Unlock instant, AI-driven research and patent intelligence for your innovation.

Malicious website detection method and device and electronic equipment

A malicious website and detection method technology, applied in the field of communication, can solve the problems of low detection efficiency and poor detection accuracy.

Active Publication Date: 2021-07-06
CHINA MOBILE GRP GUANGDONG CO LTD +1
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the embodiments of the present invention is to provide a detection method, device, and electronic equipment for a malicious website, so as to solve the problem of low detection efficiency and poor detection accuracy in the prior art when detecting whether a website is a malicious website. question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious website detection method and device and electronic equipment
  • Malicious website detection method and device and electronic equipment
  • Malicious website detection method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0081] Such as figure 1 As shown, the embodiment of the present invention provides a detection method for a malicious website. The execution body of the method may be a server, and the server may be an independent server or a server cluster composed of multiple servers. The method specifically may include the following steps:

[0082] In S102, the behavior feature information of the target website is determined according to the domain name registration information of the target website to be detected.

[0083] Wherein, the target website may be any website to be detected, and the domain name registration information may be the domain name registration information of the target website obtained through a domain name query protocol (that is, WHOIS).

[0084] In practice, with the continuous development of mobile communication technology, more and more malicious websites frequently appear on the mobile network, which has caused great interference to people's life and work. There...

Embodiment 2

[0100] Such as image 3 As shown, the embodiment of the present invention provides a detection method for a malicious website. The execution body of the method may be a server, and the server may be an independent server or a server cluster composed of multiple servers. The method specifically may include the following steps:

[0101] In S302, domain name registration information of the website is obtained.

[0102] Wherein, the website may be one or more websites to be detected obtained based on the access log of the preset server.

[0103] In S304, a target website to be detected is determined based on preset filtering rules and domain name registration information of the website.

[0104] In implementation, the preset filtering rules can include a first filtering rule for filtering the URL of the website based on the URL whitelist, wherein the URL whitelist can include URLs of preset institutions such as governments and schools, and can be based on the URL whitelist, Pre...

Embodiment 3

[0163] The above is the malicious website detection method provided by the embodiment of the present invention. Based on the same idea, the embodiment of the present invention also provides a malicious website detection device, such as Figure 6 shown.

[0164] The malicious website detection device includes: an information determination module 601, a probability determination module 602 and a malicious website determination module 603, wherein:

[0165] An information determination module 601, configured to determine the behavior characteristic information of the target website according to the domain name registration information of the target website to be detected;

[0166]The probability determination module 602 is configured to input the behavior characteristic information of the target website into a pre-trained malicious website identification model to obtain the abnormal probability of the target website, wherein the malicious website identification model is based on ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a malicious website detection method and device and electronic equipment, and the method comprises the steps: determining the behavior characteristic information of a target website according to the domain name registration information of the target website to be detected, inputting the behavior characteristic information of the target website into a pre-trained malicious website recognition model, and obtaining the abnormal probability of the target website; wherein the malicious website recognition model is obtained by training historical behavior feature information of malicious websites and non-malicious websites based on a naive Bayes algorithm and a K nearest neighbor algorithm; and determining whether the target website is a malicious website or not based on the abnormal probability. Through the method, the abnormal probability of the target website can be determined through the behavior feature information of the target website and the pre-trained malicious website recognition model, whether the target website is the malicious website or not is determined through the abnormal probability, and the detection efficiency and detection accuracy of the malicious website are improved.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a detection method, device and electronic equipment for a malicious website. Background technique [0002] With the continuous development of mobile communication technology, more and more malicious websites frequently appear on the mobile network, causing great interference to people's life and work. Therefore, the detection of malicious websites has become the focus of attention. [0003] Currently, based on a blacklist of uniform resource locators (Uniform Resource Locators, URLs) collected manually, URLs of websites can be matched and detected to determine whether the website is a malicious website. For example, after a user visits a webpage, the complete network address of the webpage (that is, the URL of the webpage) can be obtained, and then the URL can be matched with the collected ULR blacklist. The website corresponding to the webpage is a malicious website. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N7/00G06F16/955
CPCH04L63/1483H04L63/1425G06F16/955G06N7/01
Inventor 乔雅莉何振财李彬郝建忠郑浩彬钟雪慧全俊斌
Owner CHINA MOBILE GRP GUANGDONG CO LTD