Malicious URL detection method and implement system thereof

A detection method and malicious technology, applied in transmission systems, electrical components, etc., can solve problems such as threats to the security and property safety of user terminal systems, inability to completely avoid URL flexibility malicious intrusion, etc., to resist the harm of malicious URLs and improve accuracy , the effect of improving safety performance

Inactive Publication Date: 2015-06-24
JIANGSU PAYEGIS INFORMATION SECURITY TECH CO LTD
View PDF4 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The above-mentioned methods can handle most of the malicious URL detection problems. Unfortunately, current terminal devices cannot completely avoid malicious intrusions caused by URL flexibility and constant variability, which always threatens the system security of user terminals and more important property security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious URL detection method and implement system thereof
  • Malicious URL detection method and implement system thereof
  • Malicious URL detection method and implement system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] Embodiment one, If the url to be detected: "abcdefg", the specific judgment steps are as follows:

[0029] (1) Firstly, according to the implementation step S1, complete the modified url to "http: / / abcdefg";

[0030] (2) Then according to the implementation step S2, it is judged that the url is not in the URL knowledge base;

[0031] (3) Go to step S3 again, filter out the malicious features in the url through the rules (execute S31): the url scheme description part only contains English characters, so it is finally judged that the url to be detected is malicious. The same applies to the case where the description part of the rul scheme only contains numbers. Embodiment 2. If the url to be detected is: "http: / / www.dwz.cn / t05ZQ", the specific judgment steps are as follows:

[0032] (1) First, according to the implementation step S1, the url after completion and modification is still "http: / / www.dwz.cn / t05ZQ";

[0033] (2) Then according to the impleme...

Embodiment 3

[0037] Embodiment 3, if the url to be detected: "http: / / shop.ldangdang.com / 14416", the specific judgment steps are as follows:

[0038] (1) Firstly, according to the implementation step S1, the modified url is still "http: / / shop.ldangdang.com / 14416";

[0039] (2) Then according to the implementation step S2, it is judged that the url is not in the URL knowledge base;

[0040] (3) Go to step s3 again, and judge through the rules that not only does not contain malicious URL features, but also does not contain short URL features;

[0041] (4) Finally enter step S33, use the model prediction module to make predictions, and the prediction result is malicious, so it is finally judged that the url to be detected is malicious. The model prediction module used therein has a classifier trained offline and continuously updated, and has a processing device for detecting maliciousness of the predicted file based on the classifier.

[0042] In summary, it can be seen that t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious URL detection method and a system. The method comprises the steps of splitting a URL to be detected into character strings according to a URL grammar and a semantic structure in the RFC1738 standard; analyzing, completing and modifying the character strings which are obtained by splitting; aiming at a new URL formed by the processed character strings, traversing and matching a URL knowledge base; judging whether the new URL contains malicious features and belongs to a short URL according to rules, and if the new URL belongs to the short URL, restoring the short URL into a long URL; finally, extracting the features from the URL knowledge base, applying a sorting algorithm training model through machine learning, and predicting the malicious property of the URL. By applying the method and the system, the flexibility and eversporting property of URL forms are solved, a newly-emerging malicious website can be recognized, the harm from the malicious URL can be effectively resisted, and the safety performance of user information can be substantially improved.

Description

technical field [0001] The invention relates to a computer information security authentication technology, which is implemented by comprehensively utilizing computer networks and machine learning algorithms, and can be applied to systems and fields that require identity authentication, such as performing information confirmation with money exchanges on each terminal, and specifically relates to a malicious URL detection method and its implementation system. Background technique [0002] According to the RFC1738 specification, the grammatical format of URL (Uniform Resource Locator) is generally expressed as follows: " <scheme> : <scheme-specific-part>", a URL containing the scheme name ( <scheme>) and the scheme description section ( <scheme-specific-part>), the scheme description part is completely determined by the scheme it uses. The scheme name is usually the HTTP protocol. If the scheme part is omitted, it defaults to the HTTP protocol. The co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/126H04L63/14
Inventor 汪德嘉叶芸胡振中葛彦霆刘伟
Owner JIANGSU PAYEGIS INFORMATION SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap