Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Phishing website recognition method and device

A technology for phishing websites and identification methods, applied in the fields of network security and information technology, to achieve the effects of easy maintenance and update, wide application range and improved efficiency

Active Publication Date: 2018-03-13
CHINA INTERNET NETWORK INFORMATION CENTER
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the above problems, the present invention provides a method and device for identifying phishing websites, which can make up for the inability of blacklist technology to filter emerging phishing websites, efficiently identify phishing websites embedded with brand website elements and resources, and improve the performance of phishing filtering

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Phishing website recognition method and device
  • Phishing website recognition method and device
  • Phishing website recognition method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be described in further detail below through specific embodiments and accompanying drawings.

[0037] Phishing is essentially brand counterfeiting. Phishers send false information through emails, instant messaging, etc. to lure users to visit pre-built counterfeit websites to defraud users of their privacy and property. Among them, counterfeit websites, as the most important crime site, are often highly similar to real brand websites visually, in order to deceive users into believing they are real. Today, websites (especially big brand websites) are no longer simple text and pictures, but contain a large number of elements and resources with unique brand styles, including Logo pictures, Favicon pictures, CSS files, JS files, etc.; To confuse the real ones, these resources of the brand website are often directly used, that is, the links to these resources are embedded in the source code of the web page. For example: https: / / wvw.paypal-limited....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a phishing website recognition method and device. The method comprises the steps that whether or not resources of other websites are embedded into a to-be-detected website isdetected; and if the resources of the other websites are not embedded into the to-be-detected website, it is judged that the to-be-detected website is a non-phishing website; if the resources of the other websites are embedded into the to-be-detected website, whether or not domain names of the other websites intersect with a white list is judged; if the domain names of the other websites do not intersect with the white list, it is judged that the to-be-detected website is the non-phishing website; if the domain names of the other websites intersect with the white list, it is judged that the to-be-detected website is a highly-suspected phishing website; and legality judgment and domain name credit assessment are conducted on the highly-suspected phishing website to determine whether or notthe to-be-detected website is a phishing website. According to the method and device, the defect that in a black list technology, newly-presented phishing websites cannot be filtered can be overcome,the phishing websites in which elements and resources of brand websites are embedded can be recognized efficiently, and the phishing filtering performance can be improved.

Description

technical field [0001] The invention belongs to the technical fields of information technology and network security, and in particular relates to a phishing website identification method and device. Background technique [0002] The term Phishing was coined in 1996 and evolved from the word Fishing. In the process of phishing, attackers use bait (such as email, SMS) to send to a large number of users, expecting a small number of users to "take the bait", and then achieve the purpose of "phishing" (such as stealing users' private information). The International Anti-Phishing Working Group (APWG) defines phishing as: Phishing is a cyber attack method that uses social engineering and technical means to steal consumers' personally identifiable data and financial account credentials. Phishing attacks using social engineering methods often send users deceptive emails and text messages that appear to be from legitimate companies or institutions, luring users to reply to personal s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1483H04L61/4511
Inventor 耿光刚延志伟张茜
Owner CHINA INTERNET NETWORK INFORMATION CENTER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products