the communication device is better, and the authentication response delay is caused by the communication device being in a set-card separation form.
The difference threshold may be obtained according to a difference between the authentication response time delay and the negotiation response time delay of the communication device in the set-card separation mode, for example, the difference threshold may be obtained by calculating a minimum value of differences between the authentication response time delays and the negotiation response times of a plurality of communication devices in the set-card separation mode, or the difference threshold is an empirical value, and is not limited herein.
In this embodiment, the communication system may further include a gateway device identification model, where the gateway device identification model is used to identify whether the communication device is a gateway device (such as a GoIP device, etc.), and the gateway device identification model may refer to specific features or principles of the aforementioned GoIP device monitoring model, which is not described herein.
In one possible implementation manner, the method may further include:
s801, identifying the communication equipment by using the gateway equipment identification model to obtain a second identification result, wherein the second identification result is used for indicating whether the communication equipment is gateway equipment or not;
s802, outputting a third identification result based on the first identification result and the second identification result, wherein the third identification result is used for indicating whether the communication equipment is a gateway equipment in a machine-card separation mode.
That is, step S801 may be used to identify whether the communication device is a GoIP device, and steps S101 to S103 described above may be used to identify whether the GoIP device is in a set-card separated form.
Further, in the method, if the third recognition result is that the communication device is the GoIP device in the machine-card separation mode, a prompt message is sent to prompt the relevant departments to perform the control and capture of criminals or relevant personnel according to the use scene of the GoIP device in the machine-card separation mode, so as to avoid escape of criminal group partners and improve the striking force of telecommunication fraud crimes.
It is to be understood that some or all of the steps or operations in the above embodiments are merely examples, and embodiments of the present application may also perform other operations or variations of the various operations. Furthermore, the steps may be performed in a different order than presented in the above embodiments, and it is possible that not all of the operations in the above embodiments may be performed.
Example 2
As shown in fig. 4, in embodiment 2 of the present invention, a communication system 100 is disclosed, and the communication system 100 may include:
an attaching module 10, configured to attach a communication device after receiving a power-on attach request sent by the communication device, where the attach operation includes an authentication procedure between the communication system and the communication device;
a delay acquiring module 20, configured to acquire an authentication response delay in an authentication process performed by the communication system and the communication device, where the authentication response delay is used to represent a time interval from sending an authentication request to the communication device by the communication system to receiving an authentication reply message sent by the communication device;
the identification module 30 is configured to obtain a first identification result based on the authentication response time delay, where the first identification result is used to indicate whether the communication device is in a card separation mode.
In one possible implementation, the identification module 30 is further configured to:
if the authentication response time delay is greater than a time delay threshold, the first identification result is that the communication equipment is in a machine-card separation form;
and if the authentication response time delay is smaller than or equal to a time delay threshold, the first identification result is that the communication equipment is in a machine-card integrated form.
In one possible implementation manner, the attaching operation further includes a security mode negotiation procedure performed by the communication system and the communication device, and the identifying module 30 is further configured to:
acquiring a negotiation response delay in a process of carrying out a secure mode negotiation between the communication system and the communication equipment, wherein the negotiation response delay is used for representing a time interval from the transmission of a secure mode negotiation request from the communication system to the communication equipment to the reception of a secure mode negotiation reply message transmitted by the communication equipment;
and obtaining a first identification result based on the authentication response time delay and the negotiation response time delay.
In one possible implementation, the identification module 30 is further configured to:
if the difference value between the authentication response time delay and the negotiation response time delay is larger than a difference value threshold, the first identification result is that the communication equipment is in a machine-card separation mode;
and if the difference value between the authentication response time delay and the negotiation response time delay is smaller than or equal to a difference value threshold value, the first identification result is that the communication equipment is in a machine-card integrated form.
In one possible implementation manner, the power-on attach request includes identity information of the communication device, and the attach module 10 is further configured to:
sending an authentication request to the communication equipment according to the identity information of the communication equipment;
receiving an authentication reply message sent by the communication device;
sending a security mode negotiation request to the communication device;
receiving a security mode negotiation reply message sent by the communication device;
transmitting an attach accept message to the communication device;
an attach complete message sent by the communication device is received.
In one possible implementation, the communication system 100 is further configured to:
when an authentication request is sent to the communication equipment, a first moment is obtained;
obtaining a second moment when receiving an authentication reply message sent by the communication device;
obtaining authentication response time delay according to the difference value between the first time and the second time;
and/or, the communication system 100 is further configured to:
when a security mode negotiation request is sent to the communication equipment, a third moment is obtained;
obtaining a fourth moment when receiving a security mode negotiation reply message sent by the communication device;
and obtaining negotiation response time delay according to the difference value between the third time and the fourth time.
In one possible implementation, the communication system further includes a gateway device identification model, and the communication system 100 is further configured to:
identifying the communication equipment by using the gateway equipment identification model to obtain a second identification result, wherein the second identification result is used for indicating whether the communication equipment is gateway equipment or not;
and outputting a third identification result based on the first identification result and the second identification result, wherein the third identification result is used for indicating whether the communication equipment is a gateway equipment in a machine-card separation mode.
It will be appreciated that the communication system 100 provided in the embodiment shown in fig. 4 may be used to implement the technical solution of the method embodiment shown in fig. 1 of the present application, and the principle and technical effects thereof may be further referred to in the related description of the method embodiment.
It should be understood that the above division of the respective modules of the communication system 100 shown in fig. 4 is merely a division of a logic function, and may be fully or partially integrated into a physical entity or may be physically separated. And these modules may all be implemented in software in the form of calls by the processing element; or can be realized in hardware; it is also possible that part of the modules are implemented in the form of software called by the processing element and part of the modules are implemented in the form of hardware. For example, the identification module may be a separately established processing element or may be implemented integrated in a certain chip of the electronic device. The implementation of the other modules is similar. In addition, all or part of the modules can be integrated together or can be independently implemented. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in a software form.
For example, the modules above may be one or more integrated circuits configured to implement the methods above, such as: one or more specific integrated circuits (Application Specific Integrated Circuit; hereinafter abbreviated as ASICs), or one or more microprocessors (Digital Singnal Processor; hereinafter abbreviated as DSPs), or one or more field programmable gate arrays (Field Programmable GateArray; hereinafter abbreviated as FPGAs), etc. For another example, the modules may be integrated together and implemented in the form of a System-On-a-Chip (SOC).
Example 3
Embodiment 3 of the present invention provides an electronic device, including: memory and processor:
a memory for storing a computer program;
a processor for executing the computer program stored in the memory to cause the electronic device to perform the method of embodiment 1.
The processor and the memory may communicate with each other via an internal connection, and may communicate control and/or data signals, the memory being adapted to store a computer program, the processor being adapted to call and run the computer program from the memory.
The memory may be read-only memory (ROM), other types of static storage devices that can store static information and instructions, random access memory (random access memory, RAM) or other types of dynamic storage devices that can store information and instructions, electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), compact disc read-only memory (compact disc read-only memory) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media, or other magnetic storage devices, or any other media that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, etc.
Example 4
Embodiment 4 of the present invention provides a computer-readable storage medium including a program or instructions which, when run on a computer, performs the method of embodiment 1.
According to the communication equipment identification method, the system and the electronic equipment disclosed by the embodiment of the invention, the influence of the weight of the current data is enhanced through the forgetting factor, the influence of the historical data is reduced, the optimal position of the particle is calculated, the extreme value position of the particle is replaced by the optimal position, the rapid response capability of the system to the current environment and the change of the user model is enhanced, the convergence speed and the optimization precision of the system algorithm are accelerated, the parameter configuration problem of the base station in each scene is solved, and the service quality of the base station is improved.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line (Digital Subscriber Line, DSL)) or wireless (e.g., infrared, wireless, microwave, etc.) means. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy Disk, a hard Disk, a magnetic tape), an optical medium (e.g., a high-density digital video disc (Digital Video Disc, DVD)), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather to enable any modification, equivalent replacement, improvement or the like to be made within the spirit and principles of the invention.
Claims (10)
1. A method for identifying a communication device, applied to a communication system, the method comprising:
after receiving a startup attachment request sent by communication equipment, carrying out attachment operation on the communication equipment, wherein the attachment operation comprises an authentication process between the communication system and the communication equipment;
acquiring an authentication response time delay in an authentication process between the communication system and the communication equipment, wherein the authentication response time delay is used for representing a time interval from the transmission of an authentication request to the communication equipment by the communication system to the reception of an authentication reply message transmitted by the communication equipment;
and obtaining a first identification result based on the authentication response time delay, wherein the first identification result is used for indicating whether the communication equipment is in a machine-card separation mode.
2. The method for identifying a communication device according to claim 1, wherein the obtaining a first identification result based on the authentication response time delay includes:
if the authentication response time delay is greater than a time delay threshold, the first identification result is that the communication equipment is in a machine-card separation form;
and if the authentication response time delay is smaller than or equal to a time delay threshold, the first identification result is that the communication equipment is in a machine-card integrated form.
3. The method for identifying a communication device according to claim 1, wherein the attaching operation further includes a security mode negotiation process between the communication system and the communication device, and the obtaining a first identification result based on the authentication response time delay includes:
acquiring a negotiation response time delay in a process of carrying out security mode negotiation between the communication system and the communication equipment, wherein the negotiation response time delay is used for representing a time interval from the transmission of a security mode negotiation request to the communication equipment by the communication system to the reception of a security mode negotiation reply message transmitted by the communication equipment;
and obtaining a first identification result based on the authentication response time delay and the negotiation response time delay.
4. The method for identifying a communication device according to claim 3, wherein the obtaining a first identification result based on the authentication response delay and the negotiation response delay includes:
if the difference value between the authentication response time delay and the negotiation response time delay is larger than a difference value threshold, the first identification result is that the communication equipment is in a machine-card separation mode;
and if the difference value between the authentication response time delay and the negotiation response time delay is smaller than or equal to a difference value threshold value, the first identification result is that the communication equipment is in a machine-card integrated form.
5. The method for identifying a communication device according to claim 1, wherein the power-on attach request includes identity information of the communication device, and the attaching operation is performed on the communication device after receiving the power-on attach request sent by the communication device, including:
sending an authentication request to the communication equipment according to the identity information of the communication equipment;
receiving an authentication reply message sent by the communication device;
sending a security mode negotiation request to the communication device;
receiving a security mode negotiation reply message sent by the communication device;
transmitting an attach accept message to the communication device;
an attach complete message sent by the communication device is received.
6. The communication device identification method of claim 5, wherein the method further comprises:
when an authentication request is sent to the communication equipment, a first moment is obtained;
obtaining a second moment when receiving an authentication reply message sent by the communication device;
obtaining authentication response time delay according to the difference value between the first time and the second time;
and/or, the method further comprises:
when a security mode negotiation request is sent to the communication equipment, a third moment is obtained;
obtaining a fourth moment when receiving a security mode negotiation reply message sent by the communication device;
and obtaining negotiation response time delay according to the difference value between the third time and the fourth time.
7. The communication device identification method according to any one of claims 1 to 6, wherein the communication system further comprises a gateway device identification model, the method further comprising:
identifying the communication equipment by using the gateway equipment identification model to obtain a second identification result, wherein the second identification result is used for indicating whether the communication equipment is gateway equipment or not;
and outputting a third identification result based on the first identification result and the second identification result, wherein the third identification result is used for indicating whether the communication equipment is a gateway equipment in a machine-card separation mode.
8. A communication system, the communication system comprising:
the communication device comprises an attaching module, a communication module and a communication module, wherein the attaching module is used for attaching the communication device after receiving a startup attaching request sent by the communication device, and the attaching operation comprises an authentication process of the communication system and the communication device;
the time delay acquisition module is used for acquiring authentication response time delay in the authentication process of the communication system and the communication equipment, and the authentication response time delay is used for representing a time interval from the transmission of an authentication request to the communication equipment by the communication system to the reception of an authentication reply message transmitted by the communication equipment;
the identification module is used for obtaining a first identification result based on the authentication response time delay, and the first identification result is used for indicating whether the communication equipment is in a machine-card separation mode.
9. An electronic device, comprising: memory and processor:
the memory is used for storing a computer program;
the processor being configured to execute a computer program stored in the memory to cause the electronic device to perform the method of any one of claims 1 to 7.
10. A computer readable storage medium comprising a program or instructions which, when run on a computer, performs the method of any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210704850.4A CN117319999A (en) | 2022-06-21 | 2022-06-21 | Communication device identification method, communication system and electronic device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210704850.4A CN117319999A (en) | 2022-06-21 | 2022-06-21 | Communication device identification method, communication system and electronic device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117319999A true CN117319999A (en) | 2023-12-29 |
Family
ID=89279904
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210704850.4A Pending CN117319999A (en) | 2022-06-21 | 2022-06-21 | Communication device identification method, communication system and electronic device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117319999A (en) |
-
2022
- 2022-06-21 CN CN202210704850.4A patent/CN117319999A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220086621A1 (en) | Data feeds for management of consumer esims by an esim profile management platform | |
US9769867B2 (en) | Optimization of power consumption in dual SIM mobiles in connected mode in a wireless network | |
WO2017166221A1 (en) | Radio access control method, device and system | |
US20220272607A1 (en) | Network Access Method and Communication Apparatus | |
US11337064B2 (en) | Systems and methods for enhanced authentication techniques using network-implemented location determination | |
CN102396203A (en) | Emergency call handling in accordance with authentication procedure in communication network | |
US11871223B2 (en) | Authentication method and apparatus and device | |
US9713176B2 (en) | Telecommunication method and telecommunication system | |
CN111278036B (en) | Method and device for acquiring MAC address | |
EP3522668B1 (en) | Method and device for trust relationship establishment | |
US11792633B2 (en) | Device authentication verification for device registration | |
EP4135376A1 (en) | Method and device for secure communication | |
EP3155840B1 (en) | Transit network communication routing | |
CN111405607A (en) | Network switching method, equipment and block chain system | |
CN115412911A (en) | Authentication method, communication device and system | |
CN106258015B (en) | Service distribution method and device | |
CN114697945B (en) | Method and device for generating discovery response message and method for processing discovery message | |
CN107786937B (en) | Method for realizing mobile terminal localization roaming, mobile terminal and roaming server | |
CN117319999A (en) | Communication device identification method, communication system and electronic device | |
EP2566126A1 (en) | Secure storage of provisioning data on network for control of lawful intercept | |
US20220232382A1 (en) | Controlling provision of access to restricted local operator services by user equipment | |
CN115706997A (en) | Authorization verification method and device | |
EP4037344B1 (en) | Method and apparatus for accessing network | |
US11902786B1 (en) | SIM swap fraud prevention | |
US20230224310A1 (en) | Data analysis method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |