CN117354808A - Method and device for preventing and controlling signaling storm, electronic equipment and storage medium - Google Patents
Method and device for preventing and controlling signaling storm, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117354808A CN117354808A CN202311385748.3A CN202311385748A CN117354808A CN 117354808 A CN117354808 A CN 117354808A CN 202311385748 A CN202311385748 A CN 202311385748A CN 117354808 A CN117354808 A CN 117354808A
- Authority
- CN
- China
- Prior art keywords
- service
- base station
- target base
- quality
- industry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000011664 signaling Effects 0.000 title claims abstract description 85
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000011156 evaluation Methods 0.000 claims abstract description 75
- 238000012544 monitoring process Methods 0.000 claims abstract description 24
- 230000004044 response Effects 0.000 claims abstract description 13
- 230000006399 behavior Effects 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 11
- 238000011161 development Methods 0.000 claims description 7
- 238000013507 mapping Methods 0.000 claims description 6
- 230000002035 prolonged effect Effects 0.000 claims description 3
- 230000002265 prevention Effects 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000004891 communication Methods 0.000 abstract description 2
- 238000001514 detection method Methods 0.000 abstract 1
- 230000001276 controlling effect Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 3
- 230000001105 regulatory effect Effects 0.000 description 3
- 230000003542 behavioural effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000004904 shortening Methods 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/37—Managing security policies for mobile devices or for controlling mobile applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/126—Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/67—Risk-dependent, e.g. selecting a security level depending on risk profiles
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a method and a device for preventing and controlling a signaling storm, electronic equipment and a storage medium, and relates to the technical field of communication safety. The method comprises the following steps: monitoring service quality indexes of all industry terminals in industry terminal list of target base station based on evaluation periodThe industry terminal is a terminal with unified behavior characteristics; according to the service safety baseline value Q safe‑ki And monitored quality of service indicatorThe offset between the target base station and the target base station is evaluated to obtain the business security risk level of the target base station; determining the target base stationWhether the business safety risk level reaches a preset threshold value or not; and in response to the preset threshold value, carrying out RAN side resource adjustment of the target base station so as to prevent and control signaling storm. The method at least solves the problems that the traditional signaling storm detection method in the related technology only detects the security of network elements and does not consider the service security. The method is suitable for signaling storm analysis, prevention and control and other scenes.
Description
Technical Field
The present invention relates to the field of communications security technologies, and in particular, to a method and apparatus for controlling signaling storm, an electronic device, and a computer readable storage medium.
Background
With the development of 5G (5 th-Generation, fifth Generation mobile communication technology) large-connection application scenes, industry application service bursts are growing, and industry terminals with unified behavior characteristics generate large-scale signaling concurrent behaviors, so that the risk situation of 5G network signaling storm is more severe. In three application scenarios of 5G, extremely high requirements are imposed on network delay.
The impact of 5G signaling storms is not only in terms of exhaustion of network signaling resources, but also in terms of impeding impact on the processing rate of the overall network traffic. Even though the signaling storm in the 5G age does not completely consume the system resources, if the signaling accords with the processing speed and time delay of the service developed by the 5G, the influence on the service safety is fatal, especially facing the service extremely sensitive to the time delay like the Internet of vehicles. This problem of service delay due to the abnormal level occupation of network signaling resources is exactly the problem that needs to be solved by the 5G network security.
The traditional method for dealing with the signaling storm mainly considers the security of network elements, sets a threshold value for the signaling processing capacity of the network elements, monitors the signaling storm, and carries out packet loss on newly arrived data packets once the threshold value of the processing capacity of the network elements is reached. Although the method can ensure the security of the network element, the service security is not considered. When the signaling processing capacity of the network element reaches a threshold value, the performance index of the ongoing service is also greatly influenced correspondingly, and especially for the industrial application with strict performance index requirements, the service safety is influenced somewhat or even, and safety accidents are caused.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a method, a device, electronic equipment and a computer readable storage medium for preventing and controlling signaling storm, which can further sense service security risk on the basis of guaranteeing network element security, ensure service security, dynamically adjust RAN (Radio Access Network, wireless access network) access strategy aiming at possible service risk, and further ensure security of new access service.
In a first aspect, the present invention provides a method for preventing and controlling a signaling storm, including: monitoring service quality indexes of all industry terminals in industry terminal list of target base station based on evaluation periodThe industry terminal is a terminal with unified behavior characteristics; according to the service safety baseline value Q safe-ki And the monitored quality of service indicator +.>The offset between the target base station and the target base station is evaluated to obtain the business security risk level of the target base station; judging whether the business security risk level of the target base station reaches a preset threshold value or not; and in response to the preset threshold value, carrying out RAN side resource adjustment of the target base station so as to prevent and control signaling storm.
Preferably, the business quality index of each industry terminal in the industry terminal list based on the evaluation period monitoring target base stationBefore, the method for preventing and controlling the signaling storm further comprises the following steps: subscription baseline value according to quality of service>And a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe-ki Wherein the quality of service characteristic baseline valueTo ensure the quality of service characteristics of normal service development of the industry terminals in the list.
Preferably, in said determining a traffic safety baseline value Q safe-ki Before, the method for preventing and controlling the signaling storm further comprises the following steps: periodically acquiring service types and service characteristics corresponding to each industry terminal in an industry terminal list of the target base station, wherein the service characteristics comprise service time characteristics; adjusting an evaluation period according to the service time characteristics; inquiring service quality guarantee information signed by the industry terminals according to the service types corresponding to the industry terminals in the industry terminal list to obtain a service quality signing base line value
Preferably, the adjusting the evaluation period according to the service time characteristic specifically includes: in the service peak time period, the evaluation period is shortened; and in the idle service period, the assessment period is prolonged.
Preferably, the base line value Q according to business safety safe- And monitored quality of service indicatorThe offset between the two is used for evaluating the service security risk level of the target base station, and the method specifically comprises the following steps: calculating a service security baseline value Q safe-ki And the monitored quality of service index ∈ ->The difference value between the two values is used for obtaining the offset of the business safety baseline value; and evaluating the business security risk level of the target base station according to the mapping relation between the preset offset and the business security risk level.
Preferably, the preset threshold value includes a first preset threshold value and a second preset threshold value.
And in response to reaching a preset threshold, carrying out RAN side resource adjustment of the target base station to prevent and control signaling storm, wherein the method specifically comprises the following steps: responding to the first preset threshold value, and adjusting the target base station to reject the new access user; and in response to the second preset threshold, the target base station is adjusted to switch the remote point resident user service to the adjacent base station so as to prevent and control the occurrence of signaling storm.
In a second aspect, the invention further provides a control device for signaling storms, which comprises a monitoring module, an evaluation module and an adjustment module.
The monitoring module is used for monitoring the service quality index of each industry terminal in the industry terminal list of the target base station based on the evaluation periodThe industry terminal is a terminal with unified behavior characteristics. The evaluation module is connected with the monitoring module and is used for acquiring a service safety baseline value Q safe-ki And the monitored quality of service indicator +.>And (5) evaluating the offset between the target base station and the service security risk level of the target base station. The adjustment module is connected with the evaluation module and is used for judging whether the service security risk level of the target base station reaches a preset threshold value or not and carrying out RAN side resource adjustment of the target base station to prevent and control signaling storm occurrence in response to the preset threshold value.
Preferably, the apparatus further comprises a determination module.
The determining module is connected with the monitoring module and is used for signing the baseline value according to the service qualityAnd a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe-ki Wherein the quality of service characteristic baseline value +.>To ensure the quality of service characteristics of normal service development of the industry terminals in the list.
In a third aspect, the invention also provides an electronic device comprising a memory and a processor, the memory having stored therein a computer program, the processor being arranged to run the computer program to implement a method of controlling a signalling storm according to the first aspect.
In a fourth aspect, the present invention also provides a computer readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, implements a method for controlling signaling storms according to the first aspect.
The invention provides a method, a device, electronic equipment and a computer readable storage medium for preventing and controlling a signaling storm, which periodically monitor service quality indexes of all industry terminals in an industry terminal list of a target base stationAnd according to the base line value Q of the service safety safe- And periodically evaluating the service security risk level of the target base station according to the offset between the target base station and the target base station, and adjusting the resources at the RAN side in real time according to the evaluated service security risk level so as to prevent and control signaling storm. Because the real-time service quality index of the current industry terminal under the target base station is monitored, and the risk level is evaluated according to the offset between the target base station and the service safety base line value, the service safety risk can be perceived in advance, the RAN side resource is regulated in real time aiming at the possible service risk, and the occurrence of signaling storm is prevented and controlled, so that the safety of the newly accessed service is ensured.
Drawings
Fig. 1 is a flow chart of a method for controlling signaling storm according to embodiment 1 of the present invention;
fig. 2 is a schematic structural diagram of a signaling storm prevention and control device according to embodiment 2 of the present invention;
fig. 3 is a schematic structural diagram of an electronic device according to embodiment 4 of the present invention.
Detailed Description
In order to make the technical scheme of the present invention better understood by those skilled in the art, the following detailed description of the embodiments of the present invention will be given with reference to the accompanying drawings.
It is to be understood that the specific embodiments and figures described herein are merely illustrative of the invention, and are not limiting of the invention.
It is to be understood that the various embodiments of the invention and the features of the embodiments may be combined with each other without conflict.
It is to be understood that only the portions relevant to the present invention are shown in the drawings for convenience of description, and the portions irrelevant to the present invention are not shown in the drawings.
It should be understood that each unit and module in the embodiments of the present invention may correspond to only one physical structure, may be formed by a plurality of physical structures, or may be integrated into one physical structure.
It will be appreciated that, without conflict, the functions and steps noted in the flowcharts and block diagrams of the present invention may occur out of the order noted in the figures.
It is to be understood that the flowcharts and block diagrams of the present invention illustrate the architecture, functionality, and operation of possible implementations of systems, apparatuses, devices, methods according to various embodiments of the present invention. Where each block in the flowchart or block diagrams may represent a unit, module, segment, code, or the like, which comprises executable instructions for implementing the specified functions. Moreover, each block or combination of blocks in the block diagrams and flowchart illustrations can be implemented by hardware-based systems that perform the specified functions, or by combinations of hardware and computer instructions.
It should be understood that the units and modules related in the embodiments of the present invention may be implemented by software, or may be implemented by hardware, for example, the units and modules may be located in a processor.
Example 1:
in the conventional method for handling the signaling storm, the signaling storm is monitored, and once the processing capacity threshold of the network element is reached, the newly arrived data packet is lost, and the service safety of the terminal is affected by the direct packet loss. The method for preventing and controlling the signaling storm in the embodiment is to prevent and control the signaling storm in advance, namely to sense the service security risk in advance, and to adjust different RAN side resources according to different service security risk levels so as to ensure the service security and further ensure the security of the newly accessed service.
As shown in fig. 1, the present embodiment provides a method for controlling a signaling storm, which is applied to a network device, and the method includes:
step 101, monitoring service quality indexes of all industry terminals in an industry terminal list of a target base station based on an evaluation periodThe industry terminal is a terminal with unified behavior characteristics.
In this embodiment, the evaluation period refers to a period of evaluating the traffic security risk level of the target base station. The industry terminal list includes at least two industry terminals. For example, the industry terminal list of the target base station has m industry terminals, respectively (UE 1 、UE 2 、UE 3 …、UE j 、…UE m ). Quality of service indicatorIncluding but not limited to air interface delay D, flow B, packet Loss index Loss, K i Is the ith service type, wherein K i ∈(K 1 、K 2 、K 3 …、K i 、…K n ) One business terminal corresponds to one business type, m business terminals correspond to n business types, and +.>Index of quality of service->Air interface delay including the ith service type +.>Traffic of the ith traffic type +.>Packet loss rate of ith service typeAnd the like. Service quality index->Can be monitored by network equipment at the side of the target base station.
Optionally, monitoring the service quality index of each industry terminal in the industry terminal list of the target base station based on the evaluation periodThe method for preventing and controlling the signaling storm further comprises the following steps:
subscription baseline value according to service qualityAnd a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe- Wherein the quality of service characteristic baseline value +.>To ensure the quality of service characteristics of normal service development of the industry terminals in the list.
In this embodiment, in order to ensure that the service security risk level can be accurately estimated according to the service security baseline value in the following process, the embodiment signs up the baseline value according to the service qualityAnd a preset quality of service characteristic baseline value +.>The minimum value or the maximum value is taken out of the two to determine a service safety base line value Q safe-ki . Quality of service features of the present embodimentBaseline value->(D f-i 、B f-i 、Loss f-i … …) may be counted and determined by the core network side network device. Wherein the quality of service characteristic baseline valueTo ensure the quality of service characteristics that a group of business terminals with uniform behavior characteristics can normally perform. For example, statistical packet Loss rate Loss f-i When reaching a certain standard value, the average throughput of the group of industry terminals is taken as B f-i Average time delay as D f-u Constitutes a baseline value of the quality of service feature>Subscription baseline value according to quality of service>(D s-i 、B s-i 、Loss s-i … …) and a preset quality of service characteristic baseline value ∈>Determining a business security baseline value Q safe-ki (D safe- 、B safe-ki 、Loss safe-ki ) Specifically, the method is determined according to the following formula:
Q safe-ki (D safe-ki =min(D s-i ,D f-i )、b safe-ki
=max(b s-i ,b f-i )、Loss safe-ki
=min(Loss s-i ,Loss f-i )、…)
optionally, in said determining a traffic safety baseline value Q safe-ki Before, the method for preventing and controlling the signaling storm further comprises the following steps: periodically acquiring service types and service characteristics corresponding to each industry terminal in an industry terminal list of the target base station, wherein the service characteristics compriseBusiness time characteristics; adjusting an evaluation period according to the service time characteristics; inquiring service quality guarantee information signed by the industry terminals according to the service types corresponding to the industry terminals in the industry terminal list to obtain a service quality signing base line value
In this embodiment, the network device at the target base station side may be configured according to the "industry terminal list with unified behavior" UE (UE 1 、UE 2 、UE 3 …、UE j 、…UE m ) Corresponding to the service type K i Inquiring the contracted service guarantee grade protocol SLA (Service Level Agreement) information or QoS (Quality of Service ) guarantee information to obtain the service quality contracted base line value(D s-i 、B s-i 、Loss s-i … …). The SLA is mainly service terms agreed by industry clients and operators, and aims at the offered service types, the service guarantee level is agreed, and the service guarantee level comprises performance indexes such as end-to-end time delay of a message 5G network to be guaranteed. The network equipment at the core network side periodically counts the service characteristics of the users of the whole network, extracts and stores m industry terminals (UE) with unified behavior characteristics 1 、UE 2 、UE 3 …、UE j 、…UE m ) Type K of traffic of (1) i ∈(K 1 、K 2 、K 3 …、K i 、…K n ) And business characteristics S i ∈(S 1 、S 2 、S 3 …、S i 、…S n ). Wherein the business characteristics S i Including time of service characteristics (user traffic peak time T H User traffic idle time T L ) And quality of service characteristics (air delay D) i Flow B i Packet Loss rate Loss i Etc.). When an operator issues a SIM card to an industry terminal, different number segments are divided for different industry applications, so that the service type K of the industry terminal can be obtained by reading the IMSI number of the terminal according to a card issuing rule i ∈K(K 1 、K 2 、K 3 …、K i 、…K n )(i=0,1,2,…,n)。
Optionally, the adjusting the evaluation period according to the service time characteristic specifically includes: in the service peak time period, the evaluation period is shortened; and in the idle service period, the assessment period is prolonged.
In this embodiment, the core network side network device performs the service feature S i Time of business features in (a)Calculating and adjusting evaluation period P of network equipment at target base station side B And periodically issuing an evaluation period P B And giving the target base station side network equipment. In the period of peak traffic->Shortening evaluation period P B The method comprises the steps of carrying out a first treatment on the surface of the In the traffic idle period->Delay evaluation period P B . Since the 5G industry terminal with the unified behavior characteristics generates large-scale signaling concurrency behaviors (such as simultaneously carrying out service peaks and simultaneously entering a no-service state) has great influence on signaling storms, the analysis of the service characteristics of the 5G industry terminal with the unified behavior characteristics has great significance for resisting the signaling storms. According to the tide characteristics of the business of the industry terminal with unified behavior characteristics, the evaluation period and frequency can be adjusted, and the evaluation resources are reasonably utilized: in the service peak time period, the evaluation frequency is improved; and in the service idle time period, reducing the evaluation frequency. Meanwhile, the core network side network equipment transmits a possessing system to the target base station side network equipmentList of business terminals for behavioral characteristics UE (UE 1 、UE 2 、UE 3 …、UE j 、…UE m ) Corresponding to the service type K i . Therefore, the network equipment at the target base station side monitors an industry terminal list UE (UE) with uniform behavior characteristics according to the evaluation period 1 、UE 2 、UE 3 …、UE j 、…UE m ) Quality of service index Q of (2) Ki 。
Step 102, according to the service safety baseline value Q safe- And monitored quality of service indicatorAnd (5) evaluating the offset between the target base station and the service security risk level of the target base station.
Specifically, the method is based on the business safety baseline value Q safe-ki And monitored quality of service indicatorAnd (3) the offset between the target base station and the target base station is evaluated, wherein the evaluation comprises the following steps:
calculating a service security baseline value Q safe-ki And monitored quality of service indicatorThe difference value between the two values is used for obtaining the offset of the business safety baseline value; and evaluating the business security risk level of the target base station according to the mapping relation between the preset offset and the business security risk level.
In this embodiment, the mapping relationship between the preset offset and the service security risk level is exemplified as follows: offset f (f) 1 、f 2 、f 3 …、f i 、…f m ) And the mapping relation is formed with M business security risk levels. When the offset of the business safety baseline value reaches the business safety baseline value Q safe-ki The business security risk level L is 0 level; the offset of the business safety base line value which does not reach the business safety base line value is f 1 The business security risk level L is 1 level; failure to reach business security baselineThe offset of the value is f 2 The business security risk level L is level 2..the offset that does not reach the business security baseline value is f m The business security risk level L is M level. The network equipment at the target base station side monitors the service quality index according to real timeAnd a business security baseline value Q safe-ki The offset of the (2) is used for evaluating the service security risk level, so that an evaluation result is matched with the actual situation, and the service security risk level determined according to the offset can ensure that the service security risk is perceived in advance, thereby facilitating the occurrence of the control signaling storm in advance and ensuring the service security.
And step 103, judging whether the business security risk level of the target base station reaches a preset threshold value.
In this embodiment, the preset threshold includes a first preset threshold and a second preset threshold.
And 104, in response to reaching a preset threshold, adjusting the resources of the target base station on the RAN side so as to prevent and control the occurrence of signaling storm.
Specifically, in response to reaching a preset threshold, performing RAN-side resource adjustment of the target base station to prevent and control occurrence of a signaling storm, including: responding to the first preset threshold value, and adjusting the target base station to reject the new access user; and in response to the second preset threshold, the target base station is adjusted to switch the remote point resident user service to the adjacent base station so as to prevent and control the occurrence of signaling storm.
In this embodiment, when the business security risk level reaches a first preset threshold L s1 The target base station no longer receives the new access user; when the business security risk level reaches a second preset threshold L s2 The target base station switches the far-point user service in the resident user to the adjacent base station. According to the embodiment, the RAN side signaling storm is reduced and the safety of the new access service is further ensured by reasonably setting the first preset threshold value and the second preset threshold value and dynamically adjusting the RAN side access strategy according to different preset threshold values (namely possible service risks).
The method for preventing and controlling signaling storm of the embodiment is generalMonitoring service quality index of each industry terminal in industry terminal list of target base station in over-periodicity modeAnd according to the base line value Q of the service safety safe-ki And periodically evaluating the service security risk level of the target base station according to the offset between the target base station and the target base station, and adjusting the resources at the RAN side in real time according to the evaluated service security risk level so as to prevent and control signaling storm. Because the real-time service quality index of the current industry terminal under the target base station is monitored, and the risk level is evaluated according to the offset between the target base station and the service safety base line value, the service safety risk can be perceived in advance, the RAN side resource is regulated in real time aiming at the possible service risk, and the occurrence of signaling storm is prevented and controlled, so that the safety of the newly accessed service is ensured. Wherein, in order to ensure that the subsequent business security risk level can be accurately estimated according to the business security baseline value, the embodiment signs the baseline value according to the business quality +.>And a preset quality of service characteristic baseline value +.>The minimum value or the maximum value is taken out of the two to determine a service safety base line value Q safe-ki . The evaluation period and the frequency are adjusted according to the service time characteristics, so that the evaluation resources can be reasonably utilized. Further, the network equipment at the target base station side monitors the service quality index according to real time +.>And a business security baseline value Q safe- The offset of the (2) is used for evaluating the service security risk level, so that an evaluation result is matched with the actual situation, and the service security risk level determined according to the offset can ensure that the service security risk is perceived in advance, thereby facilitating the occurrence of the control signaling storm in advance and ensuring the service security. In addition, by reasonably setting a first preset threshold value and a second preset threshold value, and dynamically adjusting the RAN side access policy according to different preset threshold values (namely possible business risks)And the signaling storm at the RAN side is reduced, and the safety of the new access service is further ensured.
Example 2:
as shown in fig. 2, the present embodiment provides a control device for signaling storms, which includes a monitoring module 21, an evaluation module 22 and an adjustment module 23.
A monitoring module 21 for monitoring the service quality index of each industry terminal in the industry terminal list of the target base station based on the evaluation periodThe industry terminal is a terminal with unified behavior characteristics.
An evaluation module 22 connected with the monitoring module 21 for providing a base line value Q according to the business safety safe-ki And monitored quality of service indicatorAnd (5) evaluating the offset between the target base station and the service security risk level of the target base station.
The adjustment module 23 is connected to the evaluation module 22, and is configured to determine whether the traffic security risk level of the target base station reaches a preset threshold, and, in response to reaching the preset threshold, perform RAN-side resource adjustment of the target base station to prevent and control occurrence of a signaling storm.
Optionally, the control device of the signaling storm further comprises a determination module 24.
A determining module 24 connected with the evaluating module 22 for signing the baseline value according to the service qualityAnd a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe- Wherein the quality of service characteristic baseline value +.>To ensure industry terminals in the listThe quality of service characteristics of normal service development.
Optionally, the control device of the signaling storm further comprises an acquisition module.
The acquisition module is connected with the monitoring module and is used for periodically acquiring service types and service characteristics corresponding to all the industry terminals in the industry terminal list of the target base station, wherein the service characteristics comprise service time characteristics, the evaluation period is adjusted according to the service time characteristics, and the acquisition module is used for inquiring service quality guarantee information of the service terminal subscription according to the service types corresponding to all the industry terminals in the industry terminal list to obtain a service quality subscription base line value
Optionally, the acquiring module is configured to shorten the evaluation period during the service peak period, and to lengthen the evaluation period during the service idle period.
Optionally, the evaluation module is specifically configured to calculate a service security baseline value Q safe-ki And monitored quality of service indicatorAnd obtaining the offset of the business safety baseline value according to the difference value, and evaluating the business safety risk level of the target base station according to the mapping relation between the preset offset and the business safety risk level.
Optionally, the preset threshold value includes a first preset threshold value and a second preset threshold value. The adjusting module is used for responding to the first preset threshold value, adjusting the target base station to reject the new access user, and responding to the second preset threshold value, adjusting the target base station to switch the service of the remote point resident user to the adjacent base station so as to prevent and control the signaling storm.
The signaling storm prevention and control device of the embodiment is used for periodically monitoring the service quality index of each industry terminal in the industry terminal list of the target base stationRoot combiningBased on the value Q of the base line of the security of the business and the service safe-ki And periodically evaluating the service security risk level of the target base station according to the offset, and adjusting the RAN side resource in real time according to the evaluated service security risk level so as to prevent and control signaling storm. Because the real-time service quality index of the current industry terminal under the target base station is monitored, and the risk level is evaluated according to the offset between the target base station and the service safety base line value, the service safety risk can be perceived in advance, the RAN side resource is regulated in real time aiming at the possible service risk, and the occurrence of signaling storm is prevented and controlled, so that the safety of the newly accessed service is ensured. Wherein, in order to ensure that the subsequent business security risk level can be accurately estimated according to the business security baseline value, the embodiment signs the baseline value according to the business quality +.>And a preset quality of service characteristic baseline value +.>The minimum value or the maximum value is taken out of the two to determine a service safety base line value Q safe- . The method is used for adjusting the evaluation period and the frequency according to the business time characteristics, and the evaluation resources can be reasonably utilized. Further, a quality of service indicator for monitoring in real time>And a business security baseline value Q safe-ki The offset of the (2) is used for evaluating the service security risk level, so that an evaluation result is matched with the actual situation, and the service security risk level determined according to the offset can ensure that the service security risk is perceived in advance, thereby facilitating the occurrence of the control signaling storm in advance and ensuring the service security. In addition, by reasonably setting a first preset threshold value and a second preset threshold value, and dynamically adjusting the RAN access strategy according to different preset threshold values (namely possible service risks), the RAN side signaling storm is reduced, and the safety of the new access service is further ensured.
Example 3:
the embodiment provides a method for preventing and controlling a 5G wireless side signaling storm, which is applied to a device for preventing and controlling the 5G wireless side signaling storm. The control device of the 5G wireless side signaling storm comprises a service characteristic analysis module, a service safety evaluation module and a RAN side resource adjustment module.
The service characteristic analysis module is positioned in the core network and is used for periodically counting the service characteristics of the users of the whole network; analyzing and storing business characteristics of the industry terminal with uniform behavior characteristics, wherein the business characteristics comprise, but are not limited to, characteristics such as user business busy time, business volume and the like; and adjusting the evaluation period and the frequency of the service safety evaluation module and the signaling load evaluation module according to the service characteristics of the industry terminal with the unified behavior characteristics. Since the 5G industry terminal with the unified behavior characteristics generates large-scale signaling concurrency behaviors (such as simultaneously carrying out service peaks and simultaneously entering a no-service state) has a great influence on signaling storms, the analysis of the service characteristics of the 5G industry terminal with the unified behavior characteristics has a great significance on resisting the signaling storms. According to the tide characteristics of business of the business terminal with uniform behavior characteristics, the evaluation period and frequency of the business safety evaluation module can be adjusted, and evaluation resources are reasonably utilized: in the service peak time period, the evaluation period and the frequency of the service safety evaluation module and the signaling load evaluation module are improved; and in the service idle time period, reducing the evaluation period and the evaluation frequency of the service safety evaluation module and the signaling load evaluation module.
The service safety evaluation module is positioned at the base station side, connected with the service characteristic analysis module and used for evaluating the service quality of the user according to the service type and the service performance index, including but not limited to the air interface delay index, the packet loss index and the like, and calculating through a service safety baseline to finally evaluate the service safety level.
The RAN side resource adjustment module is positioned at the base station side and connected with the service security assessment module and is used for triggering the RAN side resource adjustment according to the service security risk level and the signaling storm risk level.
The method for preventing and controlling the 5G wireless side signaling storm in the embodiment comprises the following steps:
s1, periodically counting business characteristics of users in the whole network by a business characteristic analysis module, and extracting and storing uniform behaviorsCharacteristic m industry terminals UE (UE 1 、UE 2 、UE 3 …、UE j 、…UE m ) Type K of traffic of (1) i ∈(K 1 、K 2 、K 3 …、K i 、…K n ) And business characteristics S i ∈(S 1 、S 2 、S 3 …、S i 、…S n ) (i=0, 1,2, …, n), traffic feature S i Including time of service characteristics (user traffic peak time T H User traffic idle time T L ) And quality of service characteristics (air delay D) i Flow B i Packet Loss rate Loss i Etc.). When an operator issues a SIM card to an industry terminal, different number segments are divided for different industry applications, and according to a card issuing rule, the service type K of the industry terminal can be obtained by reading the IMSI number of the terminal i ∈K(K 1 、K 2 、K 3 …、K i 、…K n )(i=0,1,2,…,n)。
S2, the service characteristic analysis module is used for analyzing the service characteristic S i Time of business features in (a)Calculating and adjusting the evaluation period P of a business safety evaluation module B And periodically issuing an evaluation period P B And giving the service security assessment module. In the period of peak traffic->Improving service safety evaluation module period P B The method comprises the steps of carrying out a first treatment on the surface of the In the traffic idle period->Reducing service security assessment module period P B 。
S3, the business characteristic analysis module calculates and determines the business quality characteristic baseline value(D f-i 、B f-i 、Loss f-i … …). Wherein the quality of serviceCharacteristic baseline value->(D f-i 、B f-i 、Loss f-i … …) are quality of service features that ensure that the set of business terminals with uniform behavioral characteristics can perform normally. For example, statistical packet Loss rate Loss f-i When a certain standard value is reached, the average throughput of the group of terminals is taken as B f-i Average time delay as D f-i Constitutes a baseline value of the quality of service feature>
S4, the business characteristic analysis module lists the business terminals with unified behavior characteristics to the UE (UE) according to the resident information of the user 1 、UE 2 、UE 3 …、UE j 、…UE m ) Corresponding service type K i And the service security assessment module is issued to the resident base station.
S5, the business safety evaluation module performs business safety evaluation according to an industry terminal list UE (UE) with unified behavior characteristics 1 、UE 2 、UE 3 …、UE j 、…UE m ) Corresponding to the service type K i Inquiring the contracted service guarantee grade protocol SLA (Service Level Agreement) information or QoS guarantee information to obtain the service quality contracted base line value(D s-i 、B s-i 、Loss s-i … …) in combination with the service quality characteristic baseline value issued by the service characteristic analysis module>(D f-i 、B f-i 、Loss f-i … …), determining a business security baseline value
Q safe-ki (D safe-ki =min(D s-i ,D f-i )、B safe-ki =max(B s-i ,B f-i )、Loss safe-ki =min(Loss s-i ,Loss f-i ) …). The SLA is mainly service terms agreed by industry clients and operators, and aims at the offered service types, agrees with service guarantee grades, wherein the service guarantee grades comprise performance indexes such as end-to-end time delay of a message 5G network needing to be guaranteed.
S6, the service safety evaluation module evaluates the period P of the evaluation issued by the service characteristic analysis module B In this, an "industry terminal list with unified behavior feature" UE (UE 1 、UE 2 、UE 3 …、UE i 、…UE m ) Quality of service indicator of (c)
S7, the business safety evaluation module is used for evaluating the business quality index according to the monitoringDetermined business safety base line value Q safe- (D safe- 、B safe-ki 、Loss safe-ki …), performs a business security assessment and calculates and analyzes a business security risk ranking. M business security risk levels can be based on the offset f (f) 1 、f 2 、f 3 …、f i 、…f m ) Setting is performed. Such as: the service security base line value L is reached, and the service security risk level L is 0 level; an offset of f which does not reach the business safety baseline value 1 The business security risk level L is 1 level; an offset of f which does not reach the business safety baseline value 2 The business security risk level L is 2 m The business security risk level L is m level.
S8, the business safety evaluation module monitors the business safety risk level L, and when the business safety risk level reaches a preset value L d And the service security assessment module sends the service security risk level L to the RAN side resource adjustment module.
S9, the RAN side resource adjustment module receives the business safety risk level L of the business safety assessment module and carries out business safetyAnd (3) carrying out RAN side resource adjustment on the full risk level L value. When the business security risk reaches L s1 The base station no longer receives the new access user; when the business security risk reaches L s2 The base station switches the service of the far point user among the resident users to the adjacent base station.
Example 4:
as shown in fig. 3, the present embodiment provides an electronic device, including a memory 31 and a processor 32, where the memory 31 stores a computer program, and the processor 32 is configured to run the computer program to implement a signaling storm prevention method as described in embodiment 1 or embodiment 3.
Example 5:
the present embodiment provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a signaling storm prevention method as described in embodiment 1 or embodiment 3.
It is to be understood that the above embodiments are merely illustrative of the application of the principles of the present invention, but not in limitation thereof. Various modifications and improvements may be made by those skilled in the art without departing from the spirit and substance of the invention, and are also considered to be within the scope of the invention.
Claims (10)
1. A method for controlling a signaling storm, comprising:
monitoring service quality indexes of all industry terminals in industry terminal list of target base station based on evaluation periodThe industry terminal is a terminal with unified behavior characteristics;
according to the service safety baseline value Q safe-ki And monitored quality of service indicatorThe amount of offset between the two,evaluating the business security risk level of the target base station;
judging whether the business security risk level of the target base station reaches a preset threshold value or not;
and in response to the preset threshold value, carrying out RAN side resource adjustment of the target base station so as to prevent and control signaling storm.
2. The method of claim 1, wherein the quality of service indicator for each industry terminal in the industry terminal list of the target base station is monitored based on an evaluation periodBefore, still include:
subscription baseline value according to service qualityAnd a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe-ki Wherein the quality of service characteristic baseline value +.>To ensure the quality of service characteristics of normal service development of the industry terminals in the list.
3. The method of claim 2, wherein, in said determining a traffic safety baseline value Q safe-ki Before, still include:
periodically acquiring service types and service characteristics corresponding to each industry terminal in an industry terminal list of the target base station, wherein the service characteristics comprise service time characteristics;
adjusting an evaluation period according to the service time characteristics;
inquiring service quality guarantee information signed by the industry terminals according to the service types corresponding to the industry terminals in the industry terminal listObtaining service quality subscription baseline value
4. A method according to claim 3, wherein said adjusting the evaluation period according to the time of service characteristics comprises:
in the service peak time period, the evaluation period is shortened;
and in the idle service period, the assessment period is prolonged.
5. The method according to claim 1, wherein the base line value Q is based on traffic safety safe-ki And monitored quality of service indicatorThe offset between the two is used for evaluating the service security risk level of the target base station, and the method specifically comprises the following steps:
calculating a service security baseline value Q safe- And monitored quality of service indicatorThe difference value between the two values is used for obtaining the offset of the business safety baseline value;
and evaluating the business security risk level of the target base station according to the mapping relation between the preset offset and the business security risk level.
6. The method of claim 1, wherein the predetermined threshold comprises a first predetermined threshold and a second predetermined threshold,
and in response to reaching a preset threshold, carrying out RAN side resource adjustment of the target base station to prevent and control signaling storm, wherein the method specifically comprises the following steps:
responding to the first preset threshold value, and adjusting the target base station to reject the new access user;
and in response to the second preset threshold, the target base station is adjusted to switch the remote point resident user service to the adjacent base station so as to prevent and control the occurrence of signaling storm.
7. A control device of signaling storm is characterized by comprising a monitoring module, an evaluation module and an adjustment module,
the monitoring module is used for monitoring the service quality index of each industry terminal in the industry terminal list of the target base station based on the evaluation periodWherein the industry terminal is a terminal with unified behavior characteristics,
the evaluation module is connected with the monitoring module and is used for acquiring a service safety baseline value Q safe-k And monitored quality of service indicatorAnd the offset between the target base station and the target base station, evaluating the business security risk level of the target base station,
the adjustment module is connected with the evaluation module and is used for judging whether the service security risk level of the target base station reaches a preset threshold value or not and carrying out RAN side resource adjustment of the target base station to prevent and control signaling storm occurrence in response to the preset threshold value.
8. The apparatus of claim 7, further comprising a determination module,
the determining module is connected with the monitoring module and is used for signing the baseline value according to the service qualityAnd a preset quality of service characteristic baseline value +.>Determining a business security baseline value Q safe- Wherein the quality of service characteristic baseline value +.>To ensure the quality of service characteristics of normal service development of the industry terminals in the list.
9. An electronic device comprising a memory and a processor, the memory having stored therein a computer program, the processor being arranged to run the computer program to implement a method of controlling a signaling storm as claimed in any of claims 1-6.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements a method of controlling signaling storms as claimed in any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311385748.3A CN117354808A (en) | 2023-10-24 | 2023-10-24 | Method and device for preventing and controlling signaling storm, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311385748.3A CN117354808A (en) | 2023-10-24 | 2023-10-24 | Method and device for preventing and controlling signaling storm, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117354808A true CN117354808A (en) | 2024-01-05 |
Family
ID=89370727
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311385748.3A Pending CN117354808A (en) | 2023-10-24 | 2023-10-24 | Method and device for preventing and controlling signaling storm, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117354808A (en) |
-
2023
- 2023-10-24 CN CN202311385748.3A patent/CN117354808A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101959252B (en) | Quality of service (QoS) control and strategy configuration method and device | |
| CN110267343B (en) | Paging management method, network data analysis function and network side equipment | |
| US20060140115A1 (en) | Resource allocation management | |
| CN101969662B (en) | Method and system for measuring and reporting random access channel optimization by terminal | |
| CN105992282B (en) | Method and device for adjusting quality of service parameters | |
| CN110505105B (en) | Method, device, equipment and storage medium for controlling network service quality | |
| CN112868265B (en) | Network resource management method, management device, electronic equipment and storage medium | |
| CN108199978B (en) | Method and device for inhibiting signaling storm | |
| CN110690988A (en) | Bandwidth control method, bandwidth control platform, server and storage medium | |
| CN110708257A (en) | Method and equipment for transmitting data | |
| EP3310093B1 (en) | Traffic control method and apparatus | |
| CN110944016B (en) | DDoS attack detection method, device, network equipment and storage medium | |
| CN113364682A (en) | Data transmission method and device, storage medium and electronic device | |
| CN111343666A (en) | Congestion adjustment method, device, equipment and medium based on LTE network | |
| US12052607B2 (en) | Communication apparatus, communication method, and program | |
| CN116208306A (en) | Abnormal signaling management and control method and device, electronic equipment and storage medium | |
| CN110661722B (en) | Flow control method and device | |
| CN107889126B (en) | Network state identification method, DPI monitoring and analyzing equipment and network system | |
| CN107347196B (en) | Method and device for determining cell congestion | |
| CN117354808A (en) | Method and device for preventing and controlling signaling storm, electronic equipment and storage medium | |
| CN110972199A (en) | Flow congestion monitoring method and device | |
| CN103747481A (en) | Network congestion prompting and access control method and device | |
| CN110460486B (en) | Service node monitoring method and system | |
| CN109089281B (en) | Cluster communication method, terminal equipment and storage medium | |
| CN113453285B (en) | Resource adjusting method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |