CN106713285A - Website link security verification method and system - Google Patents
Website link security verification method and system Download PDFInfo
- Publication number
- CN106713285A CN106713285A CN201611108553.4A CN201611108553A CN106713285A CN 106713285 A CN106713285 A CN 106713285A CN 201611108553 A CN201611108553 A CN 201611108553A CN 106713285 A CN106713285 A CN 106713285A
- Authority
- CN
- China
- Prior art keywords
- web site
- site url
- receiving terminal
- link
- network address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Abstract
The invention relates to a website link security verification method and system. The method comprises the steps of before a receiving terminal receives a website link sent by a sending terminal, acquiring the website link and a unique identifier of the receiving terminal; performing security verification on the website link, and if the website link is a secure link, forwarding the website link to the receiving terminal according to the unique identifier; when an access request which is sent by the receiving terminal for the website link is detected, searching the website link in a pre-established secure website database; and judging the website link to be a secure link if the website link is found in the secure website database. The website link security verification method and system avoid the risk of information leakage and are high in security.
Description
Technical field
The present invention relates to field of information security technology, more particularly to a kind of web site url security verification method and it is
System.
Background technology
With the development of mobile Internet, the event of user data is illegally obtained also increasingly by malicious virus website
It is many.By taking short message fraud as an example, a kind of short message fraud mode is the web site url that malicious virus website is added in short message, user
After clickthrough, the information in mobile phone may be stolen by the virus in malicious virus website.
In order to improve the security of user profile, there is a kind of conventional art when user clicks on web site url to web site url
Security verification is carried out, above-mentioned security verification mode generally requires the application program for depending on user installation
(Application, APP).APP reads all short messages in user mobile phone, by judging that domain name recognizes the security of web site url.
However, APP needs to read all short messages of user, including private short message, the information security for having leakage of information risk, user is difficult to
It is protected.
In sum, existing web site url security verification mode security is relatively low.
The content of the invention
Based on this, it is necessary to for the relatively low problem of existing link verification mode security, there is provided a kind of web site url
Security verification method and system.
A kind of web site url security verification method, comprises the following steps:
Received before sending the web site url that terminal sends in receiving terminal, obtain the web site url and the reception
The unique mark of terminal;
Security verification is carried out to the web site url, if the web site url is secure link, according to unique mark
The web site url is forwarded to the receiving terminal by knowledge;
When detecting that the receiving terminal sends to the access request of the web site url, in the safety for pre-building
The web site url is searched in network address database;
If finding the web site url in the safe network address database, judge that the web site url is theft-resistant link chain
Connect.
A kind of web site url security verification system, including:
Acquisition module, for being received before sending the web site url that terminal sends in receiving terminal, obtains the website
Link and the unique mark of the receiving terminal;
Forwarding module, for carrying out security verification to the web site url, if the web site url is secure link, root
The web site url is forwarded to the receiving terminal according to the unique mark;
Searching modul, for when detecting that the receiving terminal sends to the access request of the web site url,
The web site url is searched in the safe network address database for pre-building;
Judge module, if for finding the web site url in the safe network address database, judging the net
Station is linked as secure link.
Above-mentioned web site url security verification method and system, before receiving terminal receives web site url, are first carried out
Once to the checking of web site url, after secure link is verified as, web site url is just forwarded to receiving terminal;Receiving terminal
When web site url is opened in request, verified again, only when secure link is verified as the second time, be just finally judged to peace
Full link.By verifying twice, it is possible to increase verification the verifying results, the security of web site url is further ensured that, and only needed during checking
Web site url to be verified is read, the other information of terminal or receiving terminal is sent without reading, it is to avoid leakage of information risk,
The information security of user is set to be protected.In sum, above-mentioned web site url security verification method and security of system
It is higher.
Brief description of the drawings
Fig. 1 is the web site url security verification method flow chart of one embodiment;
Fig. 2 is the alarm face schematic diagram of one embodiment;
Fig. 3 is the programming flowchart of the web site url security verification method of one embodiment;
Fig. 4 is the structural representation of the web site url security verification system of one embodiment.
Specific embodiment
Technical scheme is illustrated below in conjunction with the accompanying drawings.
As shown in figure 1, the present invention provides a kind of web site url security verification method, it may include following steps:
S1, receives before sending the web site url that terminal sends in receiving terminal, obtains the web site url and described
The unique mark of receiving terminal;
This step and following steps S2 to S4 can be realized on third-party platform.Third-party platform can be arranged on cloud
End.The third-party platform can be the platform with functions such as reception, forwarding and web site url checkings for pre-building.Pass through
Third-party platform is set, without installing special APP on user terminal (including sending terminal and receiving terminal), use has been saved
The memory headroom of family terminal, and avoid the other information of APP reading user terminals and cause the presence of user profile disclosure risk.
The transmission terminal can be the intelligent terminals such as computer, mobile phone, flat board, the receiving terminal can also be computer,
The intelligent terminals such as mobile phone, flat board.The unique mark of the receiving terminal can be the card number of the SIM installed on mobile phone, also may be used
To be the IP address of computer or flat board, the account of the chat tool in receiving terminal is can also be.For example, the chat work
Tool can be the softwares such as QQ, wechat, YY voice softwares, Fetion, correspondingly, the unique mark can be No. QQ, wechat account,
YY voices account, Fetion account (generally cell-phone number) etc..
Third-party platform can be carried out according to the unique mark before being forwarded to link to the web site url
Encapsulation is shortened, and generates the unique short chain of receiving terminal and connects;The short chain is switched through according to the unique mark described in being dealt into
Receiving terminal.For example, it is assumed that original web is linked as:
www.baidu.com/huodong.jspA=d1123&gak=123333&cid=19898ladkjf,
Can be shorten to for above-mentioned link by third-party platform:
kxz.cn/123adb33。
After shortening to link, the domain name of the web site url can be replaced with default domain by third-party platform
Name;The short chain after replacement is switched through according to the unique mark is dealt into the receiving terminal.In this way, user is without note
Various enterprises various domain name addresses, trust click by the unique fixed domain name that only need to remember to be identified as safe network address.
S2, security verification is carried out to the web site url, if the web site url is secure link, according to described unique
The web site url is forwarded to the receiving terminal by mark;
In this step, when transmission terminal sends to receiving terminal web site url, the web site url can be turned first
Above-mentioned third-party platform is sent to, once safety checking is carried out to web site url by third-party platform.Only when safety verification passes through
Afterwards, the web site url is just forwarded to receiving terminal by third-party platform.If safety verification does not pass through, third-party platform can be right
The web site url is intercepted.In this way, just web site url can be entered before web site url reaches receiving terminal
Row once safety anticipation, so can as early as possible filter out a collection of dangerous link, and the dangerous link for filtering out can be without sending
To receiving terminal, Internet resources are also saved while security is improved.As one embodiment, carried out to web site url
After interception, third-party platform can also send a notification message and notify to send terminal, and its web site url for sending has been intercepted.One
In the case of a little, sending terminal may not know that its web site url for sending is secure link or dangerous link, by this side
Formula, can make transmission terminal understand the security of the web site url of its transmission, avoid sending terminal repetition transmission to a certain extent
The dangerous link of same or same class, so that, link dangerous to same or same class is avoided repeatedly to a certain extent to be carried out
Treatment, has saved system resource.Used as another embodiment, after being intercepted to web site url, third-party platform can be with
The notice that sends a notification message receiving terminal, has intercepted a dangerous link.In this way, it is easy to receiving terminal to check at any time
Intercepted link species, enables receiving terminal directly to be judged according to the intercept information in subsequently received similar link
The security of link, improves treatment effeciency;Meanwhile, it also avoid being mistaken for dangerous link because of useful secure link, make
Receiving terminal cannot receive information situation.
In one embodiment, terminal is sent when web site url is sent, and can also simultaneously send other non-link informations.Its
In, the non-link information includes character information, pictorial information, voice messaging and/or video information.For example, sending terminal to
When receiving terminal sends short message, word content and web site url can be simultaneously added in short message;Again for example, sending terminal in hair
When sending QQ information or wechat information, image content and web site url may be simultaneously added in QQ information or wechat information, or
Add voice content and web site url simultaneously in QQ information or wechat information.In this case, third-party platform can be obtained
Take and send the non-link information that terminal sends, the non-link information and the web site url are spliced;According to it is described only
Spliced web site url is forwarded to the receiving terminal by one mark.
For example, send the original text of terminal transmission can be:
Hello, welcomes participation activity, please click on and be confirmed:
www.baidu.com/huodong.jspA=d1123&gak=123333&cid=19898ladkjf。
In one case, third-party platform can shorten to above-mentioned link, obtain herein below:
Hello, welcomes participation activity, please click on and be confirmed:
kxz.cn/123adb33。
In the case of existing concurrently with link information and non-link information, third-party platform can only verify link therein
Information, without verifying non-link information, so, can improve verification efficiency, save the proving time.In this case, the 3rd
Fang Pingtai first can extract link information from the information that terminal sends is sent, then carry out security verification to link information.
In one embodiment, when web site url is forwarded to receiving terminal by third-party platform, can be according to receiving terminal
Unique mark generate different short chains and connect, i.e. for same web site url, if receiving terminal is different, third party is flat
It is different that the short chain of platform generation connects.The mode of generation can be, for example, the head connect in short chain or afterbody addition are described unique
Mark, it would however also be possible to employ other modes generation short chain connects.In this way, in step s3, when receiving terminal accesses the net
Stand link when, can identify which receiving terminal have accessed the web site url, which receiving terminal does not access the website chain
Connect such that it is able to take different measures for different receiving terminals.For example, redirecting mistake to the prompting of receiving terminal 1, dock
It jumps to another network address to receive the guiding of terminal 2.
S3, when detecting that the receiving terminal sends to the access request of the web site url, what is pre-build
The web site url is searched in safe network address database;
In this step, a safe network address database can be set up in third-party platform in advance, the safe network address number
According to can be with the multiple safe network address of storing history in storehouse.When receiving terminal will open web site url, can first start clear
Look at device, the browser can ask the web site url opened be sent to third-party platform, and third-party platform can be in safe network address
The web site url is searched in database.In order that the secure link in safe network address database more conforms to actual conditions, may be used also
To be periodically updated to the link in safe network address database.The mode of renewal can receive user to the web site url
Feedback information;Wherein, the feedback information is used to characterize the security of the web site url;Updated according to the feedback information
The safe network address database.For example, when user open one do not exist in safe network address database in web site url, and
After confirming that this is linked as secure link, what third-party platform can receive the user feedback confirms that its web site url opened is peace
The feedback information of full link, and the web site url is indexed in safe network address database.
In one embodiment, in order to prevent the information in safe network address database from increasing too fast with the time, cause follow-up
Overlong time is spent during lookup, the network address that is of little use in the safe network address database can also periodically be processed.It is described
Treatment can be, for example, be of little use network address described in being deleted from the safe network address database, or by the network address that is of little use
It is transferred in other databases from the safe network address database after being shortened.Wherein, the network address that is of little use is to instigate
Network address with frequency less than predeterminated frequency value.For example, some network address (for example, Baidu's homepage, microblogging homepage etc.) are often made
Use, this kind of network address belongs to conventional network address, these network address can be retained in safe network address database;And other network address may
Some months is just used once, and the terminal used is less, and these network address can be indexed in other database.If received
Terminal attempts to access that the network address that is of little use, and such web site url is not found in safe network address database, can again arrive it
Searched in his database, if it is found, then judging that the web site url is secure link.In this way, safety net has been saved
The memory space of location database, improves the efficiency for searching network address.
S4, if finding the web site url in the safe network address database, judges that the web site url is peace
Full link.
If finding the web site url in the safe network address database, illustrate that the web site url is theft-resistant link chain
Connect, third-party platform can send to browser and instruct, control browser jumps to the web site url.If in the safety net
The web site url is not found in the database of location, then illustrates that the web site url there may be risk, its security is uncertain
's.In order to further be verified to these uncertain web site urls, blacklist website storehouse can also be in step s3 set up,
Multiple having been found to be the web site url of dangerous link can be stored in the blacklist website storehouse.If in the safe network address
The web site url is not found in database, the web site url can be searched in the blacklist website storehouse for pre-building;
If finding the web site url in the storehouse of the blacklist website, judge that the web site url is linked as danger, Ke Yixiang
The receiving terminal sends warning message;The warning message is used to notify that web site url described in the receiving terminal is dangerous chain
Connect.The alert interface of one embodiment is as shown in Figure 2.If both not finding the website chain in safe network address database
Connect, the web site url is found either with or without in the storehouse of the blacklist website, then judge the security of the web site url not
It is determined that, indicating risk information can be sent to the receiving terminal, ask user to carry out secondary-confirmation.If user still confirms to visit
The web site url is asked, then controls browser to jump to the web site url, otherwise, do not redirected.
In one embodiment, blacklist website storehouse can also be regularly updated.Can be received from receiving terminal and fed back
Information, can carry the web site url that receiving terminal is considered dangerous website in the feedback information, if the blacklist website
The web site url of dangerous website is not considered in storehouse including this, the web site url for being considered dangerous website can be updated to institute
In stating blacklist website storehouse.
Third-party platform after the access request to web site url is received, in the safe network address database for pre-building
Before the middle lookup web site url, the browser of the receiving terminal can also be controlled to jump to default secure page table.
After judging the web site url as secure link, the browser can be controlled to jump to the website from the secure page table
Link the corresponding page.
Fig. 3 is the programming flowchart of the web site url security verification method of one embodiment.
A kind of web site url security verification method of the invention, there is provided scheme of prevention SMS swindle, uses
Family can quickly recognize risk, so as to point out user to avoid risk;The method carries out safety certification to web site url, and running into has wind
The network address of danger reminds user to operate with caution;And the method need not rely on cell phone system and install any APP, without change user's
Operating process.
As shown in figure 4, the present invention provides a kind of web site url security verification system, it may include:
Acquisition module 10, for being received before sending the web site url that terminal sends in receiving terminal, obtains the net
The unique mark of link and the receiving terminal of standing;
This module and can be realized on third-party platform with lower module 20 to 40.Third-party platform can be arranged on cloud
End.The third-party platform can be the platform with functions such as reception, forwarding and web site url checkings for pre-building.Pass through
Third-party platform is set, without installing special APP on user terminal (including sending terminal and receiving terminal), use has been saved
The memory headroom of family terminal, and avoid the other information of APP reading user terminals and cause the presence of user profile disclosure risk.
The transmission terminal can be the intelligent terminals such as computer, mobile phone, flat board, the receiving terminal can also be computer,
The intelligent terminals such as mobile phone, flat board.The unique mark of the receiving terminal can be the card number of the SIM installed on mobile phone, also may be used
To be the IP address of computer or flat board, the account of the chat tool in receiving terminal is can also be.For example, the chat work
Tool can be the softwares such as QQ, wechat, YY voice softwares, Fetion, correspondingly, the unique mark can be No. QQ, wechat account,
YY voices account, Fetion account (generally cell-phone number) etc..
Third-party platform can be carried out according to the unique mark before being forwarded to link to the web site url
Encapsulation is shortened, and generates the unique short chain of receiving terminal and connects;The short chain is switched through according to the unique mark described in being dealt into
Receiving terminal.For example, it is assumed that original web is linked as:
www.baidu.com/huodong.jspA=d1123&gak=123333&cid=19898ladkjf,
Can be shorten to for above-mentioned link by third-party platform:
kxz.cn/123adb33。
After shortening to link, the domain name of the web site url can be replaced with default domain by third-party platform
Name;The short chain after replacement is switched through according to the unique mark is dealt into the receiving terminal.In this way, user is without note
Various enterprises various domain name addresses, trust click by the unique fixed domain name that only need to remember to be identified as safe network address.
Forwarding module 20, for carrying out security verification to the web site url, if the web site url is secure link,
The web site url is forwarded to by the receiving terminal according to the unique mark;
In this module, when transmission terminal sends to receiving terminal web site url, the web site url can be turned first
Above-mentioned third-party platform is sent to, once safety checking is carried out to web site url by third-party platform.Only when safety verification passes through
Afterwards, the web site url is just forwarded to receiving terminal by third-party platform.If safety verification does not pass through, third-party platform can be right
The web site url is intercepted.In this way, just web site url can be entered before web site url reaches receiving terminal
Row once safety anticipation, so can as early as possible filter out a collection of dangerous link, and the dangerous link for filtering out can be without sending
To receiving terminal, Internet resources are also saved while security is improved.As one embodiment, carried out to web site url
After interception, third-party platform can also send a notification message and notify to send terminal, and its web site url for sending has been intercepted.One
In the case of a little, sending terminal may not know that its web site url for sending is secure link or dangerous link, by this side
Formula, can make transmission terminal understand the security of the web site url of its transmission, avoid sending terminal repetition transmission to a certain extent
The dangerous link of same or same class, so that, link dangerous to same or same class is avoided repeatedly to a certain extent to be carried out
Treatment, has saved system resource.Used as another embodiment, after being intercepted to web site url, third-party platform can be with
The notice that sends a notification message receiving terminal, has intercepted a dangerous link.In this way, it is easy to receiving terminal to check at any time
Intercepted link species, enables receiving terminal directly to be judged according to the intercept information in subsequently received similar link
The security of link, improves treatment effeciency;Meanwhile, it also avoid being mistaken for dangerous link because of useful secure link, make
Receiving terminal cannot receive information situation.
In one embodiment, terminal is sent when web site url is sent, and can also simultaneously send other non-link informations.Its
In, the non-link information includes character information, pictorial information, voice messaging and/or video information.For example, sending terminal to
When receiving terminal sends short message, word content and web site url can be simultaneously added in short message;Again for example, sending terminal in hair
When sending QQ information or wechat information, image content and web site url may be simultaneously added in QQ information or wechat information, or
Add voice content and web site url simultaneously in QQ information or wechat information.In this case, third-party platform can be obtained
Take and send the non-link information that terminal sends, the non-link information and the web site url are spliced;According to it is described only
Spliced web site url is forwarded to the receiving terminal by one mark.
For example, send the original text of terminal transmission can be:
Hello, welcomes participation activity, please click on and be confirmed:
www.baidu.com/huodong.jspA=d1123&gak=123333&cid=19898ladkjf。
In one case, third-party platform can shorten to above-mentioned link, obtain herein below:
Hello, welcomes participation activity, please click on and be confirmed:
kxz.cn/123adb33。
In the case of existing concurrently with link information and non-link information, third-party platform can only verify link therein
Information, without verifying non-link information, so, can improve verification efficiency, save the proving time.In this case, the 3rd
Fang Pingtai first can extract link information from the information that terminal sends is sent, then carry out security verification to link information.
In one embodiment, when web site url is forwarded to receiving terminal by third-party platform, can be according to receiving terminal
Unique mark generate different short chains and connect, i.e. for same web site url, if receiving terminal is different, third party is flat
It is different that the short chain of platform generation connects.The mode of generation can be, for example, the head connect in short chain or afterbody addition are described unique
Mark, it would however also be possible to employ other modes generation short chain connects.In this way, it is whole when receiving in follow-up searching modul 30
When end accesses the web site url, can identify which receiving terminal have accessed the web site url, which receiving terminal is not visited
Ask the web site url such that it is able to take different measures for different receiving terminals.For example, pointing out receiving terminal 1 to jump
Turn mistake, it jumps to another network address to the guiding of receiving terminal 2.
Searching modul 30, for when detecting that the receiving terminal sends to the access request of the web site url,
The web site url is searched in the safe network address database for pre-building;
In this module, a safe network address database can be set up in third-party platform in advance, the safe network address number
According to can be with the multiple safe network address of storing history in storehouse.When receiving terminal will open web site url, can first start clear
Look at device, the browser can ask the web site url opened be sent to third-party platform, and third-party platform can be in safe network address
The web site url is searched in database.In order that the secure link in safe network address database more conforms to actual conditions, may be used also
To be periodically updated to the link in safe network address database.The mode of renewal can receive user to the web site url
Feedback information;Wherein, the feedback information is used to characterize the security of the web site url;Updated according to the feedback information
The safe network address database.For example, when user open one do not exist in safe network address database in web site url, and
After confirming that this is linked as secure link, what third-party platform can receive the user feedback confirms that its web site url opened is peace
The feedback information of full link, and the web site url is indexed in safe network address database.
In one embodiment, in order to prevent the information in safe network address database from increasing too fast with the time, cause follow-up
Overlong time is spent during lookup, the network address that is of little use in the safe network address database can also periodically be processed.It is described
Treatment can be, for example, be of little use network address described in being deleted from the safe network address database, or by the network address that is of little use
It is transferred in other databases from the safe network address database after being shortened.Wherein, the network address that is of little use is to instigate
Network address with frequency less than predeterminated frequency value.For example, some network address (for example, Baidu's homepage, microblogging homepage etc.) are often made
Use, this kind of network address belongs to conventional network address, these network address can be retained in safe network address database;And other network address may
Some months is just used once, and the terminal used is less, and these network address can be indexed in other database.If received
Terminal attempts to access that the network address that is of little use, and such web site url is not found in safe network address database, can again arrive it
Searched in his database, if it is found, then judging that the web site url is secure link.In this way, safety net has been saved
The memory space of location database, improves the efficiency for searching network address.
Judge module 40, if for finding the web site url in the safe network address database, judging described
Web site url is secure link.
If finding the web site url in the safe network address database, illustrate that the web site url is theft-resistant link chain
Connect, third-party platform can send to browser and instruct, control browser jumps to the web site url.If in the safety net
The web site url is not found in the database of location, then illustrates that the web site url there may be risk, its security is uncertain
's.In order to further be verified to these uncertain web site urls, blacklist net can also be set up in judge module 30
Stand storehouse, multiple having been found to be the web site url of dangerous link can be stored in the blacklist website storehouse.If in the peace
The web site url is not found in full network address database, the website can be searched in the blacklist website storehouse for pre-building
Link;If finding the web site url in the storehouse of the blacklist website, judge that the web site url is linked as danger, can
Warning message is sent with to the receiving terminal;The warning message is used to notify that web site url described in the receiving terminal is danger
Danger link.The alert interface of one embodiment is as shown in Figure 2.If both not finding the net in safe network address database
Stand link, the web site url is found either with or without in the storehouse of the blacklist website, then judge the safety of the web site url
Property it is uncertain, indicating risk information can be sent to the receiving terminal, ask user to carry out secondary-confirmation.If user is still true
Recognize and access the web site url, then control browser to jump to the web site url, otherwise, do not redirected.
In one embodiment, blacklist website storehouse can also be regularly updated.Can be received from receiving terminal and fed back
Information, can carry the web site url that receiving terminal is considered dangerous website in the feedback information, if the blacklist website
The web site url of dangerous website is not considered in storehouse including this, the web site url for being considered dangerous website can be updated to institute
In stating blacklist website storehouse.
Third-party platform after the access request to web site url is received, in the safe network address database for pre-building
Before the middle lookup web site url, the browser of the receiving terminal can also be controlled to jump to default secure page table.
After judging the web site url as secure link, the browser can be controlled to jump to the website from the secure page table
Link the corresponding page.
Fig. 3 is the programming flowchart of the web site url security verification method of one embodiment.
A kind of web site url security verification system of the invention, there is provided scheme of prevention SMS swindle, uses
Family can quickly recognize risk, so as to point out user to avoid risk;The system carries out safety certification to web site url, and running into has wind
The network address of danger reminds user to operate with caution;And the system need not rely on cell phone system and install any APP, without change user's
Operating process.
A pair of web site url security verification system of the invention and web site url security verification method one of the invention
Should, the technical characteristic and its advantage illustrated in the embodiment of above-mentioned web site url security verification method are applied to website
In the embodiment of linking secure checking system, hereby give notice that.
Each technical characteristic of embodiment described above can be combined arbitrarily, to make description succinct, not to above-mentioned reality
Apply all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited
In contradiction, the scope of this specification record is all considered to be.
Embodiment described above only expresses several embodiments of the invention, and its description is more specific and detailed, but simultaneously
Can not therefore be construed as limiting the scope of the patent.It should be pointed out that coming for one of ordinary skill in the art
Say, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention
Scope.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.
Claims (10)
1. a kind of web site url security verification method, it is characterised in that comprise the following steps:
Received before sending the web site url that terminal sends in receiving terminal, obtain the web site url and the receiving terminal
Unique mark;
Security verification is carried out to the web site url, if the web site url is secure link, will according to the unique mark
The web site url is forwarded to the receiving terminal;
When detecting that the receiving terminal sends to the access request of the web site url, in the safe network address for pre-building
The web site url is searched in database;
If finding the web site url in the safe network address database, judge that the web site url is secure link.
2. web site url security verification method according to claim 1, it is characterised in that will according to the unique mark
The step of web site url is forwarded to the receiving terminal includes:
Shortening is packaged to the web site url according to the unique mark, the unique short chain of receiving terminal is generated and is connect;
The short chain is switched through according to the unique mark is dealt into the receiving terminal.
3. web site url security verification method according to claim 2, it is characterised in that will according to the unique mark
The short chain switches through the step of being dealt into the receiving terminal to be included:
The domain name of the web site url is replaced with into default domain name;
The short chain after replacement is switched through according to the unique mark is dealt into the receiving terminal.
4. web site url security verification method according to claim 1, it is characterised in that will according to the unique mark
The step of web site url is forwarded to the receiving terminal also includes:
Obtain and send the non-link information that terminal sends;Wherein, the non-link information includes character information, pictorial information, language
Message ceases and/or video information;
The non-link information and the web site url are spliced;
Spliced web site url is forwarded to by the receiving terminal according to the unique mark.
5. web site url security verification method according to claim 1, it is characterised in that in the safety net for pre-building
It is further comprising the steps of before the web site url is searched in the database of location:
The browser of the receiving terminal is controlled to jump to default secure page table;
It is further comprising the steps of after judging the web site url as secure link:
The browser is controlled to jump to the corresponding page of the web site url from the secure page table.
6. web site url security verification method according to claim 1, it is characterised in that further comprising the steps of:
Receive feedback information of the user to the web site url;Wherein, the feedback information is used to characterize the web site url
Security;
The safe network address database is updated according to the feedback information.
7. web site url security verification method according to claim 1, it is characterised in that further comprising the steps of:
If not finding the web site url in the safe network address database, in the blacklist website storehouse for pre-building
Search the web site url;
If finding the web site url in the storehouse of the blacklist website, judge that the web site url is linked as danger.
8. web site url security verification method according to claim 7, it is characterised in that judging the web site url
It is further comprising the steps of after for danger link:
Warning message is sent to the receiving terminal;The warning message be used for notify the receiving terminal described in web site url be
Danger link.
9. web site url security verification method according to claim 7, it is characterised in that further comprising the steps of:
If the web site url is not found in blacklist website storehouse and the safe network address database, to described
Receiving terminal sends indicating risk information.
10. a kind of web site url security verification system, it is characterised in that including:
Acquisition module, for being received before sending the web site url that terminal sends in receiving terminal, obtains the web site url
With the unique mark of the receiving terminal;
Forwarding module, for carrying out security verification to the web site url, if the web site url is secure link, according to institute
State unique mark and the web site url is forwarded to the receiving terminal;
Searching modul, for when detecting that the receiving terminal sends to the access request of the web site url, advance
The web site url is searched in the safe network address database set up;
Judge module, if for finding the web site url in the safe network address database, judging the website chain
It is connected in secure link.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611108553.4A CN106713285A (en) | 2016-12-06 | 2016-12-06 | Website link security verification method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611108553.4A CN106713285A (en) | 2016-12-06 | 2016-12-06 | Website link security verification method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106713285A true CN106713285A (en) | 2017-05-24 |
Family
ID=58936022
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611108553.4A Pending CN106713285A (en) | 2016-12-06 | 2016-12-06 | Website link security verification method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106713285A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107508809A (en) * | 2017-08-17 | 2017-12-22 | 腾讯科技(深圳)有限公司 | Identify the method and device of website type |
CN109218320A (en) * | 2018-09-25 | 2019-01-15 | 中国平安人寿保险股份有限公司 | Web-site links security verification method, device, computer equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102739653A (en) * | 2012-06-06 | 2012-10-17 | 奇智软件(北京)有限公司 | Detection method and device aiming at webpage address |
CN102752267A (en) * | 2011-04-20 | 2012-10-24 | 阿里巴巴集团控股有限公司 | Method and device for providing website information |
CN104052722A (en) * | 2013-03-15 | 2014-09-17 | 腾讯科技(深圳)有限公司 | Web address security detection method, apparatus and system |
CN105959330A (en) * | 2016-07-20 | 2016-09-21 | 广东世纪网通信设备股份有限公司 | False link interception method, device and system |
-
2016
- 2016-12-06 CN CN201611108553.4A patent/CN106713285A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102752267A (en) * | 2011-04-20 | 2012-10-24 | 阿里巴巴集团控股有限公司 | Method and device for providing website information |
CN102739653A (en) * | 2012-06-06 | 2012-10-17 | 奇智软件(北京)有限公司 | Detection method and device aiming at webpage address |
CN104052722A (en) * | 2013-03-15 | 2014-09-17 | 腾讯科技(深圳)有限公司 | Web address security detection method, apparatus and system |
CN105959330A (en) * | 2016-07-20 | 2016-09-21 | 广东世纪网通信设备股份有限公司 | False link interception method, device and system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107508809A (en) * | 2017-08-17 | 2017-12-22 | 腾讯科技(深圳)有限公司 | Identify the method and device of website type |
CN109218320A (en) * | 2018-09-25 | 2019-01-15 | 中国平安人寿保险股份有限公司 | Web-site links security verification method, device, computer equipment and storage medium |
CN109218320B (en) * | 2018-09-25 | 2022-09-09 | 中国平安人寿保险股份有限公司 | Website link security verification method and device, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103607385B (en) | Method and apparatus for security detection based on browser | |
CN108737327B (en) | Method, device and system for intercepting malicious website and memory | |
US9277378B2 (en) | Short message service validation engine | |
CN103856446B (en) | A kind of login method, device and open platform system | |
US11086983B2 (en) | System and method for authenticating safe software | |
US9055090B2 (en) | Network based device security and controls | |
CN108881101B (en) | Cross-site script vulnerability defense method and device based on document object model and client | |
CN105847245B (en) | Electronic mailbox login authentication method and device | |
US9973513B2 (en) | Method and apparatus for communication number update | |
CN109768992B (en) | Webpage malicious scanning processing method and device, terminal device and readable storage medium | |
CN104580074A (en) | Logging method of client end application and corresponding server of logging method | |
CN103379099A (en) | Hostile attack identification method and system | |
WO2015007231A1 (en) | Method and device for identification of malicious url | |
CN103368957A (en) | Method, system, client and server for processing webpage access behavior | |
US20200074079A1 (en) | Method and system for checking malicious hyperlink in email body | |
CN109981664A (en) | Website logging method, device and the realization device of page end | |
CN105119901A (en) | Method and system for detecting phishing hotspot | |
CN107770125A (en) | A kind of network security emergency response method and emergency response platform | |
CN105260660A (en) | Monitoring method, device and system of intelligent terminal payment environment | |
CN103780450A (en) | Browser access web address detection method and system | |
CN106465076A (en) | Control method and terminal for short message reading | |
US20220141669A1 (en) | SIM swap scam protection via passive monitoring | |
CN114357457A (en) | Vulnerability detection method and device, electronic equipment and storage medium | |
KR102648653B1 (en) | Mail security-based zero-day URL attack defense service providing device and method of operation | |
CN106713285A (en) | Website link security verification method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170524 |