Pre-fetching-based phishing web page detection method

A technology for phishing webpages and detection methods, which is applied in the intersection of information security and information acquisition, can solve problems such as complex website topology, and achieve the effect of improving detection speed.

Inactive Publication Date: 2010-09-01
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 54 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] After research using crawlers as a tool, it was found that the topology of large-scale websites is very complex, with thousands of pages and tens of thousands of links inside the website; the topology of small and medium-sized websites is also relatively complicated, with hundreds of pages inside the website; but phishing The topology of the website is surprisingly simple (such as figure 1 ), most of the official websites imitated by phishing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Pre-fetching-based phishing web page detection method
  • Pre-fetching-based phishing web page detection method
  • Pre-fetching-based phishing web page detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] 1. Relationship between system modules

[0059] The system consists of 5 modules (see Figure 4 ), the top layer is the user interface module, which is mainly responsible for obtaining user input and feeding back the results to the user, and the middle is the control module, which is responsible for scheduling all functional modules to complete the detection of phishing websites. There are 3 functional modules:

[0060] The web crawler module is responsible for traversing a certain number of pages of the website, and handing over the obtained raw data of all web pages to the next module;

[0061] The feature extraction module is responsible for receiving the original data of the webpage obtained by the crawler module, extracting the specified feature value according to a certain algorithm (described below), and handing over the feature data to the next module for analysis;

[0062] The machine learning module receives the feature data from the feature extraction modul...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a pre-fetching-based phishing web page detection method, and relates to the acquisition of website information and the extraction and classification of topological characteristics and mainly aims to solve problems on phishing web page detection capacity. In the method, a user interface module 1 serves as an interface, a master control module 2 serves as a center, and a classifier module 3, a characteristic extraction module 4 and a web page extraction module 5 are scheduled, wherein the classifier module needs training in a training set and adopts an incremental updating mode to ensure that a classifier keeps capacity in the detection of new phishing web pages; the characteristic extraction module mainly extracts the pre-fetched characteristics of topological website structures, saves the characteristics into a training set database and simultaneously transmits the characteristics to the classifier module; and the web page extraction module captures a certain number of web pages of a given website according to an instruction of the master control module and saves the web pages into a web page database. Through the pre-fetching-based phishing web page detection method provided by the invention, both accuracy and recall rate are greatly improved.

Description

technical field [0001] The invention relates to a method for detecting phishing websites, which mainly analyzes and identifies phishing webpages from the perspective of website topology through prefetching technology, and belongs to the intersecting field of information security and information acquisition. Background technique [0002] "Phishing website" is an online fraud that has become extremely rampant with the popularity of the Internet and the increase in online transactions. "Phishing websites" are fraudulent websites made by criminals. "Phishing websites" are usually almost identical to bank websites or other well-known websites, thereby attracting website users to submit sensitive information (such as user names) on "phishing websites" , password, account ID, ATM PIN or credit card details, etc.). The most typical phishing attack process is as follows: first, lure users to a carefully designed phishing website that is very similar to the target organization's webs...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/08G06F17/30
Inventor 张卫丰贡亮周国强张迎周
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap