CN105100119A - URL detection method and device - Google Patents
URL detection method and device Download PDFInfo
- Publication number
- CN105100119A CN105100119A CN201510548236.3A CN201510548236A CN105100119A CN 105100119 A CN105100119 A CN 105100119A CN 201510548236 A CN201510548236 A CN 201510548236A CN 105100119 A CN105100119 A CN 105100119A
- Authority
- CN
- China
- Prior art keywords
- network address
- detected
- safe
- dangerous
- described network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Abstract
The invention discloses an URL detection method and device. One specific embodiment of the method comprises: obtaining an URL to be detected in a browser; locally detecting whether the URL to be detected is safe; if the result of the local detection indicates that the URL to be detected is not safe, sending the URL to be detected to a cloud side and judging, by the cloud side, whether the URL to be detected is safe; receiving the detection result of the URL to be detected from the cloud side; when the detection result of the cloud side indicates that the URL to be detected is safe, saving the URL to be detected in a browsing history catalog; and when the detection result of the cloud side indicates that the URL to be detected is not safe, sending a prompting message to the user. The URL detection method avoids the problem of a potential risk existing when a user browses an unsafe website and is capable of providing evidence for the user claiming for the damage subsequently; if the URL to be detected is not safe, the prompting message is sent to remind the user of stopping requesting for loading, and therefore, the economical loss of the user is avoided.
Description
Technical field
The application relates to field of computer technology, is specifically related to the detection technique field of network address, especially relates to detection method and the device of network address.
Background technology
When user uses primary browser to carry out web page browsing, dangerous network address that what if user browsed is (as, fishing website, fake site etc.), probably bring economic loss to user, therefore, need to monitor the navigation patterns of user, if when the current network address browsed of user is unsafe network address, the information that the current network address of user is risky can be pointed out, avoid the economic loss brought to user.
In prior art one, store dangerous network address blacklist in computer this locality, when whether detection network address to be detected is safe network address, if network address to be detected is included in blacklist, then network address to be detected is dangerous network address; If network address to be detected is not included in blacklist, then network address to be detected is safe network address.But the dangerous network address stored in prior art one Computer this locality, can not upgrade automatically, up-to-date dangerous network address blacklist cannot be obtained, to such an extent as to can accurately not judge whether network address to be detected is safe network address.
In prior art two, store safe network address white list in computer this locality, when whether detection network address to be detected is safe network address, if network address to be detected is included in white list, then network address to be detected is safe network address; If network address to be detected is not included in white list, then network address to be detected is dangerous network address.But in prior art two, although can accurately judge that network address to be detected is safe network address, but because the white list stored can not upgrade at any time, white list is caused to have limitation, safe network address may be detected as dangerous network address, to such an extent as to can accurately not judge whether network address to be detected is dangerous network address.
Summary of the invention
The object of the application is the detection method and the device that propose network address, can accurately not judge that whether network address to be detected is the problem of safe network address or dangerous network address to solve in prior art.
For achieving the above object, this application provides following scheme:
First aspect, this application provides a kind of detection method of network address, and described method comprises: obtain network address to be detected in browser; Detect whether described network address to be detected is safe network address in this locality; If the described network address to be detected of local testing result display is not safe network address, then described network address to be detected is sent to high in the clouds, judge whether described network address to be detected is safe network address by high in the clouds; The testing result of network address to be detected is received from high in the clouds; When the described network address to be detected of high in the clouds testing result display is safe network address, store described network address to be detected in browsing in record catalogue; When the described network address to be detected of high in the clouds testing result display is dangerous network address, send prompting message to user.
In certain embodiments, whether described is that safe network address specifically comprises in this locality described network address to be detected of detection: in advance at the white list of local storage security network address; Described network address to be detected is mated with the arbitrary safe network address in described white list; When the matching similarity of the arbitrary safe network address in described network address to be detected and described white list is greater than the first predetermined threshold value, determine that described network address to be detected is safe network address.
In certain embodiments, whether described is that safe network address specifically comprises in this locality described network address to be detected of detection: detect that the matching similarity of each safe network address in described network address to be detected and described white list is all less than or equal to described first predetermined threshold value; Determine that testing result is not safe network address.
In certain embodiments, described method also comprises: tackle the webpage that described risk network address is corresponding, to stop loading web page contents corresponding to dangerous network address.
In certain embodiments, in the described network address to be detected of described storage after browsing in record catalogue, described method also comprises: when the described network address browsed in record catalogue causes the economic loss of user, the economic loss of application to user according to user is compensated.
Second aspect, this application provides a kind of detection method of network address, and described method comprises: receive the network address to be detected that client sends; Judge whether described network address to be detected is safe network address; Send the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
In certain embodiments, describedly judge whether described network address to be detected is that safe network address specifically comprises: the white list of storage security network address and the blacklist of dangerous network address beyond the clouds in advance; Described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, when described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, determines that described network address to be detected is dangerous network address; Described network address to be detected is mated with the arbitrary safe network address in described white list, when described network address to be detected is mated with the arbitrary safe network address in described white list, determines that described network address to be detected is safe network address.
In certain embodiments, describedly judge whether described network address to be detected is that safe network address specifically also comprises: when the matching similarity of the arbitrary risk network address in described network address to be detected and described blacklist is not more than described second predetermined threshold value, obtain the web page contents that each risk network address in described blacklist is corresponding; The web page contents that content of pages corresponding for described network address to be detected is corresponding with the arbitrary risk network address in described blacklist mates; When the matching similarity of the web page contents corresponding with the arbitrary risk network address in described blacklist when the content of pages that described network address to be detected is corresponding is greater than the 3rd predetermined threshold value, determine that described network address to be detected is risk network address.
In certain embodiments, when determining that described network address to be detected is safe network address, detecting the safe class of described network address to be detected, and sending the information of described safe class; When determining that described network address to be detected is dangerous network address, detecting the risk class of described network address to be detected, and sending the information of described risk class.
The third aspect, this application provides a kind of checkout gear of network address, and described device comprises: acquiring unit, for obtaining network address to be detected in browser; In this locality, detecting unit, for detecting whether described network address to be detected is safe network address; Transmitting element, if be not safe network address for the described network address to be detected of local testing result display, then send to high in the clouds by described network address to be detected, judges whether described network address to be detected is safe network address by high in the clouds; Receiving element, for receiving the testing result of network address to be detected from high in the clouds; Memory cell, for when the described network address to be detected of high in the clouds testing result display is safe network address, stores described network address to be detected in browsing in record catalogue; Tip element, for when the described network address to be detected of high in the clouds testing result display is dangerous network address, sends prompting message to user.
In certain embodiments, described detecting unit specifically for: in advance at the white list of local storage security network address; Described network address to be detected is mated with the arbitrary safe network address in described white list; When the matching similarity of the arbitrary safe network address in described network address to be detected and described white list is greater than the first predetermined threshold value, determine that described network address to be detected is safe network address.
In certain embodiments, described detecting unit specifically for: detect that the matching similarity of each safe network address in described network address to be detected and described white list is all less than or equal to described first predetermined threshold value; And, detect that the matching similarity of each dangerous network address in described network address to be detected and described blacklist is all less than or equal to described second predetermined threshold value; Determine that testing result is not safe network address.
In certain embodiments, described device also comprises: interception unit, for tackling webpage corresponding to dangerous network address, to stop loading web page contents corresponding to dangerous network address.
In certain embodiments, described device also comprises: compensate unit, for when described in browse the network address recorded in catalogue cause the economic loss of user time, the economic loss of application to user according to user is compensated.
Fourth aspect, this application provides a kind of checkout gear of network address, and described device comprises: receiving element, for receiving the network address to be detected that client sends; Judging unit, for judging whether described network address to be detected is safe network address; Transmitting element, for sending the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
In certain embodiments, described judging unit is specifically for the white list of storage security network address and the blacklist of dangerous network address beyond the clouds in advance; Described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, when described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, determines that described network address to be detected is dangerous network address; Described network address to be detected is mated with the arbitrary safe network address in described white list, when described network address to be detected is mated with the arbitrary safe network address in described white list, determines that described network address to be detected is safe network address.
In certain embodiments, described judging unit concrete also for: when the matching similarity of the arbitrary risk network address in described network address to be detected and described blacklist is not more than described second predetermined threshold value, obtain the web page contents that each risk network address in described blacklist is corresponding; The web page contents that content of pages corresponding for described network address to be detected is corresponding with the arbitrary risk network address in described blacklist mates; When the matching similarity of the web page contents corresponding with the arbitrary risk network address in described blacklist when the content of pages that described network address to be detected is corresponding is greater than the 3rd predetermined threshold value, determine that described network address to be detected is risk network address.
In certain embodiments, described device also comprises: level cells, for when determining that described network address to be detected is safe network address, detecting the safe class of described network address to be detected, and sending the information of described safe class; When determining that described network address to be detected is dangerous network address, detect the risk class of described network address to be detected; And send the information of described risk class.
According to the specific embodiment that the application provides, this application discloses following technique effect:
The mode of the embodiment of the present application by being combined with high in the clouds in this locality, treat detection network address to detect, treat the safe class detecting network address to judge, avoid potential risks problem when user browses dangerous website, if network address to be detected is safe network address, then storing network address to be detected in browsing in record catalogue, being conducive to the Claims Resolution of user's subsequent application and producing evidence; If network address to be detected is dangerous network address, then point out user to stop request of loading, the economy avoiding user incurs loss.
Certainly, the arbitrary product implementing the application might not need to reach above-described all advantages simultaneously.
Accompanying drawing explanation
By reading the detailed description done non-limiting example done with reference to the following drawings, the other features, objects and advantages of the application will become more obvious:
Fig. 1 is the exemplary system architecture according to the detection method of the network address of the application and the embodiment of device;
Fig. 2 is the scene schematic diagram of the detection of network address according to the application;
Fig. 3 is the detection method flow chart of the network address according to the application;
Fig. 4 is the schematic diagram of the embodiment detected according to the safe network address of the application;
Fig. 5 is the detection method flow chart of the network address provided according to another embodiment of the application;
Fig. 6 is the schematic diagram of another embodiment according to the safe network address of the application or the detection of dangerous network address;
Fig. 7 is the checkout gear schematic diagram of the network address according to the application;
Fig. 8 is the checkout gear schematic diagram of the network address of another embodiment according to the application;
Fig. 9 is the structural representation of the computer system be suitable for for the terminal equipment or server realizing the embodiment of the present application.
Embodiment
Below in conjunction with drawings and Examples, the application is described in further detail.Be understandable that, specific embodiment described herein is only for explaining related invention, but not the restriction to this invention.It also should be noted that, for convenience of description, in accompanying drawing, illustrate only the part relevant to Invention.
It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.Below with reference to the accompanying drawings and describe the application in detail in conjunction with the embodiments.
The detection method of the network address that the embodiment of the present application provides and device, can provide Data support for all kinds of supervisory control system, in the embodiment of the present application to detect client, such as, mobile phone bodyguard, Baidu house keeper etc., but not in this, as restriction.
Embodiment one
Fig. 1 shows the exemplary system architecture 100 of the detection method of the network address can applying the application and the embodiment of device.
As shown in Figure 1, system architecture 100 can comprise terminal equipment 101,102,103, network 104 and server 105.Network 104 is in order at terminal equipment 101, the medium providing communication link between 102,103 and server 105.Network 104 can comprise various connection type, such as wired, wireless communication link or fiber optic cables etc.
User can use terminal equipment 101,102,103 mutual by network 104 and server 105, to receive or to send message etc.Terminal equipment 101,102,103 can be provided with the application of various telecommunication customer end, such as, the detection application, the application of shopping class, searching class application, JICQ, mailbox client, social platform software etc. of network address.
Terminal equipment 101,102,103 can be have the detection of installing network address apply and support the various electronic equipments of the detection of network address, include but not limited to smart mobile phone, panel computer, E-book reader, MP3 player (MovingPictureExpertsGroupAudioLayerIII, dynamic image expert compression standard audio frequency aspect 3), MP4 (MovingPictureExpertsGroupAudioLayerIV, dynamic image expert compression standard audio frequency aspect 4) player, pocket computer on knee and desktop computer etc.
Server 105 can be to provide the server of various service, such as, to the server that the detection of network address on terminal equipment 101,102,103 provides support.Server can carry out the process such as analysis to the data received from terminal equipment (such as, network address to be detected), and result (such as, the testing result of network address to be detected) is fed back to terminal equipment.
It should be noted that, the detection method of the network address that the embodiment of the present application provides can be performed by terminal equipment 101,102,103 (application at this moment can installing such as network address detection and so on the terminal device in advance), or also can be performed by server 105, correspondingly, the checkout gear of network address is generally positioned in terminal equipment 101,102,103.
Should be appreciated that, the number of the terminal equipment in Fig. 1, network and server is only schematic.According to realizing needs, the terminal equipment of arbitrary number, network and server can be had.
Please refer to Fig. 2, the scene that it illustrates the detection of network address illustrates Figure 200.This embodiment mainly be applied to browser is installed terminal in illustrate, this terminal equipment 101,102,103 can be smart mobile phone, computer etc.Particularly, for terminal equipment 101, the application program of installation and measuring client 202 in this terminal equipment 101, when detection client is run in the terminal, mutual with the browser in terminal, from browser 203, obtain network address to be detected, detect network address to be detected.
The detection method flow chart 300 of the network address that Fig. 3 provides for the embodiment of the present application, executive agent is for detecting client 202, and see Fig. 3, the detection method of network address specifically comprises the following steps:
Network address to be detected in step 301, acquisition browser;
Network address to be detected can be the network address that browser is about to load, and also can be the network address browsed in browser in record, namely browsed network address.
Such as, to obtain in browser the network address being about to browse, after user inputs network address on the address field of browser, before browser loads this network address, detect client on address field, extract this network address.
Step 302, this locality detect described network address to be detected whether be safe network address.
This locality is this locality detecting client, under the state referring to terminal (computer or the mobile phone) failed cluster installing place, detects this locality of client.
Such as, network address to be detected be " baike.baidu.com/link? url=kcby7 ", the Main Domain of this network address is baidu.com, and second level domain is baike.baidu.com, by detecting the fail safe of second level domain, judge whether network address to be detected is safe network address.
Concrete, see Fig. 4, it illustrates the schematic diagram 400 of the embodiment that safe network address detects, the detection of safe network address, can be performed by following steps:
Step 401, in advance at the white list of local storage security network address;
Safe network address in white list is credible network address, such as, see the white list shown in table one.
Table one
| Numbering | Safe network address |
| 1 | baike.baidu.com |
| 2 | wenku.baidu.com |
| …… | …… |
Step 402, described network address to be detected to be mated with the arbitrary safe network address in described white list;
Network address to be detected is mated with the arbitrary safe network address in table one, as aforementioned, by network address to be detected " baike.baidu.com/link? url=kcby7 ", mate with safe network address arbitrary in the arbitrary entry in table one; Or the second level domain of network address to be detected is mated with the arbitrary safe network address in table one.
Step 403, when the matching similarity of the arbitrary safe network address in described network address to be detected and described white list is greater than the first predetermined threshold value, determine that described network address to be detected is safe network address;
Can preset the first predetermined threshold value is 80%, as aforementioned, when network address to be detected " baike.baidu.com/link? url=kcby7 ", when being greater than 80% with safe network address matching similarity arbitrary in the arbitrary entry in table one, determine that above-mentioned network address to be detected is above-mentioned safe network address.
If the described network address to be detected of step 303 local testing result display is not safe network address, then described network address to be detected is sent to high in the clouds, judge whether described network address to be detected is safe network address by high in the clouds;
Particularly, the matching similarity of each safe network address detected in above-mentioned network address to be detected and above-mentioned white list is all less than or equal to above-mentioned first predetermined threshold value; Determine that the described network address to be detected of above-mentioned local testing result display is not safe network address, namely network address to be detected is not by local detect security.
Such as, when the matching similarity of each safe network address in above-mentioned network address to be detected and above-mentioned white list is all not more than above-mentioned first predetermined threshold value, determine that above-mentioned network address to be detected is not above-mentioned safe network address.As aforementioned, if when not having safe network address and network address matching similarity to be detected to be greater than 80% in white list, determine that above-mentioned network address to be detected is not safe network address, should be understood that, just determine network address to be detected not for safe network address, but be not this network address to be detected must be the network address that namely dangerous network address has risk.
Step 304, receive the testing result of network address to be detected from high in the clouds;
It is safe network address that testing result comprises described network address to be detected, and described network address to be detected is dangerous network address.
Step 305, when high in the clouds testing result display described network address to be detected be safe network address time, store described network address to be detected in browse record catalogue in;
Particularly, when the described network address to be detected of high in the clouds testing result display is safe network address, store above-mentioned network address to be detected in browsing in record catalogue.Be understandable that, browse record catalogue and store browsed network address and the time of browsing network address, both corresponding relations.Storing network address to be detected in browsing in record catalogue, being mainly used in as application Claims Resolution is produced evidence, needing according to browsing record whether authentic and valid, so when user applies for Claims Resolution, provide and browse record if screening the application of user owing to compensating module.
In the above-mentioned network address to be detected of above-mentioned storage after browsing in record catalogue, when the above-mentioned network address browsed in record catalogue causes the economic loss of user, according to the application of user, compensate by compensating module application, sending to browsing record the window after sale detecting client, asking for reparation to the businessman detecting client.
Alternatively, when the described network address browsed in record catalogue causes the economic loss of user, the economic loss of application to user according to user is compensated.
Step 306, when high in the clouds testing result display described network address to be detected be dangerous network address time, send prompting message to user.
The mode sending prompting message is that the form playing window is pointed out.Send prompting message for pointing out the network address of the current loading of user dangerous, so that user stops request of loading.
Alternatively, tackle the webpage that dangerous network address is corresponding, to stop loading web page contents corresponding to dangerous network address.
Embodiment two
The detection method flow chart of the network address that Fig. 5 provides for another embodiment of the application, executive agent is server 105 (server can be cloud server), and see Fig. 5, the detection method 500 of network address specifically comprises the following steps:
The network address to be detected that step 501, reception client send;
Step 502, judge whether described network address to be detected is safe network address;
Particularly, see Fig. 6, it illustrates the schematic diagram 600 of another embodiment of the detection of safe network address or dangerous network address, high in the clouds determines whether that safe network address performs especially by following steps:
Step 601, the in advance white list of storage security network address and the blacklist of dangerous network address beyond the clouds;
Step 602, described network address to be detected to be mated with the arbitrary dangerous network address in described blacklist, when described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, determine that described network address to be detected is dangerous network address;
Step 603, described network address to be detected to be mated with the arbitrary safe network address in described white list, when described network address to be detected is mated with the arbitrary safe network address in described white list, determine that described network address to be detected is safe network address.
High in the clouds determines whether that safe network address specifically can also be performed by following steps:
Step 604, when the matching similarity of the arbitrary risk network address in described network address to be detected and described blacklist is not more than described second predetermined threshold value, obtain the web page contents that each risk network address in described blacklist is corresponding;
Step 605, the web page contents that content of pages corresponding for described network address to be detected is corresponding with the arbitrary risk network address in described blacklist to be mated;
When the matching similarity of step 606, the web page contents corresponding with the arbitrary risk network address in described blacklist when the content of pages that described network address to be detected is corresponding is greater than the 3rd predetermined threshold value, determine that described network address to be detected is risk network address.
Step 503, send the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
Alternatively, when determining that described network address to be detected is safe network address, detecting the safe class of described network address to be detected, and sending the information of described safe class; When determining that described network address to be detected is dangerous network address, detecting the risk class of described network address to be detected, and sending the information of described risk class.
Particularly, safe class can be divided into and be sure of level, credible level, regular grade.Be sure of that the network address of level manually makes an addition in white list, credible level is the grade that can obtain record information, and regular grade cannot obtain record information, but does not possess the network address of risk.Detect the safe class of above-mentioned network address to be detected, and the rank that coupling one is corresponding with network address to be detected from safe class, and point out this class information to user.
Risk class can be divided into low-risk, excessive risk, malice network address, detects the risk class of above-mentioned network address to be detected, and the rank that coupling one is corresponding with network address to be detected from risk class, and point out this class information to user.
Therefore, the embodiment of the present application by the mode that is combined with high in the clouds of this locality, avoids potential risks problem when user browses dangerous website, if network address to be detected is safe network address, then storing network address to be detected in browsing in record catalogue, being conducive to the Claims Resolution of user's subsequent application and producing evidence; If network address to be detected is dangerous network address, then point out user to stop request of loading, the economy avoiding user incurs loss.
Embodiment three
Corresponding with the detection method of the network address that the embodiment of the present application one provides, the embodiment of the present application additionally provides a kind of checkout gear of network address, executive agent can be detect client, the checkout gear schematic diagram of network address shown in Figure 7, this device 700 specifically can comprise: acquiring unit 701, detecting unit 702, transmitting element 703, receiving element 704, memory cell 705 and Tip element 706.
Acquiring unit 701, for obtaining network address to be detected in browser;
In this locality, detecting unit 702, for detecting whether described network address to be detected is safe network address;
Transmitting element 703, if be not safe network address for the described network address to be detected of local testing result display, then send to high in the clouds by described network address to be detected, judges whether described network address to be detected is safe network address by high in the clouds;
Receiving element 704, for receiving the testing result of network address to be detected from high in the clouds;
Memory cell 705, for when the described network address to be detected of high in the clouds testing result display is safe network address, stores described network address to be detected in browsing in record catalogue;
Tip element 706, for when the described network address to be detected of high in the clouds testing result display is dangerous network address, sends prompting message to user.
In the present embodiment, in device 700 request detection browser after network address to be detected, the acquiring unit 701 in device obtains the network address to be detected in browser, can be obtain network address to be detected on the address field of browser.
In the present embodiment, whether detecting unit 702 detects network address to be detected in this locality is safe network address.Device stores the white list of safe network address and the blacklist of dangerous network address, when the matching similarity of the arbitrary safe network address in network address to be detected and white list is greater than the first predetermined threshold value, determines that above-mentioned network address to be detected is above-mentioned safe network address; When the matching similarity of the arbitrary dangerous network address in network address to be detected and blacklist is greater than the second predetermined threshold value, determine that network address to be detected is above-mentioned dangerous network address.
In the present embodiment, if can not detect that network address to be detected is safe network address, then above-mentioned network address to be detected sends to high in the clouds to determine whether safe network address or dangerous network address by transmitting element 703.Wherein, high in the clouds stores the white list of above-mentioned safe network address and the blacklist of dangerous network address constantly updates, and namely high in the clouds includes up-to-date dangerous network address.When above-mentioned network address to be detected is mated with the arbitrary safe network address in above-mentioned white list or the arbitrary dangerous network address in above-mentioned blacklist, determine that above-mentioned network address to be detected is above-mentioned safe network address or above-mentioned dangerous network address.
In the present embodiment, when network address to be detected is safe network address, memory cell 705 stores network address to be detected in browsing in record catalogue, if so that the dangerous economic loss causing user of follow-up network address to be detected, then Claims Resolution can be obtained according to browsing record, sending to browsing record the window after sale detecting client, asking for reparation to the businessman detecting client.
In the present embodiment, when above-mentioned network address to be detected is above-mentioned risk network address, Tip element 706 sends prompting message.The mode sending prompting message is that the form playing window is pointed out.
Because this embodiment is the corresponding device of embodiment one, in each step, realize details, all on the books in embodiment one, implement, repeat no more here.
Embodiment four
Corresponding with the detection method of the network address that the embodiment of the present application two provides, the embodiment of the present application additionally provides a kind of checkout gear of network address, executive agent can be server, the checkout gear schematic diagram of the network address of another embodiment shown in Figure 8, this device 800 specifically can comprise: receiving element 801, judging unit 802 and transmitting element 803.
Receiving element 801, for receiving the network address to be detected that client sends;
Judging unit 802, for judging whether described network address to be detected is safe network address;
Transmitting element 803, for sending the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
Therefore, the mode of the embodiment of the present application by being combined with high in the clouds in this locality, treat detection network address to detect, treat the safe class detecting network address to judge, avoid potential risks problem when user browses dangerous website, if network address to be detected is safe network address, then stores network address to be detected in browsing in record catalogue, being conducive to the Claims Resolution of user's subsequent application and producing evidence; If network address to be detected is dangerous network address, then point out user to stop request of loading, the economy avoiding user incurs loss.
Below with reference to Fig. 9, it illustrates the structural representation of the computer system 900 of terminal equipment or the server be suitable for for realizing the embodiment of the present application.
As shown in Figure 9, computer system 900 comprises CPU (CPU) 901, and it or can be loaded into the program random access storage device (RAM) 903 from storage area 908 and perform various suitable action and process according to the program be stored in read-only memory (ROM) 902.In RAM903, also store system 900 and operate required various program and data.CPU901, ROM902 and RAM903 are connected with each other by bus 904.I/O (I/O) interface 905 is also connected to bus 904.
I/O interface 905 is connected to: the importation 906 comprising keyboard, mouse etc. with lower component; Comprise the output 907 of such as cathode ray tube (CRT), liquid crystal display (LCD) etc. and loud speaker etc.; Comprise the storage area 908 of hard disk etc.; And comprise the communications portion 909 of network interface unit of such as LAN card, modulator-demodulator etc.Communications portion 909 is via the network executive communication process of such as internet.Driver 910 is also connected to I/O interface 905 as required.Detachable media 911, such as disk, CD, magneto optical disk, semiconductor memory etc., be arranged on driver 910 as required, so that the computer program read from it is mounted into storage area 908 as required.
Especially, according to embodiment of the present disclosure, the process that reference flow sheet describes above may be implemented as computer software programs.Such as, embodiment of the present disclosure comprises a kind of computer program, and it comprises the computer program visibly comprised on a machine-readable medium, and the network address that described computer program comprises for the method shown in flowchart detects.In such embodiments, this computer program can be downloaded and installed from network by communications portion 909, and/or is mounted from detachable media 911.
Flow chart in accompanying drawing and block diagram, illustrate according to the architectural framework in the cards of the system of the various embodiment of the application, method and computer program product, function and operation.In this, each square frame in flow chart or block diagram can represent a part for module, program segment or a code, and a part for described module, program segment or code comprises one or more executable instruction for realizing the logic function specified.Also it should be noted that at some as in the realization of replacing, the function marked in square frame also can be different from occurring in sequence of marking in accompanying drawing.Such as, in fact the square frame that two adjoining lands represent can perform substantially concurrently, and they also can perform by contrary order sometimes, and this determines according to involved function.Also it should be noted that, the combination of the square frame in each square frame in block diagram and/or flow chart and block diagram and/or flow chart, can realize by the special hardware based system of the function put rules into practice or operation, or can realize with the combination of specialized hardware and computer instruction.
Be described in unit involved in the embodiment of the present application to be realized by the mode of software, also can be realized by the mode of hardware.Described unit also can be arranged within a processor, such as, can be described as: a kind of processor comprises receiving element, judging unit and transmitting element.Wherein, the title of these unit does not form the restriction to this unit itself under certain conditions.
As another aspect, present invention also provides a kind of computer-readable recording medium, this computer-readable recording medium can be the computer-readable recording medium comprised in device described in above-described embodiment; Also can be individualism, be unkitted the computer-readable recording medium allocated in terminal.Described computer-readable recording medium stores more than one or one program, and described program is used for performance description in the method for operation of the micro projector of the application by one or more than one processor.
More than describe and be only the preferred embodiment of the application and the explanation to institute's application technology principle.Those skilled in the art are to be understood that, invention scope involved in the application, be not limited to the technical scheme of the particular combination of above-mentioned technical characteristic, also should be encompassed in when not departing from described inventive concept, other technical scheme of being carried out combination in any by above-mentioned technical characteristic or its equivalent feature and being formed simultaneously.The technical characteristic that such as, disclosed in above-mentioned feature and the application (but being not limited to) has similar functions is replaced mutually and the technical scheme formed.
Claims (18)
1. a detection method for network address, is characterized in that, described method comprises:
Obtain network address to be detected in browser;
Detect whether described network address to be detected is safe network address in this locality;
If the described network address to be detected of local testing result display is not safe network address, then described network address to be detected is sent to high in the clouds, judge whether described network address to be detected is safe network address by high in the clouds;
The testing result of network address to be detected is received from high in the clouds;
When the described network address to be detected of high in the clouds testing result display is safe network address, store described network address to be detected in browsing in record catalogue;
When the described network address to be detected of high in the clouds testing result display is dangerous network address, send prompting message to user.
2. method according to claim 1, is characterized in that, whether described be that safe network address specifically comprises in this locality described network address to be detected of detection:
In advance at the white list of local storage security network address;
Described network address to be detected is mated with the arbitrary safe network address in described white list;
When the matching similarity of the arbitrary safe network address in described network address to be detected and described white list is greater than the first predetermined threshold value, determine that described network address to be detected is safe network address.
3. method according to claim 2, is characterized in that, whether described be that safe network address specifically comprises in this locality described network address to be detected of detection:
Detect that the matching similarity of each safe network address in described network address to be detected and described white list is all less than or equal to described first predetermined threshold value;
Determine that testing result is not safe network address.
4. method according to claim 1, is characterized in that, described method also comprises:
Tackle the webpage that dangerous network address is corresponding, to stop loading web page contents corresponding to dangerous network address.
5. method according to claim 1, is characterized in that, in the described network address to be detected of described storage after browsing in record catalogue, described method also comprises:
When the described network address browsed in record catalogue causes the economic loss of user, the economic loss of application to user according to user is compensated.
6. a detection method for network address, is characterized in that, described method comprises:
Receive the network address to be detected that client sends;
Judge whether described network address to be detected is safe network address;
Send the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
7. method according to claim 6, is characterized in that, describedly judges whether described network address to be detected is that safe network address specifically comprises:
The white list of storage security network address and the blacklist of dangerous network address beyond the clouds in advance;
Described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, when described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, determines that described network address to be detected is dangerous network address;
Described network address to be detected is mated with the arbitrary safe network address in described white list, when described network address to be detected is mated with the arbitrary safe network address in described white list, determines that described network address to be detected is safe network address.
8. method according to claim 6, is characterized in that, describedly judges whether described network address to be detected is that safe network address specifically also comprises:
When the matching similarity of the arbitrary risk network address in described network address to be detected and described blacklist is not more than described second predetermined threshold value, obtain the web page contents that each risk network address in described blacklist is corresponding;
The web page contents that content of pages corresponding for described network address to be detected is corresponding with the arbitrary risk network address in described blacklist mates;
When the matching similarity of the web page contents corresponding with the arbitrary risk network address in described blacklist when the content of pages that described network address to be detected is corresponding is greater than the 3rd predetermined threshold value, determine that described network address to be detected is risk network address.
9. method according to claim 6, is characterized in that,
When determining that described network address to be detected is safe network address, detecting the safe class of described network address to be detected, and sending the information of described safe class;
When determining that described network address to be detected is dangerous network address, detecting the risk class of described network address to be detected, and sending the information of described risk class.
10. a checkout gear for network address, is characterized in that, described device comprises:
Acquiring unit, for obtaining network address to be detected in browser;
In this locality, detecting unit, for detecting whether described network address to be detected is safe network address;
Transmitting element, if be not safe network address for the described network address to be detected of local testing result display, then send to high in the clouds by described network address to be detected, judges whether described network address to be detected is safe network address by high in the clouds;
Receiving element, for receiving the testing result of network address to be detected from high in the clouds;
Memory cell, for when the described network address to be detected of high in the clouds testing result display is safe network address, stores described network address to be detected in browsing in record catalogue;
Tip element, for when the described network address to be detected of high in the clouds testing result display is dangerous network address, sends prompting message to user.
11. devices according to claim 10, is characterized in that, described detecting unit specifically for:
In advance at the white list of local storage security network address;
Described network address to be detected is mated with the arbitrary safe network address in described white list;
When the matching similarity of the arbitrary safe network address in described network address to be detected and described white list is greater than the first predetermined threshold value, determine that described network address to be detected is safe network address.
12. devices according to claim 11, is characterized in that, described detecting unit specifically for:
Detect that the matching similarity of each safe network address in described network address to be detected and described white list is all less than or equal to described first predetermined threshold value;
And, detect that the matching similarity of each dangerous network address in described network address to be detected and described blacklist is all less than or equal to described second predetermined threshold value;
Determine that testing result is not safe network address.
13. devices according to claim 10, is characterized in that, described device also comprises:
Interception unit, for tackling webpage corresponding to described dangerous network address, to stop loading web page contents corresponding to described dangerous network address.
14. devices according to claim 10, is characterized in that, described device also comprises:
Compensate unit, for when described in browse the network address recorded in catalogue cause the economic loss of user time, the economic loss of application to user according to user is compensated.
The checkout gear of 15. 1 kinds of network address, is characterized in that, described device comprises:
Receiving element, for receiving the network address to be detected that client sends;
Judging unit, for judging whether described network address to be detected is safe network address;
Transmitting element, for sending the testing result of described network address to be detected to client, the described network address to be detected of wherein said testing result display is safe network address, or described network address to be detected is dangerous network address.
16. devices according to claim 15, is characterized in that, described judging unit specifically for:
The white list of storage security network address and the blacklist of dangerous network address beyond the clouds in advance;
Described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, when described network address to be detected is mated with the arbitrary dangerous network address in described blacklist, determines that described network address to be detected is dangerous network address;
Described network address to be detected is mated with the arbitrary safe network address in described white list,
When described network address to be detected is mated with the arbitrary safe network address in described white list, determine that described network address to be detected is safe network address.
17. devices according to claim 15, is characterized in that, described judging unit concrete also for:
When the matching similarity of the arbitrary risk network address in described network address to be detected and described blacklist is not more than described second predetermined threshold value, obtain the web page contents that each risk network address in described blacklist is corresponding;
The web page contents that content of pages corresponding for described network address to be detected is corresponding with the arbitrary risk network address in described blacklist mates;
When the matching similarity of the web page contents corresponding with the arbitrary risk network address in described blacklist when the content of pages that described network address to be detected is corresponding is greater than the 3rd predetermined threshold value, determine that described network address to be detected is risk network address.
18. devices according to claim 15, is characterized in that, described device also comprises:
Level cells, for when determining that described network address to be detected is safe network address, detecting the safe class of described network address to be detected, and sending the information of described safe class; When determining that described network address to be detected is dangerous network address, detect the risk class of described network address to be detected; And send the information of described risk class.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510548236.3A CN105100119A (en) | 2015-08-31 | 2015-08-31 | URL detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510548236.3A CN105100119A (en) | 2015-08-31 | 2015-08-31 | URL detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105100119A true CN105100119A (en) | 2015-11-25 |
Family
ID=54579664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510548236.3A Pending CN105100119A (en) | 2015-08-31 | 2015-08-31 | URL detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105100119A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106372572A (en) * | 2016-08-19 | 2017-02-01 | 北京旷视科技有限公司 | Monitoring method and apparatus |
| CN106874752A (en) * | 2015-12-11 | 2017-06-20 | 北京金山安全软件有限公司 | Information display method and device and electronic equipment |
| CN107741938A (en) * | 2016-10-13 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of network information recognition methods and device |
| CN108121604A (en) * | 2017-12-20 | 2018-06-05 | 金华芒果信息技术有限公司 | The management system and method for computer software |
| CN109729137A (en) * | 2018-05-15 | 2019-05-07 | 平安普惠企业管理有限公司 | Page data display methods, display terminal and storage medium |
| CN111091019A (en) * | 2019-12-23 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Information prompting method, device and equipment |
| CN111277601A (en) * | 2020-01-22 | 2020-06-12 | 奇安信科技集团股份有限公司 | Website security monitoring method and system |
| CN111355732A (en) * | 2020-02-28 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Link detection method and device, electronic equipment and storage medium |
| US10805255B2 (en) | 2016-10-13 | 2020-10-13 | Tencent Technology (Shenzhen) Company Limited | Network information identification method and apparatus |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491543A (en) * | 2013-09-30 | 2014-01-01 | 北京奇虎科技有限公司 | Method for detecting malicious websites through wireless terminal, and wireless terminal |
| WO2014048751A1 (en) * | 2012-09-27 | 2014-04-03 | Siemens Aktiengesellschaft | Method and apparatus for detecting a malicious website |
| CN104852883A (en) * | 2014-02-14 | 2015-08-19 | 腾讯科技(深圳)有限公司 | Method and system for protecting safety of account information |
-
2015
- 2015-08-31 CN CN201510548236.3A patent/CN105100119A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014048751A1 (en) * | 2012-09-27 | 2014-04-03 | Siemens Aktiengesellschaft | Method and apparatus for detecting a malicious website |
| CN103491543A (en) * | 2013-09-30 | 2014-01-01 | 北京奇虎科技有限公司 | Method for detecting malicious websites through wireless terminal, and wireless terminal |
| CN104852883A (en) * | 2014-02-14 | 2015-08-19 | 腾讯科技(深圳)有限公司 | Method and system for protecting safety of account information |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106874752A (en) * | 2015-12-11 | 2017-06-20 | 北京金山安全软件有限公司 | Information display method and device and electronic equipment |
| CN106372572B (en) * | 2016-08-19 | 2019-11-12 | 北京旷视科技有限公司 | Monitoring method and device |
| CN106372572A (en) * | 2016-08-19 | 2017-02-01 | 北京旷视科技有限公司 | Monitoring method and apparatus |
| CN107741938A (en) * | 2016-10-13 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of network information recognition methods and device |
| US10805255B2 (en) | 2016-10-13 | 2020-10-13 | Tencent Technology (Shenzhen) Company Limited | Network information identification method and apparatus |
| CN108121604A (en) * | 2017-12-20 | 2018-06-05 | 金华芒果信息技术有限公司 | The management system and method for computer software |
| CN109729137A (en) * | 2018-05-15 | 2019-05-07 | 平安普惠企业管理有限公司 | Page data display methods, display terminal and storage medium |
| CN111091019A (en) * | 2019-12-23 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Information prompting method, device and equipment |
| CN111091019B (en) * | 2019-12-23 | 2024-03-01 | 支付宝(杭州)信息技术有限公司 | Information prompting method, device and equipment |
| CN111277601A (en) * | 2020-01-22 | 2020-06-12 | 奇安信科技集团股份有限公司 | Website security monitoring method and system |
| CN111277601B (en) * | 2020-01-22 | 2023-02-21 | 奇安信科技集团股份有限公司 | Website security monitoring method and system |
| CN111355732A (en) * | 2020-02-28 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Link detection method and device, electronic equipment and storage medium |
| US11943256B2 (en) | 2020-02-28 | 2024-03-26 | Tencent Technology (Shenzhen) Company Limited | Link detection method and apparatus, electronic device, and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105100119A (en) | URL detection method and device | |
| US11128662B2 (en) | Method, client, and server for preventing web page hijacking | |
| US10977761B2 (en) | Digital watermark embedding method and extraction method, digital watermark embedding apparatus and extraction apparatus, and digital watermark system | |
| US20150310227A1 (en) | Information processing system and information processing method | |
| CN108880921B (en) | Webpage monitoring method and device, storage medium and server | |
| CN105205174B (en) | Document handling method and device for distributed system | |
| CN102932197A (en) | Testing method and system | |
| CN105210051A (en) | Estimating visibility of content items | |
| CN105183912A (en) | Abnormal log determination method and device | |
| CN105306495A (en) | User identification method and device | |
| CN104991705A (en) | Interface display method and terminal | |
| CN105337891A (en) | Traffic control method and traffic control device for distributed cache system | |
| CN106126683B (en) | Page display method and terminal equipment | |
| CN108011949A (en) | Method and apparatus for obtaining data | |
| EP3528474B1 (en) | Webpage advertisement anti-shielding methods and content distribution network | |
| CN105138698A (en) | Dynamic layout method and device for webpages | |
| CN108334516A (en) | Information-pushing method and device | |
| CN105224611A (en) | Based on the operation processing method of browser, device and browser | |
| CN105138875A (en) | Identification method and device for user information | |
| CN108196902A (en) | For showing the method and apparatus for advertisement of spreading its tail | |
| CN104021127A (en) | Information processing method and electronic device | |
| CN105139217A (en) | Method, apparatus and system used for acquiring user information | |
| CN111783010B (en) | Webpage blank page monitoring method, device, terminal and storage medium | |
| CN105956182B (en) | A kind of method, apparatus and system of resource load | |
| CN107305528B (en) | Application testing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151125 |