CN102902686A - Web page detection method and system - Google Patents
Web page detection method and system Download PDFInfo
- Publication number
- CN102902686A CN102902686A CN2011102119774A CN201110211977A CN102902686A CN 102902686 A CN102902686 A CN 102902686A CN 2011102119774 A CN2011102119774 A CN 2011102119774A CN 201110211977 A CN201110211977 A CN 201110211977A CN 102902686 A CN102902686 A CN 102902686A
- Authority
- CN
- China
- Prior art keywords
- url
- file
- javascript
- webpage
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention is applicable to the technical field of network security and provides web page detection method and system. The method includes: acquiring dynamic data related to a web page, executing the dynamic data by a corresponding engine, generating an execution text file, extracting key words in the execution text file, matching the extracted key words with a preset phishing rule base, and determining safety of the web page according to matching results. Effective detection on phishing information in the dynamic data of the web page is achieved by the method and system, and reliability in web page detection is improved greatly.
Description
Technical field
The invention belongs to the network security technology field, relate in particular to the method and system that a kind of webpage detects.
Background technology
Along with the development of internet, increasing people begin to carry out various Information Sharings, amusement, friend-making on the net, the various life amenities that the use internet provides such as Web bank, Online Payment, online payment etc.Because the user can carry out the transaction of some properties or individual's the typing of privacy information at webpage, the lawless person gains user's data or user's property by cheating with regard to the quasi-normal webpage of mould, generally is referred to as fishing webpage.
The webpage of whether going fishing in order to detect a webpage, present detection method is summarized as follows: the text feature that extracts the webpage the inside, then according to the fishing webpage matched rule that pre-establishes, whether the text feature of checking the current page meets the place rule, if some rule in the coupling wherein just thinks that there is the behavior of fishing in this webpage.The text feature of webpage generally is some important labels of webpage HTML content the inside, for example, the content of title division TITLE, the content of copyright part COPYRIGHT, be exactly the P label of some HTML the insides in addition, the content of some content tab the insides such as SPAN label.Extract the key word of these label substance the insides according to certain algorithm, the key word that extracts is delivered to the rule of going to seek coupling in the fishing storehouse, for example, if occur the printed words that a large amount of QQ logs in the current page, but the URL of webpage but is not domain name such as qq.com, the tencent.com etc. of company of Tengxun; If the copyright statement of webpage is being write " all rights reserved for "tibco software, inc." "TIBCO Software of Tengxun, but the domain name that the url of webpage neither company of Tengxun; The user's that need to fill in when such as web page contents a large amount of online payments being arranged account number, password, Bank Name information, but webpage but is not webpage affiliated under this bank, just judges what whether a webpage went fishing according to an above-mentioned regular comprehensive scoring.
Present improving constantly along with network technology, the content of the fishing such as the literal part that will simulate regular website that a lot of fishing webpages is no longer simple is put into the html tag the inside, but occur in the dynamic data of webpage by technology such as Javascript, therefore, the page detection method of prior art can't effectively detect the fishing information in the webpage dynamic data.
Summary of the invention
The method and system that the purpose of the embodiment of the invention is to provide a kind of webpage to detect are intended to solve the problem that the page detection method of prior art can't effectively detect the fishing information in the webpage dynamic data.
The embodiment of the invention is achieved in that the method that a kind of webpage detects, and described method comprises:
Obtain the dynamic data relevant with webpage;
Carry out described dynamic data by corresponding engine, generate text files;
Extract the key word in the described text files;
The key word of described extraction is mated with the fishing rule base of presetting, and determine the security performance of webpage according to matching result.
The system that the embodiment of the invention also provides a kind of webpage to detect, described system comprises:
Data capture unit is used for obtaining the dynamic data relevant with webpage;
File generating unit is used for carrying out the dynamic data that described data capture unit obtains by corresponding engine, generates text files;
Extraction unit is for the key word of the text files of extracting described file generating unit generation;
Matching unit is used for the key word that described extraction unit is extracted and the fishing rule base of presetting and mates, and determines the security performance of webpage according to matching result.
The embodiment of the invention is obtained the dynamic data relevant with webpage, and carry out described dynamic data by corresponding engine, generate text files, extract the key word in the described text files, and the key word of described extraction and default fishing rule base mated, and determine the security performance of webpage according to matching result, and realize the fishing information in the webpage dynamic data is effectively detected, greatly improved the reliability that webpage detects.
Description of drawings
Fig. 1 is the process flow diagram of the realization of the method that detects of the webpage that provides of the embodiment of the invention one;
Fig. 2 is the process flow diagram of the realization of the method that detects of the webpage that provides of the embodiment of the invention two;
Fig. 3 is the structural drawing of the system that detects of the webpage that provides of the embodiment of the invention three;
Fig. 4 is the structural drawing of the system that detects of the webpage that provides of the embodiment of the invention four.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
The embodiment of the invention is by obtaining the dynamic data relevant with webpage, and the key word in the dynamic data that extracts and default fishing rule base are mated, and determines the security performance of webpage according to matching result.
The method that the embodiment of the invention provides a kind of webpage to detect, described method comprises:
Obtain the dynamic data relevant with webpage;
Carry out described dynamic data by corresponding engine, generate text files;
Extract the key word in the described text files;
The key word of described extraction is mated with the fishing rule base of presetting, and determine the security performance of webpage according to matching result.
The system that the embodiment of the invention also provides a kind of webpage to detect, described system comprises:
Data capture unit is used for obtaining the dynamic data relevant with webpage;
File generating unit is used for carrying out the dynamic data that described data capture unit obtains by corresponding engine, generates text files;
Extraction unit is for the key word of the text files of extracting described file generating unit generation;
Matching unit is used for the key word that described extraction unit is extracted and the fishing rule base of presetting and mates, and determines the security performance of webpage according to matching result.
The embodiment of the invention is obtained the dynamic data relevant with webpage, and carry out described dynamic data by corresponding engine, generate text files, extract the key word in the described text files, and the key word of described extraction and default fishing rule base mated, and determine the security performance of webpage according to matching result, and realize the fishing information in the webpage dynamic data is effectively detected, greatly improved the reliability that webpage detects.
Below in conjunction with specific embodiment realization of the present invention is described in detail:
Embodiment one
The application scenarios of the embodiment of the invention can be: when the user surfs the Net, may run into some more suspicious websites, can't identification to its reliability, especially, when the dynamic part of fishing information in webpage occurs, the user can't carry out identification to it especially, and traditional detection method can only detect the static content in the webpage, therefore by the relevant dynamic data of webpage is detected, can effectively detect the fishing information that dynamically occurs in the webpage, the process flow diagram of the realization of the method that the webpage that Fig. 1 shows the embodiment of the invention one to be provided detects, details are as follows:
In step S101, obtain the dynamic data relevant with webpage.
In embodiments of the present invention, the dynamic data that can realize for the dynamic data realized by Javascript, the dynamic data that also can realize for css and flash etc. of dynamic data.
In step S102, carry out above-mentioned dynamic data by corresponding engine, generate text files.
In embodiments of the present invention, when obtaining dynamic data and be the Javascript file of Javascript code and/or external reference, step S102 can carry out by the Javascript engine Javascript file of above-mentioned Javascript code and/or external reference, generates text files.
In step S103, extract the key word in the above-mentioned text files.
In step S104, the key word of said extracted and default fishing rule base are mated, and determine the security performance of webpage according to matching result.
In embodiments of the present invention, above-mentioned fishing rule base can pre-stored a plurality of malice key words, and each key word has different weights and priority level, when the key word that in the fishing rule base, matches said extracted, weight and the priority level corresponding according to above-mentioned key word then, determine the malice degree of the key word of extraction, thereby determine the security performance of webpage, security performance is described webpage security, malice degree according to the key word of determining to extract is different, and the security performance of webpage also can comprise a plurality of ranks accordingly.
The embodiment of the invention is obtained the dynamic data relevant with webpage, and carry out above-mentioned dynamic data by corresponding engine, generate text files, extract the key word in the above-mentioned text files, and the key word of said extracted and default fishing rule base mated, and determine the security performance of webpage according to matching result, and realize the fishing information in the webpage dynamic data is effectively detected, greatly improved the reliability that webpage detects.
Embodiment two
The embodiment of the invention can be the application scenarios identical with embodiment one, the process flow diagram of the realization of the method that the webpage that Fig. 2 shows the embodiment of the invention two to be provided detects, details are as follows:
In step S201, receive the URL of user's input and the check information of URL, check information comprise the type information that needs the number of times of verification URL information, verification URL, check request source-information and last time checking time information.
In embodiments of the present invention, receive the URL of user's input and the check information of URL, can push URL by client according to user's request by the user and carry out detection validation to server, to satisfy user's individual demand, also can be detected the URL that the user is input to client by the server active, to realize to take as the case may be corresponding obtain manner to detect to overall monitor and the detection of the URL of client.
In step S202, whether judge the above-mentioned URL that receives in this locality storage, when judging that this locality has been stored the URL of above-mentioned reception, execution in step S203, when judging that the URL of above-mentioned reception is not stored in this locality, execution in step S204.
In step S203, export the information of the security performance of webpage corresponding to above-mentioned URL.
In step S204, according to the weight of each information in the above-mentioned check information, calculate the priority of above-mentioned URL.
In embodiments of the present invention, can for the source-information of the type information of the number of times information of check information verification URL, verification URL, check request and last time checking time information etc. different weight ranks is set, then the priority of URL can be the weight sum of each information.
In embodiments of the present invention, the URL that can buffer memory receives specifically can be placed on the URL that has calculated priority a buffer queue the inside, according to actual conditions, download URL and the information thereof of required verification to buffer queue, avoided a plurality of URL to need simultaneously to detect, that causes is congested.
In step S205, press the priority of URL from high to low, download the HTLM file corresponding with above-mentioned URL;
In step S206, extract the Javascript code be embedded in the html file and/or the Javascript file of external reference, and when having extracted the Javascript file of external reference, the Javascript file of concurrent download external reference.
In step S207, carry out the Javascript file of above-mentioned Javascript code and/or external reference by the Javascript engine, generate text files.
In embodiments of the present invention, step S207 specifically can realize in the following ways:
1, according to the order that in html file, occurs, the Javascript file of above-mentioned Javascript code and/or external reference is sorted;
2, DOM Document Object Model (Document Object Model, the DOM) information in the above-mentioned html file of parsing;
3, according to the DOM information of above-mentioned parsing, carry out the Javascript file of above-mentioned Javascript code and/or external reference by the Javascript engine, generate text files.
In step S208, extract the key word in html file and the text files.
In embodiments of the present invention, in the key word in extracting the dynamic web page text, also extract the key word in the static html file, realization can comprehensively detect the fallacious message in the webpage.
In step S209, the key word that extracts and the fishing rule base of presetting are mated, and determine the security performance of webpage according to matching result.
In step S210, the security performance of the webpage that storage URL and above-mentioned URL are corresponding.
In embodiments of the present invention, can the black and white attribute be set for URL, for black this URL of expression is the URL of a malice, for white this URL of expression is a normal webpage, simultaneously, in order to save the speed of space and raising matching process, can adopt the MD5 information of storage URL, and two fields of black and white attribute are when mating, therefore, use the client of service the MD5 information of calculating URL, send over and inquire about, obtain the black and white attribute of this URL, thus the further behavior of directs client, further
Optionally, because the content of URL is the meeting dynamic change, so can be regularly information and the security performance information of the URL of this locality storage be detected, and the black and white attribute of renewal URL, to not mask at the webpage of going fishing timely, avoid for some owing to suffer the wrong report of the interim page of attacking.For the risk with wrong report drops to minimum, can dispatch according to the number of times of URL request, preferentially the URL that request number of times is many pushes in advance and detects evaluation
The embodiment of the invention, local when having stored the URL of above-mentioned reception by judging, then export the information of the security performance of webpage corresponding to above-mentioned URL, when judging that the URL of above-mentioned reception is not stored in this locality, then carry out Javascript code corresponding to above-mentioned html file by the Javascript engine, generate the key word in the text files, the security performance of webpage is confirmed, improve the efficient that detects, avoided the judgement of repetition to the waste of system resource.
URL by buffer memory receives realizes that according to actual conditions download URL and the information thereof of required verification to buffer queue, when having avoided a plurality of URL to need to detect simultaneously, that causes is congested.
Embodiment three
The structural drawing of the system that the webpage that Fig. 3 shows the embodiment of the invention three to be provided detects, for convenience of explanation, only show the part relevant with the embodiment of the invention, this system can be software unit, hardware cell or the soft or hard combining unit that is built in server end.
Said system comprises data capture unit 31, file generating unit 32, extraction unit 33 and matching unit 34.
In embodiments of the present invention, above-mentioned dynamic data is the Javascript file of Javascript code and/or external reference, then file generating unit 32, can carry out by the Javascript engine Javascript file of above-mentioned Javascript code and/or external reference, generate text files.
Key word in the text files that the above-mentioned file generating unit 32 of extraction unit 33 extractions generates.
The embodiment of the invention is obtained the dynamic data relevant with webpage, and carry out above-mentioned dynamic data by corresponding engine, generate text files, extract the key word in the above-mentioned text files, and the key word of said extracted and default fishing rule base mated, and determine the security performance of webpage according to matching result, and realize the fishing information in the webpage dynamic data is effectively detected, greatly improved the reliability that webpage detects.
Embodiment four
The structural drawing of the system that the webpage that Fig. 4 shows the embodiment of the invention three to be provided detects for convenience of explanation, only shows the part relevant with the embodiment of the invention.
In the embodiment of the invention, data capture unit 41 specifically comprises:
Further, above-mentioned URL receiver module 411 also receives the check information of URL, above-mentioned check information comprise the type information that needs the number of times of verification URL information, verification URL, check request source-information and last time checking time information.
Then above-mentioned download module 415 can by the priority of URL from high to low, be downloaded the HTLM file corresponding with above-mentioned URL.
Further, said system comprises the security performance of the webpage that the storage unit 45 above-mentioned URL of storage and above-mentioned URL are corresponding.
Further, data capture unit 41 comprises that also judge module 412 judges whether the above-mentioned URL that receives stores in this locality, when judging that this locality has been stored the URL of above-mentioned reception, then export the information of the security performance of webpage corresponding to above-mentioned URL, when judge module 412 judges that the URL of above-mentioned reception is not stored in this locality, then start computing module 413.
Further, data capture unit 41 also comprises the URL of the above-mentioned reception of cache module 414 buffer memorys.
Further, in embodiments of the present invention, extraction unit 43 specifically comprises order module 431, parsing module 432 and text generation module 433.
According to the order that occurs in html file, the Javascript file of 431 pairs of above-mentioned Javascript codes of order module and/or external reference sorts.
The DOM information that parsing module 432 is resolved in the above-mentioned html file.
According to the DOM information that above-mentioned parsing module 432 is resolved, text generation module 433 generates text files by the Javascript file of Javascript engine execution Javascript code and/or external reference.
To sum up, the effect of having a mind to of the embodiment of the invention is:
1, by obtaining the dynamic data relevant with webpage, and carry out described dynamic data by corresponding engine, generate text files, extract the key word in the described text files, and the key word of described extraction and default fishing rule base mated, and determine the security performance of webpage according to matching result, and realize the fishing information in the webpage dynamic data is effectively detected, greatly improved the reliability that webpage detects.
2, local when having stored the URL of described reception by judging, then export the information of the security performance of webpage corresponding to described URL, when judging that the URL of described reception is not stored in this locality, then carry out Javascript code corresponding to described html file by the Javascript engine, generate the key word in the text files, security performance to webpage is confirmed, has improved the efficient that detects, and has avoided the judgement of repetition to the waste of system resource.
3, the URL that receives by buffer memory realizes that according to actual conditions download URL and the information thereof of required verification to buffer queue, when having avoided a plurality of URL to need to detect simultaneously, that causes is congested.
It should be noted that in said apparatus and the system embodiment that included unit is just divided according to function logic, but is not limited to above-mentioned division, as long as can realize corresponding function; In addition, the concrete title of each functional unit also just for the ease of mutual differentiation, is not limited to protection scope of the present invention.
In addition, one of ordinary skill in the art will appreciate that all or part of step that realizes in the various embodiments described above method is to come the relevant hardware of instruction to finish by program, corresponding program can be stored in the computer read/write memory medium, described storage medium is such as ROM/RAM, disk or CD etc.
The above only is preferred embodiment of the present invention, not in order to limiting the present invention, all any modifications of doing within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (16)
1. the method that webpage detects is characterized in that described method comprises the steps:
Obtain the dynamic data relevant with webpage;
Carry out described dynamic data by corresponding engine, generate text files;
Extract the key word in the described text files;
The key word of described extraction is mated with the fishing rule base of presetting, and determine the security performance of webpage according to matching result.
2. the method for claim 1 is characterized in that, describedly obtains the Javascript file that dynamic data is Javascript code and/or external reference;
Describedly carry out described dynamic data by corresponding engine, the step that generates text files is specially:
Carry out the Javascript file of described Javascript code and/or external reference by the Javascript engine, generate text files.
3. method as claimed in claim 2 is characterized in that, the described step of obtaining the Javascript file of the Javascript code relevant with webpage and/or external reference is specially:
Receive the URL of user's input;
Download the HTLM file corresponding with described URL;
Extraction is embedded in Javascript code in the html file and/or the Javascript file of external reference, and when having extracted the Javascript file of external reference, the Javascript file of concurrent download external reference.
4. method as claimed in claim 3 is characterized in that, described key word with described extraction mates with default fishing rule base, and determines that according to matching result described method also comprises the steps: after the step of security performance of webpage
Store the security performance of described URL and the webpage corresponding with described URL;
After the step of the URL of described reception user input, described method also comprises the steps:
Judge whether the described URL that receives stores in this locality;
When judging that this locality has been stored the URL of described reception, then export the information of the security performance of webpage corresponding to described URL.
5. method as claimed in claim 3, it is characterized in that, in the time of the URL of described reception user input, also receive the check information of URL, described check information comprise the type information that needs the number of times of verification URL information, verification URL, check request source-information and last time checking time information;
After the step of the URL of described reception user input, described method also comprises the steps:
According to the weight of each information in the described check information, calculate the priority of described URL;
The step of the HTLM file that described download is corresponding with described URL is specially:
Press the priority of URL from high to low, download the HTLM file corresponding with described URL.
6. method as claimed in claim 3 is characterized in that, after the step of the URL of described reception user input, described method also comprises:
The URL of the described reception of buffer memory.
7. method as claimed in claim 3 is characterized in that, describedly carries out the Javascript file of described Javascript code and/or external reference by the Javascript engine, and the step that generates text files is specially:
According to the order that in html file, occurs, the Javascript file of described Javascript code and/or external reference is sorted;
Resolve the DOM Document Object Model DOM information in the described html file;
According to the DOM information of described parsing, carry out the Javascript file of described Javascript code and/or external reference by the Javascript engine, generate text files.
8. method as claimed in claim 3 is characterized in that, in the time of the step of the key word in the described text files of described extraction, described method is also carried out following steps:
Extract the key word in the described html file.
9. the system that detects of a webpage is characterized in that described system comprises:
Data capture unit is used for obtaining the dynamic data relevant with webpage;
File generating unit is used for carrying out the dynamic data that described data capture unit obtains by corresponding engine, generates text files;
Extraction unit is for the key word of the text files of extracting described file generating unit generation;
Matching unit is used for the key word that described extraction unit is extracted and the fishing rule base of presetting and mates, and determines the security performance of webpage according to matching result.
10. system as claimed in claim 9 is characterized in that, described dynamic data is the Javascript file of Javascript code and/or external reference;
Described file generating unit also for the Javascript file of carrying out described Javascript code and/or external reference by the Javascript engine, generates text files.
11. system as claimed in claim 10 is characterized in that, described data capture unit comprises:
The URL receiver module is used for receiving the URL that the user inputs;
Download module is used for downloading HTLM file corresponding to URL that receives with described URL receiver module;
Extraction module is used for extraction and is embedded in the Javascript code of html file and/or the Javascript file of external reference, and when having extracted the Javascript file of external reference, the Javascript file of concurrent download external reference.
12. system as claimed in claim 11 is characterized in that, described system also comprises:
Storage unit is for the security performance of storing webpage corresponding to described URL and described URL;
Described data capture unit also comprises:
Judge module is used for judging that the described URL that receives whether in this locality storage, when judging that this locality has been stored the URL of described reception, then exports the information of the security performance of webpage corresponding to described URL.
13. system as claimed in claim 11, it is characterized in that described URL receiver module is also for the check information that receives URL,, described check information comprise the type information that needs the number of times of verification URL information, verification URL, check request source-information and last time checking time information; Described data capture unit also comprises:
Computing module is used for the weight according to each information of described check information, calculates the priority of described URL;
Then described download module also for the priority of pressing URL from high to low, is downloaded the HTLM file corresponding with described URL.
14. system as claimed in claim 11 is characterized in that, described data capture unit also comprises:
Cache module is for the URL of the described reception of buffer memory.
15. system as claimed in claim 11 is characterized in that, described file generating unit specifically comprises:
Order module is used for according to the order that occurs at html file, and the Javascrip file of described vascript code and/or external reference is sorted;
Parsing module is for the DOM Document Object Model DOM information of resolving described html file;
The text generation module is used for the DOM information of resolving according to described parsing module, carries out the Javascript file of described Javascript code and/or external reference by the Javascript engine, generates text files.
16. system as claimed in claim 11 is characterized in that, described extraction unit also is used for extracting the key word of described html file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102119774A CN102902686A (en) | 2011-07-27 | 2011-07-27 | Web page detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102119774A CN102902686A (en) | 2011-07-27 | 2011-07-27 | Web page detection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102902686A true CN102902686A (en) | 2013-01-30 |
Family
ID=47574924
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102119774A Pending CN102902686A (en) | 2011-07-27 | 2011-07-27 | Web page detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102902686A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281320A (en) * | 2013-05-23 | 2013-09-04 | 中国科学院计算机网络信息中心 | Website icon matching-based detection method for brand counterfeit websites |
| CN103617390A (en) * | 2013-11-06 | 2014-03-05 | 北京奇虎科技有限公司 | Malicious webpage judgment method, device and system |
| CN104079560A (en) * | 2014-06-05 | 2014-10-01 | 腾讯科技(深圳)有限公司 | Web address security detecting method and device and server |
| CN104168293A (en) * | 2014-09-05 | 2014-11-26 | 北京奇虎科技有限公司 | Method and system for recognizing suspicious phishing web page in combination with local content rule base |
| CN105320851A (en) * | 2014-08-05 | 2016-02-10 | 腾讯科技(深圳)有限公司 | Safety detection method and device for webpage |
| CN107491453A (en) * | 2016-06-13 | 2017-12-19 | 北京搜狗科技发展有限公司 | A kind of method and device for identifying cheating webpages |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060075494A1 (en) * | 2004-10-01 | 2006-04-06 | Bertman Justin R | Method and system for analyzing data for potential malware |
| CN101471818A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Detection method and system for malevolence injection script web page |
| CN101534306A (en) * | 2009-04-14 | 2009-09-16 | 深圳市腾讯计算机系统有限公司 | Detecting method and a device for fishing website |
-
2011
- 2011-07-27 CN CN2011102119774A patent/CN102902686A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060075494A1 (en) * | 2004-10-01 | 2006-04-06 | Bertman Justin R | Method and system for analyzing data for potential malware |
| CN101471818A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Detection method and system for malevolence injection script web page |
| CN101534306A (en) * | 2009-04-14 | 2009-09-16 | 深圳市腾讯计算机系统有限公司 | Detecting method and a device for fishing website |
Non-Patent Citations (1)
| Title |
|---|
| 李智超 等: "《网页作弊与反作弊技术综述》", 《山东大学学报(理学版)》, vol. 46, no. 5, 31 May 2011 (2011-05-31) * |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281320A (en) * | 2013-05-23 | 2013-09-04 | 中国科学院计算机网络信息中心 | Website icon matching-based detection method for brand counterfeit websites |
| WO2014187120A1 (en) * | 2013-05-23 | 2014-11-27 | 中国科学院计算机网络信息中心 | Method for detecting brand counterfeit websites based on webpage icon matching |
| CN103281320B (en) * | 2013-05-23 | 2016-12-07 | 中国科学院计算机网络信息中心 | Brand counterfeit website detection method based on Web page icon coupling |
| CN103617390A (en) * | 2013-11-06 | 2014-03-05 | 北京奇虎科技有限公司 | Malicious webpage judgment method, device and system |
| CN104079560A (en) * | 2014-06-05 | 2014-10-01 | 腾讯科技(深圳)有限公司 | Web address security detecting method and device and server |
| CN105320851A (en) * | 2014-08-05 | 2016-02-10 | 腾讯科技(深圳)有限公司 | Safety detection method and device for webpage |
| CN104168293A (en) * | 2014-09-05 | 2014-11-26 | 北京奇虎科技有限公司 | Method and system for recognizing suspicious phishing web page in combination with local content rule base |
| CN104168293B (en) * | 2014-09-05 | 2017-11-07 | 北京奇虎科技有限公司 | The method and system of suspicious fishing webpage are recognized with reference to local content rule base |
| CN107491453A (en) * | 2016-06-13 | 2017-12-19 | 北京搜狗科技发展有限公司 | A kind of method and device for identifying cheating webpages |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104320756B (en) | A kind of variation and device of account information | |
| CN102663319B (en) | Prompting method and device for download link security | |
| US20160065613A1 (en) | System and method for detecting malicious code based on web | |
| CN104168293B (en) | The method and system of suspicious fishing webpage are recognized with reference to local content rule base | |
| CN102902686A (en) | Web page detection method and system | |
| CN103685307A (en) | Method, system, client and server for detecting phishing fraud webpage based on feature library | |
| CN104766014A (en) | Method and system used for detecting malicious website | |
| CN103685308A (en) | Detection method and system of phishing web pages, client and server | |
| CN102769632A (en) | Method and system for grading detection and prompt of fishing website | |
| CN104079559B (en) | A kind of website safety detection method, device and server | |
| CN104063401A (en) | Webpage style address merging method and device | |
| CN104158828B (en) | The method and system of suspicious fishing webpage are identified based on cloud content rule base | |
| US9619657B2 (en) | Method and apparatus for storing redeem code, and method and apparatus for verifying redeem code | |
| CN105653949B (en) | A kind of malware detection methods and device | |
| CN105488400A (en) | Comprehensive detection method and system of malicious webpage | |
| CN109858248A (en) | Malice Word document detection method and device | |
| CN103207892A (en) | Method and device for sharing document through network | |
| CN108234454B (en) | Identity authentication method, server and client device | |
| CN111475700A (en) | Data extraction method and related equipment | |
| CN112966713A (en) | DGA domain name detection method and device based on deep learning and computer equipment | |
| CN105975599B (en) | Method and device for monitoring page embedded points of website | |
| CN111143722A (en) | Method, device, equipment and medium for detecting webpage hidden link | |
| CN102682237A (en) | Virus judging method and system aiming at network downloading file | |
| CN106156291A (en) | The caching method of static resource and system thereof based on Localstroage | |
| CN103390128A (en) | Page labeling method and device and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130130 |
|
| RJ01 | Rejection of invention patent application after publication |