Malicious webpage identification and detection method based on static field, computer and storage medium

A technology for malicious web pages and detection methods, applied in the field of malicious web page identification and detection, can solve the problems of fingerprints occupying too much space resources, inability to apply real-time detection, and one-sided plain text information, etc. short time effect

Pending Publication Date: 2022-04-19
HARBIN INST OF TECH +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The fingerprint used in the deduplication algorithm based on web page fingerprints is composed of feature keywords and their position vectors extracted from web pages, and feature words are extracted from plain text information in web pages. If the text size is too large, it may As a result, fingerprints take up too much space resources in the storage process; only considering the plain text information displayed on the page is too one-sided, the web

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious webpage identification and detection method based on static field, computer and storage medium
  • Malicious webpage identification and detection method based on static field, computer and storage medium
  • Malicious webpage identification and detection method based on static field, computer and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0053] Example 1, reference Figure 1-3 Illustrating the present embodiment, the present invention provides a malicious web page identification detection method based on a static domain, comprising the following steps:

[0054] Step 1: Listen to the web page traffic in real time and extract the URL address of the HTTP header;

[0055] Step 2: Match the URL address described in step 1 with the URL address stored in the blacklist database; if the match is successful, the traffic is blocked, and if the match fails, step 3 is performed;

[0056] Step three, the parsing matching failed web page traffic; the parsing method of the present invention can improve the efficiency of the web page parsing process, can be for the existence of grammar and format errors on the web page for a series of response processing and circumvention, but also by setting the maximum parsing depth to limit the program running time, as well as the deep node to dry. This includes the following steps:

[0057] Ste...

Example Embodiment

[0100] Example 2, a computer, the computer apparatus of the present invention may include a processor and a memory apparatus, such as a microcontroller comprising a central processor and the like. Further, the processor for executing a computer program stored in the memory when implementing the above steps of the preferred method of modifying the recommended data driven by the relationship based on the CREO software.

[0101] The alleged processor may be a central processing unit (CPU), may also be another general purpose processor, digital signal processor (DSP), application specific integrated circuit (ASIC), off-the-shelf programmable gate array ( Field-Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.

[0102] The memory may mainly include a storage program ar...

Example Embodiment

[0103] Example 3, the computer-readable storage medium

[0104] The computer-readable storage medium of the present invention may be any form of storage medium read by the processor of the computer apparatus, including but not limited to nonvolatile memory, volatile memory, ferroelectric memory, etc., computer-readable storage medium stored on a computer program, when the processor of the computer apparatus reads and executes the computer program stored in the memory, the above-described step of the modeling method based on CREO software can be modified by the relationship-driven modeling data modeling method.

[0105] The computer program includes computer program code, the computer program code may be in source code form, object code form, executable file or some intermediate form and the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, U disk, removable hard disk, disk disk, optical disk, compu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious webpage identification and detection method based on a static field, a computer and a storage medium, and belongs to the technical field of webpage identification and detection. Comprising the following steps: step 1, monitoring webpage traffic in real time, and extracting a URL address of an HTTP head; step 2, matching the URL address with a URL address stored in a blacklist library; 3, analyzing the webpage traffic which fails to be matched; step 4, crawling JS (JavaScript) and CSS (Cascading Style Sheet) files in the analyzed webpage traffic; 5, extracting a webpage fingerprint of the target webpage; step 6, identifying webpage traffic; 7, comparing the URL addresses of the two webpages; if the URL addresses are the same, the webpage in the flow is a normal webpage, and a matching log is stored; and if the URL addresses are different, the webpage in the flow is a malicious webpage, and blocking is carried out. The technical problem that the requirement of real-time detection in practical application cannot be met is solved. The technical effect of reducing the time cost in the webpage matching process is achieved.

Description

technical field [0001] The present application relates to a detection method, in particular to a static domain-based malicious web page identification and detection method, a computer and a storage medium, belonging to the technical field of web page identification and detection. Background technique [0002] Phishing attack is a cyber crime that steals user privacy data through social engineering or technical means. In recent years, many criminals have engaged in illegal activities by building malicious websites, and using various means (such as URL obfuscation, etc.) Concealment makes traditional defense detection technology invalid. [0003] The web page fingerprint is a byte sequence calculated by hash operation based on the key-value pairs in the header of the response message and a series of special elements (labels, attributes, etc.) extracted from the web page document. Web page identification is to identify the web page that best matches the target web page from th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F16/955G06F16/951G06F16/9535G06F40/284G06F40/216
CPCG06F21/563G06F16/9566G06F16/951G06F16/9535G06F40/284G06F40/216
Inventor 余翔湛刘立坤陈巍史建焘葛蒙蒙叶麟于喜东王永强冯帅赵跃王久金宋赟祖郭明昊胡智超苗钧重刘凡李精卫石开宇韦贤葵孔德文羿天阳刘奉哲李竑杰
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap