WO2014117687A1 - Method and device for displaying web address safety evaluation information - Google Patents

Method and device for displaying web address safety evaluation information Download PDF

Info

Publication number
WO2014117687A1
WO2014117687A1 PCT/CN2014/071411 CN2014071411W WO2014117687A1 WO 2014117687 A1 WO2014117687 A1 WO 2014117687A1 CN 2014071411 W CN2014071411 W CN 2014071411W WO 2014117687 A1 WO2014117687 A1 WO 2014117687A1
Authority
WO
WIPO (PCT)
Prior art keywords
security authentication
authentication information
website
information
user
Prior art date
Application number
PCT/CN2014/071411
Other languages
French (fr)
Chinese (zh)
Inventor
朱玫
吴浩
任寰
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Publication of WO2014117687A1 publication Critical patent/WO2014117687A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Definitions

  • the present invention relates to the field of network applications, and in particular, to a method and apparatus for displaying web site security authentication information. Background technique
  • malicious websites refer to malicious programs such as Trojans, viruses, and other malicious programs on the website.
  • the "pretending website service content” induces users to visit the website. Once they enter these websites, they will trigger the Trojans and viruses planted in the website.
  • Such programs cause the visitor's computer to be infected, and are at risk of losing account or privacy information. Malicious websites are prone to appear in some unknown websites with sales and referrals.
  • Net Shield is a commonly used Internet protection software that can prevent various risks that users may encounter during the Internet access process. It effectively intercepts Trojan websites and fraudulent websites, automatically detects the files you download, and promptly removes viruses. It also has a browser lock. , homepage lock, one-click repair browser and other functions, so that the browser is always in the best state, to prevent problems before they occur, protect your computer and personal property from malicious websites.
  • the present invention has been made in order to provide a method of displaying web site security authentication information and corresponding apparatus for displaying web site security authentication information that overcomes the above problems or at least partially solves the above problems.
  • a method for displaying web site security authentication information including: transmitting a security authentication information acquisition request triggered by a user for a currently loaded page;
  • the URL security authentication information is displayed on the browser side.
  • the website security authentication information is a security information weight generated by a security authentication performed on a URL corresponding to the currently loaded page according to at least one of the following parameters:
  • Blacklist whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
  • the weights of different parameters in the web site security authentication information are adjustable.
  • the sending, by the user, the security authentication information obtaining request for the currently loaded page includes:
  • the security authentication information acquisition request is received and sent.
  • the method further includes: uploading the URL of the currently loaded page and/or the URL resolution IP to the Server side.
  • the method further includes: uploading, by the MID of the terminal where the browser that loads the current page is located, to the server side;
  • displaying the URL security authentication information on the browser side includes:
  • the authentication process if the display interface is closed, the identification process is continued, and when the display interface is opened again, the website security identification information is displayed.
  • displaying the URL security authentication information on the browser side includes:
  • the obtained URL authentication information is displayed on the browser side.
  • the URL security identification information of the currently loaded page is obtained.
  • the matching the content of the currently loaded page with the webpage content of the malicious webpage comprises: performing D0M tree identification on multiple points in the currently loaded page content;
  • displaying the URL security authentication information on the browser side includes:
  • the foregoing method further includes:
  • the foregoing method further includes:
  • the authentication failure information is displayed to the user on the browser side, and the user is prompted whether to retry, and the subsequent operation is performed according to the instruction of the user.
  • the method is implemented in the form of a plug-in embedded in a browser.
  • an apparatus for displaying web site security authentication information including: a sending module, configured to send a security authentication information acquisition request triggered by a user for a currently loaded page;
  • the receiving module is configured to receive the web site security authentication information of the current loading page returned by the server side in response to the security authentication information obtaining request;
  • the display module is configured to display the URL security authentication information on the browser side.
  • the website security authentication information is a security information weight generated by a security authentication performed on a URL corresponding to the currently loaded page according to at least one of the following parameters:
  • Blacklist whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
  • the weights of different parameters in the web site security authentication information are adjustable.
  • the sending module is further configured to include:
  • the security authentication information acquisition request is received and sent.
  • the sending module is further configured to upload a URL and/or a URL resolution IP of the currently loaded page. To the server side.
  • the sending module is further configured to upload the MID of the terminal where the browser that loads the current page is located to the server side;
  • the receiving module is further configured to receive the webpage security authentication information of the currently loaded page, where the server side uniquely determines to return the webpage security authentication information of the currently loaded page to the terminal according to the MID.
  • the display module is further configured to:
  • the authentication process if the display interface is closed, the identification process is continued, and when the display interface is opened again, the website security identification information is displayed.
  • the display module is further configured to:
  • the obtained URL authentication information is displayed on the browser side.
  • the display module is further configured to:
  • the foregoing apparatus further includes:
  • the error correction module is configured to receive the error correction information input by the user if the user is not satisfied with the security authentication information of the website, where the error correction information includes the credibility recognized by the user for the website address value.
  • the display module is further configured to: if the website security authentication fails, display the authentication failure information to the user on the browser side, and prompt the user to retry, and perform subsequent operations according to the instruction of the user.
  • the device is embedded in the browser in the form of a plug-in.
  • the receiving module is further configured to receive a click operation of the user on the button, and trigger the security authentication information acquisition request.
  • a computer program comprising computer readable code, when the computer readable code is run on a computing device, causing the computing device to perform according to any of the above A method of displaying URL security authentication information.
  • a computer readable medium wherein a computer program as described above is stored.
  • the request is sent out.
  • the URL security authentication information of the current loading page returned by the subsequent receiving server side in response to the security authentication information obtaining request, and then the obtained information is displayed on the browser side, so as to facilitate the user to know the security of the website being browsed. That is, in the embodiment of the present invention, the URL security authentication can be performed on any web address, and the user directly and intuitively understands the web site security authentication information of the currently loaded page, which helps the user to select whether to continue browsing the web address.
  • the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are acquired by the untrusted website, thereby improving the network.
  • the security of browsing is greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are acquired by the untrusted website, thereby improving the network. The security of browsing.
  • FIG. 1 is a flow chart showing a method of displaying web site security authentication information according to an embodiment of the present invention
  • FIG. 2 shows a schematic diagram of a security authentication button in accordance with one embodiment of the present invention
  • FIG. 3 shows a schematic diagram of another security authentication button in accordance with one embodiment of the present invention.
  • FIG. 4 is a schematic diagram showing an inquiry of a security authentication operation according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram showing a display interface display being authenticated according to an embodiment of the present invention
  • FIG. The web site security authentication information according to an embodiment of the present invention is a schematic diagram of a display interface with higher credibility
  • FIG. 7 is a schematic diagram showing a URL security authentication information as a display interface with low credibility according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram showing a URL security authentication information as a generalized display interface according to an embodiment of the present invention.
  • Figure 9 is a diagram showing error correction according to an embodiment of the present invention.
  • Figure 10 is a diagram showing the success of a submission in accordance with one embodiment of the present invention.
  • Figure 11 shows a schematic diagram of authentication failure in accordance with one embodiment of the present invention.
  • Figure 12 is a diagram showing another authentication failure in accordance with one embodiment of the present invention.
  • Figure 13 is a diagram showing the structure of an apparatus for displaying web site security authentication information according to an embodiment of the present invention.
  • Figure 14 is a block diagram schematically showing a computing device for performing a method of displaying web address security authentication information in accordance with the present invention
  • Fig. 15 schematically shows a storage unit for holding or carrying program code for implementing the method of displaying URL authentication information according to the present invention. detailed description
  • FIG. 1 is a flow chart showing a method of displaying web site security authentication information according to an embodiment of the present invention. Referring to Figure 1, the method includes steps S102 to S106.
  • Step S102 Send a security authentication information acquisition request that is triggered by the user for the current loading page.
  • Step S104 Receive, by the server, the URL security authentication information of the current loading page that is returned in response to the security authentication information obtaining request.
  • Step S106 Display the received web site security authentication information on the browser side.
  • the request is sent out.
  • the URL security authentication information of the current loading page returned by the receiving server side in response to the security authentication information obtaining request is displayed, and the obtained information is displayed on the browser side to facilitate the user to know the security of the website being browsed.
  • the URL security authentication may be performed on any website, and the user directly and intuitively understands the website security identification information of the currently loaded page, which helps the user select whether to continue browsing the website.
  • the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are obtained by the untrusted website. Thereby improving the security of web browsing.
  • the user's information parameters such as privacy information, account information, etc.
  • the URL security authentication information mentioned in the embodiment of the present invention is a security information weight generated by security authentication performed on at least one of the following parameters: a blacklist, a whitelist, and an independent Visitor access, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics.
  • a blacklist a whitelist
  • an independent Visitor access server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics.
  • various parameters include, but are not limited to, the specific items listed above.
  • different parameters correspond to different security information weights.
  • the embodiment of the present invention provides a preferred parameter combination manner.
  • a certain format is set for different security levels, for example, a format consisting of multiple digits and a spacer, and multiple English letters and spacers are used. Format and so on.
  • the content represented by different numbers can be set during implementation.
  • the content mentioned here has many meanings, including but not limited to the credibility of the URL, the content displayed on the web page, and so on.
  • the first bit can be set to the main type (type), the second bit to the subtype (sub-type), and the third bit to the content (sc, which usually represents a dangerous content category).
  • type main type
  • sub-type subtype
  • content content
  • the first two digits indicate the danger level
  • the third digit indicates the dangerous content. If the URL is simpler, you can also use only the first two digits, and you don't need to classify dangerous content.
  • the three-digit format for example, 60-10-109, represents a fraudulent popup class, where the first 60 and the second digit 10 indicate that the URL has a certain risk, and 109 indicates the content type.
  • 60-10-108 can represent fishing advertising.
  • the security authentication is first based on whether it is a new web address. If it is a new URL, a URL that has never been viewed before, it will be 15 points. If it is not a new URL, it will be judged based on other parameter information of the URL. In this example, seven parameters are listed, and the specific content of each parameter and the security information weight of each parameter are as follows.
  • the parameters in this example and the security information weights of the parameters are enumerated. In practical applications, the weights are adjustable and are not static.
  • FIG. 2 shows a schematic diagram of a security authentication button in accordance with one embodiment of the present invention.
  • a circular mirror icon is displayed. The user clicks on the icon to issue a security authentication information acquisition request, which triggers subsequent security authentication operations.
  • the specific shape and position of the icon may be determined on a case-by-case basis. For example, the icon may also be square.
  • FIG. 3 shows a schematic diagram of another security authentication button in accordance with one embodiment of the present invention.
  • the icons can also be triangular, polygonal, and other patterns, which are not limited.
  • the location of the icon can also be placed in other locations than the right side of the address bar, such as in the URL information display window (such as a website business card), or other locations in the current loading page that can be displayed to the user, preferably placed in the address bar. On the right side, it is a better reminder when the user operates the URL.
  • the current loading page When the user clicks on the icon, the current loading page will pop up a display interface, which asks the user in the display interface whether it needs to perform security authentication on the currently loaded page, and provides two methods of "start detection” and “cancel".
  • 4 shows a schematic diagram of an inquiry of a security authentication operation in accordance with one embodiment of the present invention. After the user clicks "Start Detection", the web site security authentication information acquisition request is initiated to the browser side.
  • the server side can accurately perform security authentication on the currently loaded page, and the browser side uploads the URL parameter of the currently loaded page to the server side.
  • the higher frequency is the URL address, and / or the URL resolves the IP. If both are uploaded at the same time, to ensure security, you can use XOR with random numbers and perform BASE64 before uploading.
  • the URL parameters here include but are not limited to URL address and URL resolution IP.
  • the browser side can also upload the MID of the terminal where the browser that loads the current page is located to the server side.
  • the server side uniquely determines the URL security authentication information of the currently loaded page according to the MID to be returned to the designated terminal (that is, the terminal where the browser is located), and then the browser side can successfully receive the URL security of the currently loaded page. Identification information.
  • step S106 After receiving the URL security authentication information sent by the server side, step S106 is executed, and the website security authentication information is displayed on the browser side.
  • the existing browser attaches great importance to the user experience. Therefore, the display interface is loaded on the current loading page, and the authentication process information is displayed on the current page by using the display interface. After the authentication is completed, the website security identification information is displayed on the display interface. That is, in addition to the final URL security authentication information, the display interface can also display the identification process information, for example, if it is being authenticated, or it is identified as 60%, or the bar progress is displayed, the user can clearly know the identification. To what extent, when is the result.
  • FIG. 5 is a diagram showing a display interface display being identified, please wait a moment, according to an embodiment of the present invention.
  • the URL security authentication information can be displayed in multiple ways.
  • the prompt message can be displayed, and the URL corresponding to the currently loaded page is highly risky (ie, the reliability is low), and needs to be carefully accessed.
  • Account, password, etc. or, suggest that the URL corresponding to the currently loaded page has certain risks.
  • the color can be used for display, for example, red-green color. When the display interface is red, the reliability of the currently loaded page is low.
  • the display interface When the display interface is yellow or orange, the reliability of the currently loaded page is generally When the display interface is green, it indicates that the currently loaded page is highly trusted. For example, it is also possible to mark with a confidence value, for example, 0-59 means that the credibility is not high, 60-79 means that the credibility is general, and 80-100 means that the credibility is high. In actual display, one parameter or a combination of multiple parameters can be used.
  • FIGS. 6-8 are schematic diagrams showing a display interface of web address security authentication information in accordance with one embodiment of the present invention.
  • the display interface combines the two values of the credibility value and the prompt.
  • the display box of credibility can also be painted in different colors.
  • Figure 6 shows that the authentication result is higher in credibility and the display box is green.
  • Figure 7 shows that the authentication result is lower in credibility and the display box is red.
  • Figure 8 shows that the authentication result is credible and the display box is orange.
  • the webpage security authentication information of the currently loaded page is displayed on the display interface of the browser side
  • the webpage security authentication information may be displayed in the webpage information display window, and the webpage security authentication information can be seen regardless of whether the user opens the webpage of the website.
  • It can also be displayed according to the user's trigger instruction, that is, receiving the click instruction input by the user on the website, and displaying the website security identification information in the website information display window.
  • the malicious web address that is usually encountered is a phishing website pretending to be a payment website.
  • Phishing websites usually pretend to be websites such as banks and e-commerce.
  • the main hazard is to steal private information such as bank accounts and passwords submitted by users.
  • the so-called "phishing website” is a kind of online fraud. It means that criminals use various means to fake the URL address of the real website and the content of the page, or use the leak on the real website server program. Holes insert dangerous HTML code into certain pages of the site to defraud private data such as user accounts or credit card accounts and passwords.
  • the phishing website is taken as an example for explanation.
  • the current loading page is a payment page
  • the content of the currently loaded page is matched with the content of the phishing website, and the URL security identification information of the currently loaded page is obtained according to the matching result. If they match, it proves that the current loading page is a phishing website. If it does not match, the website address of the loading page can be further analyzed.
  • a more effective way is to match the structural features of the DOM tree. Since the structural feature of the DOM tree of the webpage is certain, the DOM tree is identified for multiple points in the currently loaded page content, and the structural features in the DOM tree of the currently loaded page are selected, and the DOM tree of the phishing website is The structural features are matched. If they match, the current loading page is confirmed as a phishing website. For example, the fifth element in the third layer of the DOM tree of the currently loaded page has the class name "alipay", which is considered to be the structural feature of a phishing website corresponding to the Alipay website, according to the DOM tree structure. The match can determine that the webpage is a webpage of a phishing website. Subsequently, the obtained phishing website's credibility value is taken as at least a part of the web site security authentication information for the web address.
  • the phishing website provided here is only one example of a malicious website.
  • the security authentication operation of the remaining malicious websites is similar to the security authentication operation for the phishing website, mainly to identify and match the content of the webpage (for example, the structural features of the DOM tree). For details, see the above, and I will not repeat them here.
  • the URL authentication information currently mentioned in the embodiment of the present invention is determined by the server side, and the user itself is judged and proactive. Therefore, the user may be dissatisfied with the received website security authentication information.
  • the error correction information input by the user may be received on the display interface, where the error correction information includes a credibility value recognized by the user for the web address.
  • Figure 9 shows a schematic diagram of error correction in accordance with one embodiment of the present invention. Among them, “URL to be corrected” and “Credit” are the default URL and reliability of the page before the jump, which cannot be edited.
  • the verification code is replaced.
  • the user clicks "Submit Information” the integrity and correctness of the information input are verified. After the input is completed, a prompt for successful submission will pop up.
  • Figure 10 is a diagram showing the success of a submission in accordance with one embodiment of the present invention.
  • the browser Since the browser itself has a large number of execution actions, it does not affect the browser's own functions.
  • the ability to display URL security authentication information is integrated into the plugin and embedded in the browser.
  • the use of plug-ins can increase the functionality of the browser side without affecting the stability and security of the system, and improve the security performance of the browser side when browsing the website.
  • FIG. 13 is a block diagram showing the structure of an apparatus for displaying web site security authentication information according to an embodiment of the present invention.
  • the device for displaying the URL security authentication information includes at least:
  • the sending module 1310 is configured to send a security authentication information obtaining request triggered by the user for the currently loaded page;
  • the receiving module 1320 is coupled to the sending module 1310, and configured to receive the web site security authentication information of the current loading page returned by the server side in response to the security authentication information obtaining request;
  • the display module 1330 is coupled to the receiving module 1320 and configured to display the web site security authentication information on the browser side.
  • the web site security authentication information is a security information weight generated by a security authentication of a web address corresponding to the currently loaded page according to at least one of the following parameters:
  • Blacklist whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
  • the weights of the different parameters in the URL security authentication information are adjustable.
  • the sending module 1310 is further configured to:
  • the security authentication information acquisition request is received and sent.
  • the sending module 1310 is further configured to upload the URL of the currently loaded page and/or the URL resolution IP to the server side.
  • the sending module 1310 is further configured to upload the MID of the terminal where the browser loading the current page is located to the server side;
  • the receiving module 1320 is further configured to receive the web site security authentication information of the currently loaded page, where the server side uniquely determines to return the webpage security authentication information of the currently loaded page to the terminal according to the MID.
  • display module 1330 is further configured to:
  • the display module 1330 is further configured to:
  • the web site security authentication information is formed by using a combination of any one or more of credibility values, colors, and prompts;
  • the obtained URL security authentication information is displayed on the browser side.
  • the content of the currently loaded page is matched with the content of the phishing website; and the URL security authentication information of the currently loaded page is obtained according to the matching result.
  • the DOM tree is identified for multiple points in the currently loaded page content; the structural features in the DOM tree of the currently loaded page are selected, and matched with the structural features of the DOM tree of the phishing website; , confirm that the current loading page is a phishing website.
  • display module 1330 is further configured to:
  • the device for displaying the web site security authentication information further includes an error correction module 1340 configured to receive error correction information input by the user if the user is not satisfied with the web site security authentication information, where the error correction information includes The credibility value recognized by the user of this URL.
  • the display module 1330 is further configured to display the authentication failure information to the user on the browser side if the URL security authentication fails, and prompt the user to retry, and perform subsequent operations according to the user's instruction.
  • the means for displaying the web site security authentication information is embedded in the browser in the form of a plug-in to perform the corresponding functions.
  • the receiving module 1320 is further configured to receive a click operation of the user on the button to trigger a secure authentication information acquisition request.
  • the request is sent out.
  • the URL security authentication information of the current loading page returned by the receiving server side in response to the security authentication information obtaining request is displayed, and the obtained information is displayed on the browser side to facilitate the user to know the security of the website being browsed.
  • the URL security authentication may be performed on any website, and the user directly and intuitively understands the website security identification information of the currently loaded page, which helps the user select whether to continue browsing the website.
  • the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are obtained by the untrusted website. Thereby improving the security of web browsing.
  • the user's information parameters such as privacy information, account information, etc.
  • modules in the devices of the embodiments can be adaptively changed and placed in one or more devices different from the embodiment.
  • the modules or units or components of the embodiments may be combined into one module or unit or component, and further they may be divided into a plurality of sub-modules or sub-units or sub-components.
  • any combination of the features disclosed in the specification, including the accompanying claims, the abstract and the drawings, and any methods so disclosed, or All processes or units of the device are combined.
  • Each feature disclosed in the specification (including the accompanying claims, the abstract and the drawings) may be replaced by alternative features that provide the same, equivalent or similar purpose, unless otherwise stated.
  • the various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof.
  • a microprocessor or digital signal processor may be used in practice to implement some or all of the functionality of some or all of the components of the device for displaying web site security authentication information in accordance with embodiments of the present invention.
  • the invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein.
  • Such a program implementing the present invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, or provided on a carrier signal, or provided in any other form.
  • FIG. 14 illustrates a computing device that can implement a method of displaying web address security authentication information in accordance with the present invention,
  • the computing device conventionally includes a processor 1410 and a computer program product or computer readable medium in the form of a memory 1420.
  • the memory 1420 may be an electronic memory such as a flash memory, an EEPROM (Electrically Erasable Programmable Read Only Memory), an EPROM, a hard disk, or a ROM.
  • Memory 1420 has a memory space 1430 for program code 1431 for performing any of the method steps described above.
  • storage space 1430 for program code may include various program code 1431 for implementing various steps in the above methods, respectively.
  • the program code can be read from or written to one or more computer program products.
  • Such computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks.
  • Such a computer program product is typically a portable or fixed storage unit as described with reference to FIG.
  • the storage unit may have storage segments, storage spaces, and the like that are similar to the storage 1420 in the computing device of FIG.
  • the program code can be compressed, for example, in an appropriate form.
  • the storage unit includes computer readable code 1431', ie, code that can be read by a processor, such as, for example, 1410, which when executed by a computing device causes the computing device to perform each of the methods described above step.
  • an embodiment or “one or more embodiments” as used herein means that the particular features, structures, or characteristics described in connection with the embodiments are included in at least one embodiment of the invention.
  • the phrase “in one embodiment” herein does not necessarily refer to the same embodiment.
  • any reference signs placed between parentheses shall not be construed as a limitation.
  • the word “comprising” does not exclude the presence of the elements or steps that are not in the claims.
  • the word “a” or “an” preceding a component does not exclude the presence of a plurality of such elements.
  • the invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item.
  • the use of the words first, second, and third does not indicate any order. These words can be interpreted as names.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Disclosed in the present invention is a method for displaying web address safety evaluation information, comprising: sending, with respect to a web page currently loading, a user-triggered request for safety evaluation information; receiving from the server side, in response to said safety evaluation information request, web address safety evaluation information pertinent to the web page currently loading; displaying said web address safety evaluation information on a browser. Use of the present invention can enhance network browsing safety. Also disclosed is a corresponding device.

Description

显示网址安全鉴定信息的方法及装置 技术领域  Method and device for displaying URL security identification information
本发明涉及网络应用领域,具体涉及一种显示网址安全鉴定信息的方法及装置。 背景技术  The present invention relates to the field of network applications, and in particular, to a method and apparatus for displaying web site security authentication information. Background technique
用户在浏览网络时经常会遇到恶意网站。 什么是恶意网站? 网络用户在浏览一 些色情或者其它的非法网站时候, 或者从不安全的站点下载游戏或其它程序时, 往 往会连合恶意程序一并带入自己的电脑, 而用户本人对此丝毫不知情。 直到有恶意 广告不断弹出或色情网站自动出现时, 用户才有可能发觉电脑已 "中毒" 。 在恶意 软件未被发现的这段时间, 用户网上的所有敏感资料都有可能被盗走, 比如银行帐 户信息, 信用卡密码等。 这些让受害者的电脑不断弹出色情网站或者是故意传播恶 意广告的网站就叫做恶意网站, 它们是不受大家欢迎的。  Users often encounter malicious websites while browsing the web. What is a malicious website? When a web user browses some pornographic or other illegal websites, or downloads games or other programs from an insecure site, the malicious programs are often brought into their own computers, and the users themselves are unaware of this. Until a malicious advertisement keeps popping up or a pornographic website automatically appears, the user may find that the computer is "poisoned". During the period when malware is not discovered, all sensitive information on the user's network may be stolen, such as bank account information, credit card passwords, etc. These websites, where the victim's computer keeps popping up pornographic websites or deliberately spreading malicious advertisements, are called malicious websites, and they are not popular.
换句话说, 恶意网址是指恶意种植木马、 病毒等恶意程序在网站内, 通过 "伪 装的网站服务内容" 诱导用户访问该网站, 一旦进入这些网站, 便会触发网站内种 植下的木马、 病毒等程序, 导致访问者计算机被感染, 面临丢失账号或者隐私信息 等危险。 恶意网站容易出现在一些不知名的带有销售、 推荐性质的网址中。  In other words, malicious websites refer to malicious programs such as Trojans, viruses, and other malicious programs on the website. The "pretending website service content" induces users to visit the website. Once they enter these websites, they will trigger the Trojans and viruses planted in the website. Such programs cause the visitor's computer to be infected, and are at risk of losing account or privacy information. Malicious websites are prone to appear in some unknown websites with sales and referrals.
现有技术通常是采用网盾对网址进行保护。 网盾是一款常用的上网保护软件, 能够防范用户上网过程中可能遇到的各种风险, 有效拦截木马网站、 欺诈网站, 自 动检测您下载的文件, 并及时清除病毒, 还拥有浏览器锁定、 主页锁定、 一键修复 浏览器等功能, 使浏览器时刻保持在最佳状态, 做到防患于未然, 保护您的电脑和 个人财产不被恶意网站侵害。  The prior art usually uses a network shield to protect the website. Net Shield is a commonly used Internet protection software that can prevent various risks that users may encounter during the Internet access process. It effectively intercepts Trojan websites and fraudulent websites, automatically detects the files you download, and promptly removes viruses. It also has a browser lock. , homepage lock, one-click repair browser and other functions, so that the browser is always in the best state, to prevent problems before they occur, protect your computer and personal property from malicious websites.
但是, 网盾中就访问网址的安全信息的评估主要是黑名单和白名单的技术, 无 法提供安全性相关信息。 发明内容  However, the assessment of the security information of the access URL in the network shield is mainly the blacklist and whitelist technology, and it is impossible to provide security-related information. Summary of the invention
鉴于上述问题, 提出了本发明以便提供一种克服上述问题或者至少部分地解决 上述问题的显示网址安全鉴定信息的方法和相应的显示网址安全鉴定信息的装置。  In view of the above problems, the present invention has been made in order to provide a method of displaying web site security authentication information and corresponding apparatus for displaying web site security authentication information that overcomes the above problems or at least partially solves the above problems.
依据本发明的一个方面, 提供了一种显示网址安全鉴定信息的方法, 包括: 发送由用户触发的对于当前加载页面的安全鉴定信息获取请求;  According to an aspect of the present invention, a method for displaying web site security authentication information is provided, including: transmitting a security authentication information acquisition request triggered by a user for a currently loaded page;
接收服务器侧响应于所述安全鉴定信息获取请求而返回的当前加载页面的网址 安全鉴定信息; 将所述网址安全鉴定信息显示在浏览器侧。 Receiving, by the server side, the URL security authentication information of the current loading page returned in response to the security authentication information obtaining request; The URL security authentication information is displayed on the browser side.
可选地, 所述网址安全鉴定信息为根据下列各项参数中的至少之一对当前加载 页面对应的网址进行的安全鉴定生成的安全信息权值:  Optionally, the website security authentication information is a security information weight generated by a security authentication performed on a URL corresponding to the currently loaded page according to at least one of the following parameters:
黑名单、 白名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP地址、 注册人、 支付页面、 网页结构特征; 其中不同参数对应不同的安全信息权值。  Blacklist, whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
可选地, 不同参数在所述网址安全鉴定信息中所占的权值是可调的。  Optionally, the weights of different parameters in the web site security authentication information are adjustable.
可选地, 所述发送由用户触发的对于当前加载页面的安全鉴定信息获取请求, 包括:  Optionally, the sending, by the user, the security authentication information obtaining request for the currently loaded page, includes:
在当前加载页面的地址栏中加载安全鉴定按钮;  Loading the security authentication button in the address bar of the currently loaded page;
当所述用户点击所述安全鉴定按钮时,接收所述安全鉴定信息获取请求并发送。 可选地, 发送所述安全鉴定信息获取请求之后, 接收所述服务器侧返回的当前 加载页面的网址安全鉴定信息之前, 上述方法还包括: 将当前加载页面的 URL和 /或 URL解析 IP上传至服务器侧。  When the user clicks the security authentication button, the security authentication information acquisition request is received and sent. Optionally, after the sending the security authentication information obtaining request, before receiving the webpage security authentication information of the current loading page returned by the server side, the method further includes: uploading the URL of the currently loaded page and/or the URL resolution IP to the Server side.
可选地, 上述方法还包括: 将加载当前页面的浏览器所在终端的 MID上传至服 务器侧; 以及  Optionally, the method further includes: uploading, by the MID of the terminal where the browser that loads the current page is located, to the server side;
接收当前加载页面的网址安全鉴定信息, 其中, 所述服务器侧根据所述 MID将 当前加载页面的网址安全鉴定信息唯一确定返回到所述终端。  Receiving the URL security authentication information of the currently loaded page, where the server side uniquely determines to return the URL security authentication information of the currently loaded page to the terminal according to the MID.
可选地, 将所述网址安全鉴定信息显示在浏览器侧, 包括:  Optionally, displaying the URL security authentication information on the browser side includes:
在当前加载页面上加载显示界面, 利用所述显示界面在所述当前页面上显示鉴 定过程信息, 鉴定结束后, 在所述显示界面显示所述网址安全鉴定信息; 以及  Loading a display interface on the current loading page, displaying the authentication process information on the current page by using the display interface, and displaying the URL security identification information on the display interface after the identification is completed;
在鉴定过程中, 若关闭所述显示界面时, 则继续执行鉴定过程, 待所述显示界 面再次被打开时, 显示所述网址安全鉴定信息。  In the authentication process, if the display interface is closed, the identification process is continued, and when the display interface is opened again, the website security identification information is displayed.
可选地, 将所述网址安全鉴定信息显示在浏览器侧, 包括:  Optionally, displaying the URL security authentication information on the browser side includes:
利用可信度值、 颜色、 提示语中的任意一项或多项的组合组成所述网址安全鉴 定信息;  Forming the URL security authentication information by using a combination of any one or more of a credibility value, a color, and a prompt;
将获得的所述网址安全鉴定信息显示在浏览器侧。  The obtained URL authentication information is displayed on the browser side.
可选地, 所述当前加载页面为支付页面时,  Optionally, when the current loading page is a payment page,
将当前加载页面的内容与恶意网址的网页内容进行匹配;  Match the content of the currently loaded page with the content of the webpage of the malicious URL;
根据匹配结果得到当前加载页面的网址安全鉴定信息。  According to the matching result, the URL security identification information of the currently loaded page is obtained.
可选地, 所述将当前加载页面的内容与恶意网址的网页内容进行匹配, 包括: 针对当前加载页面内容中的多个点进行 D0M树识别;  Optionally, the matching the content of the currently loaded page with the webpage content of the malicious webpage comprises: performing D0M tree identification on multiple points in the currently loaded page content;
选取当前加载页面的 D0M树中的结构特征, 并与恶意网址的 D0M树的结构特征 进行匹配; Select the structural features in the DOM tree of the currently loaded page, and the structural features of the DOM tree with the malicious URL Matching;
若匹配, 则确认当前加载页面为恶意网址的网页, 并获得恶意网址对应的可信 度值作为所述网址安全鉴定信息的至少一部分。  If it matches, it confirms that the currently loaded page is a malicious webpage, and obtains a credibility value corresponding to the malicious web address as at least a part of the webpage security authentication information.
可选地, 将所述网址安全鉴定信息显示在浏览器侧, 包括:  Optionally, displaying the URL security authentication information on the browser side includes:
在网址信息显示窗口中显示所述网址安全鉴定信息; 或者  Displaying the URL security authentication information in the URL information display window; or
接收所述用户在该网址上输入的点击指令, 在网址信息显示窗口中显示所述网 址安全鉴定信息。  Receiving the click instruction input by the user on the website, and displaying the website security identification information in the website information display window.
可选地, 上述方法还包括:  Optionally, the foregoing method further includes:
若所述用户对所述网址安全鉴定信息不满意, 接收所述用户输入的纠错信息, 其中, 所述纠错信息中包括对于该网址所述用户认可的可信度值。  And if the user is dissatisfied with the web site security authentication information, receiving error correction information input by the user, where the error correction information includes a credibility value recognized by the user for the web address.
可选地, 上述方法还包括:  Optionally, the foregoing method further includes:
若网址安全鉴定失败, 在浏览器侧向所述用户显示鉴定失败信息, 并提示所述 用户是否重试, 根据所述用户的指令执行后续操作。  If the URL security authentication fails, the authentication failure information is displayed to the user on the browser side, and the user is prompted whether to retry, and the subsequent operation is performed according to the instruction of the user.
可选地, 所述方法以插件的形式嵌入到浏览器中实现。  Optionally, the method is implemented in the form of a plug-in embedded in a browser.
可选地, 所述插件以按钮的形式出现在浏览器的地址栏中时,  Optionally, when the plugin appears in the address bar of the browser in the form of a button,
接收所述用户在所述按钮上的点击操作, 触发所述安全鉴定信息获取请求。 依据本发明的另一个方面, 提供了一种显示网址安全鉴定信息的装置, 包括: 发送模块, 配置为发送由用户触发的对于当前加载页面的安全鉴定信息获取请 求;  Receiving a click operation of the user on the button, triggering the security authentication information acquisition request. According to another aspect of the present invention, an apparatus for displaying web site security authentication information is provided, including: a sending module, configured to send a security authentication information acquisition request triggered by a user for a currently loaded page;
接收模块, 配置为接收服务器侧响应于所述安全鉴定信息获取请求而返回的当 前加载页面的网址安全鉴定信息;  The receiving module is configured to receive the web site security authentication information of the current loading page returned by the server side in response to the security authentication information obtaining request;
显示模块, 配置为将所述网址安全鉴定信息显示在浏览器侧。  The display module is configured to display the URL security authentication information on the browser side.
可选地, 所述网址安全鉴定信息为根据下列各项参数中的至少之一对当前加载 页面对应的网址进行的安全鉴定生成的安全信息权值:  Optionally, the website security authentication information is a security information weight generated by a security authentication performed on a URL corresponding to the currently loaded page according to at least one of the following parameters:
黑名单、 白名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP地址、 注册人、 支付页面、 网页结构特征; 其中不同参数对应不同的安全信息权值。  Blacklist, whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
可选地, 不同参数在所述网址安全鉴定信息中所占的权值是可调的。  Optionally, the weights of different parameters in the web site security authentication information are adjustable.
可选地, 所述发送由用户触发的对于当前加载页面的安全鉴定信息获取请求, 所述发送模块还配置为包括:  Optionally, the sending, by the user, the security authentication information acquisition request for the current loading page, the sending module is further configured to include:
在当前加载页面的地址栏中加载安全鉴定按钮;  Loading the security authentication button in the address bar of the currently loaded page;
当所述用户点击所述安全鉴定按钮时,接收所述安全鉴定信息获取请求并发送。 可选地, 所述发送模块还配置为将当前加载页面的 URL和 /或 URL解析 IP上传 至服务器侧。 When the user clicks the security authentication button, the security authentication information acquisition request is received and sent. Optionally, the sending module is further configured to upload a URL and/or a URL resolution IP of the currently loaded page. To the server side.
可选地, 所述发送模块还配置为将加载当前页面的浏览器所在终端的 MID上传 至服务器侧;  Optionally, the sending module is further configured to upload the MID of the terminal where the browser that loads the current page is located to the server side;
所述接收模块还配置为接收当前加载页面的网址安全鉴定信息, 其中, 所述服 务器侧根据所述 MID将当前加载页面的网址安全鉴定信息唯一确定返回到所述终端。  The receiving module is further configured to receive the webpage security authentication information of the currently loaded page, where the server side uniquely determines to return the webpage security authentication information of the currently loaded page to the terminal according to the MID.
可选地, 所述显示模块还配置为:  Optionally, the display module is further configured to:
在当前加载页面上加载显示界面, 利用所述显示界面在所述当前页面上显示鉴 定过程信息, 鉴定结束后, 在所述显示界面显示所述网址安全鉴定信息; 以及  Loading a display interface on the current loading page, displaying the authentication process information on the current page by using the display interface, and displaying the URL security identification information on the display interface after the identification is completed;
在鉴定过程中, 若关闭所述显示界面时, 则继续执行鉴定过程, 待所述显示界 面再次被打开时, 显示所述网址安全鉴定信息。  In the authentication process, if the display interface is closed, the identification process is continued, and when the display interface is opened again, the website security identification information is displayed.
可选地, 所述显示模块还配置为:  Optionally, the display module is further configured to:
利用可信度值、 颜色、 提示语中的任意一项或多项的组合组成所述网址安全鉴 定信息;  Forming the URL security authentication information by using a combination of any one or more of a credibility value, a color, and a prompt;
将获得的所述网址安全鉴定信息显示在浏览器侧。  The obtained URL authentication information is displayed on the browser side.
可选地, 所述显示模块还配置为:  Optionally, the display module is further configured to:
在网址信息显示窗口中显示所述网址安全鉴定信息; 或者  Displaying the URL security authentication information in the URL information display window; or
接收所述用户在该网址上输入的点击指令, 在网址信息显示窗口中显示所述网 址安全鉴定信息。  Receiving the click instruction input by the user on the website, and displaying the website security identification information in the website information display window.
可选地, 上述装置还包括:  Optionally, the foregoing apparatus further includes:
纠错模块, 配置为若所述用户对所述网址安全鉴定信息不满意, 接收所述用户 输入的纠错信息, 其中, 所述纠错信息中包括对于该网址所述用户认可的可信度值。  The error correction module is configured to receive the error correction information input by the user if the user is not satisfied with the security authentication information of the website, where the error correction information includes the credibility recognized by the user for the website address value.
可选地, 所述显示模块还配置为若网址安全鉴定失败, 在浏览器侧向所述用户 显示鉴定失败信息, 并提示所述用户是否重试, 根据所述用户的指令执行后续操作。  Optionally, the display module is further configured to: if the website security authentication fails, display the authentication failure information to the user on the browser side, and prompt the user to retry, and perform subsequent operations according to the instruction of the user.
可选地, 所述装置采用插件的形式嵌入到浏览器中。  Optionally, the device is embedded in the browser in the form of a plug-in.
可选地, 所述插件以按钮的形式出现在浏览器的地址栏中时,  Optionally, when the plugin appears in the address bar of the browser in the form of a button,
所述接收模块还配置为接收所述用户在所述按钮上的点击操作, 触发所述安全 鉴定信息获取请求。  The receiving module is further configured to receive a click operation of the user on the button, and trigger the security authentication information acquisition request.
根据本发明的又一个方面, 提供了一种计算机程序, 其包括计算机可读代码, 当所述计算机可读代码在计算设备上运行时, 导致所述计算设备执行根据上述的任 一个所述的显示网址安全鉴定信息的方法。  According to still another aspect of the present invention, a computer program is provided, comprising computer readable code, when the computer readable code is run on a computing device, causing the computing device to perform according to any of the above A method of displaying URL security authentication information.
根据本发明的再一个方面, 提供了一种计算机可读介质, 其中存储了如上所述 的计算机程序。 本发明的有益效果为: According to still another aspect of the present invention, a computer readable medium is provided, wherein a computer program as described above is stored. The beneficial effects of the invention are:
在本发明实施例中, 对于当前加载页面 (不论其是否是黑名单或白名单中记录 的网址) , 当用户触发安全鉴定信息获取请求后, 将该请求发送出去。 后续接收服 务器侧响应该安全鉴定信息获取请求而返回的当前加载页面的网址安全鉴定信息, 进而将获得的信息显示在浏览器侧, 以方便用户获知其正在浏览的网址的安全性。 艮卩, 在本发明实施例中, 可以对任何网址均可进行网址安全鉴定, 用户直接直观地 了解当前加载页面的网址安全鉴定信息, 有助于用户选择是否继续浏览该网址。 若 得到的网址安全鉴定信息显示该网址不值得信任, 用户可以选择关闭该网址, 大大 降低了用户的信息参数 (例如隐私信息、 账户信息等) 被不信任网址获取的可能性, 从而提高了网络浏览的安全性。  In the embodiment of the present invention, for the currently loaded page (whether or not it is a blacklist or a URL recorded in the whitelist), when the user triggers the security authentication information acquisition request, the request is sent out. The URL security authentication information of the current loading page returned by the subsequent receiving server side in response to the security authentication information obtaining request, and then the obtained information is displayed on the browser side, so as to facilitate the user to know the security of the website being browsed. That is, in the embodiment of the present invention, the URL security authentication can be performed on any web address, and the user directly and intuitively understands the web site security authentication information of the currently loaded page, which helps the user to select whether to continue browsing the web address. If the obtained website security authentication information indicates that the website address is not trustworthy, the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are acquired by the untrusted website, thereby improving the network. The security of browsing.
上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段, 而可依照说明书的内容予以实施, 并且为了让本发明的上述和其它目的、 特征和优 点能够更明显易懂, 以下特举本发明的具体实施方式。 附图说明  The above description is only an overview of the technical solutions of the present invention, and the technical means of the present invention can be more clearly understood, and can be implemented in accordance with the contents of the specification, and the above and other objects, features and advantages of the present invention can be more clearly understood. Specific embodiments of the invention are set forth below. DRAWINGS
通过阅读下文优选实施方式的详细描述, 各种其他的优点和益处对于本领域普 通技术人员将变得清楚明了。 附图仅用于示出优选实施方式的目的, 而并不认为是 对本发明的限制。 而且在整个附图中, 用相同的参考符号表示相同的部件。 在附图 中:  Various other advantages and benefits will become apparent to those skilled in the art in the <RTIgt; The drawings are only for the purpose of illustrating the preferred embodiments and are not intended to limit the invention. Throughout the drawings, the same reference numerals are used to refer to the same parts. In the drawing:
图 1示出了根据本发明一个实施例的显示网址安全鉴定信息的方法的流程示意 图;  1 is a flow chart showing a method of displaying web site security authentication information according to an embodiment of the present invention;
图 2示出了根据本发明一个实施例的安全鉴定按钮的示意图;  2 shows a schematic diagram of a security authentication button in accordance with one embodiment of the present invention;
图 3示出了根据本发明一个实施例的另一个安全鉴定按钮的示意图;  3 shows a schematic diagram of another security authentication button in accordance with one embodiment of the present invention;
图 4示出了示出了根据本发明一个实施例的安全鉴定操作的询问示意图; 图 5示出了根据本发明一个实施例的显示界面显示正在鉴定请稍候的示意图; 图 6示出了根据本发明一个实施例的网址安全鉴定信息为可信度较高的显示界 面的示意图;  4 is a schematic diagram showing an inquiry of a security authentication operation according to an embodiment of the present invention; FIG. 5 is a schematic diagram showing a display interface display being authenticated according to an embodiment of the present invention; FIG. The web site security authentication information according to an embodiment of the present invention is a schematic diagram of a display interface with higher credibility;
图 7示出了根据本发明一个实施例的网址安全鉴定信息为可信度较低的显示界 面的示意图;  7 is a schematic diagram showing a URL security authentication information as a display interface with low credibility according to an embodiment of the present invention;
图 8示出了根据本发明一个实施例的网址安全鉴定信息为可信度一般的显示界 面的示意图;  FIG. 8 is a schematic diagram showing a URL security authentication information as a generalized display interface according to an embodiment of the present invention; FIG.
图 9示出了根据本发明一个实施例的纠错的示意图; 图 10示出了根据本发明一个实施例的提交成功的示意图; Figure 9 is a diagram showing error correction according to an embodiment of the present invention; Figure 10 is a diagram showing the success of a submission in accordance with one embodiment of the present invention;
图 11示出了根据本发明一个实施例的鉴定失败的示意图;  Figure 11 shows a schematic diagram of authentication failure in accordance with one embodiment of the present invention;
图 12示出了根据本发明一个实施例的另一种鉴定失败的示意图;  Figure 12 is a diagram showing another authentication failure in accordance with one embodiment of the present invention;
图 13 示出了根据本发明一个实施例的显示网址安全鉴定信息的装置的结构示 意图;  Figure 13 is a diagram showing the structure of an apparatus for displaying web site security authentication information according to an embodiment of the present invention;
图 14 示意性地示出了用于执行根据本发明的显示网址安全鉴定信息的方法的 计算设备的框图; 以及  Figure 14 is a block diagram schematically showing a computing device for performing a method of displaying web address security authentication information in accordance with the present invention;
图 15 示意性地示出了用于保持或者携带实现根据本发明的显示网址安全鉴定 信息的方法的程序代码的存储单元。 具体实施方式  Fig. 15 schematically shows a storage unit for holding or carrying program code for implementing the method of displaying URL authentication information according to the present invention. detailed description
下面结合附图和具体的实施方式对本发明作进一步的描述。  The invention is further described below in conjunction with the drawings and specific embodiments.
在此提供的算法和显示不与任何特定计算机、虚拟系统或者其它设备固有相关。 各种通用系统也可以与基于在此的示教一起使用。 根据上面的描述, 构造这类系统 所要求的结构是显而易见的。 此外, 本发明也不针对任何特定编程语言。 应当明白, 可以利用各种编程语言实现在此描述的本发明的内容, 并且上面对特定语言所做的 描述是为了披露本发明的最佳实施方式。  The algorithms and displays provided herein are not inherently related to any particular computer, virtual system, or other device. Various general purpose systems can also be used with the teaching based on the teachings herein. According to the above description, the structure required to construct such a system is obvious. Moreover, the invention is not directed to any particular programming language. It is to be understood that the present invention may be embodied in a variety of programming language, and the description of the specific language is described above for the purpose of illustrating the preferred embodiments of the invention.
为解决上述技术问题,本发明实施例提供了一种显示网址安全鉴定信息的方法。 图 1 示出了根据本发明一个实施例的显示网址安全鉴定信息的方法的流程示意图。 参见图 1, 本方法包括步骤 S102至步骤 S106。  To solve the above technical problem, an embodiment of the present invention provides a method for displaying web site security authentication information. FIG. 1 is a flow chart showing a method of displaying web site security authentication information according to an embodiment of the present invention. Referring to Figure 1, the method includes steps S102 to S106.
步骤 S102、 发送由用户触发的对于当前加载页面的安全鉴定信息获取请求; 步骤 S104、接收服务器侧响应于安全鉴定信息获取请求而返回的当前加载页面 的网址安全鉴定信息;  Step S102: Send a security authentication information acquisition request that is triggered by the user for the current loading page. Step S104: Receive, by the server, the URL security authentication information of the current loading page that is returned in response to the security authentication information obtaining request.
步骤 S106、 将接收的网址安全鉴定信息显示在浏览器侧。  Step S106: Display the received web site security authentication information on the browser side.
在本发明实施例中, 对于当前加载页面 (不论其是否是黑名单或白名单中记录 的网址) , 当用户触发安全鉴定信息获取请求后, 将该请求发送出去。 后续接收服 务器侧响应该安全鉴定信息获取请求而返回的当前加载页面的网址安全鉴定信息, 进而将获得的信息显示在浏览器侧, 以方便用户获知其正在浏览的网址的安全性。 艮卩, 在本发明实施例中, 可以对任何网址均可进行网址安全鉴定, 用户直接直观地 了解当前加载页面的网址安全鉴定信息, 有助于用户选择是否继续浏览该网址。 若 得到的网址安全鉴定信息显示该网址不值得信任, 用户可以选择关闭该网址, 大大 降低了用户的信息参数 (例如隐私信息、 账户信息等) 被不信任网址获取的可能性, 从而提高了网络浏览的安全性。 In the embodiment of the present invention, for the currently loaded page (whether or not it is a blacklist or a web address recorded in the whitelist), when the user triggers the security authentication information acquisition request, the request is sent out. The URL security authentication information of the current loading page returned by the receiving server side in response to the security authentication information obtaining request is displayed, and the obtained information is displayed on the browser side to facilitate the user to know the security of the website being browsed. In the embodiment of the present invention, the URL security authentication may be performed on any website, and the user directly and intuitively understands the website security identification information of the currently loaded page, which helps the user select whether to continue browsing the website. If the obtained website security authentication information indicates that the website address is not trustworthy, the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are obtained by the untrusted website. Thereby improving the security of web browsing.
其中, 本发明实施例中提及的网址安全鉴定信息为根据下列各项参数中的至少 之一对当前加载页面对应的网址进行的安全鉴定生成的安全信息权值: 黑名单、 白 名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP 地址、 注册人、 支付页 面、 网页结构特征。 当然, 在具体实施时, 各项参数包括但不限于上述列举出的具 体项。 在安全鉴定过程中, 不同参数对应不同的安全信息权值。  The URL security authentication information mentioned in the embodiment of the present invention is a security information weight generated by security authentication performed on at least one of the following parameters: a blacklist, a whitelist, and an independent Visitor access, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics. Of course, in the specific implementation, various parameters include, but are not limited to, the specific items listed above. In the security authentication process, different parameters correspond to different security information weights.
本发明实施例提供了一种优选的参数组合方式, 在本例中, 为不同的安全级别 设置一定的格式, 例如用多位数字以及间隔符组成的格式、 用多位英文字母以及间 隔符组成的格式等等。 实施时可以设置不同数字所代表的内容。 此处提到的内容有 多种含义, 包括但不限于网址的可信度、 网页显示内容等等。  The embodiment of the present invention provides a preferred parameter combination manner. In this example, a certain format is set for different security levels, for example, a format consisting of multiple digits and a spacer, and multiple English letters and spacers are used. Format and so on. The content represented by different numbers can be set during implementation. The content mentioned here has many meanings, including but not limited to the credibility of the URL, the content displayed on the web page, and so on.
假设采用一种三位的格式, 则可以设置第一位为主类型 (type ) , 第二位为子 类型 (sub-type) , 而第三位为内容 (sc, 通常表示危险内容类别) 。 其中, 前 2位 表示危险级别, 第三位表示危险内容。 若网址较为简单, 则也可以只采用前两位, 不需要对危险内容进行分类。  Assuming a three-digit format, the first bit can be set to the main type (type), the second bit to the subtype (sub-type), and the third bit to the content (sc, which usually represents a dangerous content category). Among them, the first two digits indicate the danger level and the third digit indicates the dangerous content. If the URL is simpler, you can also use only the first two digits, and you don't need to classify dangerous content.
以三位格式为例, 例如, 60-10-109, 代表欺骗弹窗类, 其中, 第一位 60 和第 二位 10表示网址有一定风险, 而 109表示内容类型。 同理, 60-10- 108可以表示钓鱼 广告类。  For example, the three-digit format, for example, 60-10-109, represents a fraudulent popup class, where the first 60 and the second digit 10 indicate that the URL has a certain risk, and 109 indicates the content type. Similarly, 60-10-108 can represent fishing advertising.
现以一个具体实例进行说明。 在本例中, 首先根据是否是新网址进行了安全鉴 定。 若是新网址, 即以前从未浏览过的网址, 则定为 15分。 若不是新网址, 则根据 该网址的其他参数信息进行判断。 本例中列举了七个参数, 其中各参数的具体内容 以及各参数的安全信息权值如下。  Now a specific example will be explained. In this case, the security authentication is first based on whether it is a new web address. If it is a new URL, a URL that has never been viewed before, it will be 15 points. If it is not a new URL, it will be judged based on other parameter information of the URL. In this example, seven parameters are listed, and the specific content of each parameter and the security information weight of each parameter are as follows.
Figure imgf000009_0001
需要说明的是, 本例中的参数以及参数的安全信息权值均为列举, 在实际应用 中, 该权值均是可调的, 并不是一成不变的。
Figure imgf000009_0001
It should be noted that the parameters in this example and the security information weights of the parameters are enumerated. In practical applications, the weights are adjustable and are not static.
为方便用户操作, 考虑在当前加载页面的地址栏中加载安全鉴定按钮, 当用户 点击安全鉴定按钮时, 浏览器侧就能够接收到安全鉴定信息获取请求并发送。 图 2 示出了根据本发明一个实施例的安全鉴定按钮的示意图。 图 2 中的地址栏的右侧显 示一个圆镜类的图标, 用户点击该图标, 发出安全鉴定信息获取请求, 从而触发后 续的安全鉴定操作。 图标的具体形状与位置根据具体情况而定, 例如, 图标也可以 是方型。 图 3 示出了根据本发明一个实施例的另一个安全鉴定按钮的示意图。 除圆 型和方型外, 图标还可以是三角型、 多边型等各种图案, 对此并不会造成限定。 同 理, 图标的位置还可以放在除地址栏右侧外的其他位置, 如网址信息显示窗口 (例 如网站名片) 中, 或者当前加载页面中能够显示给用户的其他位置, 优选放在地址 栏右侧, 因其在用户操作网址时能起到较佳的提醒作用。  To facilitate user operation, consider loading the security authentication button in the address bar of the current loading page. When the user clicks the security authentication button, the browser side can receive the security authentication information acquisition request and send it. 2 shows a schematic diagram of a security authentication button in accordance with one embodiment of the present invention. On the right side of the address bar in Figure 2, a circular mirror icon is displayed. The user clicks on the icon to issue a security authentication information acquisition request, which triggers subsequent security authentication operations. The specific shape and position of the icon may be determined on a case-by-case basis. For example, the icon may also be square. FIG. 3 shows a schematic diagram of another security authentication button in accordance with one embodiment of the present invention. In addition to the round and square shapes, the icons can also be triangular, polygonal, and other patterns, which are not limited. Similarly, the location of the icon can also be placed in other locations than the right side of the address bar, such as in the URL information display window (such as a website business card), or other locations in the current loading page that can be displayed to the user, preferably placed in the address bar. On the right side, it is a better reminder when the user operates the URL.
当用户点击图标后, 当前加载页面会弹出显示界面, 其在显示界面中询问用户 是否需要对当前加载页面进行安全鉴定, 并提供 "开始检测" 以及 "取消" 两种方 式。 图 4示出了根据本发明一个实施例的安全鉴定操作的询问示意图。用户点击"开 始检测"后, 即向浏览器侧发起网址安全鉴定信息获取请求。  When the user clicks on the icon, the current loading page will pop up a display interface, which asks the user in the display interface whether it needs to perform security authentication on the currently loaded page, and provides two methods of "start detection" and "cancel". 4 shows a schematic diagram of an inquiry of a security authentication operation in accordance with one embodiment of the present invention. After the user clicks "Start Detection", the web site security authentication information acquisition request is initiated to the browser side.
为服务器侧能够准确对当前加载页面进行安全鉴定, 浏览器侧会将当前加载页 面的网址参数上传至服务器侧。 使用频率较高的为 URL地址, 和 /或, URL解析 IP。 若两者同时上传, 为保证安全性, 可以使用和随机数异或并进行 BASE64后再行上 传。 值得说明的是, 此处的网址参数包括但不限于 URL地址、 URL解析 IP。  The server side can accurately perform security authentication on the currently loaded page, and the browser side uploads the URL parameter of the currently loaded page to the server side. The higher frequency is the URL address, and / or the URL resolves the IP. If both are uploaded at the same time, to ensure security, you can use XOR with random numbers and perform BASE64 before uploading. It is worth noting that the URL parameters here include but are not limited to URL address and URL resolution IP.
例如, 为了保证网址安全鉴定信息能够准确、 唯一地返回浏览器所在终端, 浏 览器侧还可以将加载当前页面的浏览器所在终端的 MID上传至服务器侧。 在服务器 侧的安全鉴定操作结束后, 服务器侧根据 MID将当前加载页面的网址安全鉴定信息 唯一确定返回到指定终端 (即浏览器所在终端) , 然后浏览器侧能够成功接收当前 加载页面的网址安全鉴定信息。  For example, in order to ensure that the URL security authentication information can be accurately and uniquely returned to the terminal where the browser is located, the browser side can also upload the MID of the terminal where the browser that loads the current page is located to the server side. After the security authentication operation on the server side ends, the server side uniquely determines the URL security authentication information of the currently loaded page according to the MID to be returned to the designated terminal (that is, the terminal where the browser is located), and then the browser side can successfully receive the URL security of the currently loaded page. Identification information.
接收到服务器侧发送的网址安全鉴定信息后, 执行步骤 S 106 , 即将网址安全鉴 定信息显示在浏览器侧。 现有的浏览器对于用户体验极为重视, 因此, 在当前加载 页面上加载显示界面, 利用显示界面在当前页面上显示鉴定过程信息, 鉴定结束后, 在显示界面显示网址安全鉴定信息。 即, 除最终的网址安全鉴定信息外, 显示界面 还可以显示鉴定过程信息, 例如正在鉴定请稍候, 或者鉴定到了百分之六十, 或者 显示条形进度之类, 用户就能够清晰获知鉴定到了什么程度, 何时出结果。 图 5 示 出了根据本发明一个实施例的显示界面显示正在鉴定请稍候的示意图。 也有部分用户选择不去关注鉴定过程, 而只需要获取最终结果 (网址安全鉴定 信息) , 那么, 在鉴定过程中, 用户可以选择关闭显示界面。 但是显示界面关闭并 不意味着鉴定过程的关闭, 在服务器侧会继续执行鉴定过程, 直到鉴定结束。 待显 示界面再次被打开时, 在显示界面上显示已得到的网址安全鉴定信息。 若鉴定未结 束, 显示界面再次被打开, 则在显示界面显示当前的鉴定过程信息。 After receiving the URL security authentication information sent by the server side, step S106 is executed, and the website security authentication information is displayed on the browser side. The existing browser attaches great importance to the user experience. Therefore, the display interface is loaded on the current loading page, and the authentication process information is displayed on the current page by using the display interface. After the authentication is completed, the website security identification information is displayed on the display interface. That is, in addition to the final URL security authentication information, the display interface can also display the identification process information, for example, if it is being authenticated, or it is identified as 60%, or the bar progress is displayed, the user can clearly know the identification. To what extent, when is the result. FIG. 5 is a diagram showing a display interface display being identified, please wait a moment, according to an embodiment of the present invention. Some users choose not to pay attention to the authentication process, but only need to obtain the final result (website security authentication information). Then, during the authentication process, the user can choose to close the display interface. However, the display interface is closed and does not mean that the authentication process is closed. The authentication process will continue on the server side until the end of the authentication. When the interface to be displayed is opened again, the obtained URL security authentication information is displayed on the display interface. If the authentication is not completed and the display interface is opened again, the current authentication process information is displayed on the display interface.
其中, 网址安全鉴定信息的显示可以有多种方式, 例如, 可以利用提示语进行 显示, 提示当前加载页面对应的网址有较高的风险性 (即可信度低) , 需要谨慎访 问, 不要输入账户、 密码等信息, 或者, 提示当前加载页面对应的网址有一定的风 险性, 建设不要输入账户、 密码等信息 (即可信度一般) , 或者, 提示当前加载页 面对应的网址是安全网址, 可以放心访问, 类似的提示语 (即可信度高) 。 再例如, 可以利用颜色进行显示, 比如采用红绿色系, 当显示界面为红色时表示当前加载页 面的可信度较低, 当显示界面为黄色或橙色时, 表示当前加载页面的可信度一般, 当显示界面为绿色时, 表示当前加载页面的可信度较高。 再例如, 还可以利用可信 度值进行标记, 例如 0-59表示可信度不高, 60-79表示可信度一般, 80-100表示可 信度较高。 在实际显示时, 利用一项参数或利用多项参数的组合均可。  The URL security authentication information can be displayed in multiple ways. For example, the prompt message can be displayed, and the URL corresponding to the currently loaded page is highly risky (ie, the reliability is low), and needs to be carefully accessed. Account, password, etc., or, suggest that the URL corresponding to the currently loaded page has certain risks. Do not enter information such as account, password, etc. (or the reliability), or prompt that the URL corresponding to the currently loaded page is a secure URL. You can rest assured to access, similar prompts (that is, high reliability). For example, the color can be used for display, for example, red-green color. When the display interface is red, the reliability of the currently loaded page is low. When the display interface is yellow or orange, the reliability of the currently loaded page is generally When the display interface is green, it indicates that the currently loaded page is highly trusted. For example, it is also possible to mark with a confidence value, for example, 0-59 means that the credibility is not high, 60-79 means that the credibility is general, and 80-100 means that the credibility is high. In actual display, one parameter or a combination of multiple parameters can be used.
例如, 结合可信度值与颜色, 则可以在显示界面设置如下:  For example, combined with the credibility value and color, you can set the following on the display interface:
可信度值 0-59 显示红色  Credibility value 0-59 shows red
可信度值 60-79 显示橙色  Credibility value 60-79 shows orange
可信度值 80-100 显示绿色  Credibility value 80-100 shows green
图 6-图 8示出了根据本发明一个实施例的网址安全鉴定信息的显示界面的示意 图。 从图 6-图 8中可以看出, 该显示界面结合了可信度值以及提示语两种参数。 其 中, 可信度的显示框还可以涂以不同的颜色呈现。 图 6表示鉴定结果为可信度较高, 显示框为绿色, 图 7表示鉴定结果为可信度较低, 显示框为红色, 图 8表示鉴定结 果为可信度一般, 显示框为橙色。  6-8 are schematic diagrams showing a display interface of web address security authentication information in accordance with one embodiment of the present invention. As can be seen from Figure 6-8, the display interface combines the two values of the credibility value and the prompt. Among them, the display box of credibility can also be painted in different colors. Figure 6 shows that the authentication result is higher in credibility and the display box is green. Figure 7 shows that the authentication result is lower in credibility and the display box is red. Figure 8 shows that the authentication result is credible and the display box is orange.
在浏览器侧的显示界面显示当前加载页面的网址安全鉴定信息之后, 可以在网 址信息显示窗口中一直显示该网址安全鉴定信息, 无论用户是否打开该网站的网址 都能够看到其网址安全鉴定信息。 还可以根据用户的触发指令显示, 即, 接收用户 在该网址上输入的点击指令, 在网址信息显示窗口中显示网址安全鉴定信息。  After the webpage security authentication information of the currently loaded page is displayed on the display interface of the browser side, the webpage security authentication information may be displayed in the webpage information display window, and the webpage security authentication information can be seen regardless of whether the user opens the webpage of the website. . It can also be displayed according to the user's trigger instruction, that is, receiving the click instruction input by the user on the website, and displaying the website security identification information in the website information display window.
在网址安全鉴定过程中, 通常遇见的恶意网址是伪装成支付网站的钓鱼网站。 钓鱼网站通常伪装成银行及电子商务等网站, 主要危害是窃取用户提交的银行帐号、 密码等私密信息。 所谓 "钓鱼网站" 是一种网络欺诈行为, 指不法分子利用各种手 段, 仿冒真实网站的 URL 地址以及页面内容, 或者利用真实网站服务器程序上的漏 洞在站点的某些网页中插入危险的 HTML代码,以此来骗取用户银行或信用卡账号、 密码等私人资料。 In the process of web site security authentication, the malicious web address that is usually encountered is a phishing website pretending to be a payment website. Phishing websites usually pretend to be websites such as banks and e-commerce. The main hazard is to steal private information such as bank accounts and passwords submitted by users. The so-called "phishing website" is a kind of online fraud. It means that criminals use various means to fake the URL address of the real website and the content of the page, or use the leak on the real website server program. Holes insert dangerous HTML code into certain pages of the site to defraud private data such as user accounts or credit card accounts and passwords.
为方便用户理解, 现以钓鱼网站为例进行说明。 在本例中, 当前加载页面为支 付页面时, 首先要确认其是否是支付网站。 此时, 将当前加载页面的内容与钓鱼网 站的内容进行匹配, 根据匹配结果得到当前加载页面的网址安全鉴定信息。 若相匹 配, 则证明当前加载页面是钓鱼网站, 若不匹配, 则可以进一步对该加载页面的网 址进行分析。  For the convenience of users, the phishing website is taken as an example for explanation. In this case, when the current loading page is a payment page, first check if it is a payment website. At this time, the content of the currently loaded page is matched with the content of the phishing website, and the URL security identification information of the currently loaded page is obtained according to the matching result. If they match, it proves that the current loading page is a phishing website. If it does not match, the website address of the loading page can be further analyzed.
匹配两个网址的方法有多种, 一种较为有效的手段是对 DOM树的结构特征进 行匹配。 由于网页的 DOM树的结构特征是一定的, 因此, 针对当前加载页面内容中 的多个点进行 DOM树识别, 并选取当前加载页面的 DOM树中的结构特征, 并与钓 鱼网站的 DOM树的结构特征进行匹配, 若匹配, 则确认当前加载页面为钓鱼网站。 例如,当前加载页面的 DOM树中第 3层中第 5个元素带有类(class )名称 " alipay", 则认为当前是支付宝网站对应的一个钓鱼网站的结构特征,根据这种 DOM树结构上 的匹配可以判定该网页为钓鱼网站的网页。 随后, 将获得的钓鱼网站的可信度值作 为对该网址的网址安全鉴定信息中的至少一部分。  There are several ways to match two URLs. A more effective way is to match the structural features of the DOM tree. Since the structural feature of the DOM tree of the webpage is certain, the DOM tree is identified for multiple points in the currently loaded page content, and the structural features in the DOM tree of the currently loaded page are selected, and the DOM tree of the phishing website is The structural features are matched. If they match, the current loading page is confirmed as a phishing website. For example, the fifth element in the third layer of the DOM tree of the currently loaded page has the class name "alipay", which is considered to be the structural feature of a phishing website corresponding to the Alipay website, according to the DOM tree structure. The match can determine that the webpage is a webpage of a phishing website. Subsequently, the obtained phishing website's credibility value is taken as at least a part of the web site security authentication information for the web address.
此处提供的钓鱼网站仅仅是恶意网址中的一例, 对其余恶意网址的安全鉴定操 作与对钓鱼网站的安全鉴定操作相类似, 主要是对网页内容(例如 DOM树的结构特 征) 进行识别匹配, 具体操作参见上文, 在此不再赘述。  The phishing website provided here is only one example of a malicious website. The security authentication operation of the remaining malicious websites is similar to the security authentication operation for the phishing website, mainly to identify and match the content of the webpage (for example, the structural features of the DOM tree). For details, see the above, and I will not repeat them here.
本发明实施例中目前所提及的网址安全鉴定信息均是由服务器侧判断得出, 而 用户本身具备判断性及主动性, 因此, 用户可能对接收到的某个网址安全鉴定信息 不满意。 此时, 可以在显示界面接收用户输入的纠错信息, 其中, 纠错信息中包括 对于该网址用户认可的可信度值。 图 9 示出了根据本发明一个实施例的纠错的示意 图。 其中, "要纠错的网址"和 "可信度为" 默认显示跳转前页面的完整 URL和可 信度, 不可编辑。 当用户点击 "换一张" 时, 更换验证码。 用户点击 "提交信息" 后, 校验信息输入的完整性和正确性。 输入完成后, 弹出提交成功的提示。 图 10示 出了根据本发明一个实施例的提交成功的示意图。  The URL authentication information currently mentioned in the embodiment of the present invention is determined by the server side, and the user itself is judged and proactive. Therefore, the user may be dissatisfied with the received website security authentication information. At this time, the error correction information input by the user may be received on the display interface, where the error correction information includes a credibility value recognized by the user for the web address. Figure 9 shows a schematic diagram of error correction in accordance with one embodiment of the present invention. Among them, "URL to be corrected" and "Credit" are the default URL and reliability of the page before the jump, which cannot be edited. When the user clicks "change one", the verification code is replaced. After the user clicks "Submit Information", the integrity and correctness of the information input are verified. After the input is completed, a prompt for successful submission will pop up. Figure 10 is a diagram showing the success of a submission in accordance with one embodiment of the present invention.
在鉴定过程中, 结果有两类, 一类是鉴定成功, 另一类则是鉴定失败, 因此, 若网址安全鉴定失败, 在浏览器侧向用户显示鉴定失败信息, 并提示用户是否重试, 根据用户的指令执行后续操作。 鉴定失败理由有多种, 例如, 与服务器侧连接失败、 网络不通、 连接超时、 与云安全中心连接失败等。 图 11-图 12示出了根据本发明一 个实施例的鉴定失败的示意图。  In the identification process, there are two types of results, one is that the authentication is successful, and the other is the authentication failure. Therefore, if the URL security authentication fails, the authentication failure information is displayed to the user on the browser side, and the user is prompted to retry. Follow-up operations are performed according to the user's instructions. There are several reasons for authentication failure, for example, connection failure with the server side, network failure, connection timeout, connection failure with the cloud security center, and so on. Figures 11-12 illustrate schematic diagrams of authentication failures in accordance with one embodiment of the present invention.
由于浏览器本身有大量的执行动作, 在不影响浏览器自身功能的情况下, 优选 使用插件, 将显示网址安全鉴定信息的方法这一功能集成到该插件中, 并嵌入到浏 览器。 使用插件能够在不影响系统稳定性和安全性的前提下, 增加浏览器侧的功能, 提高浏览器侧在浏览网址时的安全性能。 Since the browser itself has a large number of execution actions, it does not affect the browser's own functions. Using the plugin, the ability to display URL security authentication information is integrated into the plugin and embedded in the browser. The use of plug-ins can increase the functionality of the browser side without affecting the stability and security of the system, and improve the security performance of the browser side when browsing the website.
基于同一发明构思,本发明实施例还提供了一种显示网址安全鉴定信息的装置, 用于实现上述任意一个实施例中的显示网址安全鉴定信息的方法。 图 13示出了根据 本发明一个实施例的显示网址安全鉴定信息的装置的结构示意图。 参见图 13, 显示 网址安全鉴定信息的装置至少包括:  Based on the same inventive concept, the embodiment of the present invention further provides an apparatus for displaying webpage security authentication information, which is used to implement the method for displaying webpage security authentication information in any of the above embodiments. FIG. 13 is a block diagram showing the structure of an apparatus for displaying web site security authentication information according to an embodiment of the present invention. Referring to Figure 13, the device for displaying the URL security authentication information includes at least:
发送模块 1310, 配置为发送由用户触发的对于当前加载页面的安全鉴定信息获 取请求;  The sending module 1310 is configured to send a security authentication information obtaining request triggered by the user for the currently loaded page;
接收模块 1320, 与发送模块 1310相耦合, 配置为接收服务器侧响应于安全鉴 定信息获取请求而返回的当前加载页面的网址安全鉴定信息;  The receiving module 1320 is coupled to the sending module 1310, and configured to receive the web site security authentication information of the current loading page returned by the server side in response to the security authentication information obtaining request;
显示模块 1330, 与接收模块 1320相耦合, 配置为将网址安全鉴定信息显示在 浏览器侧。  The display module 1330 is coupled to the receiving module 1320 and configured to display the web site security authentication information on the browser side.
在一个优选实施例中, 网址安全鉴定信息为根据下列各项参数中的至少之一对 当前加载页面对应的网址进行的安全鉴定生成的安全信息权值:  In a preferred embodiment, the web site security authentication information is a security information weight generated by a security authentication of a web address corresponding to the currently loaded page according to at least one of the following parameters:
黑名单、 白名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP地址、 注册人、 支付页面、 网页结构特征; 其中不同参数对应不同的安全信息权值。  Blacklist, whitelist, number of independent visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structure characteristics; wherein different parameters correspond to different security information weights.
在一个优选的实施例中,不同参数在网址安全鉴定信息中所占的权值是可调的。 在一个优选的实施例中, 发送模块 1310还配置为:  In a preferred embodiment, the weights of the different parameters in the URL security authentication information are adjustable. In a preferred embodiment, the sending module 1310 is further configured to:
在当前加载页面的地址栏中加载安全鉴定按钮;  Loading the security authentication button in the address bar of the currently loaded page;
当用户点击安全鉴定按钮时, 接收安全鉴定信息获取请求并发送。  When the user clicks the security authentication button, the security authentication information acquisition request is received and sent.
在一个优选的实施例中, 发送模块 1310还配置为将当前加载页面的 URL和 / 或 URL解析 IP上传至服务器侧。  In a preferred embodiment, the sending module 1310 is further configured to upload the URL of the currently loaded page and/or the URL resolution IP to the server side.
在一个优选的实施例中,发送模块 1310还配置为将加载当前页面的浏览器所在 终端的 MID上传至服务器侧;  In a preferred embodiment, the sending module 1310 is further configured to upload the MID of the terminal where the browser loading the current page is located to the server side;
接收模块 1320还配置为接收当前加载页面的网址安全鉴定信息, 其中, 服务器 侧根据 MID将当前加载页面的网址安全鉴定信息唯一确定返回到终端。  The receiving module 1320 is further configured to receive the web site security authentication information of the currently loaded page, where the server side uniquely determines to return the webpage security authentication information of the currently loaded page to the terminal according to the MID.
在一个优选的实施例中, 显示模块 1330还配置为:  In a preferred embodiment, display module 1330 is further configured to:
在当前加载页面上加载显示界面, 利用显示界面在当前页面上显示鉴定过程信 息, 鉴定结束后, 在显示界面显示网址安全鉴定信息; 以及  Loading the display interface on the current loading page, displaying the authentication process information on the current page by using the display interface, and displaying the website security identification information on the display interface after the identification is completed;
在鉴定过程中, 若关闭显示界面时, 则继续执行鉴定过程, 待显示界面再次被 打开时, 显示网址安全鉴定信息。 在一个优选的实施例中, 显示模块 1330还配置为: During the authentication process, if the display interface is closed, the authentication process is continued, and when the display interface is opened again, the URL security authentication information is displayed. In a preferred embodiment, the display module 1330 is further configured to:
利用可信度值、 颜色、 提示语中的任意一项或多项的组合组成网址安全鉴定信 息;  The web site security authentication information is formed by using a combination of any one or more of credibility values, colors, and prompts;
将获得的网址安全鉴定信息显示在浏览器侧。  The obtained URL security authentication information is displayed on the browser side.
在一个优选的实施例中, 当前加载页面为支付页面时, 将当前加载页面的内容 与钓鱼网站的内容进行匹配; 根据匹配结果得到当前加载页面的网址安全鉴定信息。  In a preferred embodiment, when the current loading page is a payment page, the content of the currently loaded page is matched with the content of the phishing website; and the URL security authentication information of the currently loaded page is obtained according to the matching result.
在一个优选的实施例中, 针对当前加载页面内容中的多个点进行 DOM树识别; 选取当前加载页面的 DOM树中的结构特征, 并与钓鱼网站的 DOM树的结构特征进 行匹配; 若匹配, 则确认当前加载页面为钓鱼网站。  In a preferred embodiment, the DOM tree is identified for multiple points in the currently loaded page content; the structural features in the DOM tree of the currently loaded page are selected, and matched with the structural features of the DOM tree of the phishing website; , confirm that the current loading page is a phishing website.
在一个优选的实施例中, 显示模块 1330还配置为:  In a preferred embodiment, display module 1330 is further configured to:
在网址信息显示窗口中显示网址安全鉴定信息; 或者  Display URL authentication information in the URL information display window; or
接收用户在该网址上输入的点击指令, 在网址信息显示窗口中显示网址安全鉴 定信息。  Receiving the click command input by the user on the web address, and displaying the web address security authentication information in the web address information display window.
在一个优选的实施例中, 显示网址安全鉴定信息的装置还包括纠错模块 1340, 配置为若用户对网址安全鉴定信息不满意, 接收用户输入的纠错信息, 其中, 纠错 信息中包括对于该网址用户认可的可信度值。  In a preferred embodiment, the device for displaying the web site security authentication information further includes an error correction module 1340 configured to receive error correction information input by the user if the user is not satisfied with the web site security authentication information, where the error correction information includes The credibility value recognized by the user of this URL.
在一个优选的实施例中, 显示模块 1330还配置为若网址安全鉴定失败, 在浏览 器侧向用户显示鉴定失败信息, 并提示用户是否重试, 根据用户的指令执行后续操 作。  In a preferred embodiment, the display module 1330 is further configured to display the authentication failure information to the user on the browser side if the URL security authentication fails, and prompt the user to retry, and perform subsequent operations according to the user's instruction.
在一个优选的实施例中, 显示网址安全鉴定信息的装置采用插件的形式嵌入到 浏览器中, 实现相应的功能。  In a preferred embodiment, the means for displaying the web site security authentication information is embedded in the browser in the form of a plug-in to perform the corresponding functions.
在一个优选的实施例中, 当插件以按钮的形式出现在浏览器的地址栏中时, 接 收模块 1320还配置为接收用户在该按钮上的点击操作,触发安全鉴定信息获取请求。  In a preferred embodiment, when the plug-in appears in the address bar of the browser in the form of a button, the receiving module 1320 is further configured to receive a click operation of the user on the button to trigger a secure authentication information acquisition request.
采用本发明能够达到如下有益效果:  The following beneficial effects can be achieved by the invention:
在本发明实施例中, 对于当前加载页面 (不论其是否是黑名单或白名单中记录 的网址) , 当用户触发安全鉴定信息获取请求后, 将该请求发送出去。 后续接收服 务器侧响应该安全鉴定信息获取请求而返回的当前加载页面的网址安全鉴定信息, 进而将获得的信息显示在浏览器侧, 以方便用户获知其正在浏览的网址的安全性。 艮卩, 在本发明实施例中, 可以对任何网址均可进行网址安全鉴定, 用户直接直观地 了解当前加载页面的网址安全鉴定信息, 有助于用户选择是否继续浏览该网址。 若 得到的网址安全鉴定信息显示该网址不值得信任, 用户可以选择关闭该网址, 大大 降低了用户的信息参数 (例如隐私信息、 账户信息等) 被不信任网址获取的可能性, 从而提高了网络浏览的安全性。 In the embodiment of the present invention, for the currently loaded page (whether or not it is a blacklist or a web address recorded in the whitelist), when the user triggers the security authentication information acquisition request, the request is sent out. The URL security authentication information of the current loading page returned by the receiving server side in response to the security authentication information obtaining request is displayed, and the obtained information is displayed on the browser side to facilitate the user to know the security of the website being browsed. In the embodiment of the present invention, the URL security authentication may be performed on any website, and the user directly and intuitively understands the website security identification information of the currently loaded page, which helps the user select whether to continue browsing the website. If the obtained website security authentication information indicates that the website address is not trustworthy, the user may choose to close the website address, which greatly reduces the possibility that the user's information parameters (such as privacy information, account information, etc.) are obtained by the untrusted website. Thereby improving the security of web browsing.
在此处所提供的说明书中, 说明了大量具体细节。 然而, 能够理解, 本发明的实施 例可以在没有这些具体细节的情况下实践。 在一些实例中, 并未详细示出公知的方法、 结构和技术, 以便不模糊对本说明书的理解。  Numerous specific details are set forth in the description provided herein. However, it is understood that the embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures, and techniques are not shown in detail so as not to obscure the understanding of the description.
类似地, 应当理解, 为了精简本公开并帮助理解各个发明方面中的一个或多个, 在 上面对本发明的示例性实施例的描述中, 本发明的各个特征有时被一起分组到单个实施 例、 图、 或者对其的描述中。 然而, 并不应将该公开的方法解释成反映如下意图: 即所 要求保护的本发明要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说, 如下面的权利要求书所反映的那样, 发明方面在于少于前面公开的单个实施例的所有特 征。 因此, 遵循具体实施方式的权利要求书由此明确地并入该具体实施方式, 其中每个 权利要求本身都作为本发明的单独实施例。  Similarly, the various features of the present invention are sometimes grouped together into a single embodiment, in the above description of the exemplary embodiments of the invention, Figure, or a description of it. However, the method disclosed is not to be interpreted as reflecting the intention that the claimed invention requires more features than those recited in the appended claims. Rather, as the following claims reflect, inventive aspects reside in less than all features of the single embodiments disclosed. Therefore, the claims following the specific embodiments are hereby explicitly incorporated into the specific embodiments, each of which claims as a separate embodiment of the invention.
本领域那些技术人员可以理解, 可以对实施例中的设备中的模块进行自适应性地改 变并且把它们设置在与该实施例不同的一个或多个设备中。 可以把实施例中的模块或单 元或组件组合成一个模块或单元或组件, 以及此外可以把它们分成多个子模块或子单元 或子组件。 除了这样的特征和 /或过程或者单元中的至少一些是相互排斥之外, 可以采用 任何组合对本说明书 (包括伴随的权利要求、 摘要和附图) 中公开的所有特征以及如此 公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述,本说明书(包 括伴随的权利要求、 摘要和附图) 中公开的每个特征可以由提供相同、 等同或相似目的 的替代特征来代替。  Those skilled in the art will appreciate that the modules in the devices of the embodiments can be adaptively changed and placed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and further they may be divided into a plurality of sub-modules or sub-units or sub-components. In addition to such features and/or at least some of the processes or units being mutually exclusive, any combination of the features disclosed in the specification, including the accompanying claims, the abstract and the drawings, and any methods so disclosed, or All processes or units of the device are combined. Each feature disclosed in the specification (including the accompanying claims, the abstract and the drawings) may be replaced by alternative features that provide the same, equivalent or similar purpose, unless otherwise stated.
此外, 本领域的技术人员能够理解, 尽管在此所述的一些实施例包括其它实施例中 所包括的某些特征而不是其它特征, 但是不同实施例的特征的组合意味着处于本发明的 范围之内并且形成不同的实施例。 例如, 在下面的权利要求书中, 所要求保护的实施例 的任意之一都可以以任意的组合方式来使用。  In addition, those skilled in the art will appreciate that, although some embodiments described herein include certain features that are not included in other embodiments, and other features, combinations of features of different embodiments are intended to be within the scope of the present invention. Different embodiments are formed and formed. For example, in the following claims, any one of the claimed embodiments can be used in any combination.
本发明的各个部件实施例可以以硬件实现, 或者以在一个或者多个处理器上运行的 软件模块实现, 或者以它们的组合实现。 本领域的技术人员应当理解, 可以在实践中使 用微处理器或者数字信号处理器 (DSP) 来实现根据本发明实施例的显示网址安全鉴定 信息的装置中的一些或者全部部件的一些或者全部功能。 本发明还可以实现为用于执行 这里所描述的方法的一部分或者全部的设备或者装置程序 (例如, 计算机程序和计算机 程序产品) 。 这样的实现本发明的程序可以存储在计算机可读介质上, 或者可以具有一 个或者多个信号的形式。 这样的信号可以从因特网网站上下载得到, 或者在载体信号上 提供, 或者以任何其他形式提供。  The various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components of the device for displaying web site security authentication information in accordance with embodiments of the present invention. . The invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein. Such a program implementing the present invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, or provided on a carrier signal, or provided in any other form.
例如,图 14示出了可以实现根据本发明的显示网址安全鉴定信息的方法的计算设备, 例如客户端。 该计算设备传统上包括处理器 1410和以存储器 1420形式的计算机程序产 品或者计算机可读介质。 存储器 1420可以是诸如闪存、 EEPROM (电可擦除可编程只读 存储器)、 EPROM、硬盘或者 ROM之类的电子存储器。存储器 1420具有用于执行上述 方法中的任何方法步骤的程序代码 1431的存储空间 1430。例如,用于程序代码的存储空 间 1430可以包括分别用于实现上面的方法中的各种步骤的各个程序代码 1431。这些程序 代码可以从一个或者多个计算机程序产品中读出或者写入到这一个或者多个计算机程序 产品中。 这些计算机程序产品包括诸如硬盘, 紧致盘 (CD) 、 存储卡或者软盘之类的程 序代码载体。这样的计算机程序产品通常为如参考图 15所述的便携式或者固定存储单元。 该存储单元可以具有与图 14的计算设备中的存储器 1420类似布置的存储段、 存储空间 等。程序代码可以例如以适当形式进行压縮。通常,存储单元包括计算机可读代码 1431', 即可以由例如诸如 1410之类的处理器读取的代码, 这些代码当由计算设备运行时, 导致 该计算设备执行上面所描述的方法中的各个步骤。 For example, FIG. 14 illustrates a computing device that can implement a method of displaying web address security authentication information in accordance with the present invention, For example, the client. The computing device conventionally includes a processor 1410 and a computer program product or computer readable medium in the form of a memory 1420. The memory 1420 may be an electronic memory such as a flash memory, an EEPROM (Electrically Erasable Programmable Read Only Memory), an EPROM, a hard disk, or a ROM. Memory 1420 has a memory space 1430 for program code 1431 for performing any of the method steps described above. For example, storage space 1430 for program code may include various program code 1431 for implementing various steps in the above methods, respectively. The program code can be read from or written to one or more computer program products. These computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks. Such a computer program product is typically a portable or fixed storage unit as described with reference to FIG. The storage unit may have storage segments, storage spaces, and the like that are similar to the storage 1420 in the computing device of FIG. The program code can be compressed, for example, in an appropriate form. Typically, the storage unit includes computer readable code 1431', ie, code that can be read by a processor, such as, for example, 1410, which when executed by a computing device causes the computing device to perform each of the methods described above step.
本文中所称的 "一个实施例" 、 "实施例"或者 "一个或者多个实施例"意味着, 结合实施例描述的特定特征、 结构或者特性包括在本发明的至少一个实施例中。 此外, 请注意, 这里 "在一个实施例中" 的词语例子不一定全指同一个实施例。  "an embodiment," or "one or more embodiments" as used herein means that the particular features, structures, or characteristics described in connection with the embodiments are included in at least one embodiment of the invention. In addition, it should be noted that the phrase "in one embodiment" herein does not necessarily refer to the same embodiment.
应该注意的是上述实施例对本发明进行说明而不是对本发明进行限制, 并且本领域 技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。 在权利要求中, 不应将位于括号之间的任何参考符号构造成对权利要求的限制。 单词 "包含"不排除存 在未列在权利要求中的元件或步骤。 位于元件之前的单词 "一"或 "一个"不排除存在 多个这样的元件。 本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的 计算机来实现。 在列举了若干装置的单元权利要求中, 这些装置中的若干个可以是通过 同一个硬件项来具体体现。 单词第一、 第二、 以及第三等的使用不表示任何顺序。 可将 这些单词解释为名称。  It is to be noted that the above-described embodiments are illustrative of the invention and are not intended to limit the scope of the invention, and those skilled in the art can devise alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as a limitation. The word "comprising" does not exclude the presence of the elements or steps that are not in the claims. The word "a" or "an" preceding a component does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item. The use of the words first, second, and third does not indicate any order. These words can be interpreted as names.
此外, 还应当注意, 本说明书中使用的语言主要是为了可读性和教导的目的而选择 的, 而不是为了解释或者限定本发明的主题而选择的。 因此, 在不偏离所附权利要求书 的范围和精神的情况下, 对于本技术领域的普通技术人员来说许多修改和变更都是显而 易见的。 对于本发明的范围, 对本发明所做的公开是说明性的, 而非限制性的, 本发明 的范围由所附权利要求书限定。  In addition, it should be noted that the language used in the specification has been selected for the purpose of readability and teaching, and is not intended to be construed or limited. Therefore, many modifications and variations will be apparent to those of ordinary skill in the art. The disclosure of the present invention is intended to be illustrative, and not restrictive, and the scope of the invention is defined by the appended claims.

Claims

权 利 要 求 Rights request
1、 一种显示网址安全鉴定信息的方法, 包括: 1. A method for displaying website security authentication information, including:
发送由用户触发的对于当前加载页面的安全鉴定信息获取请求; Send a request triggered by the user to obtain security authentication information for the currently loaded page;
接收服务器侧响应于所述安全鉴定信息获取请求而返回的当前加载页面的网址 安全鉴定信息; Receive the security authentication information of the URL of the currently loaded page returned by the server side in response to the security authentication information acquisition request;
将所述网址安全鉴定信息显示在浏览器侧。 The website security authentication information is displayed on the browser side.
2、 根据权利要求 1所述的方法, 其中, 所述网址安全鉴定信息为根据下列各项 参数中的至少之一对当前加载页面对应的网址进行的安全鉴定生成的安全信息权 值: 2. The method according to claim 1, wherein the website security authentication information is a security information weight generated by a security authentication of the website corresponding to the currently loaded page based on at least one of the following parameters:
黑名单、 白名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP地址、 注册人、 支付页面、 网页结构特征; 其中不同参数对应不同的安全信息权值。 Blacklist, whitelist, number of unique visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structural characteristics; different parameters correspond to different security information weights.
3、 根据权利要求 2所述的方法, 其中, 不同参数在所述网址安全鉴定信息中所 占的权值是可调的。 3. The method according to claim 2, wherein the weights of different parameters in the website security authentication information are adjustable.
4、 根据权利要求 1至 3任一项所述的方法, 其中, 所述发送由用户触发的对于 当前加载页面的安全鉴定信息获取请求, 包括- 在当前加载页面的地址栏中加载安全鉴定按钮; 4. The method according to any one of claims 1 to 3, wherein said sending a user-triggered security authentication information acquisition request for the currently loaded page includes - loading a security authentication button in the address bar of the currently loaded page. ;
当所述用户点击所述安全鉴定按钮时,接收所述安全鉴定信息获取请求并发送。 When the user clicks the security authentication button, the security authentication information acquisition request is received and sent.
5、 根据权利要求 1至 4任一项所述的方法, 其中, 发送所述安全鉴定信息获取 请求之后, 接收所述服务器侧返回的当前加载页面的网址安全鉴定信息之前, 还包 括: 将当前加载页面的 URL和 /或 URL解析 IP上传至服务器侧。 5. The method according to any one of claims 1 to 4, wherein, after sending the security authentication information acquisition request and before receiving the URL security authentication information of the currently loaded page returned by the server side, it further includes: The URL of the loaded page and/or the URL resolution IP are uploaded to the server side.
6、 根据权利要求 5所述的方法, 其中, 还包括: 将加载当前页面的浏览器所在 终端的 MID上传至服务器侧; 以及 6. The method according to claim 5, further comprising: uploading the MID of the terminal where the browser loading the current page is located to the server side; and
接收当前加载页面的网址安全鉴定信息, 其中, 所述服务器侧根据所述 MID将 当前加载页面的网址安全鉴定信息唯一确定返回到所述终端。 Receive the URL security authentication information of the currently loaded page, wherein the server side uniquely determines and returns the URL security authentication information of the currently loaded page to the terminal according to the MID.
7、 根据权利要求 1至 6任一项所述的方法, 其中, 将所述网址安全鉴定信息显 示在浏览器侧, 包括: 7. The method according to any one of claims 1 to 6, wherein displaying the website security authentication information on the browser side includes:
在当前加载页面上加载显示界面, 利用所述显示界面在所述当前页面上显示鉴 定过程信息, 鉴定结束后, 在所述显示界面显示所述网址安全鉴定信息; 以及 Load a display interface on the currently loaded page, use the display interface to display the authentication process information on the current page, and after the authentication is completed, display the website security authentication information on the display interface; and
在鉴定过程中, 若关闭所述显示界面时, 则继续执行鉴定过程, 待所述显示界 面再次被打开时, 显示所述网址安全鉴定信息。 During the authentication process, if the display interface is closed, the authentication process continues, and when the display interface is opened again, the website security authentication information is displayed.
8、 根据权利要求 1至 7任一项所述的方法, 其中, 将所述网址安全鉴定信息显 示在浏览器侧, 包括: 8. The method according to any one of claims 1 to 7, wherein the website security identification information is displayed Displayed on the browser side, including:
利用可信度值、 颜色、 提示语中的任意一项或多项的组合组成所述网址安全鉴 定信息; Use any one or a combination of any one or more of the credibility value, color, and prompt to form the website security authentication information;
将获得的所述网址安全鉴定信息显示在浏览器侧。 The obtained website security authentication information is displayed on the browser side.
9、 根据权利要求 1至 8任一项所述的方法, 其中, 所述当前加载页面为支付页 面时, 9. The method according to any one of claims 1 to 8, wherein when the currently loaded page is a payment page,
将当前加载页面的内容与恶意网址的网页内容进行匹配; Match the content of the currently loaded page with the web content of the malicious URL;
根据匹配结果得到当前加载页面的网址安全鉴定信息。 Obtain the URL security authentication information of the currently loaded page based on the matching results.
10、 根据权利要求 9所述的方法, 其中, 所述将当前加载页面的内容与恶意网 址的网页内容进行匹配, 包括: 10. The method according to claim 9, wherein matching the content of the currently loaded page with the web page content of the malicious URL includes:
针对当前加载页面内容中的多个点进行 D0M树识别; Perform D0M tree identification for multiple points in the content of the currently loaded page;
选取当前加载页面的 D0M树中的结构特征, 并与恶意网址的 D0M树的结构特征 进行匹配; Select the structural features in the DOM tree of the currently loaded page and match them with the structural features of the DOM tree of the malicious URL;
若匹配, 则确认当前加载页面为恶意网址的网页, 并获得恶意网址对应的可信 度值作为所述网址安全鉴定信息的至少一部分。 If there is a match, it is confirmed that the currently loaded page is a webpage with a malicious URL, and the credibility value corresponding to the malicious URL is obtained as at least part of the URL security authentication information.
11、 根据权利要求 1至 10任一项所述的方法, 其中, 将所述网址安全鉴定信息 显示在浏览器侧, 包括: 11. The method according to any one of claims 1 to 10, wherein displaying the website security authentication information on the browser side includes:
在网址信息显示窗口中显示所述网址安全鉴定信息; 或者 Display the website security authentication information in the website information display window; or
接收所述用户在该网址上输入的点击指令, 在网址信息显示窗口中显示所述网 址安全鉴定信息。 Receive the click instruction input by the user on the website, and display the website security authentication information in the website information display window.
12、 根据权利要求 1至 1 1任一项所述的方法, 其中, 还包括: 12. The method according to any one of claims 1 to 11, further comprising:
若所述用户对所述网址安全鉴定信息不满意, 接收所述用户输入的纠错信息, 其中, 所述纠错信息中包括对于该网址所述用户认可的可信度值。 If the user is not satisfied with the website security authentication information, error correction information input by the user is received, wherein the error correction information includes a credibility value approved by the user for the website.
13、 根据权利要求 1至 12任一项所述的方法, 其中, 还包括: 13. The method according to any one of claims 1 to 12, further comprising:
若网址安全鉴定失败, 在浏览器侧向所述用户显示鉴定失败信息, 并提示所述 用户是否重试, 根据所述用户的指令执行后续操作。 If the website security authentication fails, authentication failure information is displayed to the user on the browser side, and the user is prompted whether to try again, and subsequent operations are performed according to the user's instructions.
14、 根据权利要求 1至 13任一项所述的方法, 其中, 所述方法以插件的形式嵌 入到浏览器中实现。 14. The method according to any one of claims 1 to 13, wherein the method is implemented by being embedded in a browser in the form of a plug-in.
15、 根据权利要求 14所述的方法, 其中, 所述插件以按钮的形式出现在浏览器 的地址栏中时, 15. The method according to claim 14, wherein when the plug-in appears in the address bar of the browser in the form of a button,
接收所述用户在所述按钮上的点击操作, 触发所述安全鉴定信息获取请求。 Receive the user's click operation on the button to trigger the security authentication information acquisition request.
16、 一种显示网址安全鉴定信息的装置, 包括: 发送模块, 配置为发送由用户触发的对于当前加载页面的安全鉴定信息获取请 求; 16. A device for displaying website security authentication information, including: The sending module is configured to send a user-triggered security authentication information acquisition request for the currently loaded page;
接收模块, 配置为接收服务器侧响应于所述安全鉴定信息获取请求而返回的当 前加载页面的网址安全鉴定信息; A receiving module configured to receive the URL security authentication information of the currently loaded page returned by the server side in response to the security authentication information acquisition request;
显示模块, 配置为将所述网址安全鉴定信息显示在浏览器侧。 The display module is configured to display the website security authentication information on the browser side.
17、 根据权利要求 16所述的装置, 其中, 所述网址安全鉴定信息为根据下列各 项参数中的至少之一对当前加载页面对应的网址进行的安全鉴定生成的安全信息权 值- 黑名单、 白名单、 独立访客访问数、 服务器位置、 注册时间、 域名、 IP地址、 注册人、 支付页面、 网页结构特征; 其中不同参数对应不同的安全信息权值。 17. The device according to claim 16, wherein the website security authentication information is a security information weight generated by performing security authentication on the website corresponding to the currently loaded page based on at least one of the following parameters - blacklist , whitelist, number of unique visitor visits, server location, registration time, domain name, IP address, registrant, payment page, web page structural characteristics; different parameters correspond to different security information weights.
18、 根据权利要求 17所述的装置, 其中, 不同参数在所述网址安全鉴定信息中 所占的权值是可调的。 18. The device according to claim 17, wherein the weights of different parameters in the website security authentication information are adjustable.
19、 根据权利要求 16至 18任一项所述的装置, 其中, 所述发送模块还配置为: 在当前加载页面的地址栏中加载安全鉴定按钮; 19. The device according to any one of claims 16 to 18, wherein the sending module is further configured to: load a security authentication button in the address bar of the currently loaded page;
当所述用户点击所述安全鉴定按钮时,接收所述安全鉴定信息获取请求并发送。 When the user clicks the security authentication button, the security authentication information acquisition request is received and sent.
20、 根据权利要求 16至 19任一项所述的装置, 其中, 所述发送模块还配置为 将当前加载页面的 URL和 /或 URL解析 IP上传至服务器侧。 20. The device according to any one of claims 16 to 19, wherein the sending module is further configured to upload the URL and/or URL parsing IP of the currently loaded page to the server side.
21、 根据权利要求 20所述的装置, 其中, 所述发送模块还配置为将加载当前页 面的浏览器所在终端的 MID上传至服务器侧; 21. The device according to claim 20, wherein the sending module is further configured to upload the MID of the terminal where the browser that loads the current page is located to the server side;
所述接收模块还配置为接收当前加载页面的网址安全鉴定信息, 其中, 所述服 务器侧根据所述 MID将当前加载页面的网址安全鉴定信息唯一确定返回到所述终端。 The receiving module is also configured to receive the URL security authentication information of the currently loaded page, wherein the server side uniquely determines and returns the URL security authentication information of the currently loaded page to the terminal according to the MID.
22、 根据权利要求 16至 21任一项所述的装置, 其中, 所述显示模块还配置为: 在当前加载页面上加载显示界面, 利用所述显示界面在所述当前页面上显示鉴 定过程信息, 鉴定结束后, 在所述显示界面显示所述网址安全鉴定信息; 以及 22. The device according to any one of claims 16 to 21, wherein the display module is further configured to: load a display interface on the currently loaded page, and use the display interface to display identification process information on the current page. , after the authentication is completed, display the website security authentication information on the display interface; and
在鉴定过程中, 若关闭所述显示界面时, 则继续执行鉴定过程, 待所述显示界 面再次被打开时, 显示所述网址安全鉴定信息。 During the authentication process, if the display interface is closed, the authentication process continues, and when the display interface is opened again, the website security authentication information is displayed.
23、 根据权利要求 16至 22任一项所述的装置, 其中, 所述显示模块还配置为: 利用可信度值、 颜色、 提示语中的任意一项或多项的组合组成所述网址安全鉴 定信息; 23. The device according to any one of claims 16 to 22, wherein the display module is further configured to: use any one or a combination of a credibility value, a color, and a prompt to form the website address. Security identification information;
将获得的所述网址安全鉴定信息显示在浏览器侧。 The obtained website security authentication information is displayed on the browser side.
24、 根据权利要求 16至 23任一项所述的装置, 其中, 所述显示模块还配置为: 在网址信息显示窗口中显示所述网址安全鉴定信息; 或者 接收所述用户在该网址上输入的点击指令, 在网址信息显示窗口中显示所述网 址安全鉴定信息。 24. The device according to any one of claims 16 to 23, wherein the display module is further configured to: display the website security authentication information in the website information display window; or Receive the click instruction input by the user on the website, and display the website security authentication information in the website information display window.
25、 根据权利要求 16至 24任一项所述的装置, 其中, 还包括: 25. The device according to any one of claims 16 to 24, further comprising:
纠错模块, 配置为若所述用户对所述网址安全鉴定信息不满意, 接收所述用户 输入的纠错信息, 其中, 所述纠错信息中包括对于该网址所述用户认可的可信度值。 The error correction module is configured to receive error correction information input by the user if the user is not satisfied with the website security authentication information, wherein the error correction information includes the credibility of the user's approval of the website. value.
26、 根据权利要求 16至 25任一项所述的装置, 其中, 所述显示模块还配置为 若网址安全鉴定失败, 在浏览器侧向所述用户显示鉴定失败信息, 并提示所述用户 是否重试, 根据所述用户的指令执行后续操作。 26. The device according to any one of claims 16 to 25, wherein the display module is further configured to display authentication failure information to the user on the browser side if the website security authentication fails, and prompt the user whether Try again and perform subsequent operations according to the user's instructions.
27、 根据权利要求 16至 26任一项所述的装置, 其中, 所述装置采用插件的形 式嵌入到浏览器中。 27. The device according to any one of claims 16 to 26, wherein the device is embedded in the browser in the form of a plug-in.
28、 根据权利要求 16至 27任一项所述的装置, 其中, 所述插件以按钮的形式 出现在浏览器的地址栏中时, 28. The device according to any one of claims 16 to 27, wherein when the plug-in appears in the address bar of the browser in the form of a button,
所述接收模块还配置为接收所述用户在所述按钮上的点击操作, 触发所述安全 鉴定信息获取请求。 The receiving module is further configured to receive the user's click operation on the button and trigger the security authentication information acquisition request.
29、 一种计算机程序, 包括计算机可读代码, 当所述计算机可读代码在计算设 备上运行时, 导致所述计算设备执行根据权利要求 1至 15中的任一个所述的显示网 址安全鉴定信息的方法。 29. A computer program, comprising computer readable code, which, when run on a computing device, causes the computing device to perform the display URL security authentication according to any one of claims 1 to 15 information method.
30、 一种计算机可读介质, 其中存储了如权利要求 29所述的计算机程序。 30. A computer-readable medium in which the computer program according to claim 29 is stored.
PCT/CN2014/071411 2013-02-01 2014-01-24 Method and device for displaying web address safety evaluation information WO2014117687A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310042234.8 2013-02-01
CN201310042234.8A CN103118026B (en) 2013-02-01 2013-02-01 Show the method and device of network address secure authentication information

Publications (1)

Publication Number Publication Date
WO2014117687A1 true WO2014117687A1 (en) 2014-08-07

Family

ID=48416300

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/071411 WO2014117687A1 (en) 2013-02-01 2014-01-24 Method and device for displaying web address safety evaluation information

Country Status (2)

Country Link
CN (1) CN103118026B (en)
WO (1) WO2014117687A1 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103118026B (en) * 2013-02-01 2017-07-11 北京奇虎科技有限公司 Show the method and device of network address secure authentication information
CN103634317A (en) * 2013-11-28 2014-03-12 北京奇虎科技有限公司 Method and system of performing safety appraisal on malicious web site information on basis of cloud safety
CN104852883A (en) * 2014-02-14 2015-08-19 腾讯科技(深圳)有限公司 Method and system for protecting safety of account information
CN103888465B (en) * 2014-03-28 2017-07-18 新浪网技术(中国)有限公司 A kind of webpage kidnaps detection method and device
CN106686599B (en) * 2015-11-05 2020-10-20 创新先进技术有限公司 Method and equipment for risk management of application information
CN105610812B (en) * 2015-12-24 2019-12-06 北京奇虎科技有限公司 Method and device for preventing webpage from being hijacked
CN107508809B (en) * 2017-08-17 2020-10-23 腾讯科技(深圳)有限公司 Method and device for identifying website type
CN110020252B (en) * 2017-12-30 2022-04-22 惠州学院 Method and system for identifying harmful video based on trailer content
CN110020256A (en) * 2017-12-30 2019-07-16 惠州学院 The method and system of the harmful video of identification based on User ID and trailer content
CN110020251A (en) * 2017-12-30 2019-07-16 惠州学院 The method and system of the harmful video of identification based on User IP and trailer content

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007078037A1 (en) * 2006-01-04 2007-07-12 Sung Yub Kim Web page protection method employing security appliance and set-top box having the security appliance built therein
CN102195971A (en) * 2011-03-24 2011-09-21 北京思创银联科技股份有限公司 Website access control method
CN102739675A (en) * 2012-06-28 2012-10-17 奇智软件(北京)有限公司 Detection method and device of website security
CN102882886A (en) * 2012-10-17 2013-01-16 北京奇虎科技有限公司 Network terminal and method for presenting visited website associated information
CN103118026A (en) * 2013-02-01 2013-05-22 北京奇虎科技有限公司 Method and device for displaying web address security identification information

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007078037A1 (en) * 2006-01-04 2007-07-12 Sung Yub Kim Web page protection method employing security appliance and set-top box having the security appliance built therein
CN102195971A (en) * 2011-03-24 2011-09-21 北京思创银联科技股份有限公司 Website access control method
CN102739675A (en) * 2012-06-28 2012-10-17 奇智软件(北京)有限公司 Detection method and device of website security
CN102882886A (en) * 2012-10-17 2013-01-16 北京奇虎科技有限公司 Network terminal and method for presenting visited website associated information
CN103118026A (en) * 2013-02-01 2013-05-22 北京奇虎科技有限公司 Method and device for displaying web address security identification information

Also Published As

Publication number Publication date
CN103118026A (en) 2013-05-22
CN103118026B (en) 2017-07-11

Similar Documents

Publication Publication Date Title
WO2014117687A1 (en) Method and device for displaying web address safety evaluation information
US20230245120A1 (en) Secure in-line payments
US11140150B2 (en) System and method for secure online authentication
US8296844B2 (en) Protection against impersonation attacks
WO2017101865A1 (en) Data processing method and device
WO2015096528A1 (en) Method and device for detecting security of online shopping environment
WO2014063520A1 (en) Method and apparatus for determining phishing website
US10015191B2 (en) Detection of man in the browser style malware using namespace inspection
US10666656B2 (en) Systems and methods for protecting users from malicious content
US9081985B1 (en) System and method for operating a computing device in a secure mode
WO2013060186A1 (en) Method and apparatus for processing website address risk detection
BRPI0620509A2 (en) wireless internet service server authentication and installation for use
CN105323210A (en) Method, apparatus and cloud server for detecting website security
Kerschbaum Simple cross-site attack prevention
Sun et al. Model checking for the defense against cross-site scripting attacks
WO2017219733A1 (en) Method and device for responding to request
US20130160132A1 (en) Cross-site request forgery protection
US11082437B2 (en) Network resources attack detection
Kellezi et al. Securing Open Banking with Model‐View‐Controller Architecture and OWASP
WO2017053206A1 (en) Passive web application firewall
US20170149777A1 (en) Systems and method for cross-channel device binding
US8261328B2 (en) Trusted electronic communication through shared vulnerability
CN105574724B (en) Safety payment protection method, safety application client, safety server and system
JP5760057B2 (en) Security server, user terminal, web page identification method, security server program
US20100005521A1 (en) Method of Securing Password in Web Page and Computer-Readable Recording Medium Storing Program for Executing the Same

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14746173

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 14746173

Country of ref document: EP

Kind code of ref document: A1