CN117834776B - An intelligent monitoring system for suspicious calls of mobile users - Google Patents
An intelligent monitoring system for suspicious calls of mobile users Download PDFInfo
- Publication number
- CN117834776B CN117834776B CN202410015885.6A CN202410015885A CN117834776B CN 117834776 B CN117834776 B CN 117834776B CN 202410015885 A CN202410015885 A CN 202410015885A CN 117834776 B CN117834776 B CN 117834776B
- Authority
- CN
- China
- Prior art keywords
- suspicious
- platform
- reminding
- analysis
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 96
- 238000004458 analytical method Methods 0.000 claims abstract description 92
- 238000004891 communication Methods 0.000 claims abstract description 10
- 241000700605 Viruses Species 0.000 claims description 31
- 230000002147 killing effect Effects 0.000 claims description 16
- 238000011156 evaluation Methods 0.000 claims description 15
- 238000011835 investigation Methods 0.000 claims description 14
- 230000008439 repair process Effects 0.000 claims description 14
- 238000000034 method Methods 0.000 claims description 11
- 230000007123 defense Effects 0.000 claims description 10
- 230000001960 triggered effect Effects 0.000 claims description 6
- 230000000694 effects Effects 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000012549 training Methods 0.000 claims description 3
- 238000012797 qualification Methods 0.000 claims description 2
- 230000011664 signaling Effects 0.000 abstract description 9
- 238000010276 construction Methods 0.000 abstract description 5
- 238000012545 processing Methods 0.000 abstract description 4
- 230000002265 prevention Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 5
- 238000012423 maintenance Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/22—Arrangements for supervision, monitoring or testing
- H04M3/2281—Call monitoring, e.g. for law enforcement purposes; Call tracing; Detection or prevention of malicious calls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/42—Systems providing special services or facilities to subscribers
- H04M3/42136—Administration or customisation of services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/42—Systems providing special services or facilities to subscribers
- H04M3/487—Arrangements for providing information services, e.g. recorded voice services or time announcements
- H04M3/4872—Non-interactive information services
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Technology Law (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention belongs to the technical field of telephone monitoring, in particular to an intelligent monitoring system for a mobile user suspicious telephone, which comprises a suspicious telephone monitoring reminding platform, wherein the suspicious telephone monitoring reminding platform comprises a suspicious telephone reminding service signing module, a user reminding strategy generating module, a suspicious number library, a user calling behavior monitoring module, a real-time calling authentication module and a reminding information pushing module; the I P network based on the IMS core network carries out call forwarding, does not need to carry out monitoring equipment deployment and link bypass construction, has very low implementation cost, is based on subscription triggering of service users, has smaller monitored call signaling data volume, is based on HSS subscription processing, does not relate to processing of other core communication network elements, does not need to carry out supplementary implementation according to core network capacity expansion, has strong adaptability, and fully ensures suspicious prevention performance by combining user disturbance supervision analysis, platform security supervision analysis and trust degree analysis.
Description
Technical Field
The invention relates to the technical field of telephone monitoring, in particular to an intelligent monitoring system for a mobile user suspicious telephone.
Background
With the continuous development of communication technology, the problems of suspicious telephones are more and more prominent, the telephones often impersonate institutions such as banks, public security and government, personal information and property of users are fraught for various reasons, personal safety and property safety of citizens are seriously endangered, the prior art adopts a suspicious telephone monitoring platform to carry out calling call monitoring, and a bypass acquisition mode is carried out on links so as to realize calling event monitoring, thereby preventing suspicious telephones, but the links needing to be monitored are relatively more, and corresponding bypass equipment and signaling acquisition equipment are required to be deployed, so that engineering implementation is complex, engineering workload is very large, implementation cost is high, almost all call signaling data are acquired, data volume is large, resource requirements on a system are correspondingly high, and link bypass acquisition construction needs to be timely carried out, maintenance workload is very large;
In view of the above technical drawbacks, a solution is now proposed.
Disclosure of Invention
The invention aims to provide an intelligent monitoring system for a mobile user suspicious phone, which solves the problems that in the prior art, a bypass acquisition mode is carried out on links to realize call event monitoring, the links to be monitored are more, engineering implementation is complex, engineering workload is very large, implementation cost is high, data volume is large, the resource requirement on the system is higher, and the link bypass acquisition construction which needs to be timely supplemented is very large, maintenance workload is very large, and the combination analysis of platform safety and platform user trust degree is difficult to realize, and the platform improvement is difficult to be timely and targeted.
In order to achieve the above purpose, the present invention provides the following technical solutions:
The intelligent monitoring system for the mobile user suspicious telephone comprises a suspicious telephone monitoring reminding platform, wherein the suspicious telephone monitoring reminding platform comprises a suspicious telephone reminding service signing module, a user reminding strategy generation module, a suspicious number library, a user calling behavior monitoring module, a real-time calling authentication module and a reminding information pushing module, the suspicious telephone reminding service signing module is used for distributing corresponding service keys for the suspicious telephone reminding service, acquiring service handling requests of users, signing service keys for the users at an HSS when the users handle the suspicious telephone reminding service, marking the corresponding users as signing users after the corresponding users successfully sign the suspicious telephone reminding service, and sending the signing users to the user reminding strategy generation module through the suspicious telephone monitoring reminding platform;
the user call behavior monitoring module is used for carrying out call monitoring on the corresponding subscriber, when the corresponding subscriber makes a call, the S-CSCF routes the call to the suspicious phone monitoring and reminding platform according to the subscription information of the corresponding subscriber at the HSS, and the suspicious phone monitoring and reminding platform triggers suspicious phone reminding service based on the call of the corresponding subscriber;
When a suspicious phone reminding service is triggered, the real-time call authentication module authenticates the number which corresponds to the subscriber and is called by the subscriber in real time based on the real-time call calling behavior of the corresponding subscriber and combines a suspicious number library, if the number of the calling party is determined to be the suspicious number, a harassment reminding signal is generated and sent to the reminding information pushing module through the suspicious phone monitoring reminding platform, and after the harassment reminding signal is received by the reminding information pushing module, the mobile phone of the corresponding subscriber is pushed with a flick screen flash message based on the suspicious phone reminding strategy of the corresponding subscriber and corresponding suspicious reminding content so as to remind the corresponding subscriber to improve vigilance.
Further, the suspicious phone reminding policy model based on the user reminding policy generation module relates to a trigger party, a receiver, a trigger scene and push contents, wherein the trigger party comprises a single number, a number group and a call category, the call category comprises international calls, IP calls and hidden number calls, the receiver comprises a single number, a number group, regional users and home operators, the geographic position related to the regional users comprises provinces and cities, the trigger scene comprises a suspicious phone answering trigger and a harassment phone dialing trigger, and the push contents comprise fixed contents and dynamic templates.
Furthermore, the suspicious phone monitoring and reminding platform further comprises a number library analysis and updating module, wherein the number library analysis and updating module is used for defining a suspicious number analysis model, training and upgrading the suspicious number analysis model, collecting an offline call record list, combining the suspicious number analysis model to analyze the suspicious number, capturing the suspicious number through analysis, and sending captured suspicious number information to a suspicious number library for storage through the suspicious phone monitoring and reminding platform.
Further, the suspicious phone monitoring and reminding platform also comprises a user supervision and analysis module, wherein the user supervision and analysis module is used for setting a supervision period, collecting the call frequency of the suspicious phone carried out by the corresponding subscriber in the supervision period and marking the call frequency as harassment frequency, collecting the time interval between two adjacent call and marking the time interval as interval duration, carrying out summation calculation on all the interval durations and taking an average value to obtain harassment interval values;
And respectively comparing the disturbance frequency and the disturbance time value with a preset disturbance frequency threshold value and a preset disturbance time threshold value, if the disturbance frequency exceeds the preset disturbance frequency threshold value or the disturbance time value exceeds the preset disturbance time threshold value, generating suspicious early warning signals corresponding to the subscribers, sending the suspicious early warning signals and related call information to mobile phones of the corresponding subscribers, and improving vigilance after the corresponding subscribers receive the suspicious early warning signals and carrying out source investigation according to requirements.
Further, after suspicious early warning signals of corresponding subscribers are generated, the area positions related to each call of harassment calls in a supervision period are collected, the call times of the corresponding areas are obtained through statistics and marked as area pass frequency values of the corresponding areas, the area pass frequency values are compared with preset area pass frequency thresholds, if the area pass frequency values exceed the preset area pass frequency thresholds, the corresponding areas are marked as suspicious source areas, all suspicious source areas are sent to mobile phones of the corresponding subscribers, and the corresponding subscribers are reminded of carrying out subsequent calls of the corresponding areas carefully.
The system comprises a platform management and control end, a suspicious telephone monitoring and reminding platform, a platform trust degree supervision and analysis module, a platform security supervision and analysis module, a platform management and control end and a platform trust degree supervision and reminding module, wherein the suspicious telephone monitoring and reminding platform is in communication connection with the platform management and control end, the platform security supervision and analysis module carries out platform security supervision and analysis on the suspicious telephone monitoring and reminding platform, generates a platform security early warning signal or a platform security qualified signal through analysis, sends the platform security early warning signal or the platform security qualified signal to the platform management and control end through the suspicious telephone monitoring and reminding platform, timely carries out reason investigation and strengthens platform security supervision measures after the platform management and control end receives the platform security early warning signal, and the platform trust degree supervision and analysis module is used for carrying out trust degree analysis on the suspicious telephone monitoring and reminding platform, generating a trust degree qualified signal or trust degree early warning signal through analysis, and timely carrying out platform protection function upgrading after the platform management and control end receives the trust degree early warning signal so as to guarantee suspicious effects.
Further, the specific analysis process of the platform security supervision analysis comprises the following steps:
Acquiring a network vulnerability growth rate and a network virus growth rate of a suspicious phone monitoring and reminding platform in unit time, respectively comparing the network vulnerability growth rate and the network virus growth rate with a preset network vulnerability growth rate threshold value and a preset network virus growth rate threshold value, generating a platform security early warning signal if at least one of the network vulnerability growth rate and the network virus growth rate exceeds a corresponding preset threshold value, acquiring a vulnerability repair rate and a virus killing rate of the suspicious phone monitoring and reminding platform in unit time if the network vulnerability growth rate and the network virus growth rate do not exceed the corresponding preset threshold value, respectively comparing the vulnerability repair rate and the virus killing rate with the preset vulnerability repair rate threshold value and the preset virus killing rate vulnerability threshold value, and generating the platform security early warning signal if at least one of the repair rate and the virus killing rate exceeds the corresponding preset threshold value.
Further, if the bug repair rate and the virus killing rate do not exceed the corresponding preset thresholds, collecting the collapse times and the network attack defense parameters of the suspicious phone monitoring reminding platform in unit time, respectively comparing the collapse times and the network attack defense parameters with the preset collapse times threshold and the preset network attack defense parameter threshold in numerical values, if the collapse times exceed the preset collapse times threshold or the network attack defense parameters do not exceed the preset network attack defense parameter threshold, generating a platform security early warning signal, otherwise, generating a platform security qualified signal.
Further, the specific analysis process of the trust analysis is as follows:
The method comprises the steps of sending a questionnaire to a subscriber, collecting questionnaire survey results of the subscriber, obtaining survey evaluation scores of the corresponding subscriber based on the questionnaire survey results, carrying out numerical comparison on the survey evaluation scores and preset survey evaluation score thresholds, marking the corresponding subscriber as a positive influence user if the survey evaluation scores exceed the preset survey evaluation score thresholds, otherwise marking the corresponding subscriber as a negative influence user, carrying out ratio calculation on the number of the negative influence users and the number of the positive influence users to obtain a trust degree analysis value, carrying out numerical comparison on the trust degree analysis value and a preset trust degree analysis threshold, generating a trust degree early warning signal if the trust degree analysis value exceeds the preset trust degree analysis threshold, and generating a trust degree qualification signal if the trust degree analysis value does not exceed the preset trust degree analysis threshold.
Compared with the prior art, the invention has the beneficial effects that:
1. in the invention, a suspicious telephone reminding service signing module is used for signing a service key for a user at an HSS, a user reminding policy generating module is used for generating suspicious telephone reminding policies of corresponding signing users so as to flexibly adapt to the needs of different clients, an S-CSCF routes a call to a suspicious telephone monitoring reminding platform according to the signing information of the corresponding signing users at the HSS, a real-time call authentication module is used for authenticating the number which the corresponding signing users call in real time based on the real-time call calling behavior of the corresponding signing users and combining a suspicious number library, and if the number of a calling party is determined to be the suspicious number, a reminding information pushing module is used for pushing the screen flash information to the mobile phone of the corresponding signing users so as to remind the corresponding signing users to improve vigilance;
2. According to the invention, a supervision period is set through a user supervision analysis module, a disturbance frequency and a disturbance interval value of a corresponding subscriber in the supervision period are obtained through analysis, whether a suspicious early warning signal corresponding to the subscriber is generated or not is judged, a suspicious source area is determined when the suspicious early warning signal is generated, the protection of property safety of the subscriber is facilitated, a suspicious telephone monitoring reminding platform is subjected to platform safety supervision analysis through a platform safety supervision analysis module to generate a platform safety early warning signal or a platform safety qualified signal, so that reason investigation is timely conducted, platform safety supervision measures are enhanced, the safety and stability of the platform are ensured, the suspicious telephone monitoring reminding platform is subjected to trust analysis through a platform trust supervision analysis module to generate a trust qualified signal or a trust early warning signal, so that platform protection function is timely upgraded, and the suspicious effect is fully protected.
Drawings
For the convenience of those skilled in the art, the present invention will be further described with reference to the accompanying drawings;
FIG. 1 is an overall system block diagram of the present invention;
FIG. 2 is a schematic flow chart of the method of the present invention;
FIG. 3 is a diagram of a prior art call event monitoring scheme;
FIG. 4 is a diagram illustrating a call event monitoring scheme according to the present invention;
FIG. 5 is a communication block diagram of a user supervision and analysis module according to the present invention;
Fig. 6 is a system block diagram of the second and third embodiments of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 3, in the prior art, a bypass acquisition mode is generally adopted for a link, link signals are bypassed to a signaling acquisition device in a high-impedance device or switch port mirror image mode, the signaling acquisition device analyzes the link signals to extract call events, the signaling acquisition device acquires link signaling data by bypassing the link between an S-CSCF and an I-CSCF and sends the link signaling data to a suspicious phone reminding platform in real time to trigger suspicious phone reminding service.
Embodiment one:
1-2 and 4, the intelligent monitoring system for the mobile user suspicious telephone provided by the invention comprises a suspicious telephone monitoring reminding platform, wherein the suspicious telephone monitoring reminding platform comprises a suspicious telephone reminding service signing module, a user reminding strategy generation module, a suspicious number library, a user calling behavior monitoring module, a real-time calling authentication module and a reminding information pushing module, the suspicious telephone reminding service signing module is used for distributing corresponding service keys for the suspicious telephone reminding service, acquiring service handling requests of users, signing service keys for users in an HSS when the users handle the suspicious telephone reminding service, marking the corresponding users as signing users after the corresponding users successfully sign the suspicious telephone reminding service, and sending the signing users to the user reminding strategy generation module through the suspicious telephone monitoring reminding platform;
The user reminding policy generation module is used for generating suspicious phone reminding policies corresponding to subscribers based on suspicious phone reminding policy models and collecting service demands of the corresponding subscribers, storing identity information of the subscribers and the corresponding suspicious phone reminding policies, flexibly adapting to the demands of different clients and rapidly meeting the service demands of the corresponding clients, wherein the suspicious phone reminding policy models based on the user reminding policy generation module relate to a trigger party, a receiver, a trigger scene and push contents, the trigger party comprises a single number, a number group and a call category, the call category comprises international calls, IP calls and hidden number calls, the receiver comprises a single number, a number group, regional users and home operators, the geographic positions related to the regional users comprise provinces and cities, the trigger scene comprises the triggering of answering the suspicious phone and the triggering of dialing the harassment, and the push contents comprise fixed contents and dynamic templates.
The system comprises a user call behavior monitoring module, a suspicious phone monitoring reminding platform, a number library analysis updating module and a suspicious number library analysis updating module, wherein the user call behavior monitoring module is used for carrying out call monitoring on a corresponding subscriber, when the corresponding subscriber is subjected to call, the S-CSCF routes the call to the suspicious phone monitoring reminding platform according to the subscription information of the corresponding subscriber in an HSS, the suspicious phone monitoring reminding platform triggers suspicious phone reminding service based on the call of the corresponding subscriber, the number library analysis updating module is used for defining a suspicious number analysis model, carrying out training and upgrading of the suspicious number analysis model, collecting an offline call record list, carrying out suspicious number analysis by combining the suspicious number analysis model, and sending the captured suspicious number information to a suspicious number library for storage through the suspicious phone monitoring reminding platform by analyzing and capturing the suspicious number.
When a suspicious phone reminding service is triggered, the real-time call authentication module authenticates the number which corresponds to the subscriber and is called by the subscriber in real time based on the real-time call calling behavior of the corresponding subscriber and combines a suspicious number library, if the number of the calling party is determined to be the suspicious number, a harassment reminding signal is generated and sent to the reminding information pushing module through the suspicious phone monitoring reminding platform, and after the harassment reminding signal is received by the reminding information pushing module, the mobile phone of the corresponding subscriber is pushed with a flick screen flash message based on the suspicious phone reminding strategy of the corresponding subscriber and corresponding suspicious reminding content so as to remind the corresponding subscriber to improve vigilance.
Compared with the prior art, the IMS core network is researched, the IMS core network has a powerful service subscription mechanism, the service key subscription is carried out in the HSS, so that the S-CSCF is triggered to route the call to each AS service platform, a call event monitoring solution with less construction and low cost is constructed by utilizing the functional characteristic of the IMS core network, and compared with the traditional call event monitoring solution, the method has the advantages that the method is completely based on the IP network of the IMS core network for call forwarding, does not need to carry out monitoring equipment deployment and link bypass construction, the implementation cost is very low, the method is based on subscription triggering of service users, only monitors the call of the service users, has smaller monitored call signaling data quantity, has smaller resource requirement on a system and effectively reduces the system cost, and is based on HSS subscription processing, does not relate to processing of other core communication network elements, does not need to carry out supplementary implementation according to core network expansion, and has very strong adaptability.
Further, as shown in fig. 5, the suspicious phone monitoring and reminding platform further includes a user supervision and analysis module, the user supervision and analysis module is used for setting a supervision period, collecting call frequencies of suspicious phones by corresponding subscribers in the supervision period and marking the call frequencies as disturbance frequencies, collecting time intervals of two adjacent call frequencies and marking the time intervals as interval durations, summing all the interval durations and taking an average value to obtain disturbance duration values, respectively comparing the disturbance frequencies and the disturbance duration values with a preset disturbance frequency threshold value and a preset disturbance duration threshold value, and if the disturbance frequencies exceed the preset disturbance frequency threshold value or the disturbance duration values exceed the preset disturbance duration threshold value, generating suspicious early warning signals of corresponding subscribers, sending the suspicious early warning signals and related call information to mobile phones of the corresponding subscribers, and after the corresponding subscribers receive the suspicious early warning signals, carrying out source investigation according to requirements, further improving the performance of preventing suspicious and helping to protect property safety of the subscribers;
After suspicious early warning signals of corresponding subscribers are generated, the positions of areas involved in each call of harassment calls in a supervision period are collected, the call times of the corresponding areas are obtained through statistics and marked as area pass frequency values of the corresponding areas, the area pass frequency values are compared with preset area pass frequency thresholds, if the area pass frequency values exceed the preset area pass frequency thresholds, the corresponding areas are marked as suspicious source areas, all suspicious source areas are sent to mobile phones of the corresponding subscribers, the corresponding subscribers are reminded of carrying out the call of the corresponding areas with follow-up caution, and property safety of the subscribers is further guaranteed.
Embodiment two:
As shown in fig. 6, the difference between the embodiment and the embodiment 1 is that the suspicious phone monitoring reminding platform is in communication connection with the platform management and control end, the suspicious phone monitoring reminding platform further comprises a platform security supervision and analysis module, the platform security supervision and analysis module carries out platform security supervision and analysis on the suspicious phone monitoring reminding platform, generates a platform security early warning signal or a platform security qualified signal through analysis, sends the platform security early warning signal or the platform security qualified signal to the platform management and control end through the suspicious phone monitoring reminding platform, and carries out reason investigation and strengthening platform security supervision measures in time after the platform management and control end receives the platform security early warning signal, so as to ensure the platform security and stability, thereby guaranteeing the call security of all subscribed users, and the specific analysis process of the platform security supervision and analysis is as follows:
Acquiring a network vulnerability growth rate and a network virus growth rate of a suspicious phone monitoring and reminding platform in unit time, respectively comparing the network vulnerability growth rate and the network virus growth rate with a preset network vulnerability growth rate threshold value and a preset network virus growth rate threshold value, generating a platform security early warning signal if at least one of the network vulnerability growth rate and the network virus growth rate exceeds a corresponding preset threshold value, indicating that the safety hidden danger of the platform is large, acquiring a vulnerability repair rate and a virus killing rate of the suspicious phone monitoring and reminding platform in unit time if the network vulnerability growth rate and the network virus growth rate do not exceed the corresponding preset threshold value, respectively comparing the vulnerability repair rate and the virus killing rate with the preset vulnerability repair rate threshold value and the preset virus killing rate threshold value, and generating the platform security early warning signal if at least one of the vulnerability repair rate and the virus killing rate exceeds the corresponding preset threshold value, indicating that the vulnerability repair effect or the virus killing effect is poor;
If the bug repairing rate and the virus killing rate do not exceed the corresponding preset thresholds, collecting the collapse times and the network attack defending parameters of the suspicious phone monitoring reminding platform in unit time, wherein the network attack defending parameters are data values which indicate that the platform is good in defending performance when being attacked by the network, the larger the values of the network attack defending parameters are, the stronger the defending performance of the suspicious phone monitoring reminding platform is, the better the platform safety is, the number of the collapse times and the network attack defending parameters are respectively compared with the preset collapse times threshold and the preset network attack defending parameters threshold, if the collapse times exceed the preset collapse times threshold or the network attack defending parameters do not exceed the preset network attack defending parameters threshold, the platform safety early warning signals are generated, and otherwise the platform safety qualified signals are generated.
Embodiment III:
As shown in fig. 6, the difference between the embodiment and the embodiment 1 and the embodiment 2 is that the suspicious phone monitoring and reminding platform further includes a platform trust degree supervision and analysis module, the platform trust degree supervision and analysis module is configured to perform trust degree analysis on the suspicious phone monitoring and reminding platform, generate a trust degree qualified signal or a trust degree early warning signal through analysis, send the trust degree qualified signal or the trust degree early warning signal to a platform management and control end through the suspicious phone monitoring and reminding platform, and perform platform protection function upgrading in time after the platform management and control end receives the trust degree early warning signal to ensure protection suspicious effects, where a specific analysis process of the trust degree analysis is as follows:
The method comprises the steps of sending a questionnaire to a subscriber, collecting questionnaire survey results of the subscriber, obtaining survey evaluation scores of the corresponding subscriber based on the questionnaire survey results, and comparing the survey evaluation scores with a preset survey evaluation score value, if the survey evaluation scores exceed the preset survey evaluation score value, marking the corresponding subscriber as a positive influence user, otherwise, marking the corresponding subscriber as a negative influence user, calculating the number of the negative influence users and the number of the positive influence user to obtain a trust degree analysis value, comparing the trust degree analysis value with a preset trust degree analysis threshold value, if the trust degree analysis value exceeds the preset trust degree analysis threshold value, generating a trust degree early warning signal, and if the trust degree analysis value does not exceed the preset trust degree analysis threshold value, generating a trust degree qualified signal.
The invention has the working principle that when in use, the suspicious phone reminding service signing module signs the corresponding user as a signing user after the corresponding user successfully signs the suspicious phone reminding service by carrying out service key signing for the user at the HSS when the user handles the suspicious phone reminding service, the user reminding policy generating module generates suspicious phone reminding policies of the corresponding signing user based on the suspicious phone reminding policy model and collects service demands of the corresponding signing user, flexibly adapts to the demands of different clients, the user calling behavior monitoring module routes the call to the suspicious phone monitoring reminding platform according to the signing information of the corresponding signing user at the HSS when the corresponding signing user makes a call, the suspicious phone monitoring reminding platform triggers the suspicious phone reminding service based on the call of the corresponding signing user, the real-time call authentication module authenticates the calling number of the corresponding signing user in real time based on the real-time calling behavior of the corresponding signing user by combining with a suspicious number base, and if the calling number of the calling party is determined to be the suspicious number, the reminding information pushing module pushes the information of a popup screen to the mobile phone of the corresponding signing user so as to remind the corresponding signing user, the user is improved, the HSS-CSCF is based on the calling information of the corresponding signing user, the HSS is not required to be triggered by a low-cost compared with a traditional signing network, a communication network is not required to be compared with a core network based on a low-cost monitoring system, and a communication is required to be triggered by a low-cost monitoring network is not required to be compared with a communication network, the adaptability is strong.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.
Claims (2)
1. The intelligent monitoring system for the mobile user suspicious telephone is characterized by comprising a suspicious telephone monitoring and reminding platform, wherein the suspicious telephone monitoring and reminding platform comprises a suspicious telephone reminding service signing module, a user reminding strategy generating module, a suspicious number library, a user calling behavior monitoring module, a real-time calling authentication module and a reminding information pushing module;
The suspicious phone reminding business signing module is used for distributing corresponding business keys for suspicious phone reminding business, collecting business handling requests of users, signing business keys for users in the HSS when the users handle the suspicious phone reminding business, marking the corresponding users as signing users after the corresponding users successfully sign the suspicious phone reminding business, and sending the signing users to the user reminding policy generating module through the suspicious phone monitoring reminding platform;
The user reminding policy generation module is used for generating suspicious phone reminding policies corresponding to subscribers based on the suspicious phone reminding policy model and collecting service demands of the corresponding subscribers, storing identity information of the subscribers and the corresponding suspicious phone reminding policies, flexibly adapting to the demands of different clients and rapidly meeting the service demands of the corresponding clients;
The user call behavior monitoring module is used for carrying out call monitoring on the corresponding subscribers, when call is generated by the corresponding subscribers, the S-CSCF routes the call to the suspicious phone monitoring reminding platform according to the subscription information of the corresponding subscribers in the HSS, and the suspicious phone monitoring reminding platform triggers suspicious phone reminding service based on the call of the corresponding subscribers;
When a suspicious telephone reminding service is triggered, a real-time call authentication module authenticates the number which corresponds to the subscriber and is called by the subscriber in real time based on the real-time call calling behavior of the corresponding subscriber and combines a suspicious number library, and if the number of the calling party is determined to be the suspicious number, a harassment reminding signal is generated and sent to a reminding information pushing module through a suspicious telephone monitoring reminding platform;
The suspicious phone monitoring reminding platform also comprises a number library analysis updating module, wherein the number library analysis updating module is used for defining a suspicious number analysis model, training and upgrading the suspicious number analysis model, collecting an offline call record list, combining the suspicious number analysis model to perform suspicious number analysis, capturing suspicious numbers through analysis, and sending captured suspicious number information to a suspicious number library for storage through the suspicious phone monitoring reminding platform;
The suspicious phone monitoring and reminding platform also comprises a user supervision and analysis module, wherein the user supervision and analysis module is used for setting a supervision period, collecting the call frequency of the suspicious phone carried out by the corresponding subscriber in the supervision period and marking the call frequency as harassment frequency, collecting the time interval between two adjacent call and marking the time interval as interval duration, carrying out summation calculation on all the interval durations and taking an average value to obtain harassment interval values; respectively comparing the harassment frequency and the harassment time value with a preset harassment frequency threshold value and a preset harassment time threshold value, if the harassment frequency exceeds the preset harassment frequency threshold value or the harassment time value exceeds the preset harassment time threshold value, generating suspicious early warning signals corresponding to the subscribers, sending the suspicious early warning signals and related call information to mobile phones of the corresponding subscribers, and improving vigilance after the corresponding subscribers receive the suspicious early warning signals and carrying out source investigation according to requirements;
After suspicious early warning signals of corresponding subscribers are generated, collecting the area positions related to each call of harassment calls in a supervision period, counting to obtain the call times of the corresponding areas and marking the call times as area pass frequency values of the corresponding areas, comparing the area pass frequency values with preset area pass frequency thresholds, marking the corresponding areas as suspicious source areas if the area pass frequency values exceed the preset area pass frequency thresholds, and sending all suspicious source areas to mobile phones of the corresponding subscribers so as to remind the corresponding subscribers to carry out subsequent cautious calls of the corresponding areas;
The system comprises a suspicious telephone monitoring reminding platform, a platform management and control end, a platform trust degree supervision analysis module, a platform security supervision analysis module, a platform management and control end, a platform security early warning module and a platform security early warning module, wherein the suspicious telephone monitoring reminding platform is in communication connection with the platform management and control end, the platform security supervision analysis module carries out platform security supervision analysis on the suspicious telephone monitoring reminding platform, generates a platform security early warning signal or a platform security qualified signal through analysis, sends the platform security early warning signal or the platform security qualified signal to the platform management and control end through the suspicious telephone monitoring reminding platform, timely carries out reason investigation and strengthens platform security supervision measures after the platform management and control end receives the platform security early warning signal, and the platform trust degree supervision analysis module is used for carrying out trust degree analysis on the suspicious telephone monitoring reminding platform, generating a trust degree qualified signal or a trust degree early warning signal through analysis, and timely carrying out platform precaution function upgrading after the platform management and control end receives the trust degree early warning signal so as to ensure suspicious effects;
Acquiring a network vulnerability growth rate and a network virus growth rate of a suspicious telephone monitoring reminding platform in unit time, respectively comparing the network vulnerability growth rate and the network virus growth rate with a preset network vulnerability growth rate threshold value and a preset network virus growth rate threshold value, generating a platform security early warning signal if at least one of the network vulnerability growth rate and the network virus growth rate exceeds a corresponding preset threshold value, acquiring a vulnerability repair rate and a virus killing rate of the suspicious telephone monitoring reminding platform in unit time if the network vulnerability growth rate and the network virus growth rate do not exceed the corresponding preset threshold value, respectively comparing the vulnerability repair rate and the virus killing rate with the preset vulnerability repair rate threshold value and the preset virus killing rate threshold value, and generating the platform security early warning signal if at least one of the vulnerability repair rate and the virus killing rate exceeds the corresponding preset threshold value;
if the vulnerability restoration rate and the virus killing rate do not exceed the corresponding preset thresholds, collecting the collapse times and the network attack defense parameters of the suspicious telephone monitoring reminding platform in unit time, respectively carrying out numerical comparison on the collapse times and the network attack defense parameters and the preset collapse times threshold and the preset network attack defense parameter threshold, if the collapse times exceed the preset collapse times threshold or the network attack defense parameters do not exceed the preset network attack defense parameter threshold, generating a platform security early warning signal, otherwise, generating a platform security qualified signal;
The specific analysis process of the trust degree analysis comprises the steps of sending a questionnaire to the subscribers, collecting questionnaire investigation results of the subscribers, acquiring investigation evaluation scores of the corresponding subscribers based on the questionnaire investigation results, comparing the investigation evaluation scores with preset investigation evaluation score thresholds, marking the corresponding subscribers as positive influence subscribers if the investigation evaluation scores exceed the preset investigation evaluation score thresholds, otherwise marking the corresponding subscribers as negative influence subscribers, calculating the ratio of the number of the negative influence subscribers to the number of the positive influence subscribers to obtain a trust degree analysis value, comparing the trust degree analysis value with a preset trust degree analysis threshold, generating a trust degree early warning signal if the trust degree analysis value exceeds the preset trust degree analysis threshold, and generating a trust degree qualification signal if the trust degree analysis value does not exceed the preset trust degree analysis threshold.
2. The intelligent monitoring system for mobile subscriber suspicious telephone according to claim 1, wherein the suspicious telephone alert policy model based on the subscriber alert policy generation module relates to a trigger party, a receiver party, a trigger scenario and push content, wherein the trigger party comprises a single number, a number group and a call category, the call category comprises international calls, IP calls and hidden number calls, the receiver party comprises a single number, a number group, regional subscribers and home operators, the geographic location related to the regional subscribers comprises province and city, the trigger scenario comprises answering suspicious telephone triggers and dialing nuisance telephone triggers, and the push content comprises fixed content and dynamic templates.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410015885.6A CN117834776B (en) | 2024-01-05 | 2024-01-05 | An intelligent monitoring system for suspicious calls of mobile users |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410015885.6A CN117834776B (en) | 2024-01-05 | 2024-01-05 | An intelligent monitoring system for suspicious calls of mobile users |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117834776A CN117834776A (en) | 2024-04-05 |
| CN117834776B true CN117834776B (en) | 2025-01-10 |
Family
ID=90505916
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410015885.6A Active CN117834776B (en) | 2024-01-05 | 2024-01-05 | An intelligent monitoring system for suspicious calls of mobile users |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117834776B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106937007A (en) * | 2017-04-05 | 2017-07-07 | 广州市景心科技股份有限公司 | System, method and device that a kind of harassing call is reminded |
| CN114025046A (en) * | 2021-11-05 | 2022-02-08 | 号百信息服务有限公司 | A call do not disturb processing system and method based on signaling monitoring |
| CN116090026A (en) * | 2023-04-06 | 2023-05-09 | 北京惠朗时代科技有限公司 | Big data-based electronic signature use security management system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101184264A (en) * | 2007-11-27 | 2008-05-21 | 北京网秦天下科技有限公司 | Mobile phone telephone and message anti-disturbance and private communication method and system |
| GB2545480B8 (en) * | 2015-12-18 | 2018-01-17 | F Secure Corp | Detection of coordinated cyber-attacks |
| CN106657538A (en) * | 2016-12-19 | 2017-05-10 | 号百信息服务有限公司 | Method of using flash short message to prevent phone fraud |
| CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
| CN110445944B (en) * | 2019-08-19 | 2020-11-24 | 携程旅游信息技术(上海)有限公司 | Method and system for preventing telephone disturbance of call center |
| CN113794804B (en) * | 2021-09-14 | 2025-03-28 | 上海尊源通讯技术有限公司 | A communication terminal call anti-harassment and anti-missing system |
-
2024
- 2024-01-05 CN CN202410015885.6A patent/CN117834776B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106937007A (en) * | 2017-04-05 | 2017-07-07 | 广州市景心科技股份有限公司 | System, method and device that a kind of harassing call is reminded |
| CN114025046A (en) * | 2021-11-05 | 2022-02-08 | 号百信息服务有限公司 | A call do not disturb processing system and method based on signaling monitoring |
| CN116090026A (en) * | 2023-04-06 | 2023-05-09 | 北京惠朗时代科技有限公司 | Big data-based electronic signature use security management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117834776A (en) | 2024-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106791220B (en) | Method and system for preventing telephone fraud | |
| WO2016197675A1 (en) | Method and apparatus for identifying crank call | |
| CN101217820A (en) | An identification system and identification method on disturbance telephone numbers | |
| US9179259B2 (en) | Recognizing unknown actors based on wireless behavior | |
| CN101715192B (en) | Harassing call filtering method, device and system | |
| EP2887625A1 (en) | Method for real-time reporting and prevention of call abuse | |
| CN106102001A (en) | The screening technique of suspected crime mobile terminal and system | |
| CN106899948B (en) | Pseudo base station discovery method, system, terminal and server | |
| CN106033635A (en) | A monitoring method and system | |
| CN109559211A (en) | A kind of audit prewarning analysis system based on big data | |
| Mirsky et al. | Ddos attacks on 9-1-1 emergency services | |
| CN111131332A (en) | Network service interconnection and flow acquisition, analysis and recording system | |
| CN117834776B (en) | An intelligent monitoring system for suspicious calls of mobile users | |
| US11770475B2 (en) | Computerized system and method for robocall steering | |
| CN111726796A (en) | System and method for traffic control based on IMS | |
| CN113114858B (en) | Method and device for adding credible identification for call based on gateway | |
| CN103167502B (en) | Based on the method for the illegal calling of OTA technology regulation | |
| CN112019688B (en) | Method and device for detecting embezzlement of fixed telephone | |
| Jensen | Improving SS7 security using machine learning techniques | |
| CN106792712A (en) | For the automatic monitoring framework system of the Session Initiation Protocol of VoLTE equipment | |
| CN101222379B (en) | Rubbish voice information monitoring method and device | |
| CN114499953B (en) | Intelligent security method and device for privacy information based on flow analysis | |
| Bella et al. | A fraud management system architecture for next-generation networks | |
| Bordjiba et al. | Data-driven approach for automatic telephony threat analysis and campaign detection | |
| Scata et al. | Security analysis and countermeasures assessment against spit attacks on voip systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |