Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method and device for identifying a malicious website

A malicious website and category technology, applied in the Internet field, can solve the problems of unable to extract keywords, prone to missed detection, false detection, and unable to guarantee website identification, etc., to achieve accurate, reliable and efficient identification results

Active Publication Date: 2014-11-05
TENCENT TECH (SHENZHEN) CO LTD
View PDF2 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the process of realizing the above-mentioned identification of phishing websites, the inventor found at least the following problems in the prior art: the manual review method has relatively large limitations, and the review quality depends on the professionalism of the reviewers, and it is prone to missed and false detections At the same time, due to the limited number of auditors, the identification of phishing websites has a strong lag, and the timely and effective identification of websites cannot be guaranteed.
As for the automatic identification method, phishing websites can use object-based and event-driven client-side scripting language (Javascript) obfuscation, keyword obfuscation and other technical means to bypass the detection of third-party software, such as compiling the page source code into like figure 1 irregular string as shown, or as figure 2 As shown in , interfering characters are inserted between characters through keyword obfuscation. These obfuscation methods will prevent third-party software from effectively extracting keywords used as identification basis
[0005] It can be seen from this that for the identification of phishing websites at present, an effective solution has not been given in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for identifying a malicious website
  • Method and device for identifying a malicious website
  • Method and device for identifying a malicious website

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The technical solution in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are only some embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0047] The embodiment of the present invention provides a method for identifying a malicious website, which can identify its security through the domain name of the login page, such as image 3 As shown, the method includes:

[0048] 301. The user equipment captures the user feature information input on the login page.

[0049] Among them, the user characteristic information can be any one or any combination of email address, mobile phone number, user name or user number. For example, the user cha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a method and device for identifying a malicious website, relates to the technical field of internet, and can efficiently identify the malicious website. The method of the present invention includes: first capturing user feature information input in a log-in page, then searching for a set of trusted domain names corresponding to the user feature information in a white list, finally comparing the domain name of the log-in page with all trusted domain names in the set of trusted domain names, and if the domain name of the log-in page does not belong to the set of trusted domain names, prompting the user with a warning. The present invention is mainly used in the procedure of identifying a phishing website.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for identifying malicious websites. Background technique [0002] The rapid development of Internet technology has brought more and more convenience to people's lives. People can easily share and download various resources and obtain various important information through the Internet. At the same time, the security situation of the Internet is not optimistic. A large number of phishing websites have seriously violated the interests of Internet users and affected the security order of the Internet. [0003] Phishing websites usually refer to malicious websites that pretend to be regular websites such as banks and e-commerce, and steal private information such as bank account numbers and passwords submitted by users. Vulnerabilities in the website server program insert dangerous page codes into some web pages of the website to steal users' private informat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/56H04L29/12
Inventor 刘健
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com