KR101516997B1 - Method and apparatus for protecting smishing - Google Patents

Abstract

The present invention relates to a method and apparatus for protecting smishing in a mobile environment. A method of protecting smishing in a cloud brawer server according to an embodiment of the present invention includes a step of receiving a web access request message including URL information from a mobile device, a step of executing a cloud browser according to the reception of the web access request message, and a step of generating the cloud web screen corresponding to the URL information and transmitting it to the mobile device. Therefore, the method of protecting smishing can effectively protect a mobile device from a smishing attack.

Description

FIELD OF THE INVENTION [0001] The present invention relates to a method and apparatus for blocking smuting,

[0001] The present invention relates to a method and apparatus for blocking a smearing in a mobile environment, and more particularly, to a system and method for preventing a malicious code from being installed in a mobile device through interworking with a cloud browser server And a device and a system for supporting the same.

With the development of information and communication technologies, currently available mobile devices are configured to perform various functions as well as a simple call function. Examples of such various functions include web browsing, chatting, watching TV, navigating, playing games, shooting pictures or videos through cameras, audio storage, playing music files through a speaker system, and displaying images or video have.

To this end, mobile device manufacturers are working hard to develop hardware and software to provide more complex and diverse functions.

In addition, various complicated application software such as mobile banking, mobile coupon, traffic card, game, security, and the like are installed in recent mobile terminals.

In particular, currently available smart phones are equipped with high-quality processors and a high-resolution touch screen screen, thereby enabling various multimedia functions and applications to be used.

Accordingly, the recently introduced smart phone is used not only as a communication means but also as a personal information management and payment means.

Recently, users have stored various financial information such as security certificates and credit card information on their smartphones, and are enjoying banking, securities transactions, or mobile shopping through spots.

 Recently, however, a new mobile device hacking technique has appeared in which a malicious code such as a Trojan horse is installed on a mobile device when a mobile device user transmits a text message containing a link to a web site and clicks the link of the web site. Hackers can control mobile devices through the hacking techniques described above, and can use various personal information and important financial information stored in mobile devices without restriction.

For example, a malicious code may be installed on a user's mobile device when a user clicks a website link included in a received text message. The hacker can purchase game items or pay cyber money by using the obtained authentication number after obtaining the authentication number for the micro settlement through the installed malicious code.

Smishing is a compound word of short message service of mobile device and phishing that refers to extracting financial information by impersonating financial institutions or electronic commerce companies.

Conventionally, efforts have been made to prevent smashing damage by installing a smear prevention application program on a mobile device. However, the mobile device user has inconveniences to access the server for providing the smsing information in order to acquire the latest smsing information and update the application program.

SUMMARY OF THE INVENTION It is an object of the present invention to provide a method of blocking smearing in a mobile environment.

It is another object of the present invention to provide a smoothing blocking method capable of preventing a malicious code from being installed in a mobile device through interworking with a cloud browser server.

Yet another object of the present invention is to securely provide detailed information on smearing to a user's mobile device through interworking with a cloud browser server.

It is still another object of the present invention to provide a method for maintaining information about a site related to a smsing in a database and effectively using it to block smsing.

It is still another object of the present invention to provide an apparatus, a system, and a recording medium that support the above methods.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are not restrictive of the invention, unless further departing from the spirit and scope of the invention as defined by the appended claims. It will be possible.

The present invention provides a method and system for blocking spamming in a mobile environment.

A method for blocking smoothing in a cloud browser server according to an embodiment of the present invention includes receiving a web access request message including URL information from a mobile device and executing a cloud browser in response to receiving the web access request message And generating a cloud web screen corresponding to the URL information and transmitting the generated cloud web screen to the mobile device, wherein the cloud browser creates the cloud web screen.

Here, the URL information may be information included in a text message received by the mobile device.

Also, the cloud web screen may include an initial screen display area in which an initial screen of a web site corresponding to the URL information is displayed, and a notification message pop-up window in which a predetermined notification message for confirming whether to continue executing the cloud browser is displayed And may include at least one.

The notification message pop-up window may include at least one of a notification message display area for displaying a predetermined notification message, an execution button for continuously executing the cloud browser, and a stop button for stopping execution of the cloud browser .

Here, if the stop button is clicked, the web site corresponding to the URL information may be reported as a harmful site.

The harmful site reporting step may include displaying a harmful site reporting pop-up window including a report button on the cloud web screen, and storing the URL information in a phishing information database associated with the cloud browser server when the report button is clicked Step < / RTI >

The method may further include determining whether the URL information is registered as a phishing site by referring to the phishing information database, and if the URL information is registered as a phishing site, A predetermined phishing warning message may be transmitted to the mobile device.

A method for intercepting smashing in conjunction with a cloud browser server according to another embodiment of the present invention includes receiving a text message including URL information, and transmitting the text message to a predetermined web Transmitting a connection request message to the cloud browser server, receiving a cloud web screen corresponding to the URL from the cloud browser server, and displaying the received cloud web screen. Here, the cloud web screen is generated by a cloud browser driven by the cloud browser server.

The SMS blocking system according to another embodiment of the present invention includes a short message server for transmitting a text message including URL information to the mobile device through a mobile device and a wireless network and a web access request message including the URL information And a cloud browser server that executes a cloud browser when receiving the information from the mobile device and provides the cloud web screen to the mobile device. Here, the user of the mobile device can identify whether the text message is a phishing message through the cloud web screen.

Also, the wireless network may include at least one of a mobile communication network and a wireless Internet network. At this time, the cloud browser server can be connected to the wireless network through the Internet network.

The server for providing a blocking service to a mobile device according to another embodiment of the present invention includes means for receiving a web access request message including URL information from the mobile device and means for receiving a web access request message from the cloud browser And means for generating and transmitting a cloud web screen corresponding to the URL information to the mobile device, wherein the server generates the cloud web screen.

The apparatus for intercepting smearing in cooperation with a cloud browser server according to another embodiment of the present invention includes means for displaying a text message including URL information and means for displaying the URL information when the URL information is clicked in the displayed text message A means for receiving a cloud web screen corresponding to the URL from the cloud browser server and means for displaying the received cloud web screen, And the cloud web screen is generated by a cloud browser driven by the cloud browser server.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, And can be understood and understood.

Advantageous effects and advantages of a method for blocking a smearing in a mobile environment according to the present invention and a device and a system supporting the same are as follows.

First, the smoothing blocking method and the system according to the present invention are advantageous in preventing a malicious code from being installed on a mobile device through interworking with a cloud browser server.

Second, the present invention can provide a user with detailed information about phishing securely in a user's mobile device through interoperation with a cloud browser server, thereby raising a user's awareness about phishing.

Third, the present invention can prevent the phishing-related message from being transmitted to the mobile device by collecting information about the phishing-related site in the cloud browser server and keeping it in the database.

Fourth, the present invention has an advantage of minimizing a user's inconvenience by providing a cloud web screen on a cloud browser server without installing a separate anti-smoothing application program or periodically updating the user's mobile device.

Fifth, the present invention provides an SMS blocking service in a cloud browser server, thereby minimizing load and battery consumption of a mobile device.

The effects obtained by the present invention are not limited to the above-mentioned effects, and other effects not mentioned can be clearly understood by those skilled in the art from the following description will be.

BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention. It is to be understood, however, that the technical features of the present invention are not limited to the specific drawings, and the features disclosed in the drawings may be combined with each other to constitute a new embodiment.
1 is a configuration diagram of a mobile device according to an embodiment of the present invention.
FIG. 2 is a block diagram of a filtering system according to an embodiment of the present invention. Referring to FIG.
FIG. 3 is a flowchart illustrating a method of blocking a smearing according to an exemplary embodiment of the present invention. Referring to FIG.
4 is a web screen provided by the cloud browser server for blocking the smsing according to an embodiment of the present invention.
FIG. 5 is a web screen provided by the cloud browser server for blocking the smoothing according to another embodiment of the present invention.
6 is an internal configuration diagram of a cloud browser server according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, an apparatus and various methods to which embodiments of the present invention are applied will be described in detail with reference to the drawings. The suffix "module" and " part "for the components used in the following description are given or mixed in consideration of ease of specification, and do not have their own meaning or role.

A mobile phone, a smart phone, a laptop computer, a digital broadcasting terminal, a PDA (Personal Digital Assistants), a PMP (Portable Multimedia Player), a personal digital assistant Navigation and the like can be used. It should be noted, however, that the configuration according to the embodiments described herein can be applied to fixed terminals such as digital TVs, desktop computers, and the like, except when applicable only to mobile terminals.

Hereinafter, a cloud environment applied to the present invention will be briefly described.

Cloud computing environment refers to a computer environment in which information is temporarily stored in a client such as a desktop, tablet computer, notebook computer, netbook, smart phone, etc., by storing or processing data through a server on the Internet . That is, all the information of the user is stored in a server on the Internet, and the information can be used anytime and anywhere through various IT devices.

When cloud computing is introduced, businesses or individuals can reduce the cost of maintaining and maintaining computer systems, purchasing and installing servers, updating and purchasing software, and saving energy. .

Cloud browsing is a method for processing a web page and transmitting it to an end user, which means handling things that are difficult for user devices to utilize external computing resources.

In particular, the web browsing service using the cloud browser can be useful for overcoming the poor hardware performance and security vulnerability of the mobile device.

1 is a configuration diagram of a mobile device according to an embodiment of the present invention.

1, the mobile device 100 includes a wireless communication unit 110, a sensing unit 120, an output unit 130, an A / V input unit 140, a memory unit 150, A key module 160, an external interface unit 170, a control unit 180, a power supply unit 190, and the like. The components shown in Fig. 1 are not essential, and a mobile device having more or fewer components may be implemented.

Hereinafter, the components will be described in detail.

The wireless communication unit 110 may include one or more modules that enable wireless communication between the mobile device 100 and the wireless communication system or between the mobile device 100 and the network in which the mobile device 100 is located. For example, the wireless communication unit 110 may include a broadcast receiving module 111, a mobile communication module 113, a wireless Internet module 115, a short distance communication module 117, and a GPS (Global Positioning System) receiving module 115 . ≪ / RTI >

The broadcast receiving module 111 receives broadcast signals and / or broadcast-related information from an external broadcast management server through a broadcast channel. Here, the broadcast channel may include a satellite channel and a terrestrial channel. The broadcast management server may refer to a server for generating and transmitting broadcast signals and / or broadcast-related information, or a server for receiving broadcast signals and / or broadcast-related information generated in advance and transmitting the broadcast signals and / or broadcast- related information to the mobile device 100. The broadcast signal may include a TV broadcast signal, a radio broadcast signal, a data broadcast signal, or a broadcast signal in which a data broadcast signal is combined with a TV broadcast signal or a radio broadcast signal.

The mobile communication module 113 performs a function of transmitting / receiving a radio signal with a base station, a repeater, a repeater, a femtocell, and the like through a wireless interface of a mobile communication network. Here, the wireless signal may include various types of data signals in response to voice and video call signals or text / multimedia message transmission / reception.

The wireless Internet module 115 refers to a transmission / reception module for wireless Internet access, and the wireless Internet module 115 may be embedded in the mobile device 100 or may be externally connected through a predetermined interface terminal. WLAN (Wireless LAN) (Wi-Fi), Wibro (Wireless Broadband), Wimax (World Interoperability for Microwave Access) and the like can be used as wireless Internet technologies.

The short-range communication module 117 refers to a module for short-range communication. Bluetooth, Radio Frequency Identification (RFID), infrared data association (IrDA), UltraWideband (UWB), ZigBee, and the like can be used as a short distance communication technology.

The GPS receiving module 119 is a module for confirming or acquiring positional information of the mobile device 100 using a signal received through a positioning satellite.

The sensing unit 120 senses the opening and closing state information of the mobile device 100, the position information of the mobile device 100, the user contact information, the orientation and altitude information of the mobile device 100, Speed / acceleration / deceleration information of the mobile device 100, temperature / humidity / brightness information outside the mobile device 100, peripheral device connection detection information such as earphone connection and removal, And information for controlling the operation of the mobile device 100 by detecting the current state of the mobile device 100 such as connection information with the communication device

The output unit 130 may include a display module 131, an audio output module 133, an alarm unit 135, a haptic module 137, and the like, for generating output related to visual, auditory,

The display module 131 displays and outputs information processed by the mobile device 100. For example, when the mobile device 100 is in the call mode, a UI (User Interface) or GUI (Graphic User Interface) associated with the call is displayed. When the mobile device 100 is in the video communication mode or the photographing mode, the photographed and / or received image, UI, or GUI is displayed.

The display module 131 may be a liquid crystal display, a thin film transistor-liquid crystal display, an organic light-emitting diode, a flexible display, a three-dimensional display 3D display).

The audio output module 133 may output audio data received from the wireless communication unit 110 or stored in the memory unit 150 in a call signal reception mode, a call mode or a recording mode, a voice recognition mode, a broadcast reception mode, The sound output module 133 outputs sound signals related to functions (e.g., call signal reception sound, message reception sound, and the like) performed in the mobile device 100. The sound output module 133 may include a receiver, a speaker, a buzzer, and the like. In addition, the sound output module 133 can output sound through the earphone jack provided at one side of the mobile device 100. [

The alarm module 135 outputs a signal for notifying the occurrence of an event of the mobile device 100. Examples of events that occur in the mobile device 100 include call signal reception, message reception, key signal input, touch input, and the like. The alarm module 135 may output a signal for informing occurrence of an event in a form other than a video signal or an audio signal, for example, a vibration. The video signal or the audio signal can also be output through the display module 131 or the sound output module 133.

