In some initial access scenarios in a long term evolution (LTE) communications system, no security protection is performed on messages transmitted before a security context is established between user equipment (UE) and a network side device. Consequently, these messages may encounter a forgery or replay attack.
FIG. 1 is a message exchange diagram of an existing forgery attack. As shown in FIG. 1, network elements may include UE, a pseudo base station, an access network device, and a core network device. The pseudo base station is an unauthorized base station disposed by an attacker to attract the UE to camp on. The access network device and the core network device are network side devices when the UE normally accesses a network. When the UE sends a request message 1 on which no security protection is performed, the pseudo base station directly intercepts the request message 1, and forges an abnormal response message 1. The pseudo base station sends the forged abnormal response message 1 to the UE, causing long-time denial of service of the UE. The access network device and the core network device possibly cannot receive the request message 1 sent by the UE.
FIG. 2 is a message exchange diagram of an existing replay attack. As shown in FIG. 2, the UE sends a request message 2 on which no security protection is performed. After intercepting the request message 2, the pseudo base station forwards the request message 2 to the core network device. The request message 2 may be rejected by the core network device. In this case, the core network device returns an abnormal response message 2. After caching the abnormal response message 2, the pseudo base station forwards the abnormal response message 2 to the UE. In this case, the UE cannot access a network for a normal reason. Then, the UE initiates a request again, and sends a request message 3. After intercepting the request message 3, the pseudo base station sends the previously cached abnormal response message 2 to the UE, causing long-time denial of service of the UE again. In this case, the denial of service is abnormal denial of service caused by a replay attack. The access network device and the core network device possibly cannot receive the request message 3 sent by the UE.
Currently, messages that are transmitted between the UE and the network side device and on which no security protection is performed may encounter a forgery or replay attack, and there is no method for identifying and protecting these messages. Consequently, abnormal long-time denial of service of the UE is caused, and network communication security is reduced.