KR102666481B1 - Method and system for generating safe internet resource access information - Google Patents

Abstract

The present disclosure relates to a method for generating Internet resource access information, which is performed by at least one processor. The method of generating Internet resource access information includes receiving a request for generating Internet resource access information including a specific URL (Uniform Resource Locator) address, performing a validation check on the specific URL address, and performing a safety check on the specific URL address. , If a specific URL address passes the validation and safety checks, it includes commands for generating Internet resource access information to access a specific URL.

Description

Method and system for generating safe Internet resource access information {METHOD AND SYSTEM FOR GENERATING SAFE INTERNET RESOURCE ACCESS INFORMATION}

This disclosure relates to a method and system for generating safe Internet resource access information. Specifically, it relates to a method and system for generating safe Internet resource access information through validation and safety checks for URL addresses.

URL (Uniform Resource Locator) represents a protocol for indicating where resources are located on a network. In other words, it refers to the address of the only resource for finding web pages, etc. on the Internet. URL addresses are essential for finding specific resources on a network. However, URL addresses generally consist of domain names, directories, file names, and query strings to access specific resources, so they can be long and complex. In this case, there is a problem of reduced accessibility because it is difficult to share the URL address with other users.

To solve this problem, the use of shortened URL addresses or QR codes, which are shortened versions of long and complex URL addresses, has recently been increasing. Shortened URL addresses or QR codes can facilitate access to specific Internet resources, but users rely on the explanations of the shortened URL address or QR code provider until they directly access a specific URL address, so they may be used to access phishing sites. There is a problem that you may be exposed to harmful sites.

In order to solve the above problems, various embodiments of the present disclosure provide a method for generating secure Internet resource access information, a computer program stored in a recording medium, and a device (system).

The present disclosure may be implemented in various ways, including as a method, device (system), or computer program stored in a readable storage medium.

A method of generating Internet resource access information according to an embodiment of the present disclosure includes receiving a request for generating Internet resource access information including a specific URL address, performing a validation check on the specific URL address, and It includes performing a safety check and, if the specific URL address passes the validation and safety checks, generating Internet resource access information for accessing the specific URL.

According to one embodiment of the present disclosure, a computer program stored in a computer-readable recording medium is provided to execute a method of generating Internet resource access information on a computer.

According to one embodiment of the present disclosure, a system for generating Internet resource access information is provided. The Internet resource access information generation system includes a communication module, a memory, and at least one processor connected to the memory and configured to execute at least one computer-readable program included in the memory, and the at least one program includes a specific URL address. Receives a request to generate Internet resource access information, including: performing a validation check on a specific URL address; performing a safety check on a specific URL address; and, if the specific URL address passes the validation and safety checks, performing a validation check on the specific URL address. Contains commands to generate Internet resource access information for accessing.

According to some embodiments of the present disclosure, validation and safety checks are performed on the URL address included in the Internet resource access information generation request, and Internet resource access information is generated for the URL address that passes the test, so that the user can access the Internet resource. You can prevent exposure to harmful sites when using access information.

According to some embodiments of the present disclosure, the generated Internet resource access information is periodically checked for phishing sites, and after the Internet resource access information is normally generated, URL addresses that are converted to phishing sites are detected to block user access. By doing so, users can be prevented from being damaged by phishing sites from sites related to Internet resource access information.

The effects of the present disclosure are not limited to the effects mentioned above, and other effects not mentioned are clear to a person skilled in the art (referred to as “a person skilled in the art”) in the technical field to which this disclosure pertains from the description of the claims. It will be understandable.

Figure 1 shows an example in which an Internet resource access information generation system according to an embodiment of the present disclosure generates Internet resource access information by receiving a request for Internet resource access information generation.
Figure 2 is a schematic diagram showing a configuration in which an information processing system is connected to enable communication with a plurality of user terminals in order to provide an Internet resource access information generation service according to an embodiment of the present disclosure.
Figure 3 is a block diagram showing the internal configuration of a user terminal and an information processing system according to an embodiment of the present disclosure.
Figure 4 is a block diagram showing the internal configuration of a processor according to an embodiment of the present disclosure.
Figure 5 shows an example of a user interface for requesting access to an Internet resource according to an embodiment of the present disclosure.
Figure 6 shows an example of Internet resource access information generated according to an embodiment of the present disclosure.
Figure 7 shows an example in which Internet resource access information is generated according to an embodiment of the present disclosure.
Figure 8 shows an example of performing a periodic check on a plurality of Internet resource access information generated according to an embodiment of the present disclosure.
Figure 9 is a flowchart showing a method for generating Internet resource access information according to an embodiment of the present disclosure.

Hereinafter, specific details for implementing the present disclosure will be described in detail with reference to the attached drawings. However, in the following description, detailed descriptions of well-known functions or configurations will be omitted if there is a risk of unnecessarily obscuring the gist of the present disclosure.

In the accompanying drawings, identical or corresponding components are given the same reference numerals. Additionally, in the description of the following embodiments, overlapping descriptions of identical or corresponding components may be omitted. However, even if descriptions of components are omitted, it is not intended that such components are not included in any embodiment.

Advantages and features of the disclosed embodiments and methods for achieving them will become clear by referring to the embodiments described below in conjunction with the accompanying drawings. However, the present disclosure is not limited to the embodiments disclosed below and may be implemented in various different forms. The present embodiments are merely provided to ensure that the present disclosure is complete and that the present disclosure does not convey the scope of the invention to those skilled in the art. It is provided only for complete information.

Terms used in this specification will be briefly described, and the disclosed embodiments will be described in detail. The terms used in this specification are general terms that are currently widely used as much as possible while considering the functions in the present disclosure, but this may vary depending on the intention or precedent of a technician working in the related field, the emergence of new technology, etc. In addition, in certain cases, there are terms arbitrarily selected by the applicant, and in this case, the meaning will be described in detail in the description of the relevant invention. Accordingly, the terms used in this disclosure should be defined based on the meaning of the term and the overall content of the present disclosure, rather than simply the name of the term.

In this specification, singular expressions include plural expressions, unless the context clearly specifies the singular. Additionally, plural expressions include singular expressions, unless the context clearly specifies plural expressions. When it is said that a certain part includes a certain element throughout the specification, this does not mean excluding other elements, but may further include other elements, unless specifically stated to the contrary.

Additionally, the term 'module' or 'unit' used in the specification refers to a software or hardware component, and the 'module' or 'unit' performs certain roles. However, 'module' or 'unit' is not limited to software or hardware. A 'module' or 'unit' may be configured to reside on an addressable storage medium and may be configured to run on one or more processors. Thus, as an example, a 'module' or 'part' refers to components such as software components, object-oriented software components, class components and task components, processes, functions and properties. , procedures, subroutines, segments of program code, drivers, firmware, microcode, circuits, data, databases, data structures, tables, arrays, or variables. Components and 'modules' or 'parts' may be combined into smaller components and 'modules' or 'parts' or further components and 'modules' or 'parts'. Could be further separated.

According to an embodiment of the present disclosure, a 'module' or 'unit' may be implemented with a processor and memory. 'Processor' should be interpreted broadly to include general-purpose processors, central processing units (CPUs), microprocessors, digital signal processors (DSPs), controllers, microcontrollers, state machines, etc. In some contexts, 'processor' may refer to an application-specific integrated circuit (ASIC), programmable logic device (PLD), field programmable gate array (FPGA), etc. 'Processor' refers to a combination of processing devices, for example, a combination of a DSP and a microprocessor, a combination of a plurality of microprocessors, a combination of one or more microprocessors in combination with a DSP core, or any other such combination of configurations. You may. Additionally, 'memory' should be interpreted broadly to include any electronic component capable of storing electronic information. 'Memory' refers to random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), programmable read-only memory (PROM), erasable-programmable read-only memory (EPROM), May also refer to various types of processor-readable media, such as electrically erasable PROM (EEPROM), flash memory, magnetic or optical data storage, registers, etc. A memory is said to be in electronic communication with a processor if the processor can read information from and/or write information to the memory. The memory integrated into the processor is in electronic communication with the processor.

In the present disclosure, 'Internet resource access information' refers to a visually coded pattern of URL (uniform resource locator) addresses that can access Internet resources such as web pages, images, videos, and files existing on the Internet (e.g. , QR code) or a shortened URL address converted into a simplified form.

Figure 1 shows an example in which the Internet resource access information creation system 120 receives an Internet resource access information creation request and generates Internet resource access information 130 according to an embodiment of the present disclosure. The Internet resource access information creation system 120 may receive a request for generating Internet resource access information including a specific URL address 110 and generate Internet resource access information 130 associated with the URL address. For example, as shown, URL address 110 may refer to a URL address associated with a website 112, image 114, video 116, map information 118, etc., but is not limited thereto. . Additionally, a request to create Internet resource access information may further include user account information that created the request.

In one embodiment, Internet resource access information 130 may include a shortened URL address 132. Here, the shortened URL address 132 may be a URL address converted into a simplified form of the URL address 110 included in the request for generating Internet resource access information. Users can access Internet resources associated with the URL address 110 using the shortened URL address 132, and can easily share the shortened URL address 132 with other users by taking advantage of the short URL address. there is. Additionally or alternatively, Internet resource access information 130 may include a visually coded pattern 134 (e.g., a QR code). Here, the visually coded pattern 134 may be coded to correspond to the URL address 110. The user can access the URL address 110 associated with the visually coded pattern by recognizing the visually coded pattern 134 using a user terminal equipped with an image sensor.

When generating Internet resource access information 130, it is necessary to prevent the creation of Internet resource access information associated with harmful URL addresses such as harmful sites and phishing sites. According to one embodiment, the Internet resource access information creation system 120 may perform validation and safety checks on the URL address 110 included in the Internet resource access information creation request. In one embodiment, when the Internet resource access information creation system 120 determines that the URL address 110 included in the Internet resource access information creation request has not passed the validity check and/or safety check, the Internet resource access information generation system 120 The information creation request can be rejected and a message of failure to create Internet resource access information can be sent. In one embodiment, when the Internet resource access information generation system 120 determines that the URL address 110 included in the Internet resource access information generation request has not passed the safety check, the Internet resource access information generation request includes the URL address 110. You can block the application key associated with the user account or restrict access to services using the user account.

In the case of phishing sites, after the Internet resource access information 130 is normally generated, it may be converted into a harmful site, so the already generated Internet resource access information 130 is periodically checked for safety (e.g., phishing site inspection) needs to be performed. According to one embodiment, the Internet resource access information generation system 120 may perform a phishing site inspection on the previously generated Internet resource access information included in the database at predetermined time intervals (e.g., daily). . In one embodiment, Internet resource access information generation system 120 may deactivate Internet resource information determined to be associated with a phishing site.

Through this configuration, the creation of shortened URL addresses (132) and/or visually coded patterns (134) for URL addresses associated with harmful sites and/or phishing sites is blocked, and the user is deactivated through periodic inspection. By blocking access, the user can be prevented from being exposed to harmful sites through the Internet resource access information 130.

Figure 2 is a schematic diagram showing a configuration in which the information processing system 230 is connected to enable communication with a plurality of user terminals 210_1, 210_2, and 210_3 in order to provide an Internet resource access information generation service according to an embodiment of the present disclosure. . The information processing system 230 may include an Internet resource access information generation system. In one embodiment, information processing system 230 includes one or more server devices and/or capable of storing, providing, and executing computer-executable programs (e.g., downloadable applications) and data associated with Internet resource access information generation services. It may include a database, or one or more distributed computing devices and/or distributed databases based on cloud computing services. For example, the information processing system 230 may include separate systems (eg, servers) for Internet resource access information generation services. Internet resource access information creation services provided by the information processing system 230 may be provided to users through web applications, web browsers, etc. installed on each of the plurality of user terminals 210_1, 210_2, and 210_3.

A plurality of user terminals 210_1, 210_2, and 210_3 may communicate with the information processing system 230 through the network 220. The network 220 may be configured to enable communication between a plurality of user terminals 210_1, 210_2, and 210_3 and the information processing system 230. Depending on the installation environment, the network 220 may be, for example, a wired network such as Ethernet, a wired home network (Power Line Communication), a telephone line communication device, and RS-serial communication, a mobile communication network, a wireless LAN (WLAN), It may consist of wireless networks such as Wi-Fi, Bluetooth, and ZigBee, or a combination thereof. The communication method is not limited, and includes communication methods that utilize communication networks that the network 220 may include (e.g., mobile communication networks, wired Internet, wireless Internet, broadcasting networks, satellite networks, etc.) as well as user terminals (210_1, 210_2, 210_3) ) may also include short-range wireless communication between

In Figure 2, the mobile phone terminal 210_1, tablet terminal 210_2, and PC terminal 210_3 are shown as examples of user terminals, but they are not limited thereto, and the user terminals 210_1, 210_2, and 210_3 use wired and/or wireless communication. This can be any capable computing device. For example, user terminals include smartphones, mobile phones, navigation devices, computers, laptops, digital broadcasting terminals, PDAs (Personal Digital Assistants), PMPs (Portable Multimedia Players), tablet PCs, game consoles, and wearable devices ( It may include wearable devices, IoT (internet of things) devices, VR (virtual reality) devices, AR (augmented reality) devices, etc. In addition, in Figure 2, three user terminals (210_1, 210_2, 210_3) are shown as communicating with the information processing system 230 through the network 220, but this is not limited to this, and a different number of user terminals are connected to the network ( It may be configured to communicate with the information processing system 230 through 220).

In one embodiment, the information processing system 230 may receive a request for generating Internet resource access information including a URL address and user account information from the user terminals 210_1, 210_2, and 210_3. In this case, the information processing system 230 may provide Internet resource access information in response to the received request for generating Internet resource access information.

Figure 3 is a block diagram showing the internal configuration of the user terminal 210 and the information processing system 230 according to an embodiment of the present disclosure. The user terminal 210 may refer to any computing device capable of executing applications, web browsers, etc. and capable of wired/wireless communication, for example, the mobile phone terminal 210_1, tablet terminal 210_2 of FIG. 2, It may include a PC terminal (210_3), etc. As shown, the user terminal 210 may include a memory 312, a processor 314, a communication module 316, and an input/output interface 318. Similarly, information processing system 230 may include memory 332, processor 334, communication module 336, and input/output interface 338. As shown in FIG. 3, the user terminal 210 and the information processing system 230 are configured to communicate information and/or data through the network 220 using respective communication modules 316 and 336. It can be. Additionally, the input/output device 320 may be configured to input information and/or data to the user terminal 210 through the input/output interface 318 or to output information and/or data generated from the user terminal 210.

Memories 312 and 332 may include any non-transitory computer-readable recording medium. According to one embodiment, the memories 312 and 332 are non-perishable mass storage devices such as random access memory (RAM), read only memory (ROM), disk drive, solid state drive (SSD), and flash memory. It may include a (permanent mass storage device). As another example, non-perishable mass storage devices such as ROM, SSD, flash memory, disk drive, etc. may be included in the user terminal 210 or the information processing system 230 as a separate persistent storage device that is distinct from memory. Additionally, an operating system and at least one program code may be stored in the memories 312 and 332.

These software components may be loaded from a computer-readable recording medium separate from the memories 312 and 332. This separate computer-readable recording medium may include a recording medium directly connectable to the user terminal 210 and the information processing system 230, for example, a floppy drive, disk, tape, DVD/CD- It may include computer-readable recording media such as ROM drives and memory cards. As another example, software components may be loaded into the memories 312 and 332 through the communication modules 316 and 336 rather than computer-readable recording media. For example, at least one program is loaded into memory 312, 332 based on a computer program installed by files provided over the network 220 by developers or a file distribution system that distributes installation files for applications. It can be.

The processors 314 and 334 may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input/output operations. Instructions may be provided to the processors 314 and 334 by memories 312 and 332 or communication modules 316 and 336. For example, processors 314 and 334 may be configured to execute received instructions according to program codes stored in recording devices such as memories 312 and 332.

The communication modules 316 and 336 may provide a configuration or function for the user terminal 210 and the information processing system 230 to communicate with each other through the network 220, and may provide a configuration or function for the user terminal 210 and/or information processing. The system 230 may provide a configuration or function for communicating with other user terminals or other systems (for example, a separate cloud system, etc.). For example, a request or data (e.g., a request to generate Internet resource access information, etc.) generated by the processor 314 of the user terminal 210 according to a program code stored in a recording device such as the memory 312 is transmitted to the communication module ( It may be transmitted to the information processing system 230 through the network 220 under the control of 316). Conversely, a control signal or command provided under the control of the processor 334 of the information processing system 230 is transmitted through the communication module 316 of the user terminal 210 through the communication module 336 and the network 220. It may be received by the user terminal 210. For example, the user terminal 210 may receive Internet resource access information generated in response to a request for generating Internet resource access information from the information processing system 230.

The input/output interface 318 may be a means for interfacing with the input/output device 320. As an example, input devices may include devices such as cameras, keyboards, microphones, mice, etc., including audio sensors and/or image sensors, and output devices may include devices such as displays, speakers, haptic feedback devices, etc. You can. As another example, the input/output interface 318 may be a means for interfacing with a device that has components or functions for performing input and output, such as a touch screen, integrated into one. In FIG. 3 , the input/output device 320 is shown not to be included in the user terminal 210, but the present invention is not limited to this and may be configured as a single device with the user terminal 210. Additionally, the input/output interface 338 of the information processing system 230 may be connected to the information processing system 230 or means for interfacing with a device (not shown) for input or output that the information processing system 230 may include. It can be. In FIG. 3, the input/output interfaces 318 and 338 are shown as elements configured separately from the processors 314 and 334, but the present invention is not limited thereto, and the input/output interfaces 318 and 338 may be configured to be included in the processors 314 and 334. there is.

The user terminal 210 and information processing system 230 may include more components than those in FIG. 3 . However, there is no need to clearly show most prior art components. In one embodiment, the user terminal 210 may be implemented to include at least some of the input/output devices 320 described above. Additionally, the user terminal 210 may further include other components such as a transceiver, a global positioning system (GPS) module, a camera, various sensors, and a database. For example, if the user terminal 210 is a smartphone, it may include components generally included in a smartphone, such as an acceleration sensor, a gyro sensor, a microphone module, a camera module, and various physical devices. Various components such as buttons, buttons using a touch panel, input/output ports, and vibrators for vibration may be implemented to be further included in the user terminal 210.

Figure 4 is a block diagram showing the internal configuration of the processor 334 according to an embodiment of the present disclosure. As shown, the processor 334 may include an Internet resource access information generation unit 410, a real-time inspection unit 420, a periodic inspection unit 430, a first database 440, and a second database 450. Although a single processor is shown in FIG. 3, the processor is not limited to this and may be comprised of a plurality of processors.

According to one embodiment, the Internet resource access information creation unit 410 may receive a request for creating Internet resource access information and extract the URL address in the request for creating Internet resource access information. Thereafter, the Internet resource access information generation unit 410 may transmit the URL address to the real-time inspection unit 420 to check the validity and safety of the URL address.

According to one embodiment, the Internet resource access information generation unit 410 may generate Internet resource access information for accessing the URL if the URL address passes the validity and safety checks. Here, Internet resource access information may be generated in the form of visually coded patterns, shortened URL addresses, etc. In this case, the generated Internet resource access information may be stored in the second database 450. On the other hand, if the URL address does not pass the validity and safety checks, the Internet resource access information generation unit 410 may transmit an Internet resource access information generation failure message to the user terminal. In this case, a message may be sent indicating that the URL address did not pass validation and/or safety checks.

According to one embodiment, if the URL address does not pass the safety check, the Internet resource access information creation unit 410 may perform service restriction measures for the user account included in the Internet resource access information creation request. For example, the Internet resource access information creation unit 410 may block the application key associated with the user account included in the Internet resource access information creation request. In another example, the Internet resource access information creation unit 410 may restrict service access using a user account included in the Internet resource access information creation request.

According to one embodiment, the real-time inspection unit 420 may perform a validity check on the URL address. For example, the real-time inspection unit 420 may attempt to connect to a URL address, and if connection to the URL address is not possible, it may be determined that the validity check has not been passed.

Additionally, the real-time inspection unit 420 may perform a safety check on the URL address. According to one embodiment, the real-time inspection unit 420 may perform a safety inspection using the first database 440 in which the blacklist/whitelist is stored. Here, the blacklist may refer to a list in which harmful site information is stored, and the whitelist may refer to a list in which trustworthy website information is stored. For example, if a URL address is included in a blacklist, the real-time inspection unit 420 may determine that the URL address has not passed the safety test. On the other hand, if the URL address is included in the whitelist, the real-time inspection unit 420 may determine that the URL address has passed the safety test.

Additionally or alternatively, the real-time inspection unit 420 may perform a safety inspection using a website safety inspection API (Application Programming Interface) 460. For example, the real-time inspection unit 420 may use the website safety inspection API 460 to determine whether the URL address is a harmful site, and if the URL address is a harmful site, it may be determined that it has not passed the safety inspection. there is.

Additionally or alternatively, the real-time inspection unit 420 may perform a sexual image inspection on the URL address. For example, if the URL address is related to an image (for example, if the extension of the URL address is jpg, gif, etc.), the real-time inspection unit 420 may perform a sexual image inspection on the image file. If the image file corresponds to a sexual image, the real-time inspection unit 420 may determine that it has not passed the safety test. In another example, when the URL address is associated with a web page, the real-time inspection unit 420 may perform a sexual image inspection on images included in the web page. If the web page contains at least one sexual image, the real-time inspection unit 420 may determine that the web page has not passed the safety test.

According to one embodiment, the periodic inspection unit 430 may periodically perform a phishing site inspection on the Internet resource access information generated by the Internet resource access information generation unit 410. For example, the periodic inspection unit 430 may perform a phishing site inspection by inputting a plurality of Internet resource access information included in the second database 450 into the phishing site detection system 470 at predetermined time intervals. . In this case, the phishing site detection system 470 may be capable of batch processing, unlike the website safety inspection API. If the periodic inspection unit 430 determines that the Internet resource access information is related to a phishing site, the periodic inspection unit 430 may deactivate the Internet resource access information.

The internal configuration of the processor 334 shown in FIG. 4 is only an example, and in some embodiments, other configurations other than the illustrated internal configuration may be additionally included, some configurations may be omitted, and some processes may be performed using other configurations or external systems. It can be performed by . In addition, although the internal components of the processor 334 are described in FIG. 4 by dividing them by function, this does not necessarily mean that the internal components are physically divided.

Figure 5 shows an example of a user interface 500 for generating Internet resource access information according to an embodiment of the present disclosure. According to one embodiment, the user interface 500 may be displayed on the display of the user terminal. As shown, the user interface 500 includes an area 510 for entering the URL of a website, an area 520 for entering an introduction, an area 530 for entering an image, and an area 530 for entering a video. It may include an area 540, an area 550 for inputting map information, and an area 560 for inputting contact information.

In one embodiment, a user may use the user interface 500 to input/upload a URL address, image, video, map information, contact information, etc. for which a shortened URL or QR code is to be created. After the user's input is completed, the user terminal sends a request to generate Internet resource access information, including the target URL address and user account information associated with the user, to an external device (e.g., information processing system) to generate a shortened URL or QR code. Can be transmitted.

The user interface 500 shown in FIG. 5 includes an area 510 for entering the URL of a website, an area 520 for entering an introduction, an area 530 for entering an image, and an area 530 for entering a video. It is shown as including an area 540, an area 550 for inputting map information, and an area 560 for inputting contact information, but is not limited thereto and may only include a portion of these.

Figure 6 shows an example of Internet resource access information 600 generated according to an embodiment of the present disclosure. According to one embodiment, if the URL address passes the validity check and safety check, Internet resource access information 600 for accessing the URL may be generated and displayed on the display of the user terminal. As shown, the generated Internet resource access information 600 may include a visually coded pattern 610 and a shortened URL address 620.

When a user shares the coded pattern 610, other users can access the URL address by visually recognizing the coded pattern 610 using a user terminal equipped with an image sensor. Additionally or alternatively, if a user shares the shortened URL address 620, other users may access the shortened URL address 620 through user input by clicking or touching the shortened URL address 620. In FIG. 6, the Internet resource access information 600 is shown to include both a visually coded pattern 610 and a shortened URL address 620, but is not limited thereto, and the Internet resource access information 600 is visually coded. It may include only one of the pattern 610 or the shortened URL address 620.

Figure 7 shows an example in which Internet resource access information 750 is generated according to an embodiment of the present disclosure. As shown, the processor of the information processing system may receive an Internet resource access information creation request 710 including a URL address and user account information from the user terminal. Additionally, the Internet resource access information creation request 710 may include information about the type of Internet resource access information to be created. The type of Internet resource access information may be a shortened URL or QR code.

According to one embodiment, the processor may perform a safety check on the URL address included in the Internet resource access information creation request 710 based on the first database 720. Here, the first database 720 may include a white list 722 in which information about trustworthy websites is stored and a black list 724 in which information on harmful sites is stored. For example, the processor may determine whether a URL address is a trusted website based on white list 722. If the URL address is a trusted website, the processor can determine that the URL address has passed the safety check. Additionally, the processor may determine whether the URL address is a harmful site based on the black list 724. If the URL address is a harmful site, the processor may determine that the URL address has not passed the safety test. In this case, the processor may transmit an Internet resource access information creation failure notification message 770 to the user terminal.

According to one embodiment, the processor may perform validation 730 on the URL address. For example, the processor may attempt to connect to a URL address, and if connection is not possible, it may be determined that the URL address did not pass the validation check 730. If the validation test is not passed, the processor may transmit an Internet resource access information generation failure notification message 770 to the user terminal. In this case, a message may be sent along with the message that the URL address did not pass validation. On the other hand, if the attempt to access the URL address is successful, the processor may determine that the URL address has passed the validation check (730).

According to one embodiment, the processor may perform a safety check 740 on the URL address. Here, the safety check may include a website safety check (742) and a sexual image check (744) for the URL address. For example, the processor can use the website safety inspection API to determine whether a URL address is a harmful site. If the URL address is a harmful site, the processor may determine that the URL address has not passed the safety test. In this case, the processor may transmit an Internet resource access information creation failure notification message 770 to the user terminal. Additionally, if the URL address is associated with an image file, the processor may perform a sexual image check 744 on the image file. If the image file is determined to be a sexual image, the processor may determine that the URL address did not pass the safety test. If the safety check is not passed, the processor may transmit an Internet resource access information creation failure notification message 770 to the user terminal. In this case, a message may be sent along with the message that the URL address did not pass the safety check.

According to one embodiment, if the URL address does not pass the safety check, the processor may perform service restriction measures 760 on the user account included in the request for generating Internet resource access information. For example, a processor may block an application key associated with a user account if the URL address does not pass safety checks. In another example, the processor may restrict service access using a user account if the URL address does not pass a safety check.

The description of the process of generating Internet resource access information shown in FIG. 7 is only an example and may be implemented differently in some embodiments. For example, one or more steps may be omitted or performed in a different configuration, the order of each step may be changed, one or more steps may be performed simultaneously or overlapping, or one or more steps may be performed repeatedly multiple times.

Figure 8 shows an example of performing a periodic check on a plurality of Internet resource access information 810 generated according to an embodiment of the present disclosure. According to one embodiment, the processor of the information processing system receives a plurality of Internet resource access information generation requests from various users and generates Internet resource access information if the URL address associated with each request passes the validity and safety checks. You can. The plurality of Internet resource access information 810 generated in this way may be stored in an internal storage (eg, a second database) of the information processing system. After Internet resource access information is normally created, the URL address associated with the Internet resource access information may change to a harmful site. It is necessary to periodically inspect and deactivate Internet resource access information associated with these harmful sites.

According to one embodiment, the processor may perform a safety check on URL addresses associated with a plurality of pre-generated Internet resource access information 810 at predetermined time intervals (eg, once a day). Based on the white list 822, the processor may determine whether the URL address associated with the Internet resource access information is a trusted website. If the URL address is determined to be a trusted website, the processor may determine that the URL address has passed the safety check. Additionally, the processor may determine whether the URL address is a harmful site based on the black list 824. If the URL address is a harmful site, the processor may determine that the URL address has not passed the safety test and deactivate (840) Internet resource access information associated with the URL address.

Thereafter, the processor may perform a phishing site inspection by inputting URL addresses that do not belong to any of the white list 822 and the black list 824 among the plurality of Internet resource access information into the phishing site detection system 830. Here, the phishing site detection system may be configured to perform phishing site inspection through batch processing. For example, phishing site checks can be batched to occur once a day. Thereafter, the processor may deactivate (840) the Internet resource access information determined to be associated with a phishing site among the plurality of previously generated Internet resource access information.

The description of the process of performing periodic inspection on a plurality of Internet resource access information 810 shown in FIG. 8 is only an example and may be implemented differently in some embodiments. For example, one or more steps may be omitted or performed in a different configuration, the order of each step may be changed, one or more steps may be performed simultaneously or overlapping, or one or more steps may be performed repeatedly multiple times.

Figure 9 is a flowchart illustrating a method 900 for generating Internet resource access information according to an embodiment of the present disclosure. Method 900 may be performed by at least one processor of an Internet resource access information generation system (or information processing system). According to one embodiment, the method 900 may be initiated by the processor receiving a request for generating Internet resource access information including a specific URL address (S910). Here, the specific URL address may represent a URL address associated with an Internet resource. For example, a specific URL address may refer to a URL address associated with a file such as an image, video, or web page, but is not limited to this. Additionally, a request to create Internet resource access information may further include user account information that created the request.

The processor may perform validation on a specific URL address (S920). In one embodiment, the processor may attempt to connect to a specific URL address. If access to a specific URL address is not possible, the processor may determine that it does not pass validation.

The processor may perform a safety check on a specific URL address (S930). In one embodiment, the processor may determine whether a specific URL address is a harmful site based on a first database in which harmful site information is stored. If a specific URL address is a harmful site, the processor may determine that it has not passed the safety test.

Additionally or alternatively, the processor may determine whether a particular URL address is a trusted website based on a first database storing trusted website information. If a particular URL address is a trusted website, the processor can determine that it has passed the safety check.

Additionally or alternatively, the processor may use the website safety check API to determine whether a particular URL address is a harmful site. If a specific URL address is a harmful site, the processor may determine that it has not passed the safety test.

Additionally or alternatively, the processor may perform a sexual image check on the image file if a particular URL address is associated with the image file. For example, if the image file is determined to be a sexual image, the processor may determine that it has failed the safety test. In another example, if a specific URL address is associated with a web page, a sexual image check may be performed on images included in the web page. If a web page is determined to contain at least one sexual image, it may be determined to have failed the safety test.

If the specific URL address passes the validation and safety checks, the processor may generate Internet resource access information for accessing a specific URL (S940). The processor may store the generated Internet resource access information in a second database. Here, the Internet resource access information may be a visually coded pattern or a shortened URL address. Additionally, the second database may include a plurality of Internet resource access information. Additionally, if a specific URL address fails the validation and safety checks, the processor may stop generating Internet resource access information and transmit a notification message of Internet resource access information generation failure to the user terminal. In this case, the processor may send a message indicating that a particular URL address did not pass validation and/or safety checks.

Additionally, if a specific URL address does not pass the safety check, service restrictions may be implemented for the user account included in the request to generate Internet resource access information. For example, if a particular URL address fails the safety check, the processor may block the application key associated with the user account. In another example, if a particular URL address fails the safety check, the processor may restrict access to the service using the user account.

After Internet resource access information is normally generated, in order to detect Internet resource access information that is converted to a harmful site, the processor inputs a plurality of Internet resource access information contained in the second database into the phishing site detection system at predetermined time intervals. You can perform a phishing site inspection. The processor may then disable at least one Internet resource access information determined to be associated with the phishing site. In this case, the phishing site detection system may be configured to enable phishing site inspection through batch processing.

The above-described method may be provided as a computer program stored in a computer-readable recording medium for execution on a computer. Media may be used to continuously store executable programs on a computer, or may be temporarily stored for execution or download. Additionally, the medium may be a variety of recording or storage means in the form of a single or several pieces of hardware combined. It is not limited to a medium directly connected to a computer system and may be distributed over a network. Examples of media include magnetic media such as hard disks, floppy disks, and magnetic tapes, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, and There may be something configured to store program instructions, including ROM, RAM, flash memory, etc. Additionally, examples of other media include recording or storage media managed by app stores that distribute applications, sites that supply or distribute various other software, or servers.

The methods, operations, or techniques of this disclosure may be implemented by various means. For example, these techniques may be implemented in hardware, firmware, software, or a combination thereof. Those skilled in the art will understand that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented in electronic hardware, computer software, or combinations of both. To clearly illustrate this interchange of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends on the specific application and design requirements imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementations should not be interpreted as causing a departure from the scope of the present disclosure.

In a hardware implementation, the processing units used to perform the techniques may include one or more ASICs, DSPs, digital signal processing devices (DSPDs), programmable logic devices (PLDs). ), field programmable gate arrays (FPGAs), processors, controllers, microcontrollers, microprocessors, electronic devices, and other electronic units designed to perform the functions described in this disclosure. , a computer, or a combination thereof.

Accordingly, the various illustrative logical blocks, modules, and circuits described in connection with this disclosure may be general-purpose processors, DSPs, ASICs, FPGAs or other programmable logic devices, discrete gate or transistor logic, discrete hardware components, or It may be implemented or performed as any combination of those designed to perform the functions described in. A general-purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, such as a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other configuration.

For firmware and/or software implementations, techniques include random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), and PROM ( on computer-readable media such as programmable read-only memory (EPROM), electrically erasable PROM (EEPROM), flash memory, compact disc (CD), magnetic or optical data storage devices, etc. It may also be implemented as stored instructions. Instructions may be executable by one or more processors and may cause the processor(s) to perform certain aspects of the functionality described in this disclosure.

When implemented in software, the techniques may be stored on or transmitted through a computer-readable medium as one or more instructions or code. Computer-readable media includes both computer storage media and communication media, including any medium that facilitates transfer of a computer program from one place to another. Storage media may be any available media that can be accessed by a computer. By way of non-limiting example, such computer-readable media may include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or the desired program code in the form of instructions or data structures. It can be used to transfer or store data and can include any other media that can be accessed by a computer. Any connection is also properly termed a computer-readable medium.

For example, if the Software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair cable, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, , fiber optic cable, twisted pair, digital subscriber line, or wireless technologies such as infrared, radio, and microwave are included within the definition of medium. As used herein, disk and disk include CD, laser disk, optical disk, digital versatile disc (DVD), floppy disk, and Blu-ray disk, where disks are usually magnetic. It reproduces data optically, while discs reproduce data optically using lasers. Combinations of the above should also be included within the scope of computer-readable media.

A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, a hard disk, a removable disk, a CD-ROM, or any other form of storage medium known. An exemplary storage medium may be coupled to the processor such that the processor may read information from or write information to the storage medium. Alternatively, the storage medium may be integrated into the processor. The processor and storage medium may reside within an ASIC. ASIC may exist within the user terminal. Alternatively, the processor and storage medium may exist as separate components in the user terminal.

Although the above-described embodiments have been described as utilizing aspects of the presently disclosed subject matter in one or more standalone computer systems, the disclosure is not limited thereto and may also be implemented in conjunction with any computing environment, such as a network or distributed computing environment. . Furthermore, aspects of the subject matter of this disclosure may be implemented in multiple processing chips or devices, and storage may be similarly effected across the multiple devices. These devices may include PCs, network servers, and portable devices.

Although the present disclosure has been described in relation to some embodiments in this specification, various modifications and changes may be made without departing from the scope of the present disclosure as can be understood by a person skilled in the art to which the invention pertains. Additionally, such modifications and changes should be considered to fall within the scope of the claims appended hereto.

110: URL address
112: website
114: image
116: Video
118: Map information
120: Internet resource access information generation system
130: Internet resource access information
132: Shortened URL
134: QR code

Claims (15)

In a method of generating Internet resource access information performed by at least one processor,
Receiving a request to generate Internet resource access information including a specific Uniform Resource Locator (URL) address and user account information;
performing a validation check on the specific URL address;
performing a first safety check on the specific URL address based on a first database storing trustworthy website information and harmful site information;
If the specific URL address does not pass the first security check, blocking an application key associated with the user account or restricting access to a service using the user account;
If the specific URL address passes the validity check and the first safety check, generating the Internet resource access information for accessing the specific URL;
storing the generated Internet resource access information in a second database, wherein the second database includes a plurality of generated Internet resource access information;
Based on the first database, performing a second security check on the plurality of generated Internet resource access information included in the second database at first predetermined time intervals;
determining that at least one piece of Internet resource access information determined to be a trustworthy website among the plurality of generated Internet resource access pieces of information has passed the second security check;
Deactivating at least one Internet resource access information determined to be a harmful site among the plurality of generated Internet resource access information;
At least one Internet resource access information that is not associated with the trusted website information and harmful size information included in the first database among the plurality of Internet resource access information included in the second database at a predetermined second time interval. performing a phishing site check by entering it into a phishing site detection system; and
Deactivating at least one Internet resource access information determined to be associated with a phishing site.
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the validation is,
Attempting to access the specific URL address; and
If access to the specific URL address is not possible, determining that it has not passed the validation check
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the first safety test is,
determining whether the specific URL address is a harmful site based on the first database; and
If the specific URL address is a harmful site, determining that it has not passed the safety test
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the first safety test is,
based on the first database, determining whether the specific URL address is a trustworthy website; and
If the specific URL address is a trustworthy website, determining that it has passed the safety test
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the first safety test is,
Using a website safety inspection API (Application Programming Interface), determining whether the specific URL address is a harmful site; and
If the specific URL address is a harmful site, determining that it has not passed the safety test
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the first safety test is,
If the specific URL address is associated with an image file, performing a sexual image test on the image file; and
In response to determining that the image file corresponds to a sexual image, determining that the image file fails a safety test.
A method of generating Internet resource access information, including. According to paragraph 1,
The step of performing the first safety test is,
If the specific URL address is associated with a web page, performing a sexual image test on images included in the web page; and
In response to determining that the web page contains at least one sexual image, determining that the web page fails a safety test.
A method of generating Internet resource access information, including. delete delete delete According to paragraph 1,
A method of generating Internet resource access information, wherein the phishing site detection system is configured to perform phishing site inspection by batch processing. According to paragraph 1,
A method of generating Internet resource access information, wherein the generated Internet resource access information is a visually coded pattern. According to paragraph 1,
A method of generating Internet resource access information, wherein the generated Internet resource access information is a shortened URL address. A computer program stored in a computer-readable recording medium for executing the method according to any one of claims 1 to 7 and 11 to 13 on a computer. An Internet resource access information generation system,
communication module;
Memory; and
At least one processor connected to the memory and configured to execute at least one computer-readable program included in the memory
Including,
The at least one program is,
Receive requests to generate Internet resource access information, including specific URL addresses and user account information;
Perform validation on the specific URL address,
Performing a first safety check on the specific URL address based on a first database storing trustworthy website information and harmful site information,
If the specific URL address does not pass the first security check, block the application key associated with the user account or restrict service access using the user account,
If the specific URL address passes the validity check and the first safety check, generate the Internet resource access information for accessing the specific URL,
Storing the generated Internet resource access information in a second database, wherein the second database includes a plurality of generated Internet resource access information,
Based on the first database, performing a second security check on the plurality of generated Internet resource access information included in the second database at first predetermined time intervals,
Determining that at least one Internet resource access information determined to be a trustworthy website among the plurality of generated Internet resource access information has passed the safety test,
Deactivating at least one Internet resource access information determined to be a harmful site among the plurality of generated Internet resource access information,
Detecting a phishing site using at least one Internet resource access information that is not associated with the website information and harmful size information included in the first database among a plurality of Internet resource access information included in the second database at a predetermined second time interval Enter into the system to perform a phishing site check,
An Internet resource access information generation system comprising instructions for deactivating at least one Internet resource access information determined to be associated with a phishing site.

Images