CN102938766B - Maliciously website prompt method and device - Google Patents
Maliciously website prompt method and device Download PDFInfo
- Publication number
- CN102938766B CN102938766B CN201210450998.6A CN201210450998A CN102938766B CN 102938766 B CN102938766 B CN 102938766B CN 201210450998 A CN201210450998 A CN 201210450998A CN 102938766 B CN102938766 B CN 102938766B
- Authority
- CN
- China
- Prior art keywords
- network address
- malice
- browser
- module
- recommendation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000000903 blocking effect Effects 0.000 claims description 6
- 235000013399 edible fruits Nutrition 0.000 claims description 3
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000004321 preservation Methods 0.000 claims description 2
- 238000012790 confirmation Methods 0.000 abstract description 5
- 230000008569 process Effects 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of malice website prompt method and device, relate to Internet technical field.This device includes: reminding module and malice network address determination module, wherein, reminding module is suitable to obtain user's input information in browser address bar, the request judging whether to recommend network address to be malice network address is initiated to malice network address determination module, and in the browser side prompting display malice network address determination module result of determination to recommending network address;Described malice network address determination module;Wherein, described malice network address determination module includes sub module stored and judges submodule.Technical scheme, can be when user inputs information in browser address bar, just carry out prejudging and pointing out of malice network address, accelerate the efficiency that malice network address judges, thus solve prior art to confirm to click user and when certain network address initiates the request of this network address, just carry out the confirmation of maliciously network address, user is made just to know whether after clicking on network address into malice network address, to experience bad problem.
Description
Technical field
The present invention relates to Internet technical field, be specifically related to a kind of malice website prompt method and device.
Background technology
Malicious websites refers to that malice plants the rogue program such as wooden horse, virus in website, by " the net pretended
Standing service content " induction user accesses this website, and once enter these websites, kind in website will be triggered
The programs such as wooden horse under planting, virus, cause visitor computer infected, face loss account number or let out
The danger such as dew privacy information.Hang horse webpage and refer to be embedded into the webpage of wooden horse web site url.Access these
Webpage, can be triggered to the access request of wooden horse website, this access once success, may result in visitor
Computer is infected, faces and loses account number and reveal the danger of privacy information.
Existing " maliciously network address interception " technology can stop the computer of user to connect the website of malice, anti-
Only user is by hanging horse webpage, fishing website and taking the infringement of viruliferous malicious websites etc..User can
With by being somebody's turn to do " maliciously network address interception " functional shielding malice network address.Parent subscriber can also be by this function
Shielding is not suitable for the website that teenager browses, and creates the online environment of a green health to child.Because
Containing website blacklist and website white list in address filtering function, user can be suspicious or be not suitable for
The network address browsed is arranged in the blacklist of website, and the network address trusted is arranged to the white name in website
Dan Zhong.Additionally, malice network address interception function also can be for concrete port numbers, agency and suspect program
It is monitored.
Existing " maliciously network address interception " technology, is all to confirm to click certain network address user, initiates
Carry out during for the request of this network address, after confirming as malice network address, can prompt the user whether to continue to add
Carry.But this scheme, user just knows whether as malice network address after only clicking network address, for
For user, its experience is bad.
Summary of the invention
In view of the above problems, it is proposed that the present invention is to provide one to overcome the problems referred to above or at least partly
Ground solves a kind of malice website prompt method and the device of the problems referred to above.
According to one aspect of the present invention, it is provided that a kind of malice website prompt method, wherein, described
Being provided with malice network address determination module in browser, the method includes:
Obtain user's input information in browser address bar;
According to the recommendation network address that described this input information of input acquisition of information is corresponding;
Malice network address determination module to described browser side initiates to judge whether that described recommendation network address is for malice
The request of network address, sequentially for each network address in described recommendation network address, maliciously network address determination module judges
Whether this network address belongs to white list, if this network address belongs to white list, then malice network address determination module should
Network address is judged to credible;
In described browser side, the judgement of described recommendation network address is tied by prompting display malice network address determination module
Really.
Alternatively, the method farther includes: if this network address is not belonging to white list, then malice network address is sentenced
Cover half block judges whether this network address belongs to blacklist, if this network address belongs to blacklist, to server lookup
The safety information of this network address, the safety information of this network address returned by server is tied as the judgement of this network address
Really.
Alternatively, the method farther includes: if this network address had both been not belonging to white list and has also been not belonging to black name
Single, then malice network address determination module initiates the cloud inquiry request of this network address to server, is returned by server
The cloud Query Result of this network address as the result of determination of this network address.
Alternatively, the method farther includes: the described cloud that the local cache server at browser returns
Query Result, in judging for follow-up malice network address.
Alternatively, described white list and/or blacklist are to download to browse after being updated in server side
Device this locality.
Alternatively, described input information is Chinese character or English;It is described that according to described input acquisition of information, this is defeated
The recommendation network address entering information corresponding includes: this input information mated with the network address in network address set,
Obtain more than one recommendation network address;Wherein, at least one during described network address set includes as follows: clear
Look at the cloud network address that the local browsing history of device, local collection, server provide.
Alternatively, described prompting in described browser side shows that malice network address determination module is to described recommendation net
The result of determination of location includes: show each recommendation network address in the drop-down prompting frame of browser address bar, and
The left side of drop-down prompting frame shows the corresponding result of determination of each recommendation network address;Or, show with the form of pop-up
Show the result of determination to described recommendation network address.
Alternatively, it is the instruction that malice network address recommends network address to conduct interviews to result of determination when receiving user
After, when the request to this malice network address initiated by browser, the method farther includes: to this malice network address
Carry out intercepting operation and/or prompting user.
Alternatively, the method farther includes: by the cloud Query Result of white list, blacklist and caching
Personal data as browser client carry out synchronizing to preserve.
According to a further aspect in the invention, it is provided that a kind of malice network address suggestion device, comprising: point out
Module and malice network address determination module, wherein,
Described reminding module, is suitable to obtain user's input information in browser address bar, according to described
The recommendation network address that input this input information of acquisition of information is corresponding, initiates to sentence to described malice network address determination module
The most described disconnected recommendation network address is the request of malice network address, and at described browser side prompting display malice net
The location determination module result of determination to described recommendation network address;
Described malice network address determination module, is suitable to the request according to described reminding module and judges described recommendation net
Whether location is malice network address, and result of determination returns to described reminding module;
Wherein, described malice network address determination module includes: sub module stored and judge submodule, wherein,
Described sub module stored, is suitable to preserve white list;
Described judgement submodule, is suitable to for each network address in described recommendation network address, it is judged that this network address is
No belong to white list, if this network address belongs to white list, then this network address is judged to credible, and will judge
Result returns to described reminding module.
Alternatively, described sub module stored, it is further adapted for preserving blacklist;
Described judgement submodule, is further adapted for when this network address is not belonging to white list, it is judged that this network address is
No belong to blacklist, if this network address belongs to blacklist, to the safety information of this network address of server lookup,
The safety information of this network address returned by server returns to described prompting mould as the result of determination of this network address
Block.
Alternatively, described judgement submodule, it is further adapted for both being not belonging to white list in this network address and does not belongs to
When blacklist, initiate the cloud inquiry request of this network address to server, this network address that server is returned
Cloud Query Result is as the result of determination of this network address.
Alternatively, described malice network address determination module farther includes: cache sub-module;
Described judgement submodule, is further adapted for the cloud Query Result preservation of this network address returned by server
In described cache sub-module;
Described cache sub-module, is suitable to preserve the cloud Query Result that described judgement submodule sends, for follow-up
Malice network address judge in use.
Alternatively, described malice network address determination module farther includes: more newly downloaded submodule;
Described more newly downloaded submodule, is suitable to from white list and/or black name after the down loading updating of server side
Single, and be saved in described sub module stored.
Alternatively, described reminding module, be suitable to obtain user's Chinese character in browser address bar or English
Input information, this input information is mated with the network address in network address set, obtains more than one pushing away
Recommend network address;Wherein, at least one during described network address set includes as follows: this locality of browser browses to be gone through
The cloud network address that Records of the Historian record, local collection, server provide.
Alternatively, described reminding module, be suitable to show in the drop-down prompting frame of browser address bar and respectively push away
Recommend network address, and show the corresponding result of determination of each recommendation network address in the left side of drop-down prompting frame;Or, institute
State reminding module, be suitable to show the result of determination to described recommendation network address with the form of pop-up.
Alternatively, this device farther includes: maliciously network address blocking module, is suitable to receive use at browser
After family to result of determination is the instruction that malice network address recommends network address to conduct interviews, initiate this malice network address
Request time, this malice network address is carried out intercept operation and/or by described reminding module point out user.
Alternatively, this device farther includes: synchronizes to preserve module, is suitable in described sub module stored
White and black list and described cache sub-module in cloud Query Result as browser client
Personal data carries out synchronizing to preserve.
Malice website prompt method according to the present invention and device, obtain user in browser address bar
Input information, according to the recommendation network address that described this input information of input acquisition of information is corresponding, browses to described
The malice network address determination module of device side initiates to judge whether the request that described recommendation network address is malice network address, and
In the described browser side prompting display malice network address determination module skill to the result of determination of described recommendation network address
Art scheme, can initiate actual access when user inputs information in browser address bar at browser
The most just carry out the judgement of malice network address and point out, accelerating the efficiency that malice network address judges, thus
Solve prior art to confirm to click when certain network address initiates the request of this network address user and just carry out maliciously
The confirmation of network address so that user just knows whether after clicking on network address into malice network address, to experience bad asking
Topic, achieves during user inputs in browser address bar whether just obtain be malice network address
Prompting, improve the beneficial effect of Consumer's Experience.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the skill of the present invention
Art means, and can being practiced according to the content of description, and in order to allow, the present invention's is above and other
Objects, features and advantages can become apparent, below especially exemplified by the detailed description of the invention of the present invention.
Accompanying drawing explanation
By reading the detailed description of hereafter preferred implementation, various other advantage and benefit for this
Field those of ordinary skill will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation,
And it is not considered as limitation of the present invention.And in whole accompanying drawing, be denoted by the same reference numerals
Identical parts.In the accompanying drawings:
Fig. 1 shows the flow chart of a kind of malice website prompt method;
Fig. 2 shows that the malice network address being arranged at according to an embodiment of the invention in browser judges mould
The flow chart of the malice network address decision method of block;
Fig. 3 shows and carries out malice according to an embodiment of the invention in the drop-down prompting frame of browser
The schematic diagram of network address prompting;
Fig. 4 shows the structural representation of a kind of malice network address suggestion device
Figure;
Fig. 5 shows that the structure of a kind of malice network address suggestion device is shown
It is intended to.
Detailed description of the invention
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing shows
The exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure and not
Should be limited by embodiments set forth here.On the contrary, it is provided that these embodiments are able to more thoroughly
Understand the disclosure, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Fig. 1 shows the flow chart of a kind of malice website prompt method.
Wherein, being provided with malice network address determination module in a browser, then see Fig. 1, the method includes:
Step S110, obtains user's input information in browser address bar.
In one embodiment of the invention, the information that the user of acquisition inputs in browser address bar can
To be Chinese character, it is also possible to be English, or it can also be the word of other any language.
Step S120, according to the recommendation network address that input this input information of acquisition of information is corresponding.
In one embodiment of the invention, the network address in input information and network address set can be carried out
Join, obtain more than one recommendation network address.Network address set described here can include following at least
A kind of: the cloud network address that the local browsing history of browser, local collection, server provide.I.e.
In one embodiment of the invention, can by the local browsing history of input information and browser,
Network address in the cloud network address that local collection and server provide is mated, and the network address matched is
Recommending network address, the number of the recommendation network address that coupling obtains may be for one or more.
Step S130, the malice network address determination module to browser side initiates to judge whether to recommend network address for disliking
The request of meaning network address.
Step S140, at the browser side prompting display malice network address determination module judgement knot to recommending network address
Really.
In one embodiment of the invention, can show in the drop-down prompting frame of browser address bar respectively
Recommend network address, and show the corresponding result of determination of each recommendation network address in the left side of drop-down prompting frame.Or,
In another embodiment of the present invention, show the result of determination recommending network address with the form of pop-up.
By the method shown in Fig. 1, i.e. can exist when user inputs information in browser address bar
Browser just carries out the judgement of malice network address and points out before initiating actual access, accelerate malice net
The efficiency that location judges.User, this hinge structure confirms that clicking certain network address initiates this network address
The confirmation of malice network address is just carried out so that user just knows whether as malice net after clicking on network address during request
The scheme of location, substantially increases Consumer's Experience.
In one embodiment of the invention, the malice network address determination module of browser side can use such as lower section
Whether formula carries out recommending each network address in network address to be the judgement of malice network address: each for recommend in network address
Network address, maliciously network address determination module judges whether this network address belongs to white list, if this network address belongs to white name
Single, then this network address is judged to credible by malice network address determination module.As such, it is possible to confirm to recommend network address
In trusted network address.
In one embodiment of the invention, the malice network address determination module of browser side is according to white list
After judging, it is also possible to make the following judgment: as certain network address is not belonging to white list, then malice net
Location determination module judges whether this network address belongs to blacklist, if this network address belongs to blacklist, to server
Inquire about the safety information of this network address, using safety information the sentencing as this network address of this network address that server returns
Determine result.So can further confirm that out the fly-by-night network address in recommendation network address.
In one embodiment of the invention, the malice network address determination module of browser side is according to white list
After judging with blacklist, it is also possible to make the following judgment: if certain network address had both been not belonging to white name
Single blacklist that is also not belonging to, then malice network address determination module initiates the cloud inquiry request of this network address to server,
The cloud Query Result of this network address returned by server is as the result of determination of this network address.So can enter one
Step ground supplements the information recommending a collection of network address in network address to be whether maliciously network address.
In one embodiment of the invention, it is also possible to the cloud that the local cache server at browser returns
Query Result, in judging for follow-up malice network address.So can improve the judgement effect of malice network address
Rate.
Here, blacklist and white list are all the set of network address, and the network address wherein comprised in blacklist is not for
Network address trusty, the network address comprised in white list is network address trusty.Blacklist and white list are permissible
It is that user oneself is manually arranged.
In one embodiment of the invention, both white list, blacklist or white and black list are
Browser this locality is downloaded to after server side is updated, to accelerate the efficiency of above-mentioned cloud inquiry, no
Then browser side there may be substantial amounts of cloud inquiry request.Because of that upgrade in time it has been determined that black
List and white list, it is possible to save the number of times of inquiry.Do not upgrade in time at blacklist and white list
In the case of, the judgement of malice network address can be carried out by the above-mentioned local cloud Query Result of browser that is buffered in,
So can in the renewal of blacklist and white list not in time, it is also possible to carry out efficiently and accurately malice net
Location judges.
Specifically, in one embodiment of the invention, input in the address field of browser as user
During keyword (Chinese character, or English), browser can carry out on backstage to local browsing history,
Network address in the cloud network address that local collection and server provide is mated, by and the URL prompting mated
In the drop-down prompting frame of address field.Carried drop-down by the malice network address determination module being arranged in browser
Show that each URL in frame is made whether the judgement into malice network address, the most as shown in Figure 2.
Fig. 2 shows that the malice network address being arranged at according to an embodiment of the invention in browser judges mould
The flow chart of the malice network address decision method of block.As in figure 2 it is shown, for each network address needing and judging
(URL), maliciously network address determination module perform following steps:
Step S210, it is judged that whether this URL belongs to white list, is then to perform step S220, otherwise holds
Row step SS230.
Step S220, directly carries out normal kernel to this URL and renders and load, and shows that it is credible
Network address.Process ends.
Step S230, it is judged that whether this URL belongs to blacklist, is then to perform step S240, otherwise holds
Row step SS250.
Step S240, carries out the request to net shield server, goes through the safety information of this URL, and by
Net shield server returns the safety information Query Result of this URL, and browser side shows the safety of this URL
Information.Process ends.
Step S250, if all mate in blacklist and white list less than, then enter to net shield server side
The cloud network address Safety query of this URL of row, after net shield server lookup detects any safety information, to
Browser side returns cloud Query Result.
Step S260, browser side, the corresponding cloud Query Result showing this URL in the prompt column of address,
And at this cloud Query Result of browser local cache.Process ends.
Said process as shown in Figure 2 is visible, in the present embodiment, for URL to be judged, maliciously
Network address judges that mould first carries out the judgement of the black and white lists of the first round, if this URL had both been not belonging to white list,
Also be not belonging to blacklist, then malice network address judges that mould carries out the second cloud network address Safety query process taken turns.This
Sample, after first, second judgement taken turns, it is possible to completes whether this URL is that malice network address is sentenced
Disconnected.For crucial each URL mated inputted with user, carry out the judgement shown in Fig. 2 one by one, just
The judgement to all URL mated can be realized, and will determine that result shows in browser address bar
In drop-down prompting frame.
Fig. 3 shows and carries out malice according to an embodiment of the invention in the drop-down prompting frame of browser
The schematic diagram of network address prompting.As it is shown on figure 3, in the present embodiment, at the drop-down prompting frame of browser
The recommendation network address of left side display coupling, and each recommendation network address is shown accordingly on the right side of drop-down prompting frame
Result of determination.
In other embodiments of the invention, it is also possible to prompt for malice network address playing the form of frame
URL。
According to the technique scheme of the present invention, can be in the case of being not switched on webpage, it is possible to realize
Whether the URL to coupling is prejudging of malice network address, meets the need in terms of the network security of user
Want.
In one embodiment of the invention, if user is still the recommendation of malice network address to result of determination
Network address conducts interviews, then intercepting this malice network address the most further in the present invention.I.e. receiving use
After family accesses the instruction of the URL being judged as malice network address, the request to this malice network address initiated by browser
Time, this malice network address carries out intercepting operation or prompting user, or carries out this malice network address intercepting behaviour
Make and point out user.
In one embodiment of the invention, it is also possible to the cloud of white list, blacklist and caching is inquired about
Result carries out synchronizing to preserve as the personal data of browser client.The most different users uses different accounts
During number use browser, browser can be that the user of different account provides different personalized services.With
Family hobby according to oneself can arrange black and white lists under the account of oneself.As such, it is possible to be different
User likes, according to it, the Network Security Service providing different.
Fig. 4 shows the structural representation of a kind of malice network address suggestion device
Figure.This malice network address suggestion device 400 can point out malice network address, sees Fig. 4, and this malice network address carries
Showing device 400 includes: reminding module 410 and malice network address determination module 420.
Reminding module 410, is suitable to obtain user's input information in browser address bar, defeated according to this
Enter the recommendation network address that this input information of acquisition of information is corresponding, initiate to judge to malice network address determination module 420
The most described recommendation network address is the request of malice network address, and judges in browser side prompting display malice network address
The module 420 result of determination to recommending network address;
Maliciously network address determination module 420, is suitable to the request according to reminding module 410 and judges that recommendation network address is
No is malice network address, and result of determination returns to reminding module 410.
Malice network address suggestion device shown in Fig. 4, can input information user in browser address bar
Time, before actual access initiated by browser, i.e. just carry out the judgement of malice network address and point out, accelerating
The efficiency that malice network address judges.User, this hinge structure confirms that clicking certain network address initiates
The confirmation of malice network address is just carried out so that user just knows whether after clicking on network address during the request of this network address
For the scheme of malice network address, substantially increase Consumer's Experience.
Fig. 5 shows that the structure of a kind of malice network address suggestion device is shown
It is intended to.This malice network address suggestion device 500 can point out malice network address, sees Fig. 5, this malice network address
Suggestion device 500 includes: reminding module 510, maliciously network address determination module 520 and malice network address intercept
Module 530.
Reminding module 510, is suitable to obtain user's input information in browser address bar, defeated according to this
Enter the recommendation network address that this input information of acquisition of information is corresponding, initiate to judge to malice network address determination module 520
The most described recommendation network address is the request of malice network address, and judges in browser side prompting display malice network address
The module 520 result of determination to recommending network address.
Specifically, reminding module 510 obtains the defeated of user's Chinese character in browser address bar or English
Enter information, this input information is mated with the network address in network address set, obtains more than one recommendation
Network address.Wherein, at least one during described network address set includes as follows: the local browsing histories of browser
The cloud network address that record, local collection, server provide.
Reminding module 510 can show each recommendation network address in the drop-down prompting frame of browser address bar, and
The corresponding result of determination of each recommendation network address is shown in the left side of drop-down prompting frame.Or, reminding module 510
The result of determination to each recommendation network address can also be shown with the form of pop-up.
Maliciously network address determination module 520, is suitable to the request according to reminding module 510 and judges that recommendation network address is
No is malice network address, and result of determination returns to reminding module 510.
Maliciously network address blocking module 530, being suitable to receive user to result of determination at browser is malice network address
The instruction that conducts interviews of recommendation network address after, when initiating the request to this malice network address, to this malice network address
Carry out intercepting operation and/or pointing out user, with further Strengthens network safety by described reminding module.
Here, maliciously network address blocking module 530 is optional module.In one embodiment of the invention,
If having only to which network address of pre-tip user is malice network address, and in user's actual access malice network address
Time be made without intercepting or relevant prompting, then can omit malice network address blocking module 530.
Specifically judge malice network address determination module 520 below to recommend whether network address is that malice network address is carried out in detail
Describe in detail bright.Specifically, in the present embodiment, maliciously network address determination module 520 includes: storage submodule
Block 521, judge submodule 522, cache sub-module 523, more newly downloaded submodule 524 and synchronize preserve
Submodule 525.
Wherein, sub module stored 521 is suitable to preserve white list.Judge that submodule 522 is suitable to for recommending
Each network address in network address, it is judged that whether this network address belongs to white list, if this network address belongs to white list,
Then this network address is judged to credible, and result of determination is returned to reminding module 510.As such, it is possible to really
Recognize the trusted network address recommended in network address.
Sub module stored 521 can also preserve blacklist further.Judge that submodule 522 can be further
When this network address is not belonging to white list, it is judged that whether this network address belongs to blacklist, if this network address belongs to black
List, to the safety information of this network address of server lookup, by the safety information of this network address that server returns
Result of determination as this network address returns to reminding module 510.So can further confirm that out recommendation net
Fly-by-night network address in location.
Judge that submodule 522 can also both be not belonging to white list in this network address further and also be not belonging to blacklist
Time, initiate the cloud inquiry request of this network address to server, the cloud inquiry knot of this network address returned by server
Fruit is as the result of determination of this network address.The a collection of network address so can supplemented further in recommendation network address is
No be malice network address information.
Judge that the cloud Query Result of this network address of server return can also be preserved by submodule 522 further
In cache sub-module 523.Cache sub-module 523 preserves the cloud inquiry knot judging that submodule 522 sends
Really, in judging for follow-up malice network address.So can improve judging efficiency and the standard of malice network address
Exactness.
More newly downloaded submodule 524 is suitable to from white list and/or blacklist after the down loading updating of server side,
And be saved in sub module stored 521.This efficiency that can accelerate to judge the cloud inquiry of submodule 522,
No judgement submodule 522 there may be substantial amounts of cloud inquiry request.The most true because of upgrade in time
Fixed blacklist and white list, it is possible to save the number of times of inquiry.The most timely at blacklist and white list
In the case of renewal, malice network address can be carried out by the cloud Query Result preserved in cache sub-module 523
Judgement, so can in the renewal of blacklist and white list not in time, it is also possible to carry out efficient and accurate
Malice network address judge.
Synchronize to preserve module 525, be suitable to the white and black list in sub module stored 521 and delay
Deposit cloud Query Result in submodule 523 to carry out synchronizing to preserve as the personal data of browser client.This
When the different user of sample uses different accounts to use browser, browser can be the user of difference account
Different personalized services is provided.User hobby according to oneself can arrange black and white under the account of oneself
List.As such, it is possible to like, according to it, the Network Security Service providing different for different users.
In sum, the malice website prompt method of the present invention and device, it is possible to obtain user at browser
Input information in address field, according to the recommendation network address that described this input information of input acquisition of information is corresponding,
Malice network address determination module to described browser side initiates to judge whether that described recommendation network address is for malice network address
Request, and described browser side prompting display malice network address determination module described recommendation network address is sentenced
Determine the technical scheme of result, can send out at browser when user inputs information in browser address bar
Just carry out the judgement of malice network address before playing actual access and point out, accelerating what malice network address judged
Efficiency, thus solves prior art when user confirms to click the request that certain network address initiates this network address
Just carry out the confirmation of malice network address so that user just knows whether as malice network address, body after clicking on network address
Test bad problem, achieve and whether just obtain during user inputs in browser address bar
For the prompting of malice network address, improve the beneficial effect of Consumer's Experience.
It should be understood that
Algorithm and display be not solid with any certain computer, virtual system or miscellaneous equipment provided herein
Have relevant.Various general-purpose systems can also be used together with based on teaching in this.As described above,
Construct the structure required by this kind of system to be apparent from.Additionally, the present invention is also not for any specific
Programming language.It is understood that, it is possible to use various programming languages realize the content of invention described herein,
And the description done language-specific above is the preferred forms in order to disclose the present invention.
In description mentioned herein, illustrate a large amount of detail.It is to be appreciated, however, that this
Inventive embodiment can be put into practice in the case of not having these details.In some instances, not
It is shown specifically known method, structure and technology, in order to do not obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand in each inventive aspect one
Or multiple, above in the description of the exemplary embodiment of the present invention, each feature of the present invention is sometimes
It is grouped together in single embodiment, figure or descriptions thereof.But, should be by the disclosure
Method be construed to reflect an intention that i.e. the present invention for required protection require ratio in each claim
The middle more feature of feature be expressly recited.More precisely, as the following claims reflect
As, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows
Claims of detailed description of the invention are thus expressly incorporated in this detailed description of the invention, the most each right
Requirement itself is all as the independent embodiment of the present invention.
Those skilled in the art are appreciated that and can carry out the module in the equipment in embodiment certainly
Change adaptively and they are arranged in one or more equipment different from this embodiment.Permissible
Module in embodiment or unit or assembly are combined into a module or unit or assembly, and in addition may be used
To put them into multiple submodule or subelement or sub-component.Except such feature and/or process or
Outside at least some in unit excludes each other, can use any combination that (this specification is included companion
With claim, summary and accompanying drawing) disclosed in all features and so disclosed any method or
All processes of person's equipment or unit are combined.Unless expressly stated otherwise, this specification (includes companion
With claim, summary and accompanying drawing) disclosed in each feature can by provide identical, equivalent or phase
Replace like the alternative features of purpose.
Although additionally, it will be appreciated by those of skill in the art that embodiments more described herein include it
Some feature included in its embodiment rather than further feature, but the group of the feature of different embodiment
Close and mean to be within the scope of the present invention and formed different embodiments.Such as, in following power
In profit claim, one of arbitrarily can mode making in any combination of embodiment required for protection
With.
The all parts embodiment of the present invention can realize with hardware, or to process at one or more
The software module run on device realizes, or realizes with combinations thereof.Those skilled in the art should
Understand, microprocessor or digital signal processor (DSP) can be used in practice to realize basis
Some or all parts in the malice network address suggestion device of the embodiment of the present invention some or all
Function.The present invention be also implemented as perform method as described herein part or all
Equipment or device program (such as, computer program and computer program).Such realization is originally
The program of invention can store on a computer-readable medium, or can have one or more signal
Form.Such signal can be downloaded from internet website and obtain, or provides on carrier signal,
Or provide with any other form.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment,
And those skilled in the art can design replacement in fact without departing from the scope of the appended claims
Execute example.In the claims, should not will be located in any reference marks between bracket to be configured to right is wanted
The restriction asked.Word " comprises " and does not excludes the presence of the element or step not arranged in the claims.It is positioned at
Word "a" or "an" before element does not excludes the presence of multiple such element.The present invention is permissible
By means of including the hardware of some different elements and realizing by means of properly programmed computer.?
If listing in the unit claim of equipment for drying, several in these devices can be by same
Hardware branch specifically embodies.Word first, second and third use do not indicate that any order.
Can be title by these word explanations.
Claims (14)
1., for a malice website prompt method for browser, wherein, it is provided with in described browser
Maliciously network address determination module, before actual access initiated by browser, the method includes:
Obtain user's input information in browser address bar;
According to the recommendation network address that described this input information of input acquisition of information is corresponding, including: this input is believed
Breath mates with the network address in network address set, obtains more than one recommendation network address;
Wherein, at least one during described network address set includes as follows: the local browsing histories note of browser
The cloud network address that record, local collection, server provide;
Malice network address determination module to described browser side initiates to judge whether that described recommendation network address is for malice
The request of network address, described malice network address determination module pushes away according to local white and black list judgement
Recommend whether network address is malice network address;Specifically: for each network address in described recommendation network address, maliciously net
Location determination module judges whether this network address belongs to white list, if this network address belongs to white list, then and malice net
This network address is judged to credible by location determination module;If this network address is not belonging to white list, then malice network address is sentenced
Cover half block judges whether this network address belongs to blacklist, if this network address belongs to blacklist, to server lookup
The safety information of this network address, the safety information of this network address returned by server is tied as the judgement of this network address
Really;
In described browser side, the judgement of described recommendation network address is tied by prompting display malice network address determination module
Really, including:
Each recommendation network address is shown in the drop-down prompting frame of browser address bar, and on a left side for drop-down prompting frame
Side shows the corresponding result of determination of each recommendation network address;
Or,
The result of determination to described recommendation network address is shown with the form of pop-up.
The most the method for claim 1, wherein the method farther includes:
If this network address had both been not belonging to white list and has also been not belonging to blacklist, then malice network address determination module is to clothes
The cloud inquiry request of this network address initiated by business device, and the cloud Query Result of this network address returned by server is as this
The result of determination of network address.
3. method as claimed in claim 2, wherein, the method farther includes:
At the described cloud Query Result that the local cache server of browser returns, for follow-up malice network address
Judgement uses.
The most the method for claim 1, wherein
Described white list and/or blacklist are to download to browser this locality in server side after being updated
's.
The most described input information is Chinese character or English.
6. the method as according to any one of claim 1 to 5, wherein, when receiving user to judging knot
After the instruction that the recommendation network address that fruit is malice network address conducts interviews, browser initiates to ask this malice network address
When asking, the method farther includes:
Carry out this malice network address intercepting operation and/or prompting user.
7. method as claimed in claim 3, wherein, the method farther includes:
The cloud Query Result of white list, blacklist and caching is entered as the personal data of browser client
Row synchronizes to preserve.
8. a malice network address suggestion device, including: reminding module and malice network address determination module, wherein,
Described reminding module, is suitable to obtain user before actual access initiated by browser in browser address
Input information in hurdle, according to the recommendation network address that described this input information of input acquisition of information is corresponding, to institute
State malice network address determination module to initiate to judge whether the request that described recommendation network address is malice network address, and in institute
State the browser side prompting display malice network address determination module result of determination to described recommendation network address;
Described malice network address determination module, is suitable to judge described recommendation according to local white and black list
Whether network address is malice network address;Be suitable to whether the request according to described reminding module judges described recommendation network address
For malice network address, and result of determination is returned to described reminding module;
Wherein, described malice network address determination module includes: sub module stored and judge submodule, wherein,
Described sub module stored, is suitable to preserve white list;
Described judgement submodule, is suitable to for each network address in described recommendation network address, it is judged that this network address is
No belong to white list, if this network address belongs to white list, then this network address is judged to credible, and will judge
Result returns to described reminding module;
Described sub module stored, is further adapted for preserving blacklist;
Described judgement submodule, is further adapted for when this network address is not belonging to white list, it is judged that this network address is
No belong to blacklist, if this network address belongs to blacklist, to the safety information of this network address of server lookup,
The safety information of this network address returned by server returns to described prompting mould as the result of determination of this network address
Block;
Described reminding module, is suitable to mate described input information with the network address in network address set,
To more than one recommendation network address;
Wherein, at least one during described network address set includes as follows: the local browsing histories note of browser
The cloud network address that record, local collection, server provide;
Described reminding module, is further adapted for showing each recommendation network address in the drop-down prompting frame of browser address bar,
And the corresponding result of determination of each recommendation network address is shown in the left side of drop-down prompting frame;
Or,
Described reminding module, is suitable to show the result of determination to described recommendation network address with the form of pop-up.
9. device as claimed in claim 8, wherein,
Described judgement submodule, is further adapted for both being not belonging to white list in this network address and is also not belonging to blacklist
Time, initiate the cloud inquiry request of this network address to server, the cloud inquiry knot of this network address returned by server
Fruit is as the result of determination of this network address.
10. device as claimed in claim 9, wherein, described malice network address determination module wraps further
Include: cache sub-module;
Described judgement submodule, is further adapted for the cloud Query Result preservation of this network address returned by server
In described cache sub-module;
Described cache sub-module, is suitable to preserve the cloud Query Result that described judgement submodule sends, for follow-up
Malice network address judge in use.
11. devices as claimed in claim 8, wherein, described malice network address determination module wraps further
Include: more newly downloaded submodule;
Described more newly downloaded submodule, is suitable to from white list and/or black name after the down loading updating of server side
Single, and be saved in described sub module stored.
12. devices as claimed in claim 8, wherein,
Described reminding module, is suitable to obtain the input letter of user's Chinese character in browser address bar or English
Breath.
13. devices as according to any one of claim 8 to 12, wherein, this device farther includes:
Maliciously network address blocking module;
Described malice network address blocking module, being suitable to receive user to result of determination at browser is malice network address
The instruction that conducts interviews of recommendation network address after, when initiating the request to this malice network address, to this malice network address
Carry out intercepting operation and/or pointing out user by described reminding module.
14. devices as claimed in claim 10, wherein, this device farther includes: synchronize to preserve mould
Block;
Synchronize to preserve module, be suitable to the white and black list in described sub module stored and described slow
Deposit cloud Query Result in submodule to carry out synchronizing to preserve as the personal data of browser client.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210450998.6A CN102938766B (en) | 2012-11-12 | 2012-11-12 | Maliciously website prompt method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210450998.6A CN102938766B (en) | 2012-11-12 | 2012-11-12 | Maliciously website prompt method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102938766A CN102938766A (en) | 2013-02-20 |
CN102938766B true CN102938766B (en) | 2016-08-24 |
Family
ID=47697634
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210450998.6A Active CN102938766B (en) | 2012-11-12 | 2012-11-12 | Maliciously website prompt method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102938766B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102946391B (en) * | 2012-11-12 | 2016-09-28 | 北京奇虎科技有限公司 | The method of prompting malice network address and a kind of browser in a kind of browser |
CN104052722A (en) * | 2013-03-15 | 2014-09-17 | 腾讯科技(深圳)有限公司 | Web address security detection method, apparatus and system |
CN103491543A (en) * | 2013-09-30 | 2014-01-01 | 北京奇虎科技有限公司 | Method for detecting malicious websites through wireless terminal, and wireless terminal |
US8812705B1 (en) * | 2013-10-15 | 2014-08-19 | Google Inc. | Accessing location-based content |
CN104504058B (en) * | 2014-12-18 | 2018-10-09 | 北京奇虎科技有限公司 | A kind of page display method and browser device |
CN105094560B (en) * | 2015-08-10 | 2021-08-13 | 联想(北京)有限公司 | Information processing method and electronic equipment |
CN105550266A (en) * | 2015-12-09 | 2016-05-04 | 百度在线网络技术(北京)有限公司 | Website address associated information display method and device |
CN105959280B (en) * | 2016-04-28 | 2019-10-15 | 北京奇虎科技有限公司 | The hold-up interception method and device of malice network address |
CN106713266B (en) * | 2016-11-14 | 2020-09-04 | 腾讯科技(深圳)有限公司 | Method, device, terminal and system for preventing information leakage |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102355469A (en) * | 2011-10-31 | 2012-02-15 | 北龙中网(北京)科技有限责任公司 | Method for displaying credibility certification for website in address bar of browser |
CN102467633A (en) * | 2010-11-19 | 2012-05-23 | 奇智软件(北京)有限公司 | Method and system for safely browsing webpage |
CN102724186A (en) * | 2012-06-06 | 2012-10-10 | 珠海市君天电子科技有限公司 | System and method for detecting phishing websites |
CN102946391A (en) * | 2012-11-12 | 2013-02-27 | 北京奇虎科技有限公司 | Method for prompting malicious website in browser and browser |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107103062A (en) * | 2012-03-06 | 2017-08-29 | 北京奇虎科技有限公司 | A kind of webpage recommending method and system |
-
2012
- 2012-11-12 CN CN201210450998.6A patent/CN102938766B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102467633A (en) * | 2010-11-19 | 2012-05-23 | 奇智软件(北京)有限公司 | Method and system for safely browsing webpage |
CN102355469A (en) * | 2011-10-31 | 2012-02-15 | 北龙中网(北京)科技有限责任公司 | Method for displaying credibility certification for website in address bar of browser |
CN102724186A (en) * | 2012-06-06 | 2012-10-10 | 珠海市君天电子科技有限公司 | System and method for detecting phishing websites |
CN102946391A (en) * | 2012-11-12 | 2013-02-27 | 北京奇虎科技有限公司 | Method for prompting malicious website in browser and browser |
Also Published As
Publication number | Publication date |
---|---|
CN102938766A (en) | 2013-02-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102938766B (en) | Maliciously website prompt method and device | |
CN102946391B (en) | The method of prompting malice network address and a kind of browser in a kind of browser | |
AU2016222493B2 (en) | Client-side modification of search results based on social network data | |
CN102932356B (en) | Malice network address hold-up interception method and device in multi-core browser | |
US9832210B2 (en) | Multi-core browser and method for intercepting malicious network address in multi-core browser | |
US11323522B2 (en) | Secure, anonymous browsing with a remote browsing server | |
CN105843815B (en) | Page comment processing method and device and browser | |
US10182046B1 (en) | Detecting a network crawler | |
CN102930057B (en) | Search implementation method and device | |
US20120304286A1 (en) | Methods and apparatus for blocking usage tracking | |
CN102968584B (en) | A kind of method and apparatus of log-on webpage | |
CN103617196B (en) | Recommend method, browser, server and the system of network address | |
US20210258271A1 (en) | System and methods for integrating social network information | |
CN102521257A (en) | Method and device for providing corresponding on-line picture according to thumbnail | |
CN102541853A (en) | Method and device which are capable of obtaining application information by utilizing browser address bar | |
CN102185830B (en) | A kind of method and system of security filtration of network television browser | |
WO2014023121A1 (en) | Method and device for launching individual content | |
WO2014063006A2 (en) | Filtering a stream of content | |
CN105991634A (en) | Access control method and apparatus | |
CN103544288A (en) | Browser webpage loading control method and device | |
CN104468549A (en) | Client side operating request responding method and device and server | |
CN105991331A (en) | Forum review method, device and log management device | |
Kim et al. | I’ve Got Your Number: Harvesting users’ personal data via contacts sync for the KakaoTalk messenger | |
CN102930039B (en) | The processing method and processing device of collection information, browser device | |
KR101768456B1 (en) | Dispersion management platform of closed type social network service and management system using the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220718 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |