MX2017003545A - Metodo y dispositivo para detectar la suplantacion de direcciones web. - Google Patents
Metodo y dispositivo para detectar la suplantacion de direcciones web.Info
- Publication number
- MX2017003545A MX2017003545A MX2017003545A MX2017003545A MX2017003545A MX 2017003545 A MX2017003545 A MX 2017003545A MX 2017003545 A MX2017003545 A MX 2017003545A MX 2017003545 A MX2017003545 A MX 2017003545A MX 2017003545 A MX2017003545 A MX 2017003545A
- Authority
- MX
- Mexico
- Prior art keywords
- website
- skipping
- secure
- hijacked
- detection method
- Prior art date
Links
- 238000001514 detection method Methods 0.000 title abstract 2
- 230000002159 abnormal effect Effects 0.000 abstract 1
- 238000000034 method Methods 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
- G06F16/24578—Query processing with adaptation to user needs using ranking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/128—Restricting unauthorised execution of programs involving web programs, i.e. using technology especially used in internet, generally interacting with a web browser, e.g. hypertext markup language [HTML], applets, java
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computational Linguistics (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
La presente descripción se relaciona con un método y un dispositivo para detectar la suplantación de direcciones web. El método comprende: obtener una dirección web actualmente accedida y una dirección web de salto objetivo a partir de una instrucción de acceso a direcciones web; determinar una dirección web de salto seguro de la dirección web actualmente accedida de acuerdo con un historial de instrucciones de acceso a direcciones web; y determinar si la dirección web de salto objetivo es suplantada de acuerdo con la dirección web de salto seguro. Con la presente solución técnica, la dirección web de salto seguro se determina de acuerdo con instrucciones históricas de acceso a direcciones web, de tal manera que se determina si la dirección web de salto objetivo es suplantada de acuerdo con la dirección web de salto seguro. De esta manera, pueden detectarse inmediatamente saltos anormales, y pueden hallarse suplantaciones sin mantener y emitir por adelantado direcciones web de lista negra, por lo tanto mejorando una tasa de reconocimiento de direcciones web suplantadas, y reduciendo un costo.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510347804.3A CN105100061B (zh) | 2015-06-19 | 2015-06-19 | 网址劫持检测的方法及装置 |
PCT/CN2015/095336 WO2016201889A1 (zh) | 2015-06-19 | 2015-11-23 | 网址劫持检测的方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
MX2017003545A true MX2017003545A (es) | 2017-07-14 |
MX364352B MX364352B (es) | 2019-04-23 |
Family
ID=54579608
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MX2017003545A MX364352B (es) | 2015-06-19 | 2015-11-23 | Metodo y dispositivo para detectar la suplantacion de direcciones web. |
Country Status (8)
Country | Link |
---|---|
US (1) | US10313392B2 (es) |
EP (1) | EP3107262B1 (es) |
JP (1) | JP6271725B2 (es) |
KR (1) | KR101994561B1 (es) |
CN (1) | CN105100061B (es) |
MX (1) | MX364352B (es) |
RU (1) | RU2658191C2 (es) |
WO (1) | WO2016201889A1 (es) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105100061B (zh) * | 2015-06-19 | 2018-09-04 | 小米科技有限责任公司 | 网址劫持检测的方法及装置 |
CN107566320B (zh) * | 2016-06-30 | 2020-05-26 | 中国电信股份有限公司 | 一种网络劫持检测方法、装置与网络系统 |
CN107968769A (zh) * | 2016-10-19 | 2018-04-27 | 中兴通讯股份有限公司 | 网页安全检测方法及装置 |
CN110020239B (zh) * | 2017-09-20 | 2023-05-12 | 腾讯科技(深圳)有限公司 | 恶意资源转移网页识别方法及装置 |
CN108173814B (zh) * | 2017-12-08 | 2021-02-05 | 深信服科技股份有限公司 | 钓鱼网站检测方法、终端设备及存储介质 |
CN117439826B (zh) * | 2023-12-21 | 2024-03-01 | 江苏禾冠信息技术有限公司 | 基于多模态验证的网络安全识别方法及系统 |
Family Cites Families (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020161866A1 (en) * | 2001-03-20 | 2002-10-31 | Garnet Tozer | Method and apparatus for internet-based remote terminal units and flow computers |
US20040139170A1 (en) * | 2003-01-15 | 2004-07-15 | Ming-Teh Shen | Method and apparatus for management of shared wide area network connections |
US8984640B1 (en) * | 2003-12-11 | 2015-03-17 | Radix Holdings, Llc | Anti-phishing |
US7657622B1 (en) * | 2003-12-23 | 2010-02-02 | At&T Intellectual Property Ii, L.P. | Unified web hosting and content distribution system and method for assuring predetermined performance levels |
US9112897B2 (en) * | 2006-03-30 | 2015-08-18 | Advanced Network Technology Laboratories Pte Ltd. | System and method for securing a network session |
US20080295153A1 (en) * | 2007-05-24 | 2008-11-27 | Zhidan Cheng | System and method for detection and communication of computer infection status in a networked environment |
US8255386B1 (en) * | 2008-01-30 | 2012-08-28 | Google Inc. | Selection of documents to place in search index |
US8286239B1 (en) * | 2008-07-24 | 2012-10-09 | Zscaler, Inc. | Identifying and managing web risks |
US8103599B2 (en) * | 2008-09-25 | 2012-01-24 | Microsoft Corporation | Calculating web page importance based on web behavior model |
US8448245B2 (en) * | 2009-01-17 | 2013-05-21 | Stopthehacker.com, Jaal LLC | Automated identification of phishing, phony and malicious web sites |
US8205258B1 (en) * | 2009-11-30 | 2012-06-19 | Trend Micro Incorporated | Methods and apparatus for detecting web threat infection chains |
US8505094B1 (en) * | 2010-01-13 | 2013-08-06 | Trend Micro, Inc. | Detection of malicious URLs in a web page |
BR112012018643B1 (pt) * | 2010-01-26 | 2021-12-07 | EMC IP Holding Company LLC | Método para detecção de acessos não autorizados de recursos online seguros, sistema de segurança de rede para detectar acessos não autorizados de recursos online seguros e mídia de armazenamento legível por computador |
US8869271B2 (en) * | 2010-02-02 | 2014-10-21 | Mcafee, Inc. | System and method for risk rating and detecting redirection activities |
RU2446459C1 (ru) * | 2010-07-23 | 2012-03-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ проверки веб-ресурсов на наличие вредоносных компонент |
US20120102568A1 (en) * | 2010-10-26 | 2012-04-26 | Mcafee, Inc. | System and method for malware alerting based on analysis of historical network and process activity |
US8521667B2 (en) * | 2010-12-15 | 2013-08-27 | Microsoft Corporation | Detection and categorization of malicious URLs |
CN103023712B (zh) * | 2011-09-28 | 2015-04-08 | 腾讯科技(深圳)有限公司 | 网页恶意属性监测方法和系统 |
CN103078830B (zh) * | 2011-10-25 | 2016-07-27 | 阿里巴巴集团控股有限公司 | 网址信息提供及分享方法、好友添加方法、以及相应设备 |
CN102594934B (zh) * | 2011-12-30 | 2015-03-25 | 奇智软件(北京)有限公司 | 一种识别被劫持网址的方法及装置 |
RU2495486C1 (ru) * | 2012-08-10 | 2013-10-10 | Закрытое акционерное общество "Лаборатория Касперского" | Способ анализа и выявления вредоносных промежуточных узлов в сети |
US8997228B1 (en) * | 2012-09-06 | 2015-03-31 | Symantec Corporation | Techniques for detecting infected websites |
US9553783B2 (en) * | 2012-09-14 | 2017-01-24 | Salesforce.Com, Inc. | Spam flood detection methodologies |
US8943588B1 (en) * | 2012-09-20 | 2015-01-27 | Amazon Technologies, Inc. | Detecting unauthorized websites |
CN102917049A (zh) * | 2012-10-17 | 2013-02-06 | 北京奇虎科技有限公司 | 呈现访问网站的信息的方法、浏览器和系统 |
US9241006B2 (en) * | 2012-10-24 | 2016-01-19 | Tencent Technology (Shenzhen) Company Limited | Method and system for detecting website visit attempts by browsers |
CN103780450B (zh) * | 2012-10-24 | 2019-03-01 | 腾讯科技(深圳)有限公司 | 浏览器访问网址的检测方法和系统 |
CN103856437A (zh) * | 2012-11-28 | 2014-06-11 | 深圳市金蝶中间件有限公司 | 网站安全性的检测方法和系统 |
US20140380472A1 (en) * | 2013-06-24 | 2014-12-25 | Lenovo (Singapore) Pte. Ltd. | Malicious embedded hyperlink detection |
JP6055726B2 (ja) * | 2013-06-28 | 2016-12-27 | Kddi株式会社 | ウェブページ監視装置、ウェブページ監視システム、ウェブページ監視方法およびコンピュータプログラム |
CN103368957B (zh) * | 2013-07-04 | 2017-03-15 | 北京奇虎科技有限公司 | 对网页访问行为进行处理的方法及系统、客户端、服务器 |
RU2592390C2 (ru) * | 2013-07-15 | 2016-07-20 | Общество С Ограниченной Ответственностью "Яндекс" | Система, способ и устройство для оценки сеансов просмотра |
CN104216930B (zh) * | 2013-07-30 | 2018-04-27 | 腾讯科技(深圳)有限公司 | 一种跳转类钓鱼网页的检测方法和装置 |
CN104348803B (zh) * | 2013-07-31 | 2018-12-11 | 深圳市腾讯计算机系统有限公司 | 链路劫持检测方法、装置、用户设备、分析服务器及系统 |
US10778680B2 (en) * | 2013-08-02 | 2020-09-15 | Alibaba Group Holding Limited | Method and apparatus for accessing website |
US9654504B1 (en) * | 2013-12-10 | 2017-05-16 | Symantec Corporation | Detecting a hijacked network address |
WO2015153849A1 (en) * | 2014-04-03 | 2015-10-08 | Automattic, Inc. | Systems and methods for protecting websites from botnet attacks |
CN104301302B (zh) * | 2014-09-12 | 2017-09-19 | 深信服网络科技(深圳)有限公司 | 越权攻击检测方法及装置 |
CN105100061B (zh) * | 2015-06-19 | 2018-09-04 | 小米科技有限责任公司 | 网址劫持检测的方法及装置 |
US20170053037A1 (en) * | 2015-08-18 | 2017-02-23 | Lenovo (Singapore) Pte. Ltd. | Validation of internet address input to a device |
CN105447204B (zh) * | 2016-01-04 | 2017-12-12 | 北京百度网讯科技有限公司 | 网址识别方法和装置 |
-
2015
- 2015-06-19 CN CN201510347804.3A patent/CN105100061B/zh active Active
- 2015-11-23 RU RU2016140114A patent/RU2658191C2/ru active
- 2015-11-23 KR KR1020177009157A patent/KR101994561B1/ko active IP Right Grant
- 2015-11-23 MX MX2017003545A patent/MX364352B/es active IP Right Grant
- 2015-11-23 WO PCT/CN2015/095336 patent/WO2016201889A1/zh active Application Filing
- 2015-11-23 JP JP2016525092A patent/JP6271725B2/ja active Active
-
2016
- 2016-06-17 US US15/185,223 patent/US10313392B2/en active Active
- 2016-06-20 EP EP16175306.6A patent/EP3107262B1/en active Active
Also Published As
Publication number | Publication date |
---|---|
MX364352B (es) | 2019-04-23 |
WO2016201889A1 (zh) | 2016-12-22 |
KR20170051489A (ko) | 2017-05-11 |
RU2016140114A (ru) | 2018-04-13 |
EP3107262A1 (en) | 2016-12-21 |
JP2017527861A (ja) | 2017-09-21 |
JP6271725B2 (ja) | 2018-01-31 |
CN105100061B (zh) | 2018-09-04 |
RU2658191C2 (ru) | 2018-06-19 |
US20160373482A1 (en) | 2016-12-22 |
KR101994561B1 (ko) | 2019-06-28 |
US10313392B2 (en) | 2019-06-04 |
CN105100061A (zh) | 2015-11-25 |
EP3107262B1 (en) | 2018-01-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MX2017003545A (es) | Metodo y dispositivo para detectar la suplantacion de direcciones web. | |
MX360586B (es) | Método y dispositivo de alarma. | |
PH12016501004A1 (en) | Methods of detecting plasmodium infection | |
MX2019006027A (es) | Metodo y aparato para comparar nombres. | |
PH12017501080A1 (en) | User maintenance system and method | |
MX2016003774A (es) | Metodo y aparato para identificacion de huella dactilar. | |
GB2548270A (en) | A Method and system for network access control based on traffic monitoring and vulnerability detection using process related information | |
MX2018002979A (es) | Sistema y metodo para proporcionar asistencia de manejo para rebasar con seguridad un vehiculo. | |
MX2016004500A (es) | Metodo y dispositivo de alarma. | |
MX2016005072A (es) | Metodo y dispositivo para proporcionar informacion para encontrar objetos. | |
MX359182B (es) | Metodo y dispositivo para grabacion de video. | |
EP3258409A4 (en) | Device for detecting terminal infected by malware, system for detecting terminal infected by malware, method for detecting terminal infected by malware, and program for detecting terminal infected by malware | |
MX2016016511A (es) | Sistema y método de identificación de operadores de sistemas de soldadura. | |
WO2013114212A3 (en) | Notification and privacy management of online photos and videos | |
EP2899959A4 (en) | METHOD, DEVICE AND SYSTEM FOR CONFIRMING AN ALARMIDENTITY IN A VIDEO SURVEILLANCE SYSTEM | |
MX2016003972A (es) | Metodo, aparato y sistema para que un dispositivo inteligente acceda a un router. | |
MX2018003460A (es) | Metodo y sistema de identificacion de una solicitud de acceso de una aplicacion en un dispositivo movil en una red de telecomunicaciones. | |
PL3385108T3 (pl) | Układ i sposób uniemożliwiania nieprawidłowego otwarcia stycznika dzięki wykrywaniu działania w czasie rzeczywistym | |
MX2016002624A (es) | Metodo y dispositivo para enviar informacion. | |
PH12016500158A1 (en) | Methods for controlling fucosylation levels in proteins | |
WO2012126422A3 (zh) | 控制账户管理操作的方法、装置和系统 | |
MX2016007310A (es) | Sistema y metodo para determinar las propiedades biometricas de un ojo. | |
MX359919B (es) | Procedimiento y aparato de verificacion de seguridad. | |
WO2014113047A8 (en) | Method and system for predicting a life cycle of an engine | |
MX2016013408A (es) | Metodo para proporcionar alerta. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FG | Grant or registration |