Method for guarding phishing website based on gateway, bridge

A phishing and network bridge technology, applied in network interconnection, network connection, user identity/authority verification, etc., can solve problems such as security flaws, personal confidential data fraud, and inability to filter phishing websites, so as to prevent economic damage Effect

Active Publication Date: 2007-08-29
SANGFOR TECH INC
View PDF0 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the trust in the high-strength encryption of the SSL protocol and the lack of professional knowledge of the SSL protocol, ordinary users are often unable to judge whether the SSL certificate provided by the website they visit is legal, which leads to incidents of personal confidential data being defrauded by phishing websites from time to time.
Therefore, there is a security flaw in filtering out phishing sites masquerading as trusted sites

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for guarding phishing website based on gateway, bridge
  • Method for guarding phishing website based on gateway, bridge

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The first implementation method of the present invention is shown in Figure 1, the electrical characteristics of its security gateway or network bridge are the same as those of general Internet gateways.

[0021] First, let's explain how the method works. As shown in Figure 3, the security gateway or bridge captures the data encrypted by SSL, captures the handshake process of the SSL protocol, and extracts the X.509 certificate chain. Verify the legitimacy of the X.509 certificate chain transmitted during the extracted handshake process according to the relevant PKI standards and the trusted certificate list provided by the user. The security gateway or bridge allows the certificate chain to pass through the legal SSL connection, filters and blocks the certificate chain invalid SSL connection.

[0022] As shown in Figure 1, the security gateway or network bridge is arranged between the user's Internet access terminal and the network link of the visited website. The dat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method includes steps: (1) being added between terminal for logging network and network station to be accessed, secure gateway (SG) captures data encrypted by SSL; (2) interface for settings provided on SG lets user induct credible X.509 certificate list; (3) capturing handshaking procedure (HP) in SSL protocol, SG picks up X.509 certificate link transferred by HP; (4) filtering out and stopping illegal SSL connection in certificate link. Or the method uses following steps: (a) connecting SG to device able to monitor user's online data; SG captures a copy of data from normal network station or fishing network station accessed through SSL encrypted tunnel by internal user; (b) interface for settings provided on SG inducts credible X.509 certificate list; (c) capturing HP in SSL protocol, SG picks up X.509 certificate link transferred by HP; (d) validating validity of certificate link; SG sends out command to cut off illegal SSL connection in certificate link.

Description

technical field [0001] The invention relates to a method for helping users to filter credible websites (such as online banking and securities websites) pretending to be encrypted with the SSL protocol, that is, a method for identifying phishing websites. Background technique [0002] In order to prevent user data from being stolen when passing through an untrusted network area, the communication data between users and websites that use SSL protocol encryption (such as online banking, securities websites, etc.) are encrypted by SSL protocol. But encryption only prevents data from being stolen during transmission, and the identity of the other end of communication with the user (the visited website) has not been verified. For example, the other end of communication with the user may be a malicious website masquerading as an online banking website. Such entities that disguise themselves as trusted websites and obtain user confidential data (including user names, passwords, etc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/66H04L12/46H04L9/32H04L29/06
Inventor 蔡成志
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap