Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for identifying phishing website

A phishing website and phishing technology, which is applied in the Internet field, can solve the problem of not being able to identify phishing websites in a timely and accurate manner, and achieve the effect of improving the recognition effect

Inactive Publication Date: 2016-04-27
SANGFOR TECH INC
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The main purpose of the present invention is to provide a method and device for identifying phishing websites, aiming to solve the technical problem that phishing websites cannot be identified timely and accurately in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for identifying phishing website
  • Method and device for identifying phishing website
  • Method and device for identifying phishing website

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0078] Based on the first embodiment of the above-mentioned method for identifying phishing websites, the method also includes:

[0079] S70. Collect the domain name of at least one phishing website, and obtain a DNS server corresponding to the collected domain name of the phishing website. The obtained DNS server is a malicious DNS server.

[0080] The at least one phishing website is a website commonly used by phishing attackers, including but not limited to websites obtained by similar modifications of operator websites, e-commerce websites, banking websites, securities websites, social media websites, and popular program websites by phishing attackers , specifically, such as baidu123.com, 10086ab.com, etc. In this step, the domain names of as many phishing websites as possible can be collected, and the DNS server corresponding to the domain names of the collected phishing websites can be obtained. Usually, a domain name can only be resolved by one DNS server, and one DNS s...

no. 2 example

[0088] Based on the second embodiment of the above-mentioned method for identifying phishing websites, the method further includes: S90, adding the identifier corresponding to the malicious DNS server to the malicious DNS server record table;

[0089] After step S40, the method also includes:

[0090] S100. If the matching fails, obtain a DNS server corresponding to the access domain name in the web access request.

[0091] When the matching result in step S40 is a matching failure, it is necessary to further identify the access domain name in the web access request, and obtain the DNS server corresponding to the access domain name in the web access request.

[0092] S110. Match the DNS server corresponding to the access domain name in the web access request with the malicious DNS server record table, if the match is successful, send an alarm message to the client, and if the match fails, end the identification.

[0093] The identifier corresponding to the malicious DNS serve...

no. 3 example

[0096] Based on the third embodiment of the above-mentioned method for identifying phishing websites, the method further includes: S120. Generate a phishing website page feature database according to the phishing domain name database.

[0097] Before the step S40, the method also includes:

[0098] S130. Obtain a response webpage returned by the webpage server according to the web access request.

[0099] S140. Match the page feature of the response webpage with the page feature database of the phishing website. If the matching is successful, send an alarm message to the client; if the matching fails, execute step S40.

[0100] Specifically, in step S120, according to each phishing domain name in the phishing domain name library, an access request is sent to the webpage server, and the response webpage returned by the webpage server is received, the received response webpage is analyzed, and the response webpage is obtained. Page features, and then collect the page features o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for identifying a phishing website. The method comprises: collecting the domain name of at least one non-phishing website, generating a normal domain name sample base according to the collected domain name; enumerating the domain name in the normal domain name sample base according to a preset rule so as to generate a network phishing domain name base; receiving a web access request sent by a customer, wherein the web access request comprises an access domain name; matching the access domain name in the web access request with the network phishing domain name base, if the matching is successful, generating warning information to the customer. The invention also discloses a device for identifying the phishing website. In adoption of the invention, the identifying effect of the phishing website is improved.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for identifying phishing websites. Background technique [0002] Phishing websites usually refer to illegal websites that pretend to be bank websites or e-commerce websites to steal private information such as bank account numbers and passwords submitted by users. Some lawbreakers use various means to forge some fake phishing websites, and induce victims to operate according to their intentions, so as to obtain users' private information, so as to achieve the purpose of obtaining users' benefits. Phishing incidents are becoming more and more frequent in the network, causing significant losses to users. [0003] The existing phishing website recognition technology mainly adopts: 1. phishing webpage feature recognition technology; The feature keywords are analyzed to obtain the page feature library, so as to use the page feature library to detect and iden...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L63/1483H04L67/02H04L67/10H04L61/4511
Inventor 王振兴
Owner SANGFOR TECH INC