JP5600160B2 - フィッシング疑惑ウェブサイトを識別するための方法及びシステム - Google Patents

フィッシング疑惑ウェブサイトを識別するための方法及びシステム Download PDF

Info

Publication number
JP5600160B2
JP5600160B2 JP2012502006A JP2012502006A JP5600160B2 JP 5600160 B2 JP5600160 B2 JP 5600160B2 JP 2012502006 A JP2012502006 A JP 2012502006A JP 2012502006 A JP2012502006 A JP 2012502006A JP 5600160 B2 JP5600160 B2 JP 5600160B2
Authority
JP
Japan
Prior art keywords
website
address
uniform resource
resource locator
phishing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2012502006A
Other languages
English (en)
Japanese (ja)
Other versions
JP2012521599A5 (enExample
JP2012521599A (ja
Inventor
チャン・リミン
ウェン・ボー
コン・ヨンウェイ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Publication of JP2012521599A publication Critical patent/JP2012521599A/ja
Publication of JP2012521599A5 publication Critical patent/JP2012521599A5/ja
Application granted granted Critical
Publication of JP5600160B2 publication Critical patent/JP5600160B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01QANTENNAS, i.e. RADIO AERIALS
    • H01Q1/00Details of, or arrangements associated with, antennas
    • H01Q1/27Adaptation for use in or on movable bodies
    • H01Q1/32Adaptation for use in or on road or rail vehicles
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01QANTENNAS, i.e. RADIO AERIALS
    • H01Q1/00Details of, or arrangements associated with, antennas
    • H01Q1/27Adaptation for use in or on movable bodies
    • H01Q1/32Adaptation for use in or on road or rail vehicles
    • H01Q1/3208Adaptation for use in or on road or rail vehicles characterised by the application wherein the antenna is used
    • H01Q1/3233Adaptation for use in or on road or rail vehicles characterised by the application wherein the antenna is used particular used as part of a sensor or in a security system, e.g. for automotive radar, navigation systems
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01QANTENNAS, i.e. RADIO AERIALS
    • H01Q1/00Details of, or arrangements associated with, antennas
    • H01Q1/36Structural form of radiating elements, e.g. cone, spiral, umbrella; Particular materials used therewith
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01QANTENNAS, i.e. RADIO AERIALS
    • H01Q1/00Details of, or arrangements associated with, antennas
    • H01Q1/36Structural form of radiating elements, e.g. cone, spiral, umbrella; Particular materials used therewith
    • H01Q1/38Structural form of radiating elements, e.g. cone, spiral, umbrella; Particular materials used therewith formed by a conductive layer on an insulating support
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01QANTENNAS, i.e. RADIO AERIALS
    • H01Q19/00Combinations of primary active antenna elements and units with secondary devices, e.g. with quasi-optical devices, for giving the antenna a desired directional characteristic
    • H01Q19/10Combinations of primary active antenna elements and units with secondary devices, e.g. with quasi-optical devices, for giving the antenna a desired directional characteristic using reflecting surfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
JP2012502006A 2009-03-24 2010-03-23 フィッシング疑惑ウェブサイトを識別するための方法及びシステム Expired - Fee Related JP5600160B2 (ja)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
CN2009101293776A CN101504673B (zh) 2009-03-24 2009-03-24 一种识别疑似仿冒网站的方法与系统
CN200910129377.6 2009-03-24
US12/661,753 2010-03-22
US12/661,753 US8621616B2 (en) 2009-03-24 2010-03-22 Method and system for identifying suspected phishing websites
PCT/US2010/000875 WO2010110885A1 (en) 2009-03-24 2010-03-23 Method and system for identifying suspected phishing websites

Publications (3)

Publication Number Publication Date
JP2012521599A JP2012521599A (ja) 2012-09-13
JP2012521599A5 JP2012521599A5 (enExample) 2014-01-23
JP5600160B2 true JP5600160B2 (ja) 2014-10-01

Family

ID=40976919

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2012502006A Expired - Fee Related JP5600160B2 (ja) 2009-03-24 2010-03-23 フィッシング疑惑ウェブサイトを識別するための方法及びシステム

Country Status (5)

Country Link
US (1) US8621616B2 (enExample)
EP (2) EP2889792A1 (enExample)
JP (1) JP5600160B2 (enExample)
CN (1) CN101504673B (enExample)
WO (1) WO2010110885A1 (enExample)

Families Citing this family (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468597B1 (en) * 2008-12-30 2013-06-18 Uab Research Foundation System and method for identifying a phishing website
US8495735B1 (en) * 2008-12-30 2013-07-23 Uab Research Foundation System and method for conducting a non-exact matching analysis on a phishing website
CN103870554A (zh) * 2009-12-11 2014-06-18 北京奇虎科技有限公司 一种实现浏览器地址栏铭牌的方法
WO2011160273A1 (en) * 2010-06-21 2011-12-29 Nokia Corporation Method and apparatus for bridging communication sessions
US9130988B2 (en) * 2010-12-21 2015-09-08 Microsoft Technology Licensing, Llc Scareware detection
US8800033B2 (en) * 2011-05-26 2014-08-05 International Business Machines Corporation Rotation of web site content to prevent E-mail spam/phishing attacks
CN103092832A (zh) * 2011-10-27 2013-05-08 腾讯科技(深圳)有限公司 网址风险检测的处理方法及装置
CN102520807A (zh) * 2011-11-29 2012-06-27 深圳市万兴软件有限公司 一种输入字符控制方法和系统
CN102523210B (zh) * 2011-12-06 2014-11-05 中国科学院计算机网络信息中心 钓鱼网站检测方法及装置
CN102647422B (zh) * 2012-04-10 2014-09-17 中国科学院计算机网络信息中心 钓鱼网站检测方法及设备
CN102737183B (zh) * 2012-06-12 2014-08-13 腾讯科技(深圳)有限公司 网页安全访问的方法及装置
CN103678342B (zh) * 2012-09-07 2018-04-27 腾讯科技(深圳)有限公司 启动项识别方法及装置
CN103778113B (zh) * 2012-10-17 2017-04-19 腾讯科技(深圳)有限公司 终端、服务器及终端、服务器的网页处理方法
US9344449B2 (en) 2013-03-11 2016-05-17 Bank Of America Corporation Risk ranking referential links in electronic messages
JP6015546B2 (ja) * 2013-04-30 2016-10-26 キヤノンマーケティングジャパン株式会社 情報処理装置、情報処理方法、プログラム
US9621566B2 (en) 2013-05-31 2017-04-11 Adi Labs Incorporated System and method for detecting phishing webpages
US10187476B2 (en) * 2013-06-17 2019-01-22 Beijing Xiaomi Mobile Software Co., Ltd. Method and apparatus for bridging communication sessions
KR101696912B1 (ko) * 2014-01-23 2017-01-16 한국전자통신연구원 문자 인식의 후처리 방법 및 이를 이용하는 문자 인식 장치
US9398047B2 (en) * 2014-11-17 2016-07-19 Vade Retro Technology, Inc. Methods and systems for phishing detection
US10164927B2 (en) 2015-01-14 2018-12-25 Vade Secure, Inc. Safe unsubscribe
US9253208B1 (en) 2015-03-05 2016-02-02 AO Kaspersky Lab System and method for automated phishing detection rule evolution
US9946874B2 (en) 2015-08-06 2018-04-17 International Business Machines Corporation Authenticating application legitimacy
CN105447204B (zh) * 2016-01-04 2017-12-12 北京百度网讯科技有限公司 网址识别方法和装置
US10142366B2 (en) 2016-03-15 2018-11-27 Vade Secure, Inc. Methods, systems and devices to mitigate the effects of side effect URLs in legitimate and phishing electronic messages
US10505979B2 (en) 2016-05-13 2019-12-10 International Business Machines Corporation Detection and warning of imposter web sites
CN108073804B (zh) * 2016-11-14 2022-11-29 百度在线网络技术(北京)有限公司 一种风险识别方法和装置
US10567430B2 (en) 2016-12-09 2020-02-18 International Business Machines Corporation Protecting against notification based phishing attacks
CN108255870B (zh) * 2016-12-29 2021-06-01 中国移动通信集团浙江有限公司 一种网站数据爬取方法及装置
CN108052602A (zh) * 2017-12-13 2018-05-18 深圳市小满科技有限公司 信息收集方法、装置、电子设备及计算机可读存储介质
DE102018125158B4 (de) 2018-10-11 2024-11-07 Bayerische Motoren Werke Aktiengesellschaft Kraftfahrzeug-Wischerblatt
US10893070B2 (en) * 2019-04-18 2021-01-12 Facebook, Inc. Detecting a page for a real-world entity, an imposter of a real-world entity, or a non-real-world entity that complies with or violates a policy of an online system
US11379577B2 (en) * 2019-09-26 2022-07-05 Microsoft Technology Licensing, Llc Uniform resource locator security analysis using malice patterns
US11831419B2 (en) * 2019-09-27 2023-11-28 Mcafee, Llc Methods and apparatus to detect website phishing attacks
US11431751B2 (en) 2020-03-31 2022-08-30 Microsoft Technology Licensing, Llc Live forensic browsing of URLs
US11575708B2 (en) * 2020-05-29 2023-02-07 Mcafee, Llc Icon based phishing detection
CN111597557B (zh) * 2020-06-30 2024-08-09 腾讯科技(深圳)有限公司 恶意应用程序的检测方法、系统、装置、设备及存储介质
CN111737692B (zh) * 2020-08-17 2020-12-18 腾讯科技(深圳)有限公司 应用程序的风险检测方法及装置、设备、存储介质
CN112272176A (zh) * 2020-10-23 2021-01-26 常州市同济科技有限公司 一种基于大数据平台的网络安全防护方法及系统
CN113542280A (zh) * 2021-07-16 2021-10-22 湖南大学 一种基于BA-BNN算法的LDoS攻击检测方法

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3898016B2 (ja) * 2001-09-28 2007-03-28 三菱電機株式会社 情報検索装置、情報検索方法及び情報検索プログラム
US20040078422A1 (en) 2002-10-17 2004-04-22 Toomey Christopher Newell Detecting and blocking spoofed Web login pages
JP4511817B2 (ja) * 2003-10-27 2010-07-28 九州日本電気ソフトウェア株式会社 スパムメールを利用したフィルタリングシステム、スパム処理サーバ、並びに、スパム処理方法、およびプログラム
JP4545540B2 (ja) * 2004-10-01 2010-09-15 三菱電機株式会社 アクセス防止装置
US7634810B2 (en) 2004-12-02 2009-12-15 Microsoft Corporation Phishing detection, prevention, and notification
US7580982B2 (en) 2004-12-14 2009-08-25 The Go Daddy Group, Inc. Email filtering system and method
US7590698B1 (en) 2005-03-14 2009-09-15 Symantec Corporation Thwarting phishing attacks by using pre-established policy files
JP4429971B2 (ja) * 2005-06-03 2010-03-10 日本電信電話株式会社 正当サイト検証方法、装置、およびプログラム
US7769820B1 (en) * 2005-06-30 2010-08-03 Voltage Security, Inc. Universal resource locator verification services using web site attributes
US7681234B2 (en) 2005-06-30 2010-03-16 Microsoft Corporation Preventing phishing attacks
JP4200453B2 (ja) * 2005-07-08 2008-12-24 株式会社クローバー・ネットワーク・コム 不正防止プログラムおよびそのコンピュータ読み取り可能な記憶媒体
JP2007058587A (ja) * 2005-08-24 2007-03-08 Matsushita Electric Ind Co Ltd 信頼性検証システム
US7603699B2 (en) 2005-08-25 2009-10-13 Melih Abdulhayoglu Method for establishing trust online
JP4422088B2 (ja) 2005-09-27 2010-02-24 Necネクサソリューションズ株式会社 画像配列型認証システム
US20070083670A1 (en) * 2005-10-11 2007-04-12 International Business Machines Corporation Method and system for protecting an internet user from fraudulent ip addresses on a dns server
JP4612535B2 (ja) * 2005-12-02 2011-01-12 日本電信電話株式会社 正当サイト検証手法におけるホワイトリスト収集方法および装置
US20080082662A1 (en) * 2006-05-19 2008-04-03 Richard Dandliker Method and apparatus for controlling access to network resources based on reputation
US7668921B2 (en) 2006-05-30 2010-02-23 Xerox Corporation Method and system for phishing detection
US20080172738A1 (en) * 2007-01-11 2008-07-17 Cary Lee Bates Method for Detecting and Remediating Misleading Hyperlinks
US7266693B1 (en) 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
US9021582B2 (en) 2007-04-24 2015-04-28 Juniper Networks, Inc. Parallelized pattern matching using non-deterministic finite automata
CA2697632C (en) 2007-08-06 2015-05-12 Bernard De Monseignat System and method for authentication, data transfer, and protection against phishing
US7650310B2 (en) 2007-10-30 2010-01-19 Intuit Inc. Technique for reducing phishing
US20090182818A1 (en) * 2008-01-11 2009-07-16 Fortinet, Inc. A Delaware Corporation Heuristic detection of probable misspelled addresses in electronic communications
JP5166094B2 (ja) * 2008-03-27 2013-03-21 株式会社野村総合研究所 通信中継装置、ウェブ端末、メールサーバ装置、電子メール端末およびサイトチェックプログラム

Also Published As

Publication number Publication date
EP2889792A1 (en) 2015-07-01
EP2411913B1 (en) 2015-02-25
EP2411913A1 (en) 2012-02-01
EP2411913A4 (en) 2013-01-30
HK1133720A1 (en) 2010-04-01
US8621616B2 (en) 2013-12-31
WO2010110885A1 (en) 2010-09-30
CN101504673A (zh) 2009-08-12
US20100251380A1 (en) 2010-09-30
JP2012521599A (ja) 2012-09-13
CN101504673B (zh) 2011-09-07

Similar Documents

Publication Publication Date Title
JP5600160B2 (ja) フィッシング疑惑ウェブサイトを識別するための方法及びシステム
US11809687B2 (en) Systems and methods for proactive analysis of artifacts associated with information resources
Ding et al. A keyword-based combination approach for detecting phishing webpages
US10243991B2 (en) Methods and systems for generating dashboards for displaying threat insight information
US9241004B1 (en) Alteration of web documents for protection against web-injection attacks
US8438642B2 (en) Method of detecting potential phishing by analyzing universal resource locators
US8448245B2 (en) Automated identification of phishing, phony and malicious web sites
US9083735B2 (en) Method and apparatus for detecting computer fraud
CN1760872B (zh) 处理目的地址的方法和系统
US11689546B2 (en) Improving network security through real-time analysis of character similarities
CN104980404B (zh) 保护账号信息安全的方法和系统
CN104767747A (zh) 点击劫持安全检测方法和装置
US20230359330A1 (en) Systems and methods for analysis of visually-selected information resources
CN116366338B (zh) 一种风险网站识别方法、装置、计算机设备及存储介质
CN112948725A (zh) 基于机器学习的钓鱼网站url检测方法及系统
US8910281B1 (en) Identifying malware sources using phishing kit templates
CN104978423A (zh) 网站类型的检测方法及装置
JP2012088803A (ja) 悪性ウェブコード判別システム、悪性ウェブコード判別方法および悪性ウェブコード判別用プログラム
Sloane et al. Trademark vigilance in the twenty-first century: an update
US12470596B2 (en) Model for detecting phishing URLS
JP4564916B2 (ja) フィッシング詐欺対策方法、端末、サーバ及びプログラム
JP2014186425A (ja) 文章マスク装置及び文章マスクプログラム
TWI595373B (zh) Method and system for identifying suspected phishing websites
Satane et al. Survey paper on phishing detection: Identification of malicious URL using Bayesian classification on social network sites
JP2007133488A (ja) 情報発信元検証方法および装置

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20130308

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20130308

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20131127

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20131127

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20131219

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20140107

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20140402

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20140409

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140425

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140722

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20140814

R150 Certificate of patent or registration of utility model

Ref document number: 5600160

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees