Real-time malicious webpage identification method and system on gateway

A malicious web page and identification method technology, applied in the identification method and system field of malicious web pages, to achieve the effects of reducing security risks, avoiding theft, real-time identification and filtering

Active Publication Date: 2020-07-24
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There is a great security risk when collecting features based on webpage content, because the entire webpage content needs to be downloaded in advance, so malicious code may have been executed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Real-time malicious webpage identification method and system on gateway
  • Real-time malicious webpage identification method and system on gateway
  • Real-time malicious webpage identification method and system on gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The structure diagram of the real-time malicious web page filtering system according to the present invention is as follows figure 1 As shown, there are four modules:

[0030] 1. The traffic collection module is used to collect network traffic and generate a training set after parsing.

[0031] First, collect network traffic data from the backbone network, each piece of traffic data includes the request header field of the data packet, such as source IP, destination IP, etc., and then screen out the above-mentioned lightweight malicious webpage classification features, the lightweight The malicious webpage classification features include server-based classification features, user-based classification features, URL-based classification features, and Referer-based classification features, wherein the server-based classification features include the first byte of the destination IP, destination IP The second byte, the third byte of the destination IP, the fourth byte of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a real-time malicious webpage identification method on a gateway, which comprises the following steps of: acquiring the traffic of accessing a webpage by a user, and extractinglightweight malicious webpage classification characteristics from the traffic; constructing a real-time malicious webpage classification model based on the classification features; and deploying themodel to core network equipment to predict whether the webpage is a malicious webpage or not in real time. The invention further discloses a system for identifying the real-time malicious webpage on the gateway. The system comprises a flow acquisition module, a classification model training module and a prediction module. Based on the obvious inclined distribution of the malicious web pages on thecharacteristics, the destination IP address and the source IP address are processed by adopting a point division decimal system, i.e., each IP address byte is used as a classification characteristic,so that the malicious web pages can be quickly identified and filtered on a large gateway in real time.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to a method and system for identifying malicious webpages. Background technique [0002] Malicious webpages refer to those webpages that embed malicious codes or contain illegal content in webpages, such as websites that hang horses, phishing websites, adult websites, etc. Web page traffic accounts for 70% of all Internet traffic, and 1 / 3 of the web pages may be unsafe. Criminals may use these malicious webpages to steal user information, forcefully install malicious software, and even defraud money. Malicious webpages make Internet users face a huge risk of becoming victims. Therefore, identifying and filtering malicious webpages is of great significance for network supervision and network quality service management QoS, and at the same time provides a good Internet environment for Internet users. [0003] The traditional identification of malicious web pages is based o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F16/9535G06F16/906
CPCH04L63/14
Inventor 檀国林张鹏郑超
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap