A real-time malicious web page identification method and system on a gateway

A malicious web page and identification method technology, applied in the identification method and system field of malicious web pages, to achieve the effects of avoiding theft, reducing security risks, and reducing time delay

Active Publication Date: 2021-06-08
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There is a great security risk when collecting features based on webpage content, because the entire webpage content needs to be downloaded in advance, so malicious code may have been executed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A real-time malicious web page identification method and system on a gateway
  • A real-time malicious web page identification method and system on a gateway
  • A real-time malicious web page identification method and system on a gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The structure diagram of the real-time malicious web page filtering system according to the present invention is as follows figure 1 As shown, there are four modules:

[0030] 1. The traffic collection module is used to collect network traffic and generate a training set after parsing.

[0031] First, collect network traffic data from the backbone network, each piece of traffic data includes the request header field of the data packet, such as source IP, destination IP, etc., and then screen out the above-mentioned lightweight malicious webpage classification features, the lightweight The malicious webpage classification features include server-based classification features, user-based classification features, URL-based classification features, and Referer-based classification features, wherein the server-based classification features include the first byte of the destination IP, destination IP The second byte, the third byte of the destination IP, the fourth byte of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a real-time malicious webpage identification method on a gateway, which includes: collecting traffic of users visiting webpages, and extracting lightweight malicious webpage classification features; building a real-time malicious webpage classification model based on these classification features; The model is deployed to core network devices to predict whether a webpage is malicious in real time. The invention also discloses a real-time malicious webpage identification system on the gateway, which includes a flow collection module, a classification model training module and a prediction module. The present invention is based on the fact that malicious webpages have an obvious inclined distribution on the above features, and adopts the dotted decimal system to process the destination IP address and source IP address, that is, each IP address byte is used as a classification feature to realize fast , Identify and filter malicious web pages in real time.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to a method and system for identifying malicious webpages. Background technique [0002] Malicious webpages refer to those webpages that embed malicious codes or contain illegal content in webpages, such as websites that hang horses, phishing websites, adult websites, etc. Web page traffic accounts for 70% of all Internet traffic, and 1 / 3 of the web pages may be unsafe. Criminals may use these malicious webpages to steal user information, forcefully install malicious software, and even defraud money. Malicious webpages make Internet users face a huge risk of becoming victims. Therefore, identifying and filtering malicious webpages is of great significance for network supervision and network quality service management QoS, and at the same time provides a good Internet environment for Internet users. [0003] The traditional identification of malicious web pages is based o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F16/9535G06F16/906
CPCH04L63/14
Inventor 檀国林张鹏郑超
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap