CN105119920A - Method for defending against malicious web page - Google Patents
Method for defending against malicious web page Download PDFInfo
- Publication number
- CN105119920A CN105119920A CN201510532391.6A CN201510532391A CN105119920A CN 105119920 A CN105119920 A CN 105119920A CN 201510532391 A CN201510532391 A CN 201510532391A CN 105119920 A CN105119920 A CN 105119920A
- Authority
- CN
- China
- Prior art keywords
- network address
- web page
- client
- browser
- malicious web
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a method for defending against a malicious web page. The method comprises: monitoring a web page access request of a client sent through a browser; capturing a destination URL in the web page access request; judging whether the destination URL belongs to preset malicious web page databases or not according to the destination URL; and if the destination URL belongs to the preset malicious web page databases, accessing a web page corresponding to the destination URL to obtain a page screenshot of the web page, and sending the screenshot to the client to be displayed by the browser. Through the adoption of the method, the security of the client is improved.
Description
Technical field
The present invention relates to Internet communication technology field, particularly relate to a kind of means of defence of malicious web pages.
Background technology
Malicious websites may have the various form of expression such as fishing website or web page mark, wherein web page mark utilizes webpage to carry out the virus destroyed, it is present among webpage, is in fact to use some malicious codes of some programming language to utilize the leak of software to realize virus to implant.When user log in some contain the website of web page mark time, web page mark is just activated silently, these virus once activate, some resources of the system of terminal just can be utilized to destroy.Light then revise the registration table of user, the homepage of user, browser title are changed, and heavy then can the function of shutdown system, load onto wooden horse, catch virus, make user normally cannot use computer system, the system of user then can format by severe patient.And this web page mark is easily write and revised, make user hard to guard against.
Traditional detection guard technology only in the monitoring carrying out malicious web pages at that time of opening corresponding software, can not realize the defence of malicious web pages real-time online.
Summary of the invention
The technical problem that the present invention mainly solves is to provide a kind of means of defence of malicious web pages, can improve the fail safe of client.
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is: the means of defence providing a kind of malicious web pages.Comprise: the web access requests that monitor client is sent by browser; Intercept the target network address in described web access requests; The malice network address database whether described target network address belongs to default is judged according to described target network address; If belong to described malice network address database, then access the webpage that described target network address is corresponding, and obtain the sectional drawing of described Webpage, sent to by described sectional drawing described client for described browser display.
Alternatively, also comprise: receive the continuation access request that described client is sent by described browser, then agree to described web access requests.
Be different from the situation of prior art, the invention has the beneficial effects as follows: the web access requests sent by client judges whether client accesses malicious web pages, if access malicious web pages, then replace this webpage of client-access and sectional drawing, sent to by sectional drawing described client for described browser display, by sectional drawing, user can judge whether this webpage is really malicious web pages, thus can improve the fail safe of client.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the means of defence of embodiment of the present invention malicious web pages.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only a part of embodiment of the present invention, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
See Fig. 1, it is the schematic flow sheet of the means of defence of embodiment of the present invention malicious web pages.The means of defence of the malicious web pages of the present embodiment comprises the following steps:
S1: the web access requests that monitor client is sent by browser.
Wherein, malicious web pages is inlaid with rogue program or Malware, user is once namely access may suffer the invasion of malicious web pages like this.The mode of user's accessed web page normally sends web access requests by browser.
S2: the target network address in intercepting page access request.
Wherein, web access requests can include URL (UniformUniversalResourceLocator, the URL(uniform resource locator)) address of webpage, and URL address is used for the address of unique identification user webpage to be visited, i.e. target network address.
S3: judge the malice network address database whether target network address belongs to default according to target network address.
Wherein, the malice network address database preset saves authenticated or suspectable malice address, target network address and malice network address database is compared, and can obtain target network address and whether belong to malice network address database.
S4: if belong to malice network address database, then the webpage that access destination network address is corresponding, and the sectional drawing obtaining Webpage, sent to by sectional drawing client for browser display.
Wherein, the webpage that relevant equipment replaces client-access target network address corresponding, and sectional drawing is carried out to Webpage, because malicious web pages may have multiple page, each page can be carried out sectional drawing.During the browser display sectional drawing of client, according to sectional drawing, user can judge whether webpage corresponding to target network address is really malicious web pages.Because client carrys out display web page by the mode of sectional drawing, and do not have direct accessed web page, therefore client can not be dangerous, thus improve the fail safe of client.
Certainly, if do not belong to malice network address database, then agree to web access requests, user can normal accessed web page.
In the present embodiment, means of defence also comprises:
Receive the continuation access request that client is sent by browser, then agree to web access requests.
Wherein, the accuracy of malice network address database can not very ensure, so likely go wrong.If by sectional drawing, user thinks that this webpage is not malicious web pages, want to continue access, can be sent by browser and continue access request, thus can normal accessed web page.
