JP2018041442A - Webページの異常要素を検出するためのシステム及び方法 - Google Patents

Webページの異常要素を検出するためのシステム及び方法 Download PDF

Info

Publication number
JP2018041442A
JP2018041442A JP2017126050A JP2017126050A JP2018041442A JP 2018041442 A JP2018041442 A JP 2018041442A JP 2017126050 A JP2017126050 A JP 2017126050A JP 2017126050 A JP2017126050 A JP 2017126050A JP 2018041442 A JP2018041442 A JP 2018041442A
Authority
JP
Japan
Prior art keywords
web page
cluster
web
dimensional vector
statistical model
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2017126050A
Other languages
English (en)
Japanese (ja)
Other versions
JP2018041442A5 (enExample
Inventor
ブイ. キュプリーヴ オレグ
V Kupreev Oleg
ブイ. キュプリーヴ オレグ
ビー. ガルチェンコ アントン
B Galchenko Anton
ビー. ガルチェンコ アントン
ブイ. ウスチノフ ミハイル
V Ustinov Mikhail
ブイ. ウスチノフ ミハイル
ブイ. コンドラトフ ヴィタリ
V Kondratov Vitaly
ブイ. コンドラトフ ヴィタリ
エー. クスコフ ウラジミール
A Kuskov Vladimir
エー. クスコフ ウラジミール
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kaspersky Lab AO
Original Assignee
Kaspersky Lab AO
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kaspersky Lab AO filed Critical Kaspersky Lab AO
Publication of JP2018041442A publication Critical patent/JP2018041442A/ja
Publication of JP2018041442A5 publication Critical patent/JP2018041442A5/ja
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/128Restricting unauthorised execution of programs involving web programs, i.e. using technology especially used in internet, generally interacting with a web browser, e.g. hypertext markup language [HTML], applets, java
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Virology (AREA)
  • Strategic Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Technology Law (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Data Mining & Analysis (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
JP2017126050A 2016-09-08 2017-06-28 Webページの異常要素を検出するためのシステム及び方法 Pending JP2018041442A (ja)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
RU2016136226A RU2652451C2 (ru) 2016-09-08 2016-09-08 Способы обнаружения аномальных элементов веб-страниц
RU2016136226 2016-09-08
US15/437,828 2017-02-21
US15/437,828 US10291640B2 (en) 2016-09-08 2017-02-21 System and method for detecting anomalous elements of web pages

Publications (2)

Publication Number Publication Date
JP2018041442A true JP2018041442A (ja) 2018-03-15
JP2018041442A5 JP2018041442A5 (enExample) 2019-01-17

Family

ID=61281472

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2017126050A Pending JP2018041442A (ja) 2016-09-08 2017-06-28 Webページの異常要素を検出するためのシステム及び方法

Country Status (4)

Country Link
US (1) US10291640B2 (enExample)
JP (1) JP2018041442A (enExample)
CN (1) CN107808095B (enExample)
RU (1) RU2652451C2 (enExample)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2638710C1 (ru) * 2016-10-10 2017-12-15 Акционерное общество "Лаборатория Касперского" Способы обнаружения вредоносных элементов веб-страниц
US11509540B2 (en) 2017-12-14 2022-11-22 Extreme Networks, Inc. Systems and methods for zero-footprint large-scale user-entity behavior modeling
RU2702080C1 (ru) * 2018-06-29 2019-10-03 Акционерное общество "Лаборатория Касперского" Способ блокировки сетевых соединений с ресурсами из запрещенных категорий
US20200019583A1 (en) * 2018-07-11 2020-01-16 University Of Southern California Systems and methods for automated repair of webpages
GB2596502B (en) 2020-01-06 2023-01-04 British Telecomm Crypto-jacking detection
CN111597107B (zh) * 2020-04-22 2023-04-28 北京字节跳动网络技术有限公司 信息输出方法、装置和电子设备
US11811824B2 (en) * 2020-06-08 2023-11-07 Target Brands, Inc. Security system for detecting malicious actor's observation
CN112434238A (zh) * 2020-11-25 2021-03-02 平安普惠企业管理有限公司 网页质量检测方法、装置、电子设备及存储介质

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140283067A1 (en) * 2013-03-15 2014-09-18 Shape Security Inc. Detecting the introduction of alien content

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1176432C (zh) * 1999-07-28 2004-11-17 国际商业机器公司 提供本国语言查询服务的方法和系统
US8544087B1 (en) 2001-12-14 2013-09-24 The Trustess Of Columbia University In The City Of New York Methods of unsupervised anomaly detection using a geometric framework
JP4652741B2 (ja) * 2004-08-02 2011-03-16 インターナショナル・ビジネス・マシーンズ・コーポレーション 異常検出装置、異常検出方法、異常検出プログラム、及び記録媒体
US20090307191A1 (en) * 2008-06-10 2009-12-10 Li Hong C Techniques to establish trust of a web page to prevent malware redirects from web searches or hyperlinks
US8225401B2 (en) 2008-12-18 2012-07-17 Symantec Corporation Methods and systems for detecting man-in-the-browser attacks
US9021583B2 (en) 2010-01-26 2015-04-28 Emc Corporation System and method for network security including detection of man-in-the-browser attacks
US8364811B1 (en) * 2010-06-30 2013-01-29 Amazon Technologies, Inc. Detecting malware
RU2446459C1 (ru) * 2010-07-23 2012-03-27 Закрытое акционерное общество "Лаборатория Касперского" Система и способ проверки веб-ресурсов на наличие вредоносных компонент
BR112013004345B1 (pt) * 2010-08-25 2020-12-08 Lookout, Inc. sistema e método para evitar malware acoplado a um servidor
WO2012154657A2 (en) 2011-05-06 2012-11-15 The Penn State Research Foundation Robust anomaly detection and regularized domain adaptation of classifiers with application to internet packet-flows
US8869279B2 (en) * 2011-05-13 2014-10-21 Imperva, Inc. Detecting web browser based attacks using browser response comparison tests launched from a remote source
US9386028B2 (en) * 2012-10-23 2016-07-05 Verint Systems Ltd. System and method for malware detection using multidimensional feature clustering
KR101758055B1 (ko) * 2014-10-27 2017-07-14 삼성에스디에스 주식회사 환자 개인 특성에 대한 분석 방법 및 그 장치
US9979748B2 (en) * 2015-05-27 2018-05-22 Cisco Technology, Inc. Domain classification and routing using lexical and semantic processing
US9923916B1 (en) * 2015-06-17 2018-03-20 Amazon Technologies, Inc. Adaptive web application vulnerability scanner

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140283067A1 (en) * 2013-03-15 2014-09-18 Shape Security Inc. Detecting the introduction of alien content

Also Published As

Publication number Publication date
US20180069880A1 (en) 2018-03-08
CN107808095B (zh) 2021-03-26
CN107808095A (zh) 2018-03-16
US10291640B2 (en) 2019-05-14
RU2016136226A (ru) 2018-03-15
RU2016136226A3 (enExample) 2018-03-15
RU2652451C2 (ru) 2018-04-26

Similar Documents

Publication Publication Date Title
JP6530786B2 (ja) Webページの悪意のある要素を検出するシステム及び方法
US11050778B2 (en) Complex application attack quantification, testing, detection and prevention
JP6847187B2 (ja) 画像ベースのcaptchaチャレンジ
JP2018041442A (ja) Webページの異常要素を検出するためのシステム及び方法
CN105516113B (zh) 用于自动网络钓鱼检测规则演进的系统和方法
CA2595758C (en) System for detecting vulnerabilities in web applications using client-side application interfaces
JP2019192198A (ja) 悪意あるコンテナを検出するための機械学習モデルをトレーニングするシステムおよび方法
WO2020082763A1 (zh) 基于决策树的钓鱼网站检测方法、装置及计算机设备
US20230065787A1 (en) Detection of phishing websites using machine learning
JP2012088803A (ja) 悪性ウェブコード判別システム、悪性ウェブコード判別方法および悪性ウェブコード判別用プログラム
CN115580494B (zh) 一种弱口令的检测方法、装置和设备
EP3306511B1 (en) System and methods of detecting malicious elements of web pages
EP3293661A1 (en) System and method for detecting anomalous elements of web pages
CN119766546A (zh) 攻击行为检测方法、装置、设备及介质
RU2702081C2 (ru) Система и способ обнаружения модификации веб-ресурса
RU2659741C1 (ru) Способы обнаружения аномальных элементов веб-страниц на основании статистической значимости
RU2580027C1 (ru) Система и способ формирования правил поиска данных, используемых для фишинга
CN115514539A (zh) 一种网络攻击的防护方法及装置、存储介质及电子设备
Frühwirt Automated discovery of secure website domains

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20170815

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20180911

A524 Written submission of copy of amendment under article 19 pct

Free format text: JAPANESE INTERMEDIATE CODE: A524

Effective date: 20181203

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20190604

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20191003

C60 Trial request (containing other claim documents, opposition documents)

Free format text: JAPANESE INTERMEDIATE CODE: C60

Effective date: 20191003

A911 Transfer to examiner for re-examination before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A911

Effective date: 20191015

C21 Notice of transfer of a case for reconsideration by examiners before appeal proceedings

Free format text: JAPANESE INTERMEDIATE CODE: C21

Effective date: 20191023

A912 Re-examination (zenchi) completed and case transferred to appeal board

Free format text: JAPANESE INTERMEDIATE CODE: A912

Effective date: 20191213

C211 Notice of termination of reconsideration by examiners before appeal proceedings

Free format text: JAPANESE INTERMEDIATE CODE: C211

Effective date: 20191217

C22 Notice of designation (change) of administrative judge

Free format text: JAPANESE INTERMEDIATE CODE: C22

Effective date: 20200616

C23 Notice of termination of proceedings

Free format text: JAPANESE INTERMEDIATE CODE: C23

Effective date: 20200721

C03 Trial/appeal decision taken

Free format text: JAPANESE INTERMEDIATE CODE: C03

Effective date: 20200825

C30A Notification sent

Free format text: JAPANESE INTERMEDIATE CODE: C3012

Effective date: 20200825