CN103491543A - Method for detecting malicious websites through wireless terminal, and wireless terminal - Google Patents

Method for detecting malicious websites through wireless terminal, and wireless terminal Download PDF

Info

Publication number
CN103491543A
CN103491543A CN201310461247.9A CN201310461247A CN103491543A CN 103491543 A CN103491543 A CN 103491543A CN 201310461247 A CN201310461247 A CN 201310461247A CN 103491543 A CN103491543 A CN 103491543A
Authority
CN
China
Prior art keywords
network address
wireless terminal
malice
client
malice network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310461247.9A
Other languages
Chinese (zh)
Inventor
倪杰
马齐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201310461247.9A priority Critical patent/CN103491543A/en
Publication of CN103491543A publication Critical patent/CN103491543A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method for detecting malicious websites through a wireless terminal, and the wireless terminal. The method comprises the steps that the wireless terminal receives a webpage access request containing a website sent by a client side, the wireless terminal inquires a local blacklist and/or a local white list solidified in the wireless terminal or inquires a cloud end to detect if the website is a malicious website, if the wireless terminal detects that the website is a malicious website, the wireless terminal generates a malicious website reminding interface, and then the malicious website reminding interface is returned to the client side. The malicious website detection function is finished by the wireless terminal, and the wireless terminal can learn if the website which the user has an access to is a malicious website without accessing the cloud end under a certain condition. Compared with the method that all websites need to be required at the cloud end, the method is higher in detection efficiency.

Description

Method, wireless terminal by wireless terminal detection of malicious network address
Technical field
The present invention relates to Internet technical field, be specifically related to a kind of by method, the wireless terminal of wireless terminal detection of malicious network address.
Background technology
Fishing website or fraudulent website etc. are mainly URL address or the content of pages by counterfeit true website, the website of the types such as bank and ecommerce that disguise oneself as, or utilize the leak on true Website server program, insert dangerous web page code in some webpage of this website, with this, gain user bank or the private data such as credit card account, password by cheating.The feature that is comprising many sensitivities in fishing webpage, for example, the fishing webpage of financial fraud class can be in counterfeit official website, the aspects such as word, picture, or insert the information such as false ticketing service, false prize-winning, personation Net silver, false shopping in true webpage, these features appear in webpage mainly with the form of text string greatly.
To the method for fishing/swindle webpage identification, be mainly by manual examination and verification at present, to collect the text feature of some simple fishing webpages, web page contents judged according to these text features for browser plug-in, filter out the attack website that these have been reported.But the survival period of fishing webpage is shorter and shorter now, new fishing webpage emerges in an endless stream, and needs the webpage amount of audit too large; And the changing features of fishing webpage is accelerated, and according to the mode of traditional manual examination and verification, the efficiency of information extraction can be lower.Therefore, how effectively the URL of detection fishing/swindle webpage is the problem of always relatively paying close attention in the industry.
Summary of the invention
In view of the above problems, having proposed the present invention overcomes the problems referred to above or the wireless terminal addressed the above problem at least in part and passes through the method for wireless terminal detection of malicious network address in order to provide a kind of.
According to an aspect of the present invention, provide a kind of by the method for wireless terminal detection of malicious network address, comprising: wireless terminal receives the web access requests that comprises network address that client sends; Wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether detect network address is the malice network address; The malice network address storehouse upgraded in time is preserved in high in the clouds; If wireless terminal detects network address for the malice network address, wireless terminal generates the malice network address and reminds interface, then reminds interface to return to client the malice network address.
According to a further aspect in the invention, provide a kind of wireless terminal, having comprised: receiver module, the web access requests that comprises network address sent for receiving client; Detection module, whether for being solidificated in Local Black list and/or the local white list in wireless terminal by inquiry or inquiring about by high in the clouds, detecting described network address is the malice network address, the malice network address storehouse upgraded in time is preserved in high in the clouds; The interface generation module, in the situation that detection module detects network address for the malice network address, generate the malice network address and remind interface, then reminds interface to return to client the malice network address.
According to method, the wireless terminal of wireless terminal detection of malicious network address of passing through provided by the invention, in client is initiated the process of web-page requests by wireless terminal, utilize wireless terminal to detect the user and want whether the webpage of access is the malice network address, if detect as the malice network address, generate the malice network address and remind interface to return to client.Client reminds showing interface to the user malice network address, is malicious web pages in order to the webpage of reminding user current accessed, thereby has avoided the user because the access malicious web pages suffers unnecessary loss, guarantees the fail safe of web page access.And, the main distinction of the present invention and prior art is that malice network address measuring ability is to be completed by wireless terminal, under a stable condition, wireless terminal just can know without access high in the clouds whether the webpage that the user accesses is malicious web pages, with all network address all being gone to the high in the clouds inquiry, compare, detection efficiency of the present invention is higher.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of specification, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.
The accompanying drawing explanation
By reading hereinafter detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the purpose of preferred implementation is shown, and do not think limitation of the present invention.And, in whole accompanying drawing, by identical reference symbol, mean identical parts.In the accompanying drawings:
Fig. 1 shows in the embodiment of the present invention system architecture diagram that comprises client, wireless terminal and high in the clouds;
Fig. 2 shows the flow chart of the method by wireless terminal detection of malicious network address according to an embodiment of the invention;
Fig. 3 shows the flow chart of the method for passing through wireless terminal detection of malicious network address according to another embodiment of the invention;
Fig. 4 shows the schematic diagram of an example at malice network address prompting interface in the embodiment of the present invention;
Fig. 5 shows the schematic diagram of another example at malice network address prompting interface in the embodiment of the present invention;
Fig. 6 shows the structured flowchart of wireless terminal according to an embodiment of the invention.
Embodiment
Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, yet should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order more thoroughly to understand the disclosure that these embodiment are provided, and can be by the scope of the present disclosure complete conveys to those skilled in the art.
Fig. 1 shows in the embodiment of the present invention system architecture diagram that comprises client, wireless terminal and high in the clouds.As shown in Figure 1, client 100 includes but are not limited to various PC, flat-panel devices, smart mobile phone, television set etc., wireless terminal 300 can be various radio reception devices, such as wireless router, wireless Internet card, security gateway etc., wireless terminal 300 has the wireless coverage function, and the client 100 in the coverage of this wireless terminal 300 can be by these wireless terminal 300 access high in the clouds 200 networks.The present invention is based on the interlock of the interior high in the clouds 200 of this system architecture and wireless terminal 300 for detection of the malice network address.
Fig. 2 shows the flow chart of the method by wireless terminal detection of malicious network address according to an embodiment of the invention.As shown in Figure 2, the method comprises the steps:
Step S101, wireless terminal receives the web access requests that comprises network address that client sends.
Because client accesses cloud network by wireless terminal, so when the user initiates web page access by client, client generating web page access request sends to wireless terminal, if this webpage is normal webpage, should this web access requests be transmitted to cloud server by wireless terminal.
Step S102, wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether be malice network address, if perform step S104 if detecting network address; Otherwise, execution step S103.
In the embodiment of the present invention, the malice network address include but not limited to go fishing network address, swindle network address, hang horse network address or counterfeit network address.Local Black list and/or the local white list of network address URL have been solidified in advance in wireless terminal.This Local Black list and/or local white list can be that wireless terminal downloads from high in the clouds, and further, wireless terminal can also regularly upgrade this Local Black list and/or local white list to the high in the clouds request.
If only be solidified with local white list in wireless terminal, after wireless terminal receives the web access requests that client reports and therefrom extracts network address URL, judge whether this URL belongs to local white list, if, judge that this network address is as normal network address, execution step S103; If not, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.
If only be solidified with the Local Black list in wireless terminal, after wireless terminal receives the web access requests that client reports and therefrom extracts network address URL, judge whether this URL belongs to the Local Black list, if, judge that this network address is as the malice network address, execution step S104; If not, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.
If be solidified with local white list and Local Black list in wireless terminal, after wireless terminal receives the web access requests that client reports and therefrom extracts network address URL, judge whether this URL belongs to local white list and Local Black list, if belong to local white list, judge that this network address is as normal network address, execution step S103; If belong to the Local Black list, judge that this network address is as the malice network address, execution step S104; Do not belong to the Local Black list if neither belong to local white list yet, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.
The groundwork in high in the clouds comprises: the whole network spider server cluster crawls webpage and receives the webpage that client reports.The responsibility of the whole network spider server cluster comprises: 1. complete the variation monitoring to the known activity webpage, wherein the basis for estimation of active web pages is to see if there is the people to use.2. complete the discovery to newly-increased HOST and webpage.3. the change information of monitoring and the newly-increased webpage of discovery be pushed in time HOST the URL processing server.The webpage 20,000,000,000 of 4. daily monitoring, average daily new discovery webpage amount 10-20 hundred million.The task treating capacity of whole cluster is a magnitude with doing the Webpage search service.The webpage that can't cover for the whole network spider server cluster, need client to report and solve.
The server of the webpage that above-mentioned reception crawls and the webpage reported be HOST the URL processing server.HOST the URL processing server there is malice network address storehouse and management platform thereof, groundwork comprises:
1. receive and store the black network address result of being judged in advance of Q3W artificial intelligence engine.The method of Q3W artificial intelligence engine anticipation can be: 1) identify (snapshots of web pages): as, the financial fraud webpage can be in counterfeit official website, the aspects such as word, picture.2) look into family background (server info): as, under HOST and IP, malicious web pages arranging, current web page is that possibility maliciously is high so.3) look into ancestors three generations (ICP record information, WHOIS information): as, a webpage can be sold air ticket, but record information is without the ticketing service operation, and the possibility of swindle is very large so; For another example, registrar website under one's name often goes out malicious web pages, and trust record is very poor, and the webpage so newly gone out is that the likelihood ratio of malice is higher.
2. because machine learning is to carry out taking turns every 15 minutes substantially.The middle situation that may occur except wrong report, now, need more new record of malice network address storehouse, keeps consistent with the engine judgement.
3. malice network address storehouse supporting management platform, conveniently manually increase, delete, change, look into the malice network address.For the webpage of wrong report, can reject in time.For the webpage of failing to report, can put in storage by force.
4. all changes in malice network address storehouse, real-time synchronization are to malice network address cloud query engine.
What the high in the clouds inquiry referred to is exactly that wireless terminal reports above-mentioned malice network address cloud query engine by URL, malice network address cloud query engine judges whether this URL belongs to malice network address storehouse, if belong to, judge that this URL is as the malice network address, and this result of determination is returned to wireless terminal.
Further, wireless terminal by high in the clouds inquire about know certain network address URL for malice network address after, this network address URL can be added to the Local Black list, when the client in the wireless coverage of wireless terminal is accessed this URL again like this, without the high in the clouds inquiry, just can determine that this URL is for the malice network address.
Step S103, wireless terminal is transmitted to corresponding server by web access requests.
Judge that by above-mentioned steps S102 network address does not belong to the malice network address, wireless terminal is transmitted to corresponding server according to existing mode by web access requests so, and the webpage of server feedback is returned to client, realizes the normal web page access of user.
Step S104, wireless terminal generates the malice network address and reminds interface, reminds interface to return to client the malice network address.
Client reminds showing interface to the user malice network address after reminding interface to the malice network address, in order to the webpage of reminding user current accessed, is malicious web pages.
The method provided according to the above embodiment of the present invention, in client is initiated the process of web-page requests by wireless terminal, utilize wireless terminal to detect the user and want whether the webpage of access is the malice network address, if detect as the malice network address, generate the malice network address and remind interface to return to client.Client reminds showing interface to the user malice network address, is malicious web pages in order to the webpage of reminding user current accessed, thereby has avoided the user because the access malicious web pages suffers unnecessary loss, guarantees the fail safe of web page access.And, the main distinction of the present invention and prior art is that malice network address measuring ability is to be completed by wireless terminal, under a stable condition, wireless terminal just can know without access high in the clouds whether the webpage that the user accesses is malicious web pages, with all network address all being gone to the high in the clouds inquiry, compare, detection efficiency of the present invention is higher.
Fig. 3 shows the flow chart of the method for passing through wireless terminal detection of malicious network address according to another embodiment of the invention.As shown in Figure 3, the method comprises the steps:
Step S201, wireless terminal receives the web access requests that comprises network address that client sends.
Because client accesses cloud network by wireless terminal, so when the user initiates web page access by client, client generating web page access request sends to wireless terminal, if this webpage is normal webpage, should this web access requests be transmitted to cloud server by wireless terminal.
Step S202, wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether be malice network address, if perform step S204 if detecting network address; Otherwise, execution step S203.Particular content about this step can, referring to the description of above-described embodiment, not repeat them here.
Step S203, wireless terminal is transmitted to corresponding server by web access requests, and method finishes.
Judge that by above-mentioned steps S202 network address does not belong to the malice network address, wireless terminal is transmitted to corresponding server according to existing mode by web access requests so, and the webpage of server feedback is returned to client, realizes the normal web page access of user.
Step S204, wireless terminal according in web access requests, comprise for reflecting the information of client type, determine the type of client.
In the embodiment of the present invention, in web access requests, carry for reflecting the information of client type.Owing in the wireless coverage at a wireless terminal, may comprising the client of number of different types, such as PC, panel computer, smart mobile phone and television set all belong to dissimilar.Which kind of type the request that wireless terminal can be differentiated current initiation web page access according to the information for reflecting client type of carrying in web access requests belongs to.
Alternatively, for the information that reflects client type, can be user agent's character string (User Agent) or Media Access Control address (MAC) or DHCP information (DHCP).
For instance, when the user passes through the browser access website, browser can send UA to cloud server, i.e. User Agent.It is a special string head, makes cloud server can identify operating system that the client uses and version, cpu type, browser and version, browser renders engine, browser language, browser plug-in etc.The UA of the browser of the different editions of different browsers, same browser, mobile phone browser, computer end is different, so wireless terminal can judge the type of client by UA.
The User Agent of IE of take is example, and it comprises following information:
Compatible: compatibility sign (" compatibility ") is to use state-of-the-art browser.It shows, Internet-browser is a set of general function compatibility.
Version token: this version browser and identification mark comprise version number, for example the Internet Explorer 7 of version " MSIE7.0 " mark sign.
Platform token: this platform token identification user's operating system, and comprise version number.For example platform " Windows NT 6.0 " token means Windows Vista.
MAC Address is burned EPROM(flash chip by client manufacturer normally, usually can be erasable by program), MAC Address, just as the ID card No. on our identity card, has global uniqueness.Information by the manufacturer in MAC Address also can be judged client type.
DHCP information carries the information of the operating system of client, according to the information of this operating system, also can judge the type of client.
Step S205, wireless terminal generates the malice network address corresponding with the type of client and reminds interface.
In the present embodiment, for different client types, malice network address that wireless terminal generates reminds that interface is different, and this is specifically relevant with the size of the display screen of dissimilar client.Fig. 4 shows the schematic diagram of an example at malice network address prompting interface in the embodiment of the present invention, and Fig. 5 shows the schematic diagram of another example at malice network address prompting interface in the embodiment of the present invention.If the type of definite client is smart mobile phone by step S204, the malice network address that wireless terminal generates is as shown in Figure 4 so reminded interface; If the type of definite client is PC, panel computer or television set by step S204, the malice network address that wireless terminal generates is as shown in Figure 5 so reminded interface.It should be noted that, Fig. 4 and Fig. 5 are only two examples, and the present invention is not limited only to this.
Particularly, wireless terminal this locality is preserved the malice network address and is reminded interface template, and dissimilar client can corresponding different or identical malice network address be reminded interface template.Wireless terminal obtains the relevant information of malice network address from server, the relevant information of malice network address is inserted into to local malice network address of preserving and reminds in interface template, generates the malice network address and reminds interface.As shown in Figure 4 and Figure 5, by the information of " underscore " mark, be the relevant information of the malice network address obtained from server, there is no all to belong to by the information of " underscore " mark the information of malice network address prompting interface template.Alternatively, the local malice network address of preserving of wireless terminal reminds that interface template is the html language file, and wireless terminal copies to the precalculated position of html language file by the relevant information of the malice network address obtained in the mode of JS code, can realize above-mentioned insert handling.
Step S206, wireless terminal reminds interface to return to client the malice network address.
Client reminds showing interface to the user malice network address after reminding interface to the malice network address, in order to the webpage of reminding user current accessed, is malicious web pages.
Further, as shown in Figure 4 and Figure 5, the malice network address is reminded the link that also can present " installation fail-safe software " on interface.The user selects to click the link of " installation fail-safe software " according to prompting, client triggers the request of installing to wireless terminal transmission software according to user's click action.After above-mentioned steps S206, the method also comprises:
Step S207, wireless terminal receives the software installation request that client sends.
Step S208, wireless terminal, according to the type of client, returns to client after server request software is installed the page or software installation file.Particularly, for PC, wireless terminal is directly installed the page to server request software, and for example the software official website, install the page by software and return to PC; For smart mobile phone or panel computer, wireless terminal can directly return to client after server request software installation file.
In order further to improve the measuring ability of the malice network address that wireless terminal provides, wireless terminal can be provided for starting/closing to the user interface that arranges of malice network address measuring ability.That is, the user can arrange interface by this and arrange whether start the malice network address measuring ability that above-described embodiment provides.For said method, before step S102 or step S202, at first wireless terminal judges whether to start malice network address measuring ability.If judgment result is that to be, carry out above-mentioned steps S102 or step S202; If the determination result is NO, do not carry out above-mentioned steps S102 or step S202, wireless terminal forwards the mutual information of client and server according to existing method.
The method provided according to the above embodiment of the present invention, in client is initiated the process of web-page requests by wireless terminal, utilize wireless terminal to detect the user and want whether the webpage of access is the malice network address, if detect as the malice network address, generate the malice network address and remind interface to return to client.Client reminds showing interface to the user malice network address, is malicious web pages in order to the webpage of reminding user current accessed, thereby has avoided the user because the access malicious web pages suffers unnecessary loss, guarantees the fail safe of web page access.And, the main distinction of the present invention and prior art is that malice network address measuring ability is to be completed by wireless terminal, under a stable condition, wireless terminal just can know without access high in the clouds whether the webpage that the user accesses is malicious web pages, with all network address all being gone to the high in the clouds inquiry, compare, detection efficiency of the present invention is higher.And wireless terminal, by judging the type of client, is reminded interface for dissimilar client provides different malice network address, makes this method all have applicability to various types of clients.
Fig. 6 shows the structured flowchart of wireless terminal according to an embodiment of the invention.As shown in Figure 6, this wireless terminal comprises: receiver module 301, detection module 302, interface generation module 303.
Receiver module 301, the web access requests that comprises network address sent for receiving client.Because client accesses cloud network by wireless terminal, so when the user initiates web page access by client, client generating web page access request sends to the receiver module 301 of wireless terminal, if this webpage is normal webpage, should this web access requests be transmitted to cloud server by wireless terminal.
Detection module 302, whether for being solidificated in Local Black list and/or the local white list in wireless terminal by inquiry or inquiring about by high in the clouds, detecting network address is the malice network address.In the embodiment of the present invention, the malice network address include but not limited to go fishing network address, swindle network address, hang horse network address or counterfeit network address.Local Black list and/or the local white list of network address URL have been solidified in advance in wireless terminal.This Local Black list and/or local white list can be that wireless terminal downloads from high in the clouds, and further, wireless terminal can also regularly upgrade this Local Black list and/or local white list to the high in the clouds request.
Further, detection module 302 comprises: query unit 304 and inquiry request unit, high in the clouds 305.
Query unit 304, for inquiring about Local Black list and/or local white list, judge whether network address belongs to Local Black list and/or local white list, if judge network address, belongs to the Local Black list, detects network address for the malice network address.If only be solidified with local white list in wireless terminal, after receiver module 301 receives the web access requests that client reports and therefrom extracts network address URL, query unit 304 judges whether this URL belongs to local white list, if judge that this network address is as normal network address; If not, by inquiry request unit, high in the clouds 305, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.If only be solidified with the Local Black list in wireless terminal, after receiver module 301 receives the web access requests that client reports and therefrom extracts network address URL, query unit 304 judges whether this URL belongs to the Local Black list, if judge that this network address is as the malice network address; If not, by inquiry request unit, high in the clouds 305, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.If be solidified with local white list and Local Black list in wireless terminal, after receiver module 301 receives the web access requests that client reports and therefrom extracts network address URL, query unit 304 judges whether this URL belongs to local white list and Local Black list, if belong to local white list, judge that this network address is as normal network address; If belong to the Local Black list, judge that this network address is as the malice network address; Do not belong to the Local Black list if neither belong to local white list yet, by inquiry request unit, high in the clouds 305, this URL is sent to high in the clouds, carry out the high in the clouds inquiry.
Inquiry request unit, high in the clouds 305, in the situation that query unit 304 is judged network address does not belong to the Local Black list and/or do not belong to local white list, inquire about by high in the clouds whether detect network address be the malice network address.The description of relevant high in the clouds inquiry can be referring to embodiment of the method.
Interface generation module 303, in the situation that detection module 302 detects network address for the malice network address, generate the malice network address and remind interface, then reminds interface to return to client the malice network address.
Further, interface generation module 303 comprises: type determining unit 306 and interface generation unit 307.
Type determining unit 306, for according to for reflecting the information of client type, is determined the type of client.In the embodiment of the present invention, in web access requests, carry for reflecting the information of client type.Owing in the wireless coverage at a wireless terminal, may comprising the client of number of different types, such as PC, panel computer, smart mobile phone and television set all belong to dissimilar.Which kind of type the request that type determining unit 306 can be differentiated current initiation web page access according to the information for reflecting client type of carrying in web access requests belongs to.Alternatively, for the information that reflects client type, can be user agent's character string (User Agent) or Media Access Control address (MAC) or DHCP information (DHCP).The description of relevant these information can be referring to embodiment of the method.
Interface generation unit 307 is reminded interface for generating the malice network address corresponding with the type of client.In the present embodiment, for different client types, malice network address that interface generation unit 307 generates reminds that interface is different, and this is specifically relevant with the size of the display screen of dissimilar client.Specifically can be referring to Fig. 4 and Fig. 5.Interface generation unit 307 is further used for: the relevant information of obtaining the malice network address from server; The relevant information of malice network address is inserted into to local malice network address of preserving and reminds in interface template, generate the malice network address and remind interface.Particularly, wireless terminal this locality is preserved the malice network address and is reminded interface template, and dissimilar client can corresponding different or identical malice network address be reminded interface template.Interface generation unit 307 obtains the relevant information of malice network address from server, the relevant information of malice network address is inserted into to local malice network address of preserving and reminds in interface template, generates the malice network address and reminds interface.As shown in Figure 4 and Figure 5, by the information of " underscore " mark, be the relevant information of the malice network address obtained from server, there is no all to belong to by the information of " underscore " mark the information of malice network address prompting interface template.Alternatively, the local malice network address prompting interface template of preserving of wireless terminal is the html language file, interface generation unit 307 copies to the precalculated position of html language file by the relevant information of the malice network address obtained in the mode of JS code, can realize above-mentioned insert handling.
Further, as shown in Figure 4 and Figure 5, the malice network address is reminded the link that also can present " installation fail-safe software " on interface.The user selects to click the link of " installation fail-safe software " according to prompting, client triggers the request of installing to wireless terminal transmission software according to user's click action.The software installation request that receiver module 301 also sends for receiving client.Wireless terminal also comprises: transport module 308, for the type according to client, returns to client after server request software is installed the page or software installation file.Particularly, for PC, transport module 308 is directly installed the page to server request software, and for example the software official website, install the page by software and return to PC; For smart mobile phone or panel computer, transport module 308 can directly return to client after server request software installation file.
In order further to improve the measuring ability of the malice network address that wireless terminal provides, wireless terminal also comprises: the user arranges interface 309, is the interface that starts/close malice network address measuring ability for providing to the user.That is, the user can arrange interface 309 by this user and arrange whether start the malice network address measuring ability that above-described embodiment provides.Above-mentioned detection module 302 is specifically in the situation that judge and start malice network address measuring ability, and whether detect network address is the malice network address.
The wireless terminal provided according to the above embodiment of the present invention, in client is initiated the process of web-page requests by wireless terminal, utilize wireless terminal to detect the user and want whether the webpage of access is the malice network address, if detect as the malice network address, generate the malice network address and remind interface to return to client.Client reminds showing interface to the user malice network address, is malicious web pages in order to the webpage of reminding user current accessed, thereby has avoided the user because the access malicious web pages suffers unnecessary loss, guarantees the fail safe of web page access.And, the main distinction of the present invention and prior art is that malice network address measuring ability is to be completed by wireless terminal, under a stable condition, wireless terminal just can know without access high in the clouds whether the webpage that the user accesses is malicious web pages, with all network address all being gone to the high in the clouds inquiry, compare, detection efficiency of the present invention is higher.And wireless terminal, by judging the type of client, is reminded interface for dissimilar client provides different malice network address, makes this method all have applicability to various types of clients.
The algorithm provided at this is intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment with demonstration.Various general-purpose systems also can with based on using together with this teaching.According to top description, it is apparent constructing the desired structure of this type systematic.In addition, the present invention is not also for any certain programmed language.It should be understood that and can utilize various programming languages to realize content of the present invention described here, and the top description that language-specific is done is in order to disclose preferred forms of the present invention.
In the specification that provided herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can be in the situation that do not have these details to put into practice.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the description to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes in the above.Yet the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires the more feature of feature than institute clearly puts down in writing in each claim.Or rather, as following claims are reflected, inventive aspect is to be less than all features of the disclosed single embodiment in front.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and can adaptively change and they are arranged in one or more equipment different from this embodiment the module in the equipment in embodiment.Can be combined into a module or unit or assembly to the module in embodiment or unit or assembly, and can put them into a plurality of submodules or subelement or sub-component in addition.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to disclosed all features in this specification (comprising claim, summary and the accompanying drawing followed) and so all processes or the unit of disclosed any method or equipment are combined.Unless clearly statement in addition, in this specification (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or the alternative features of similar purpose replaces.
In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in the following claims, the one of any of embodiment required for protection can be used with compound mode arbitrarily.
All parts embodiment of the present invention can realize with hardware, or realizes with the software module of moving on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that and can use in practice microprocessor or digital signal processor (DSP) to realize according to some or all some or repertoire of parts in the wireless terminal of the embodiment of the present invention.The present invention for example can also be embodied as, for carrying out part or all equipment or device program (, computer program and computer program) of method as described herein.The program of the present invention that realizes like this can be stored on computer-readable medium, or can have the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.
It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation that do not break away from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed in element or the step in claim.Being positioned at word " " before element or " one " does not get rid of and has a plurality of such elements.The present invention can realize by means of the hardware that includes some different elements and by means of the computer of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not mean any order.Can be title by these word explanations.
The invention discloses: A1, a kind of by the method for wireless terminal detection of malicious network address comprises:
Wireless terminal receives the web access requests that comprises network address that client sends;
Described wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether detect described network address is the malice network address; The malice network address storehouse upgraded in time is preserved in described high in the clouds;
If described wireless terminal detects described network address for the malice network address, described wireless terminal generates the malice network address and reminds interface, then reminds interface to return to described client described malice network address.
A2, according to the described method of A1, described wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, whether detect described network address is that the malice network address specifically comprises:
Described wireless terminal is inquired about described Local Black list and/or local white list, judges whether described network address belongs to described Local Black list and/or local white list;
Belong to described Local Black list if described wireless terminal is judged described network address, detect described network address for the malice network address;
Whether do not belong to described Local Black list and/or do not belong to described local white list if described wireless terminal is judged described network address, by high in the clouds, inquiring about the described network address of detection is the malice network address.
A3, according to A1 or the described method of A2, described web access requests also comprises for reflecting the information of client type;
Described wireless terminal generates the malice network address and reminds interface specifically to comprise: described wireless terminal for reflecting the information of client type, is determined the type of described client according to described; Described wireless terminal generates the malice network address corresponding with the type of described client and reminds interface.
A4, according to the described method of A3, described wireless terminal generates the malice network address prompting interface corresponding with the type of described client and specifically comprises:
Described wireless terminal obtains the relevant information of malice network address from server;
Described wireless terminal is inserted into local malice network address of preserving by the relevant information of described malice network address and reminds in interface template, generates described malice network address and reminds interface.
A5, according to the described method of A3, described is user agent's character string or Media Access Control address or DHCP information for the information that reflects client type.
A6, according to the described method of A1, at the described interface of will the malice network address reminding, also comprise after returning to client:
Described wireless terminal receives the software installation request that described client sends;
Described wireless terminal, according to the type of described client, returns to described client after described server request software is installed the page or software installation file.
A7, according to the described method of A1, described wireless terminal provides for starting/close the interface that arranges of malice network address measuring ability to the user;
Before described wireless terminal detects the step whether described network address is the malice network address, also comprise: described wireless terminal judges whether to start described malice network address measuring ability;
If whether the described network address of described wireless terminal execution detection is the step of malice network address.
A8, according to the described method of A1, described malice network address comprises: fishing network address, swindle network address, hang horse network address or counterfeit network address.
The invention also discloses: B9, a kind of wireless terminal comprise:
Receiver module, the web access requests that comprises network address sent for receiving client;
Detection module, whether for being solidificated in Local Black list and/or the local white list in wireless terminal by inquiry or inquiring about by high in the clouds, detecting described network address is the malice network address; The malice network address storehouse upgraded in time is preserved in described high in the clouds;
The interface generation module, in the situation that described detection module detects described network address for the malice network address, generate the malice network address and remind interface, then reminds interface to return to described client described malice network address.
B10, according to the described wireless terminal of B9, described detection module comprises:
Query unit, for inquiring about described Local Black list and/or local white list, judge whether described network address belongs to described Local Black list and/or local white list, if judge described network address, belong to described Local Black list, detect described network address for the malice network address;
Inquiry request unit, high in the clouds, in the situation that described query unit is judged described network address does not belong to described Local Black list and/or do not belong to described local white list, inquire about by high in the clouds whether detect described network address be the malice network address.
B11, according to B9 or the described wireless terminal of B10, described web access requests also comprises for reflecting the information of client type;
Described interface generation module comprises:
The type determining unit, for according to described for reflecting the information of client type, determine the type of described client;
The interface generation unit, remind interface for generating the malice network address corresponding with the type of described client.
B12, according to the described wireless terminal of B11, described interface generation unit specifically for: from server obtain malice network address relevant information; The relevant information of described malice network address is inserted into to local malice network address of preserving and reminds in interface template, generate described malice network address and remind interface.
B13, according to the described wireless terminal of B9, described receiver module is also installed request for receiving the software that described client sends;
Described wireless terminal also comprises: transport module, for the type according to described client, returns to described client after described server request software is installed the page or software installation file.
B14, according to the described wireless terminal of B9, also comprise: the user arranges interface, is the interface that starts/close malice network address measuring ability for providing to the user;
Described detection module is specifically in the situation that judge and start malice network address measuring ability, and whether detect described network address is the malice network address.

Claims (10)

1. one kind is passed through the method for wireless terminal detection of malicious network address, comprising:
Wireless terminal receives the web access requests that comprises network address that client sends;
Described wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether detect described network address is the malice network address; The malice network address storehouse upgraded in time is preserved in described high in the clouds;
If described wireless terminal detects described network address for the malice network address, described wireless terminal generates the malice network address and reminds interface, then reminds interface to return to described client described malice network address.
2. method according to claim 1, described wireless terminal is solidificated in Local Black list and/or the local white list in wireless terminal or inquires about by high in the clouds by inquiry, and whether detect described network address is that the malice network address specifically comprises:
Described wireless terminal is inquired about described Local Black list and/or local white list, judges whether described network address belongs to described Local Black list and/or local white list;
Belong to described Local Black list if described wireless terminal is judged described network address, detect described network address for the malice network address;
Whether do not belong to described Local Black list and/or do not belong to described local white list if described wireless terminal is judged described network address, by high in the clouds, inquiring about the described network address of detection is the malice network address.
3. method according to claim 1 and 2, described web access requests also comprises for reflecting the information of client type;
Described wireless terminal generates the malice network address and reminds interface specifically to comprise: described wireless terminal for reflecting the information of client type, is determined the type of described client according to described; Described wireless terminal generates the malice network address corresponding with the type of described client and reminds interface.
4. method according to claim 3, described wireless terminal generates the malice network address prompting interface corresponding with the type of described client and specifically comprises:
Described wireless terminal obtains the relevant information of malice network address from server;
Described wireless terminal is inserted into local malice network address of preserving by the relevant information of described malice network address and reminds in interface template, generates described malice network address and reminds interface.
5. method according to claim 3, described is user agent's character string or Media Access Control address or DHCP information for the information that reflects client type.
6. method according to claim 1 also comprises after returning to client at the described interface of will the malice network address reminding:
Described wireless terminal receives the software installation request that described client sends;
Described wireless terminal, according to the type of described client, returns to described client after described server request software is installed the page or software installation file.
7. method according to claim 1, described wireless terminal provides for starting/close the interface that arranges of malice network address measuring ability to the user;
Before described wireless terminal detects the step whether described network address is the malice network address, also comprise: described wireless terminal judges whether to start described malice network address measuring ability;
If whether the described network address of described wireless terminal execution detection is the step of malice network address.
8. method according to claim 1, described malice network address comprises: fishing network address, swindle network address, hang horse network address or counterfeit network address.
9. a wireless terminal comprises:
Receiver module, the web access requests that comprises network address sent for receiving client;
Detection module, whether for being solidificated in Local Black list and/or the local white list in wireless terminal by inquiry or inquiring about by high in the clouds, detecting described network address is the malice network address; The malice network address storehouse upgraded in time is preserved in described high in the clouds;
The interface generation module, in the situation that described detection module detects described network address for the malice network address, generate the malice network address and remind interface, then reminds interface to return to described client described malice network address.
10. wireless terminal according to claim 9, described detection module comprises:
Query unit, for inquiring about described Local Black list and/or local white list, judge whether described network address belongs to described Local Black list and/or local white list, if judge described network address, belong to described Local Black list, detect described network address for the malice network address;
Inquiry request unit, high in the clouds, in the situation that described query unit is judged described network address does not belong to described Local Black list and/or do not belong to described local white list, inquire about by high in the clouds whether detect described network address be the malice network address.
CN201310461247.9A 2013-09-30 2013-09-30 Method for detecting malicious websites through wireless terminal, and wireless terminal Pending CN103491543A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310461247.9A CN103491543A (en) 2013-09-30 2013-09-30 Method for detecting malicious websites through wireless terminal, and wireless terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310461247.9A CN103491543A (en) 2013-09-30 2013-09-30 Method for detecting malicious websites through wireless terminal, and wireless terminal

Publications (1)

Publication Number Publication Date
CN103491543A true CN103491543A (en) 2014-01-01

Family

ID=49831433

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310461247.9A Pending CN103491543A (en) 2013-09-30 2013-09-30 Method for detecting malicious websites through wireless terminal, and wireless terminal

Country Status (1)

Country Link
CN (1) CN103491543A (en)

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015101337A1 (en) * 2014-01-03 2015-07-09 Tencent Technology (Shenzhen) Company Limited Malicious website address prompt method and router
WO2015120808A1 (en) * 2014-02-14 2015-08-20 Tencent Technology (Shenzhen) Company Limited Method and system for security protection of account information
CN104915594A (en) * 2015-06-30 2015-09-16 北京奇虎科技有限公司 Application running method and device
CN105100119A (en) * 2015-08-31 2015-11-25 百度在线网络技术(北京)有限公司 URL detection method and device
CN105101210A (en) * 2015-08-26 2015-11-25 盾宇(上海)信息科技有限公司 Wireless security based client automatic connection protecting method and system
CN105138917A (en) * 2015-08-26 2015-12-09 成都秋雷科技有限责任公司 Malicious webpage defending method
CN105320885A (en) * 2014-06-04 2016-02-10 腾讯科技(深圳)有限公司 Method and device for detecting malicious website
CN106230848A (en) * 2016-08-11 2016-12-14 国家计算机网络与信息安全管理中心 A kind of method of Behavior-based control feature detection fishing website
CN106453266A (en) * 2016-09-20 2017-02-22 微梦创科网络科技(中国)有限公司 Abnormal networking request detection method and apparatus
CN106874753A (en) * 2016-12-30 2017-06-20 中国建设银行股份有限公司 The method and device at the abnormal interface of identification
CN108023868A (en) * 2016-10-31 2018-05-11 腾讯科技(深圳)有限公司 Malice resource address detection method and device
CN108234486A (en) * 2017-12-29 2018-06-29 北京神州绿盟信息安全科技股份有限公司 A kind of network monitoring method and monitoring server
CN108632280A (en) * 2018-05-08 2018-10-09 国家计算机网络与信息安全管理中心 Flow processing method, apparatus and system, fire wall and server
CN110011918A (en) * 2018-01-04 2019-07-12 中国科学院声学研究所 A kind of the website safety detection method and system of router cooperation
CN111049837A (en) * 2019-12-16 2020-04-21 多彩贵州印象网络传媒股份有限公司 Malicious website identification and interception technology based on communication operator network transport layer
CN111669400A (en) * 2020-06-19 2020-09-15 广西和你学科技发展有限公司 Method for filtering website of wireless router
CN111683104A (en) * 2020-07-25 2020-09-18 国网四川省电力公司电力科学研究院 Anti-hijack equipment for internet of things terminal
CN111698256A (en) * 2020-06-17 2020-09-22 绿盟科技集团股份有限公司 Method and device for detecting illegal link
CN111753223A (en) * 2020-06-09 2020-10-09 北京天空卫士网络安全技术有限公司 Access control method and device
CN112583845A (en) * 2020-12-24 2021-03-30 深信服科技股份有限公司 Access detection method and device, electronic equipment and computer storage medium
CN113099441A (en) * 2021-03-29 2021-07-09 Oppo广东移动通信有限公司 Website management method, website management platform, electronic device and medium
CN113452794A (en) * 2021-06-30 2021-09-28 深圳鲲鹏无限科技有限公司 Method, system, server and router for intelligently and dynamically adding blacklist
CN114697397A (en) * 2022-02-24 2022-07-01 阿里巴巴(中国)有限公司 Domain name access method and device, electronic equipment and computer storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527721A (en) * 2009-04-22 2009-09-09 中兴通讯股份有限公司 Anti-virus method on the basis of household gateway and device thereof
US20120221652A1 (en) * 2011-02-28 2012-08-30 Nokia Corporation Method and apparatus for providing a proxy-based access list
CN102882886A (en) * 2012-10-17 2013-01-16 北京奇虎科技有限公司 Network terminal and method for presenting visited website associated information
CN102891794A (en) * 2011-07-22 2013-01-23 华为技术有限公司 Data packet transmission control method and gateway device
CN102930211A (en) * 2012-11-07 2013-02-13 北京奇虎科技有限公司 Method for intercepting malicious URLs in multi-kernel browser and multi-kernel browser
CN102938766A (en) * 2012-11-12 2013-02-20 北京奇虎科技有限公司 Vicious website prompt method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527721A (en) * 2009-04-22 2009-09-09 中兴通讯股份有限公司 Anti-virus method on the basis of household gateway and device thereof
US20120221652A1 (en) * 2011-02-28 2012-08-30 Nokia Corporation Method and apparatus for providing a proxy-based access list
CN102891794A (en) * 2011-07-22 2013-01-23 华为技术有限公司 Data packet transmission control method and gateway device
CN102882886A (en) * 2012-10-17 2013-01-16 北京奇虎科技有限公司 Network terminal and method for presenting visited website associated information
CN102930211A (en) * 2012-11-07 2013-02-13 北京奇虎科技有限公司 Method for intercepting malicious URLs in multi-kernel browser and multi-kernel browser
CN102938766A (en) * 2012-11-12 2013-02-20 北京奇虎科技有限公司 Vicious website prompt method and device

Cited By (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015101337A1 (en) * 2014-01-03 2015-07-09 Tencent Technology (Shenzhen) Company Limited Malicious website address prompt method and router
US10375102B2 (en) 2014-01-03 2019-08-06 Tencent Technology (Shenzhen) Company Limitted Malicious web site address prompt method and router
WO2015120808A1 (en) * 2014-02-14 2015-08-20 Tencent Technology (Shenzhen) Company Limited Method and system for security protection of account information
US10484424B2 (en) 2014-02-14 2019-11-19 Tencent Technology (Shenzhen) Company Limited Method and system for security protection of account information
CN105320885A (en) * 2014-06-04 2016-02-10 腾讯科技(深圳)有限公司 Method and device for detecting malicious website
CN109376529A (en) * 2015-06-30 2019-02-22 北京奇虎科技有限公司 Application program operation method and device
CN104915594A (en) * 2015-06-30 2015-09-16 北京奇虎科技有限公司 Application running method and device
CN105101210A (en) * 2015-08-26 2015-11-25 盾宇(上海)信息科技有限公司 Wireless security based client automatic connection protecting method and system
CN105138917A (en) * 2015-08-26 2015-12-09 成都秋雷科技有限责任公司 Malicious webpage defending method
CN105100119A (en) * 2015-08-31 2015-11-25 百度在线网络技术(北京)有限公司 URL detection method and device
CN106230848A (en) * 2016-08-11 2016-12-14 国家计算机网络与信息安全管理中心 A kind of method of Behavior-based control feature detection fishing website
CN106453266A (en) * 2016-09-20 2017-02-22 微梦创科网络科技(中国)有限公司 Abnormal networking request detection method and apparatus
CN108023868B (en) * 2016-10-31 2021-02-02 腾讯科技(深圳)有限公司 Malicious resource address detection method and device
CN108023868A (en) * 2016-10-31 2018-05-11 腾讯科技(深圳)有限公司 Malice resource address detection method and device
CN106874753A (en) * 2016-12-30 2017-06-20 中国建设银行股份有限公司 The method and device at the abnormal interface of identification
CN108234486A (en) * 2017-12-29 2018-06-29 北京神州绿盟信息安全科技股份有限公司 A kind of network monitoring method and monitoring server
CN110011918A (en) * 2018-01-04 2019-07-12 中国科学院声学研究所 A kind of the website safety detection method and system of router cooperation
CN108632280A (en) * 2018-05-08 2018-10-09 国家计算机网络与信息安全管理中心 Flow processing method, apparatus and system, fire wall and server
CN111049837A (en) * 2019-12-16 2020-04-21 多彩贵州印象网络传媒股份有限公司 Malicious website identification and interception technology based on communication operator network transport layer
CN111753223A (en) * 2020-06-09 2020-10-09 北京天空卫士网络安全技术有限公司 Access control method and device
CN111753223B (en) * 2020-06-09 2024-01-30 北京天空卫士网络安全技术有限公司 Access control method and device
CN111698256A (en) * 2020-06-17 2020-09-22 绿盟科技集团股份有限公司 Method and device for detecting illegal link
CN111698256B (en) * 2020-06-17 2022-05-10 绿盟科技集团股份有限公司 Method and device for detecting illegal link
CN111669400A (en) * 2020-06-19 2020-09-15 广西和你学科技发展有限公司 Method for filtering website of wireless router
CN111683104A (en) * 2020-07-25 2020-09-18 国网四川省电力公司电力科学研究院 Anti-hijack equipment for internet of things terminal
CN111683104B (en) * 2020-07-25 2022-04-29 国网四川省电力公司电力科学研究院 Anti-hijack equipment for internet of things terminal
CN112583845B (en) * 2020-12-24 2023-11-07 深信服科技股份有限公司 Access detection method, device, electronic equipment and computer storage medium
CN112583845A (en) * 2020-12-24 2021-03-30 深信服科技股份有限公司 Access detection method and device, electronic equipment and computer storage medium
CN113099441A (en) * 2021-03-29 2021-07-09 Oppo广东移动通信有限公司 Website management method, website management platform, electronic device and medium
CN113452794A (en) * 2021-06-30 2021-09-28 深圳鲲鹏无限科技有限公司 Method, system, server and router for intelligently and dynamically adding blacklist
CN114697397A (en) * 2022-02-24 2022-07-01 阿里巴巴(中国)有限公司 Domain name access method and device, electronic equipment and computer storage medium
CN114697397B (en) * 2022-02-24 2024-06-07 阿里巴巴(中国)有限公司 Domain name access method and device, electronic equipment and computer storage medium

Similar Documents

Publication Publication Date Title
CN103491543A (en) Method for detecting malicious websites through wireless terminal, and wireless terminal
US9883002B2 (en) Method and system for accessing website
CN102882886B (en) A kind of network terminal and method presenting the relevant information of access websites
CN102957664B (en) A kind of method and device identifying fishing website
CN103152354B (en) To method, system and client device that dangerous website is pointed out
CN112703496B (en) Content policy based notification to application users regarding malicious browser plug-ins
CN106453436B (en) A kind of detection method and device of network security
CN109802919B (en) Web page access intercepting method and device
CN108989355B (en) Vulnerability detection method and device
CN102930211A (en) Method for intercepting malicious URLs in multi-kernel browser and multi-kernel browser
CN103986731A (en) Method and device for detecting phishing web pages through picture matching
CN102917049A (en) Method for showing information of visited website, browser and system
CN104021339A (en) Safety payment method and device for mobile terminal
CN103152355A (en) Method and system for promoting dangerous website and client device
CN110035075A (en) Detection method, device, computer equipment and the storage medium of fishing website
CN106789939A (en) A kind of detection method for phishing site and device
CN102932356A (en) Malicious website intercepting method and device in multi-core browser
CN103368957A (en) Method, system, client and server for processing webpage access behavior
CN102970282A (en) Website security detection system
CN111404937B (en) Method and device for detecting server vulnerability
CN103179125A (en) Display method of website authentication information and browser
CN102957693A (en) Method and device for judging phishing websites
CN103001946A (en) Website security detection method, website security detection equipment and website security detection system
CN104202345A (en) Verification code generating method, device and system
CN104143008A (en) Method and device for detecting phishing webpage based on picture matching

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20140101