The haptic module 137 generates various tactile effects that the user can feel. A typical example of the haptic effect generated by the haptic module 137 is vibration. The intensity and pattern of the vibration generated by the hit module 137 can be set through a predetermined user interface. For example, the haptic module 137 may combine and output different vibrations or sequentially output the vibrations.

Referring to FIG. 1, an A / V (Audio / Video) input unit 140 is for inputting an audio signal or a video signal, and may include a camera 141 and a microphone 143.

The camera 141 processes image frames such as still images or moving images obtained by the image sensor in the video communication mode or the photographing mode. The processed image frame can be displayed on the display module 131. [

The image frame processed by the camera 141 may be stored in the memory unit 150 or may be transmitted to the outside through the wireless communication unit 110. [

The microphone 143 receives an external sound signal by a microphone in a communication mode, a recording mode, a voice recognition mode, or the like, and converts it into electrical voice data. The converted voice data is transmitted to the mobile communication module 113,

To the mobile communication base station.

The memory unit 150 may store a program for the operation of the controller 180 and may store data input / output (e.g., an address book, a message, a still image, a video, a security certificate, Etc.) may be temporarily stored. Here, the application program may include a map, a game, a chat, a web surfing schedule, a finance, a dictionary, and the like.

The memory unit 150 may be a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (for example, SD or XD memory) (Random Access Memory), SRAM (Static Random Access Memory), ROM (Read Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), PROM A disk, and / or an optical disk.

The input key module 160 generates input data for controlling the operation of the mobile device 100 by a user. The input key module 160 may include a key pad dome switch, a touch pad (static / static), a jog wheel, a jog switch, and the like.

The external interface unit 170 provides an interface with all external devices connected to the mobile device 100. The external interface unit 170 receives data from an external device or receives power from the external device, transfers the data to each component in the mobile device 100, or transmits data in the mobile device 100 to an external device. For example, a wired / wireless headset port, an external charger port, a wired / wireless data port, a memory card port, a port for connecting a device having an identification module, an audio I / O port, A video input / output (I / O) port, an earphone port, and the like may be included in the mobile device 100.

Here, the identification module is a chip that stores various information for authenticating the usage right of the mobile device 100, and includes a user identification module (UIM), a subscriber identity module (SIM) A Universal Subscriber Identity Module (USIM), and the like. Devices with identification modules (hereinafter referred to as "identification devices") can be manufactured in a smart card format.

Accordingly, the identification device can be connected to the mobile device 100 through a predetermined port.

The control unit 180 typically controls the overall operation of the mobile device 100.

For example, the control unit 180 can control the installation and operation of application programs and widgets, as well as communication functions including voice calls, data communications, video calls, and the like.

In addition, the control unit 180 can perform a pattern recognition process for recognizing handwriting input or drawing input performed on the touch screen as characters and images, respectively.

In particular, the control unit 180 controls input and output according to various control signals received from the lower module, and can provide a user interface screen corresponding thereto. Here, the lower module includes the wireless communication unit 110, the sensing unit 120, the output unit 130, the A / V input unit 140, the memory unit 150, the input key module 160, 170 and a power supply 190.

The power supply unit 190 receives external power and internal power under the control of the controller 180 and supplies power necessary for operation of the respective components.

The various embodiments described herein may be embodied in a recording medium readable by a computer or similar device using, for example, software, hardware, or a combination thereof.

According to a hardware implementation, the embodiments described herein may be implemented as application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays May be implemented using at least one of processors, controllers, micro-controllers, microprocessors, and electrical units for performing functions. In some cases, And may be implemented by the control unit 180.

According to a software implementation, embodiments such as procedures or functions may be implemented with separate software modules that perform at least one function or operation. The software code may be implemented by a software application written in a suitable programming language. In addition, the software codes may be stored in the memory unit 150 and executed by the control unit 180. [

2 is a configuration diagram of a filtering blocking system according to another embodiment of the present invention.

2, the SMS blocking system according to an exemplary embodiment of the present invention includes a mobile device 100, a mobile communication network 210, a wireless Internet network 220, a SMS message server 230, 240, a cloud browser server 250, and a phishing computer 260. Here, the description of the mobile device 100 will be replaced with the description of FIG.

The mobile communication network 210 provides a mobile communication service according to a radio access standard. The mobile communication network 210 includes a Code Division Multiple Access (CDMA) network, a Global System for Mobile communication (GSM) network, a Wideband Code Division Multiple Access ), Long-Term Evolution (LTE) network, and LTE Advanced network. In particular, the mobile communication network 210 may have different components according to the applied standard. For example, the WCDMA network may be classified into a Node B that communicates with the mobile device 100 through a wireless interface, an RNC (Radio Network Controller) that controls a base station, and a CN (Core Network) that performs an exchange function. In addition, the mobile communication network 210 may be configured by applying a plurality of wireless connection standards according to a business operator. For example, the mobile communication network 210 may be configured such that a WCDMA network element and an LTE network element are linked to each other organically.

The wireless Internet network 220 is a network for providing a wireless Internet service. The wireless Internet network 220 includes a wireless LAN (Wi-Fi) network, a Wibro (Wireless Broadband) network, a Wimax (World Interoperability for Microwave Access) And the like. The mobile device 100 can access the Internet network 240 through an access point (AP) according to the wireless Internet access standard.

The short message server 230 transmits the text message received through the mobile communication network 210 and the Internet network 240 to the destination mobile device. Here, the text message may include connection URL (Uniform Resource Locator) information. In particular, the text message according to the present invention is not limited to an SMS (Short Message Service) message and an MMS (Multimedia Service) message provided through a mobile communication system, and may be a SNS (social network) such as KakaoTalk, It should be noted that a short message sent and received on the messenger program of the network service site may also be included.

Referring to FIG. 2, the short message server 230 may communicate with the cloud browser server 250 through the Internet 240. Although not shown in FIG. 2, the SMS message server 230 according to another embodiment of the present invention can communicate with the cloud browser server 250 through a mobile network operator's in-house network. At this time, the cloud browser server 250 may be a server managed by a mobile communication service provider.

The cloud browser server 250 may perform web screen processing on behalf of the mobile device 100 using external computing resources and provide the processed web screen to the mobile device 100. [

For example, when the user of the mobile device 100 clicks a URL included in the text message, the cloud browser server 250 notifies the web browser (not shown), which is executed by the cloud browser server 250, - Hereinafter, it is possible to execute a "cloud browser". At this time, the cloud browser server 250 may provide the mobile device 100 with a user interface screen including a predetermined notification message asking whether to continue executing the cloud browser. For example, the predetermined notification message may be "Launch cloud browser to prevent smsing ", and the user interface screen may include a predetermined disable button that can stop execution of the cloud browser .

The user of the mobile device 100 can identify whether or not the URL included in the text message is linked to the harmful site through the cloud browser screen. If it is confirmed that the site is a harmful site, the user can close the activated cloud browser screen by clicking the execution stop button. On the other hand, if the site is not a harmful site, the user of the mobile device 100 can continue to use the web screen provided by the cloud browser server 250.

Generally, when a user of the mobile device 100 clicks a URL contained in a text message (hereinafter referred to as a "phishing message") received from the phishing server 260, a web browser built in the mobile device 100 executes At the same time, a malicious code may be installed in the mobile device 100. [ At this time, the hacker can obtain financial information and personal information stored in the mobile device 100 using the installed malicious code.

However, according to the present invention, when the URL included in the phishing message is clicked, the cloud browser provided by the cloud browser server 250 is executed not by the web browser of the mobile device 100, The code can be prevented from being installed in advance.

The phishing server 260 may generate a phishing message for installing the malicious code and transmit the generated phishing message to the short message server 230 through the Internet network 240. The short message server 230 may transmit the phishing message to the mobile device 100 through either the mobile communication network 210 or the wireless Internet network 220 depending on the wireless connection state of the mobile device 100. [

In another example, the phishing message received by the short message server 230 may be transmitted to an unspecified number through a predetermined broadcast channel provided by the mobile communication network 210 or may be transmitted to a specific group through a multicast channel. For example, in the LTE network, a data transmission service to an unspecified number or a specific group is provided through an MBMS (Multicasting Broadcasting Multimedia Service) channel.

3 is a view for explaining a method of blocking smearing through a cloud browser server according to an embodiment of the present invention.

More specifically, FIG. 3 is a diagram for explaining a procedure of providing a web screen through a cloud browser in the cloud browser server 250 when a URL included in a text message is clicked.

Referring to FIG. 3, the SMS server 230 transmits a text message including URL information to the mobile device 100 (S301).

When the URL included in the text message is clicked by the user of the mobile device 100 in step S303, the mobile device 100 transmits a web access request message including the clicked URL information to the cloud browser server 250 ). At this time, the URL information displayed in the text message may be different from the URL information actually linked. That is, the hackers can induce the user of the mobile device 100 to access the hacking site through the above-described technique. For example, the URL information included in the text message may be displayed as a home page address of a specific bank - for example, "http://www.shinhanbank.com ". At this time, if the user clicks the displayed URL, it can be connected to a hacking site other than the Shinhan Bank home page.

     Accordingly, when the user clicks the URL information displayed in the text message, the mobile device 100 according to another embodiment of the present invention transmits a web access request message including URL information that is actually linked to the displayed URL information and the displayed URL To the cloud browser server 250.

Upon receiving the web access request message, the cloud browser server 250 executes the cloud browser, and generates a web screen corresponding to the received URL information and a predetermined notification message through the cloud browser (S307). At this time, the notification message may be displayed on one side of the web screen in the form of a pop-up window.

The cloud browser server 250 transmits the generated web screen and the notification message to the mobile device 100 (S309). Here, the notification message pop-up window may include a predetermined execution stop button for stopping the web screen transmission by the cloud browser.

Subsequently, the mobile device 100 displays the received web screen and the notification message on the display screen (S311). At this time, the user of the mobile device 100 can confirm whether it is a normal site through the displayed web screen. That is, the user can directly confirm whether the received text message is a phishing message.

 If it is determined that the displayed web screen is a harmful site, the user of the mobile device 100 can click the stop button displayed in the notification message pop-up window (S313).

At this time, the mobile device 100 transmits a predetermined cloud browser execution suspension request message to the cloud browser server 250 (S315). In succession, the cloud browser server 250 terminates execution of the corresponding cloud browser according to the received execution stop request message (S317).

Although not shown in FIG. 3, the mobile browser 100 may further include a predetermined transport channel setting step for transmitting and receiving control messages between the mobile device 100 and the cloud browser server 250 and transmitting the web screen. For example, a transport channel setting step may be added between steps 303 and 305.

If the execution of the cloud browser is terminated by the user of the mobile device 100, the set transmission channel can be released.

4 is a web screen provided by a cloud browser server for preventing smoothing according to an embodiment of the present invention.

Referring to FIG. 4, the user of the mobile device 100 may click on the URL included in the text message received on the text message confirmation screen (S410) (S400).

At this time, the cloud browser server 250 may receive from the mobile device 100 a predetermined control signal according to the click of the URL (e.g., the web connection request message shown in FIG. 3).

The cloud browser server 250 generates a cloud web screen 420 by executing the cloud browser, and transmits the cloud web screen 420 to the mobile device 100.

Here, the cloud web screen 420 may include at least one of an initial screen display area 425 and a notification message popup window 430 of a site corresponding to a URL requested to be accessed.

The notification message popup window 430 includes at least one of a notification message display area 435, an execution button 440 for maintaining execution of the cloud browser, and a stop button 450 for stopping execution of the cloud browser, .

Here, the notification message display area 435 may be provided with a predetermined character string for confirming whether or not to continuously execute the cloud browser in order to prevent smearing.

If the execution button 440 is clicked, the notification message pop-up window 430 disappears from the cloud web screen 420, and the cloud browser continues to be executed.

If the stop button 450 is clicked, the operation returns to the text message confirmation screen 410 after the execution of the cloud browser is stopped.

At this time, the user of the mobile device 100 can confirm whether or not the received text message is a phishing message through the information displayed in the initial screen display area 425.

If the user of the mobile device 100 confirms that the access URL is a harmful site, the user of the mobile device 100 can click the stop button 450 to stop the web surfing through the cloud browser.

The blocking method according to another exemplary embodiment of the present invention may further include a predetermined harmful site reporting step when the stop button 450 is clicked.

For example, the harmful site reporting step may include displaying a predetermined malicious site reporting pop-up window for confirming whether or not a harmful site is reported on the cloud web screen, and displaying the malicious site reporting pop- And storing it in a phishing information database.

Here, the harmful site report popup window may further include a predetermined guide string indicating that the corresponding URL information is registered as the phishing site URL information. For example, the information string may be "The URL information reported by the customer is registered as a phishing site URL.

The cloud browser server 250 refers to the phishing information database to check whether the URL requested to access is a harmful site having phishing potential, and sends a predetermined smearing warning message to the mobile device 100 Lt; / RTI >

      For example, between steps 305 and 307 of FIG. 3, the cloud browser server 250 can check whether the received URL information is a reported phishing site by referring to the phishing information database.

If it is confirmed that the site is a phishing site, the cloud browser server 250 may transmit a predetermined phishing warning message to the mobile device 100. For example, the string that is included in the phishing warning message may be "The URL you requested to access ( http://shinhanbanc.co.kr) has been reported as a phishing site." At this time, the phishing warning message may be transmitted to the mobile device 100 in the form of a cloud web screen, a multimedia message service (MMS) message, or a text message. If a phishing warning message is transmitted in the form of a cloud web screen or an MMS message, the phishing warning message may further include an initial screen image of the corresponding phishing site.

FIG. 5 is a web screen provided by the cloud browser server for blocking the smoothing according to another embodiment of the present invention.

5 is a view for explaining another embodiment of a notification message pop-up window 430 displayed on the cloud web screen 420 in FIG.

5, the notification message pop-up window 500 may include a notification message display area 510 and an execution stop button 520 for stopping the running cloud browser.

For example, in the notification message display area 510, a predetermined character string such as "the cloud browser is executed to prevent smearing" may be displayed. If the execution stop button 520 is not clicked for a predetermined time, the notification message pop-up window 500 may disappear on the cloud web screen, and the mobile device 100 may receive the web screen generated by the cloud browser . If the stop button 520 is clicked, execution of the cloud browser is suspended.

 1 to 5, a method of intercepting smashing in conjunction with a cloud browser server has been described. However, the cloud browser server is merely one embodiment, and it is not possible to provide a web screen to a mobile device A browser server is enough.

6 is an internal configuration diagram of a cloud browser server according to an embodiment of the present invention.

6, the cloud browser server 250 includes a control module 610, a communication module 620, a notification message generation module 630, a browser provision module 640, a site analysis module 650, A module 660, and a phishing information database 670.

The control module 610 controls the operation of the lower module according to the control signal received from the mobile device 100 through the communication module 620 or transmits the process result of the lower module to the mobile device 100 through the communication module 620. [ And the like.

The communication module 610 processes control signals and data transmitted and received between the cloud browser server 250 and an external device such as the mobile device 100 through the Internet network 240 or a company network .

The notification message generation module 620 generates a notification message to be transmitted to the mobile device 100 according to a control signal of the control module 610. [ Here, the notification message may include a message for confirming whether or not to execute the cloud browser, a predetermined warning message for alerting the possibility of phishing, and the like.

The browser providing module 640 may start or stop the execution of the cloud browser according to the control signal of the control module 610. [ In particular, the browser providing module 640 can perform a function of generating a cloud web screen corresponding to a URL requested to be accessed by the mobile device 100. [ Here, the generated cloud web screen may be transmitted to the mobile device 100 via the control module 610 and the communication module 620.

The site analysis module 650 may analyze whether the URL requested to be accessed by the mobile device 100 is a normal URL, and may transmit the analysis result to the control module 610. [ At this time, the site analysis module 650 compares / analyzes the user interface screen corresponding to the URL requested to be accessed and the user interface screen displayed through the connection of the normal URL, and determines whether or not the access requested URL is a phishing site have. If it is determined that the site is a phishing site, the notification message generating module 630 may generate a predetermined warning message according to the control signal of the control module 610 and transmit the warning message to the mobile device 100.

The telephone number analysis module 660 analyzes whether the telephone number included in the text message received by the mobile device 100 is a normal telephone number. For example, the cloud browser server 250 can maintain a predetermined telephone number database in which telephone number information corresponding to a normal URL is recorded.

Generally, a text message received at the mobile device 100 may include a callback URL and a callback telephone number. If the telephone number analysis module 660 receives the callback URL and the callback telephone number from the mobile device 100, it can determine whether the corresponding callback telephone number is a normally registered telephone number by referring to the telephone number database have. Depending on the determination result, a predetermined warning message may be transmitted to the mobile device 100 indicating that the corresponding callback telephone number is a phishing-capable telephone number.

The phishing information database 670 may record phishing information notified by the user of the mobile device 100 through the cloud web screen. Here, the phishing information may include phishing URL information, phishing phone number information, phishing web screen information, phishing text message information, and the like.

The cloud browser server 250 according to an exemplary embodiment of the present invention refers to the phishing information database 670 when the web browser 100 receives a web access request message including URL information, It is possible to judge whether it is a reported URL or not. The cloud browser server 250 may determine whether the corresponding phone number is a phishing phone number by referring to the phishing information database 670 when the web access request message includes a phone number.

It will be apparent to those skilled in the art that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.

Accordingly, the above description should not be construed in a limiting sense in all respects and should be considered illustrative. The scope of the present invention should be determined by rational interpretation of the appended claims, and all changes within the scope of equivalents of the present invention are included in the scope of the present invention.

100: mobile device 210: mobile communication network
220 wireless Internet network 230 short message server
250: Cloud browser server 260: Phishing server
420: Cloud Web screen 430: Notification message display area

Claims (13)

In a method for blocking smoothing in a cloud browser server,
Receiving a web access request message including URL information from a mobile device;
Executing a cloud browser upon receiving the web access request message; And
Generating a cloud web screen corresponding to the URL information and transmitting the cloud web screen to the mobile device
Wherein the browser comprises at least one of an initial screen display area in which an initial screen of a website corresponding to the URL information is displayed and a notification message popup window for confirming whether to continue executing the cloud browser, Cloud to create a web screen,
How to block smothering. The method according to claim 1,
Wherein the URL information is information included in a text message received by the mobile device
How to block smothering. delete The method according to claim 1,
The notification message pop-up window
A notification message display area in which a predetermined notification message is displayed, an execution button for continuously executing the cloud browser, and a stop button for stopping execution of the cloud browser.
How to block smothering. 5. The method of claim 4,
When the stop button is clicked, a harmful site reporting step of reporting a web site corresponding to the URL information to a harmful site
≪ RTI ID = 0.0 >
How to block smothering. 6. The method of claim 5,
The harmful site reporting step
Displaying a harmful site report pop-up window including a report button on the cloud web screen; And
Storing the URL information in a phishing information database interlocked with the cloud browser server when the flag button is clicked
≪ RTI ID = 0.0 >
How to block smothering. The method according to claim 6,
Further comprising the step of determining whether the URL information is registered as a phishing site by referring to the phishing information database, wherein, when it is registered as the phishing site, transmitting a predetermined phishing warning message to the mobile device Featured
How to block smothering. A method for intercepting smashing in conjunction with a cloud browser server,
Receiving a text message including URL information;
Transmitting a predetermined web connection request message including the URL information to the cloud browser server when the URL information is clicked;
Receiving a cloud web screen corresponding to the URL from the cloud browser server; And
Displaying the received cloud web screen
Wherein the cloud web screen includes at least one of an initial screen display area in which an initial screen of a web site corresponding to the URL information is displayed and a notification message popup window for confirming whether to continue executing the cloud browser ,
How to block smothering. Mobile devices;
A short message server for transmitting a text message including URL information to the mobile device via a wireless network; And
When receiving a web access request message including the URL information from the mobile device, executes a cloud browser to provide a cloud web screen to the mobile device,
Wherein the cloud web screen includes at least one of an initial screen display area in which an initial screen of a web site corresponding to the URL information is displayed and a notification message popup window for confirming whether to continue executing the cloud browser ,
Smashing blocking system. 10. The method of claim 9,
Wherein the wireless network includes at least one of a mobile communication network and a wireless Internet network
Smashing blocking system. 11. The method of claim 10,
Wherein the cloud browser server is connected to the wireless network through an Internet network
Smashing blocking system. A server for providing a blocking service to a mobile device,
Means for receiving a web access request message including URL information from the mobile device;
Means for executing a cloud browser upon receipt of the web access request message; And
A means for generating a cloud web screen corresponding to the URL information and transmitting the cloud web screen to the mobile device
Wherein the browser includes at least one of an initial screen display area in which an initial screen of a web site corresponding to the URL information is displayed and a notification message popup window for confirming whether to continue executing the cloud browser, Cloud to create a web screen,
A smoothing service providing server. 1. An apparatus for blocking smashing in conjunction with a cloud browser server,
Means for displaying a text message containing URL information;
Means for transmitting a predetermined web access request message including the URL information to the cloud browser server when the URL information is clicked in the displayed text message;
Means for receiving a cloud web screen corresponding to the URL from the cloud browser server; And
Means for displaying the received cloud web screen
Wherein the cloud web screen includes at least one of an initial screen display area in which an initial screen of a web site corresponding to the URL information is displayed and a notification message popup window for confirming whether to continue executing the cloud browser ,
A smashing cutoff device.

Images