Unlock instant, AI-driven research and patent intelligence for your innovation.

Whois information-based phishing website gathering, identification method and system

A technology for phishing websites and identification methods, applied in transmission systems, electrical components, etc., can solve the problem that cloud-based scanning and killing technology cannot meet the needs of security software manufacturers to provide faster and more complete protection solutions, and achieve rapid search and identification Effect

Active Publication Date: 2012-12-19
ZHUHAI BAOQU TECH CO LTD
View PDF3 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Existing cloud-based scanning and killing technologies cannot satisfy security software vendors to provide faster and more complete protection solutions
Therefore, it is necessary to deal with some phishing websites that are already in operation but have not yet had a substantial impact on network security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Whois information-based phishing website gathering, identification method and system
  • Whois information-based phishing website gathering, identification method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] A method for collecting and identifying phishing websites based on whois information mainly includes the following steps:

[0030] 1) Extract the whois information from the whois information server according to the domain name information of known phishing websites.

[0031] Obtain the website that has been judged as a phishing website from some protection software or other antivirus software, extract the domain name information of the phishing website, and extract the whois information of the phishing website from the whois information server according to the domain name information. The whois information in the whois information server includes registrant name information, registrant email information, registrant address information, registrant contact number and other information. Among them, according to the summary of anti-virus experience, virus creators fill in the registrant’s name information and registrant’s email information consistently, that is, virus creat...

Embodiment 2

[0042] A system for collecting and identifying phishing websites based on whois information, comprising a Whois information server 1, an extraction module 2, an acquisition module 3, a judging module 4, a phishing judging module 5, a suspicious website domain name database 6, a trusted website domain name database 7, a phishing Website domain name database8.

[0043] Whois information server 1 is used for storing whois information. Whois information includes registrant name information, registrant email information, registrant address information, registrant contact number and other information. Among them, according to the summary of anti-virus experience, virus creators fill in the registrant’s name information and registrant’s email information consistently, that is, virus creators create multiple phishing websites that use the same registrant’s name information or registrant’s email address. Therefore, the phishing website created by the virus maker can be found according...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a whois information-based phishing website gathering, identification method and system. The method comprises the following steps of: extracting whois information of a known phishing website according to the known phishing website; acquiring all website domain names registered by using the whois information according to the whois information; judging whether an acquired website domain name is a suspicious website domain name or a trustable website domain name according to a preset rule; and judging whether the suspicious website domain name is a phishing website domain name or not according to the preset rule. The system comprises a whois information server, an extraction module, an acquisition module, a judgment module, a suspicious website domain name database, a trustable website domain name database, a phishing judgment module and a phishing website domain name database. According to the method and the system, the defect of poor pertinence of cloud technology-based cloud searching and killing is overcome, and all the phishing website domain names registered by using the whois information are searched by using the whois information of the known phishing website.

Description

technical field [0001] The invention belongs to the computer field, in particular to a method and a system for collecting and identifying all phishing websites under the whois information of known phishing websites. Background technique [0002] Whois information is a transmission protocol used to query domain name IP and owner information. Simply put, whois is a database used to query whether a domain name has been registered and the detailed information of the registered domain name (such as domain name owner, domain name registrar, address, phone number, etc.). Use whois to realize the query of domain name information. Early whois queries mostly existed in the command line interface, but now there are some online query tools with simplified web interfaces, which can query different databases at one time. The query tools of the web interface still rely on the whois protocol to send query requests to the server, and the tools of the command line interface are still widely...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 潘建波王斌
Owner ZHUHAI BAOQU TECH CO LTD