Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and related device for detecting malicious web pages

A malicious webpage and webpage technology, applied in the field of network security, can solve problems such as consuming a long time and system resources, and low detection efficiency

Active Publication Date: 2021-06-22
HUAWEI TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the effectiveness of using client-side honeypot technology to detect malicious web pages is restricted by many factors. For example, restoring the initial environment of the virtual machine after each detection will take a long time and system resources, resulting in low detection efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and related device for detecting malicious web pages
  • Method and related device for detecting malicious web pages
  • Method and related device for detecting malicious web pages

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to enhance the concealment of malicious codes, attackers often use multiple redirection methods when implanting links in web page files. That is to say, when a user visits a modified normal webpage, through multiple redirections, the user is finally redirected to a webpage embedded with malicious codes provided by other webpage servers. Then the malicious code is downloaded into the terminal device used by the user without the user's knowledge. In comparison, when a user visits a normal web page that has not been modified, it is less likely that the user will be redirected multiple times.

[0039] In this embodiment of the application, a malicious webpage refers to a webpage that will cause damage to the terminal device used by the user after being accessed, specifically including webpages that have been embedded with malicious codes, and webpages that have been embedded with links although they have not been embedded with malicious codes. , where the implante...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Disclosed are a method and a related device for detecting malicious webpages, which are used to improve the detection efficiency of malicious webpages. The method includes: the security device obtains at least one access request message generated during the terminal device's access to the webpage to be detected; generates at least one redirection chain according to the access request message, and each record in each redirection chain stores an access request message respectively. The resource address carried in the request message; the first redirection chain in the at least one redirection chain includes at least two records, and the adjacent first record and second record in the at least two records are in the first unidirectional Relational connections, the first record is an outgoing record, the second record is an incoming record, and the resource indicated by the resource address saved in the first record includes a redirection indication, and the redirection indication is used to redirect the terminal device to the first 2. Record the saved resource address; if the first redirection chain meets the predetermined rule, determine that the webpage to be detected is a malicious webpage.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for detecting malicious web pages and a device for detecting malicious web pages. Background technique [0002] Web pages are a common delivery vehicle for malicious code. Malicious codes include Trojan horse programs, virus programs, and the like. Attackers embed malicious codes in webpage files in the form of scripts or Cascading Style Sheets (Cscading Style Sheets, CSS) elements. When a user accesses a web page file embedded with malicious code, the malicious code will be downloaded to the terminal device used by the user without the user's knowledge and run on the host, thereby causing damage, such as destroying the user's operating system or stealing Get the user's confidential information, etc. Web pages that are accessed and cause damage to the terminal equipment used by users are called malicious web pages. [0003] The first category of malicious we...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1441H04L63/1483
Inventor 韩旭
Owner HUAWEI TECH CO LTD