By the way, judge whether client accesses malicious web pages in the embodiment of the present invention by the web access requests that client sends, if access malicious web pages, then replace this webpage of client-access and sectional drawing, sent to by sectional drawing described client for described browser display, by sectional drawing, user can judge whether this webpage is really malicious web pages, thus can improve the fail safe of client.
The foregoing is only embodiments of the invention; not thereby the scope of the claims of the present invention is limited; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.
Claims (2)
1. a means of defence for malicious web pages, is characterized in that, comprising:
The web access requests that monitor client is sent by browser;
Intercept the target network address in described web access requests;
The malice network address database whether described target network address belongs to default is judged according to described target network address;
If belong to described malice network address database, then access the webpage that described target network address is corresponding, and obtain the sectional drawing of described Webpage, sent to by described sectional drawing described client for described browser display.
2. the means of defence of malicious web pages according to claim 1, is characterized in that, also comprises:
Receive the continuation access request that described client is sent by described browser, then agree to described web access requests.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510532391.6A CN105119920A (en) | 2015-08-26 | 2015-08-26 | Method for defending against malicious web page |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510532391.6A CN105119920A (en) | 2015-08-26 | 2015-08-26 | Method for defending against malicious web page |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105119920A true CN105119920A (en) | 2015-12-02 |
Family
ID=54667808
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510532391.6A Pending CN105119920A (en) | 2015-08-26 | 2015-08-26 | Method for defending against malicious web page |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105119920A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11062019B2 (en) | 2016-07-04 | 2021-07-13 | Traffic Guard Dg Ltd. | System and method for webpages scripts validation |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103986731A (en) * | 2014-05-30 | 2014-08-13 | 北京奇虎科技有限公司 | Method and device for detecting phishing web pages through picture matching |
CN104008331A (en) * | 2013-02-21 | 2014-08-27 | 腾讯科技(深圳)有限公司 | Access method, device and system of malicious web |
US8990933B1 (en) * | 2012-07-24 | 2015-03-24 | Intuit Inc. | Securing networks against spear phishing attacks |
-
2015
- 2015-08-26 CN CN201510532391.6A patent/CN105119920A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8990933B1 (en) * | 2012-07-24 | 2015-03-24 | Intuit Inc. | Securing networks against spear phishing attacks |
CN104008331A (en) * | 2013-02-21 | 2014-08-27 | 腾讯科技(深圳)有限公司 | Access method, device and system of malicious web |
CN103986731A (en) * | 2014-05-30 | 2014-08-13 | 北京奇虎科技有限公司 | Method and device for detecting phishing web pages through picture matching |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11062019B2 (en) | 2016-07-04 | 2021-07-13 | Traffic Guard Dg Ltd. | System and method for webpages scripts validation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10375102B2 (en) | Malicious web site address prompt method and router | |
US8910247B2 (en) | Cross-site scripting prevention in dynamic content | |
CN105491053A (en) | Web malicious code detection method and system | |
CN103279710B (en) | Method and system for detecting malicious codes of Internet information system | |
CN105049440B (en) | Detect the method and system of cross-site scripting attack injection | |
US11552988B2 (en) | Creating malware prevention rules using malware detection and prevention system | |
US20140283078A1 (en) | Scanning and filtering of hosted content | |
CN106713318B (en) | WEB site safety protection method and system | |
CN104601540A (en) | Cross-site scripting (XSS) attack defense method and Web server | |
CN105635064B (en) | CSRF attack detection method and device | |
CN109446801B (en) | Method, device, server and storage medium for detecting simulator access | |
WO2013131237A1 (en) | System and method for detecting and preventing attacks against a server in a computer network | |
US20190268373A1 (en) | System, method, apparatus, and computer program product to detect page impersonation in phishing attacks | |
CN104967628A (en) | Deceiving method of protecting web application safety | |
KR20150124020A (en) | System and method for setting malware identification tag, and system for searching malware using malware identification tag | |
CN108282443B (en) | Crawler behavior identification method and device | |
CN108512805B (en) | Network security defense method and network security defense device | |
CN105138917A (en) | Malicious webpage defending method | |
CN103561076A (en) | Webpage trojan-linking real-time protection method and system based on cloud | |
KR101428725B1 (en) | A System and a Method for Finding Malicious Code Hidden Websites by Checking Sub-URLs | |
US10263992B2 (en) | Method for providing browser using browser processes separated for respective access privileges and apparatus using the same | |
CN105072109B (en) | Prevent the method and system of cross-site scripting attack | |
CN105119920A (en) | Method for defending against malicious web page | |
CN104715018A (en) | Intelligent SQL injection resistant method based on semantic analysis | |
CN103929498A (en) | Method and device for processing client requests |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151202 |
|
RJ01 | Rejection of invention patent application after publication |