CN106789951A - A kind of network web page abnormality detection realizes system - Google Patents

A kind of network web page abnormality detection realizes system Download PDF

Info

Publication number
CN106789951A
CN106789951A CN201611084247.1A CN201611084247A CN106789951A CN 106789951 A CN106789951 A CN 106789951A CN 201611084247 A CN201611084247 A CN 201611084247A CN 106789951 A CN106789951 A CN 106789951A
Authority
CN
China
Prior art keywords
page
detection
web page
data
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611084247.1A
Other languages
Chinese (zh)
Inventor
王国彬
张华杰
胡鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Bincent Technology Co Ltd
Original Assignee
Shenzhen Bincent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Bincent Technology Co Ltd filed Critical Shenzhen Bincent Technology Co Ltd
Priority to CN201611084247.1A priority Critical patent/CN106789951A/en
Publication of CN106789951A publication Critical patent/CN106789951A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

System is realized the invention provides a kind of network web page abnormality detection, including:WEB server,User terminal and database and cache module,The WEB server includes request of data receiver module,Data transmission blocks,Data processing module and page detection module,User accesses corresponding network web page,The request of data receiver module receives user's request,The data is activation for receiving is given data request processing module by the request of data receiver module,The data processing module is according to corresponding data in the data acquisition database of request,The network web page abnormality detection realizes that system can effectively detect the variant even new attack of conventional attack,Real-time Alarm prompting developer carries out problem reparation,While the page goes wrong,The last normal page can be represented to user,Its intensity of anomaly is detected by algorithm,It is accurate quickly to judge whether the page to be measured is to attack the page with the abnormal page,Neural network structure to the page is analysed in depth.

Description

A kind of network web page abnormality detection realizes system
Technical field
Realized the present invention relates to safe web page detection technique field, more particularly to an a kind of network web page abnormality detection System.
Background technology
Daily we browse the content page that webpage is seen, its content is all to obtain content displaying in user plane by program Before, but if data acquisition aspect does not get data, and does not do any treatment measures, represent general in front of the user It is an exception or the incomplete page of data, causes bad Consumer's Experience;
Page defense technique is an important component of defense schemes, and the current defense technique for proposing is mostly using black List carries out Web page filtering and detection using the feature concluded from conventional attack case, and these technologies can be successfully Detection is known abnormal and attacks, but attacker slightly changed to former attack signature and can relatively easily bypass these defence machines System, or it is abnormal it is very hidden cannot discover, the page and normal page will produce deviation, and it is originally to propose a kind of base to occur abnormal In the Phishing page detection algorithms of abnormality detection thought;
Therefore, those skilled in the art needs badly and works out a kind of variant that can effectively detect conventional attack even newly Attack, Real-time Alarm reminds the developer to carry out problem reparation, while the page goes wrong, can represent last normal page Face detects its intensity of anomaly to user by algorithm, judges whether the page to be measured is to attack the page, improves Consumer's Experience Network web page abnormality detection realizes system.
The content of the invention
The technical problem to be solved in the present invention is to provide a kind of network web page abnormality detection and realizes system, the network WEB Page exception detection realizes that system can effectively detect the variant even new attack of conventional attack, and Real-time Alarm reminds exploitation Person carries out problem reparation, while the page goes wrong, can represent the last normal page to user, is detected by algorithm Its intensity of anomaly, judges whether the page to be measured is to attack the page, improves Consumer's Experience.
In order to solve the above technical problems, system is realized the invention provides a kind of network web page abnormality detection, including: WEB server, user terminal and database and cache module, the WEB server include request of data receiver module, data is activation Module, data processing module and page detection module,
User accesses corresponding network web page, and the request of data receiver module receives user's request, and the data please Receiver module is asked to give data request processing module by the data is activation for receiving, the data processing module is obtained according to the data of request Corresponding data in database are taken, the data processing module chooses particular webpage template and carries out dynamic data compiling parsing, obtains To the complete content of webpage, the page detection module according to the complete content of pages for obtaining, by regular expression, WEB Page detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm, it is specified whether the detection page occurs Contents fragment;If the contents fragment is appeared in the page, page detection does not pass through, and the WEB server is examined Survey result and pull the complete page of last data, transmission information informs that developer repairs problem;If the content pieces Section is not appeared in the page, and page detection passes through, and page data is complete, returns to this parsing content to the user terminal;Such as Fruit first time accession page is just abnormal, and the abnormal page will be directly returned to the user terminal, conversely, the web server One normal page of content is deposited by cache module in case abnormal conditions occur;
Wherein, the page detection module is configured with regular expression, WEB page detection algorithm, neutral net detection calculation Method and WEB page sensitive features generating algorithm.
Preferably, the particular webpage template is article list page template or article details page template, the content pieces Section is article list and list paging.
Preferably, the cache module is the srcache cache modules based on nginx.
Preferably, the WEB server also includes content of pages detection module, and the content of pages detection module includes number According to resolution unit, the content of pages detection module according to the complete content of pages for obtaining, by regular expression, WEB pages Whether face detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm, the detection page occur what is specified Contents fragment, if during the contents fragment appears in the page, page detection does not pass through, and the WEB server is detected Result simultaneously pulls the complete page of last data, and transmission information informs that developer repairs problem;If the contents fragment Do not appear in the page, page detection passes through, page data is complete, return to this parsing content to the user terminal.
Preferably, the content of pages detection module also includes that neutral net detection unit, WEB page sensitive features are detected Unit, the data resolution unit parses the document of the WEB page to as model and http data, the WEB page Sensitive features detection unit carries out sensitive features inspection according to the WEB page sensitive features generating algorithm to the parsing data Survey, sensitive features testing result is sent to the neutral net detection unit by the WEB page sensitive features detection unit again, The neutral net detection unit carries out network neural unit abnormality detection to Webpage according to the neutral net detection algorithm;
Wherein, the neutral net detection unit is configured with neutral net detection algorithm, the WEB page sensitive features inspection Survey unit and be configured with WEB page sensitive features generating algorithm.
Preferably, the content of pages detection module also includes WEB page attack detecting unit, the data resolution unit The document of the WEB page is parsed to as model and http data, the WEB page attack detecting unit is according to WEB page detection algorithm carries out attack signature detection to the parsing data;
Wherein, the WEB page attack detecting unit is configured with WEB page detection algorithm.
Preferably, the WEB page sensitive features generating algorithm is configured with below equation:
Wherein, AallThe sum of linked object, A in representing pagesnullThe number of null link, A in representing pagesrealRepresent page The number of true site link, A are pointed in faceLocalThe number of the link in this domain, f are pointed in representing pages(x)For in Web page The intensity of anomaly of linked object.
Preferably, the neutral net detection algorithm is configured with below equation:
The WEB page is set to three-layer neural network structure, the neutral net by the neutral net detection algorithm Structure includes input layer, output layer and hidden layer, and the input layer includes the dimension identical node with sensitive features vector Number;The node number of the output layer is 1, the real number between output 0 to 1;
Wherein, ChIt is hidden layer nodes, CiIt is input layer number, CoIt is output layer nodes.
Preferably, the WEB page detection algorithm is configured with below equation:
I=L ∪ Hk∪Vu
Wherein, I represents the set of all Web pages, and L represents the set of normal Web page, HkRepresent known attack The set of WEB page, VuRepresent the set of the WEB page of unknown attack.
Employ after said system, the WEB server includes request of data receiver module, data transmission blocks, number According to processing module and page detection module, user accesses corresponding network web page, and the request of data receiver module is received to be used Family is asked, and the data is activation for receiving is given data request processing module, the data processing mould by the request of data receiver module Root tuber chooses particular webpage template and enters action according to corresponding data in the data acquisition database of request, the data processing module State data compilation is parsed, and obtains the complete content of webpage, and the page detection module is led to according to the complete content of pages for obtaining Regular expression, WEB page detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm are crossed, page is detected Whether face occurs the contents fragment specified;If the contents fragment is appeared in the page, page detection does not pass through, described WEB server obtains testing result and pulls the complete page of last data, and transmission information informs that developer repairs problem; If the contents fragment is not appeared in the page, page detection passes through, and page data is complete, return this parsing content to The user terminal;Abnormal if first time accession page, the abnormal page will be directly returned to the user terminal, conversely, The web server deposits the normal page of content by cache module in case abnormal conditions occur;The network web page Method for detecting abnormality can effectively detect the variant even new attack of conventional attack, and Real-time Alarm reminds developer to be asked Topic is repaired, and while the page goes wrong, can represent the last normal page to user, and its abnormal journey is detected by algorithm Degree, accurately quickly judges whether the page to be measured is to attack the page and the abnormal page, and the neural network structure to the page is analysed in depth, Improve Consumer's Experience.
Brief description of the drawings
Fig. 1 is the block mold schematic diagram that a kind of network web page abnormality detection of the invention realizes system;
Fig. 2 is the block mold landing of Fig. 1 to the schematic diagram of specific embodiment;
Fig. 3 be a kind of network web page abnormality detection of the invention realize system realize schematic flow sheet.
Specific embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only used for explaining the present invention, not For limiting the present invention.
Embodiment 1
Fig. 1 to Fig. 3 is referred to, Fig. 1 is the block mold that a kind of network web page abnormality detection of the invention realizes system Schematic diagram, Fig. 2 is the block mold landing of Fig. 1 to the schematic diagram of specific embodiment, and Fig. 3 is a kind of network web page of the invention What abnormality detection realized system realizes schematic flow sheet.
System is realized the invention discloses a kind of network web page abnormality detection, including:WEB server 10, user terminal 20 And database 30 and cache module, the WEB server 10 include request of data receiver module 11, data transmission blocks 12, number According to processing module 13 and page detection module,
User accesses corresponding network web page, and the request of data receiver module 11 receives user's request, the data The data is activation for receiving is given data request processing module by request receiving module 11, and the data processing module 13 is according to request Corresponding data in data acquisition database 30, the data processing module 13 chooses particular webpage template and carries out dynamic data volume Decipher analysis, obtain the complete content of webpage, the page detection module according to the complete content of pages for obtaining, by canonical table Up to formula, WEB page detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm, whether the detection page has The contents fragment that appearance is specified;If the contents fragment is appeared in the page, page detection does not pass through, the WEB service Device 10 obtains testing result and pulls the complete page of last data, and transmission information informs that developer repairs problem;If The contents fragment is not appeared in the page, and page detection passes through, and page data is complete, returns to this parsing content to described User terminal 20;Abnormal if first time accession page, the abnormal page will be directly returned to the user terminal 20, conversely, The WEB server 10 deposits the normal page of content by cache module in case abnormal conditions occur;
Wherein, the page detection module is configured with regular expression, WEB page detection algorithm, neutral net detection calculation Method and WEB page sensitive features generating algorithm.
In the present embodiment, the preferred particular webpage template is article list page template or article details page template, The preferred contents fragment is article list and list paging.
In the present embodiment, the preferred cache module is the srcache cache modules based on nginx.
The WEB server 10 also includes content of pages detection module 14, and the content of pages detection module 14 includes number According to resolution unit 141, the content of pages detection module 14 according to the complete content of pages for obtaining, by regular expression, Whether WEB page detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm, the detection page occur The contents fragment specified, if during the contents fragment appears in the page, page detection does not pass through, the WEB server 10 Obtain testing result and pull the complete page of last data, transmission information informs that developer repairs problem;If described Contents fragment is not appeared in the page, and page detection passes through, and page data is complete, returns to this parsing content to the user End 20.
The content of pages detection module 14 also includes that neutral net detection unit 142, the detection of WEB page sensitive features are single Unit 143, the data resolution unit 141 parses the document of the WEB page to as model and http data, the WEB Page sensitive features detection unit 143 carries out sensitivity according to the WEB page sensitive features generating algorithm to the parsing data Sensitive features testing result is sent to the neutral net by feature detection, the WEB page sensitive features detection unit 143 again Detection unit 142, the neutral net detection unit 142 carries out network according to the neutral net detection algorithm to Webpage Neuron abnormality detection;
Wherein, the neutral net detection unit 142 is configured with neutral net detection algorithm, and the WEB page is sensitive special Levy detection unit 143 and be configured with WEB page sensitive features generating algorithm;
The WEB page sensitive features generating algorithm is configured with below equation:
Wherein, AallThe sum of linked object, A in representing pagesnullThe number of null link, A in representing pagesrealRepresent page The number of true site link, A are pointed in faceLocalPoint to the number of the link in this domain in representing pages, f (x) in Web page The intensity of anomaly of linked object;
The neutral net detection algorithm is configured with below equation:
The WEB page is set to three-layer neural network structure, the neutral net by the neutral net detection algorithm Structure includes input layer, output layer and hidden layer, and the input layer includes the dimension identical node with sensitive features vector Number;The node number of the output layer is 1, the real number between output 0 to 1;
Wherein, ChIt is hidden layer nodes, CiIt is input layer number, CoIt is output layer nodes.
The content of pages detection module 14 also includes WEB page attack detecting unit 144, the data resolution unit The document of the 141 parsing WEB pages is to as model and http data, the basis of WEB page attack detecting unit 144 The WEB page detection algorithm carries out attack signature detection to the parsing data;
Wherein, the WEB page attack detecting unit 144 is configured with WEB page detection algorithm.
The WEB page detection algorithm is configured with below equation:
I=L ∪ Hk∪Vu
Wherein, I represents the set of all Web pages, and L represents the set of normal Web page, HkRepresent known attack The set of WEB page, VuRepresent the set of the WEB page of unknown attack.
Employ after said system, user accesses corresponding network web page, the WEB server 10 receives user Request, the treatment user's request of the WEB server 10, during WEB server 10 obtains the database 30 by servicing end instruction Data, choose particular webpage template carry out dynamic data compiling parsing, obtain the complete content of webpage, the WEB server 10 according to obtain complete content of pages, by regular expression, WEB page detection algorithm, neutral net detection algorithm and Whether WEB page sensitive features generating algorithm, the detection page occurs the contents fragment specified, if the contents fragment occurs In the page, page detection does not pass through, and WEB server 10 obtains testing result and pulls the complete page of last data, Transmission information informs that developer repairs problem;If the contents fragment is not appeared in the page, page detection passes through, page Face data are complete, return to this parsing content to the user terminal;It is abnormal if first time accession page, the abnormal page User terminal 20 will be directly returned to, conversely, WEB server 10 by cache module 40 deposit the normal page of content in case Abnormal conditions occur, and the network web page abnormality detection realizes that system can effectively detect that the variant of conventional attack is even new Attack, Real-time Alarm reminds the developer to carry out problem reparation, while the page goes wrong, can represent last normal page Face detects its intensity of anomaly to user by algorithm, accurately quickly judges whether the page to be measured is to attack the page with abnormal page Face, the neural network structure to the page is analysed in depth, and improves Consumer's Experience.
Simultaneously, it should be appreciated that these are only the preferred embodiments of the present invention, it is impossible to therefore limit patent of the invention Scope, equivalent structure or equivalent implementation method that every utilization description of the invention and accompanying drawing content are made, or directly or indirectly Other related technical fields are used in, are included within the scope of the present invention.

Claims (9)

1. a kind of network web page abnormality detection realizes system, it is characterised in that:Including:WEB server, user terminal and data Storehouse and cache module, the WEB server include request of data receiver module, data transmission blocks, data processing module and page Face detection module,
User accesses corresponding network web page, and the request of data receiver module receives user's request, and the request of data connects Receive module and give data request processing module, data acquisition number of the data processing module according to request by the data is activation for receiving According to corresponding data in storehouse, the data processing module chooses particular webpage template and carries out dynamic data compiling parsing, obtains net Page complete content, the page detection module according to obtain complete content of pages, by regular expression, WEB page Whether detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm, the detection page occur specify interior Hold fragment;If the contents fragment is appeared in the page, page detection does not pass through, and the WEB server obtains detection knot Fruit simultaneously pulls the complete page of last data, and transmission information informs that developer repairs problem;If the contents fragment is not Appear in the page, page detection passes through, page data is complete, return to this parsing content to the user terminal;If the One time accession page is just abnormal, and the abnormal page will be directly returned to the user terminal, conversely, the web server passes through Cache module deposits the normal page of content in case abnormal conditions occur;
Wherein, the page detection module be configured with regular expression, WEB page detection algorithm, neutral net detection algorithm and WEB page sensitive features generating algorithm.
2. network web page abnormality detection according to claim 1 realizes system, it is characterised in that:The particular webpage Template is article list page template or article details page template, and the contents fragment is article list and list paging.
3. network web page abnormality detection according to claim 1 realizes system, it is characterised in that:The cache module It is the srcache cache modules based on nginx.
4. system is realized according to any described network web page abnormality detection of claims 1 to 3, it is characterised in that:It is described WEB server also includes content of pages detection module, and the content of pages detection module includes data resolution unit, the page Content detection module according to obtain complete content of pages, by regular expression, WEB page detection algorithm, neutral net Whether detection algorithm and WEB page sensitive features generating algorithm, the detection page occur the contents fragment specified, if in described Appearance fragment is appeared in the page, and page detection does not pass through, and the WEB server obtains testing result and pulls last data The complete page, transmission information informs that developer repairs problem;If the contents fragment is not appeared in the page, the page Detection passes through, and page data is complete, returns to this parsing content to the user terminal.
5. network web page abnormality detection according to claim 4 realizes system, it is characterised in that:The content of pages Detection module also includes neutral net detection unit, WEB page sensitive features detection unit, and the data resolution unit parses institute The document of WEB page is stated to as model and http data, the WEB page sensitive features detection unit is according to the WEB Page sensitive features generating algorithm carries out sensitive features detection to the parsing data, and the WEB page sensitive features detection is single Sensitive features testing result is sent to the neutral net detection unit by unit again, and the neutral net detection unit is according to Neutral net detection algorithm carries out network neural unit abnormality detection to Webpage;
Wherein, the neutral net detection unit is configured with neutral net detection algorithm, and the WEB page sensitive features detection is single Unit is configured with WEB page sensitive features generating algorithm.
6. network web page abnormality detection according to claim 4 realizes system, it is characterised in that:The content of pages Detection module also includes WEB page attack detecting unit, and the data resolution unit parses the document of the WEB page to as mould Type and http data, the WEB page attack detecting unit is according to the WEB page detection algorithm to the parsing data Carry out attack signature detection;
Wherein, the WEB page attack detecting unit is configured with WEB page detection algorithm.
7. network web page abnormality detection according to claim 5 realizes system, it is characterised in that:The WEB page is quick Sense feature generating algorithm is configured with below equation:
f ( x ) = ( A n u l l + A r e a l ) / A a l l A n u l l + A r e a l ≥ A l o c a l > 0 0 A a l l - A l o c a l / A a l l A l o c a l > A n u l l + A r e a l > 0
Wherein, AallThe sum of linked object, A in representing pagesnullThe number of null link, A in representing pagesrealIn representing pages Point to the number of true site link, ALocalThe number of the link in this domain, f are pointed in representing pages(x)To be linked in Web page The intensity of anomaly of object.
8. network web page abnormality detection according to claim 5 realizes system, it is characterised in that:The neutral net Detection algorithm is configured with below equation:
C h = 0.43 C i C o + 0.12 C o 2 + 2.54 C i + 0.77 C o + 0.35 + 0.5
The WEB page is set to three-layer neural network structure, the neural network structure by the neutral net detection algorithm Including input layer, output layer and hidden layer, the input layer includes the dimension identical node number with sensitive features vector;Institute It is 1 to state the node number of output layer, the real number between output 0 to 1;
Wherein, ChIt is hidden layer nodes, CiIt is input layer number, CoIt is output layer nodes.
9. network web page abnormality detection according to claim 6 realizes system, it is characterised in that:The WEB page inspection Method of determining and calculating is configured with below equation:
I=L ∪ Hk∪Vu
Wherein, I represents the set of all Web pages, and L represents the set of normal Web page, HkRepresent the WEB page of known attack Set, VuRepresent the set of the WEB page of unknown attack.
CN201611084247.1A 2016-11-30 2016-11-30 A kind of network web page abnormality detection realizes system Pending CN106789951A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611084247.1A CN106789951A (en) 2016-11-30 2016-11-30 A kind of network web page abnormality detection realizes system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611084247.1A CN106789951A (en) 2016-11-30 2016-11-30 A kind of network web page abnormality detection realizes system

Publications (1)

Publication Number Publication Date
CN106789951A true CN106789951A (en) 2017-05-31

Family

ID=58913425

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611084247.1A Pending CN106789951A (en) 2016-11-30 2016-11-30 A kind of network web page abnormality detection realizes system

Country Status (1)

Country Link
CN (1) CN106789951A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107832774A (en) * 2017-10-09 2018-03-23 无线生活(杭州)信息科技有限公司 A kind of page exception detection method and device
CN110781429A (en) * 2019-09-24 2020-02-11 支付宝(杭州)信息技术有限公司 Internet data detection method, device, equipment and computer readable storage medium
CN113489608A (en) * 2021-06-30 2021-10-08 四川虹美智能科技有限公司 Method and device for processing business exception

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060080735A1 (en) * 2004-09-30 2006-04-13 Usa Revco, Llc Methods and systems for phishing detection and notification
CN102571768A (en) * 2011-12-26 2012-07-11 北京大学 Detection method for phishing site
CN103685308A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Detection method and system of phishing web pages, client and server
CN103685307A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Method, system, client and server for detecting phishing fraud webpage based on feature library
CN106055564A (en) * 2016-05-18 2016-10-26 平安科技(深圳)有限公司 Method and device for page loading

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060080735A1 (en) * 2004-09-30 2006-04-13 Usa Revco, Llc Methods and systems for phishing detection and notification
CN102571768A (en) * 2011-12-26 2012-07-11 北京大学 Detection method for phishing site
CN103685308A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Detection method and system of phishing web pages, client and server
CN103685307A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Method, system, client and server for detecting phishing fraud webpage based on feature library
CN106055564A (en) * 2016-05-18 2016-10-26 平安科技(深圳)有限公司 Method and device for page loading

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭敏哲: "网络钓鱼Web页面检测算法", 《计算机工程》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107832774A (en) * 2017-10-09 2018-03-23 无线生活(杭州)信息科技有限公司 A kind of page exception detection method and device
CN110781429A (en) * 2019-09-24 2020-02-11 支付宝(杭州)信息技术有限公司 Internet data detection method, device, equipment and computer readable storage medium
CN113489608A (en) * 2021-06-30 2021-10-08 四川虹美智能科技有限公司 Method and device for processing business exception

Similar Documents

Publication Publication Date Title
Lakshmi et al. Efficient prediction of phishing websites using supervised learning algorithms
EP2924579B1 (en) Event correlation
Gupta et al. PHP-sensor: a prototype method to discover workflow violation and XSS vulnerabilities in PHP web applications
CN110414242A (en) For detecting the method, apparatus, equipment and medium of service logic loophole
Ge et al. Distributed fault detection over sensor networks with Markovian switching topologies
CN110177108A (en) A kind of anomaly detection method, device and verifying system
CN106789948A (en) A kind of network web page method for detecting abnormality
CN105138907B (en) A kind of active probe is attacked the method and system of website
CN109635564A (en) A kind of method, apparatus, medium and equipment detecting Brute Force behavior
CN106789951A (en) A kind of network web page abnormality detection realizes system
CN106649221A (en) Method and device for detecting duplicated texts
CN108900388A (en) Method and apparatus for monitor network quality
CN108470003A (en) Fuzz testing methods, devices and systems
CN107038380A (en) A kind of leak detection method and system based on performance of program tree
CN109446814A (en) Vulnerability detection method and device
CN106549959A (en) A kind of recognition methodss of agent IP Protocol IP address and device
CN108200032A (en) A kind of data detection method, device and electronic equipment
Ma et al. A novel broad learning system based leakage detection and universal localization method for pipeline networks
CN107704668A (en) A kind of sensor optimization layout method based on testability modeling and analysis
Ma et al. Adequate and precise evaluation of quality models in software engineering studies
CN105978850A (en) Detection system and detection method for counterfeit website based on graph matching
CN107508727A (en) One kind automation network interface card information inspection method and device
CN104635146B (en) Analog circuit fault diagnosis method based on random sinusoidal signal test and HMM (Hidden Markov Model)
Barraclough et al. Phishing website detection fuzzy system modelling
CN114048480A (en) Vulnerability detection method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531

RJ01 Rejection of invention patent application after publication