CN105119909A - Fake website detection method and fake website detection system based on page visual similarity - Google Patents
Fake website detection method and fake website detection system based on page visual similarity Download PDFInfo
- Publication number
- CN105119909A CN105119909A CN201510434950.XA CN201510434950A CN105119909A CN 105119909 A CN105119909 A CN 105119909A CN 201510434950 A CN201510434950 A CN 201510434950A CN 105119909 A CN105119909 A CN 105119909A
- Authority
- CN
- China
- Prior art keywords
- detected
- website
- station address
- list
- similarity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 22
- 230000000007 visual effect Effects 0.000 title claims abstract description 12
- 238000000034 method Methods 0.000 claims abstract description 9
- 230000008878 coupling Effects 0.000 claims description 24
- 238000010168 coupling process Methods 0.000 claims description 24
- 238000005859 coupling reaction Methods 0.000 claims description 24
- 239000000284 extract Substances 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 3
- 238000011156 evaluation Methods 0.000 claims description 3
- 230000009191 jumping Effects 0.000 claims description 3
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 2
- 230000001105 regulatory effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000009792 diffusion process Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T7/00—Image analysis
- G06T7/0002—Inspection of images, e.g. flaw detection
- G06T7/0004—Industrial image inspection
- G06T7/001—Industrial image inspection using an image reference approach
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Computer Vision & Pattern Recognition (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a fake website detection method and a fake website detection system based on page visual similarity. The fake website detection method comprises the following steps: acquiring a website address list to be detected; matching websites addresses in the list with a preset white list one by one, and allowing a user to access the website address and adding a white list tag to the website address if the website address is matched with the preset white list; or matching the current website address with a preset black list, and prohibiting the user from accessing the website address and adding a black list tag to the website address if the current website address is matched with the preset black list; if the current network address is neither in the preset white list nor in the preset black list, measuring the similarity between webpage content corresponding to the website address list to be detected and the preset white list to obtain the maximum similarity value, and comparing the maximum similarity value with a preset threshold T; and judging whether there is a website address not added with a tag in the website address list to be detected, carrying out detection again if there is a website address not added with a tag in the website address list to be detected, or ending the process. Through fake website detection by the method, the probability that users access fake websites is reduced to a certain extent, and loss brought by mistaken access to fake websites is reduced.
Description
Technical field
The present invention relates to a kind of detection method and system, be specifically related to a kind of counterfeit website detection method based on Webpage visual similarity and system.
Background technology
Counterfeit website, is a kind of attack pattern being carried out online fraudulent activity by phisher, is mainly used to the privacy information stealing user, as mailbox account number cipher, credit card account password and e-commerce website account number cipher etc.The deception form of counterfeit website mainly comprises:
1. mail link diffusion;
2. webpage forum is puted up in replying;
3. in social networks, utilize the counterfeit site information of social population dispersal;
4. in instant messaging (IM) instrument, utilize online transaction or ecommerce to enter illegal counterfeit website to guide user.
Trickle distorting normally is carried out to by counterfeit website domain name in these websites, or its webpage visually with by phisher has high emulation, and then gains users to trust by cheating, obtains user profile, infringement user benefit.
At present, industry has following common recognition usually:
Counterfeit website: refer to that the title of station address or the content of pages of webpage are visually very similar to regular business website, and intention is the website damaging user's economy or other interests.
White list: refer to regular website to be protected and be the list of websites of regular website through certifying authority; in general the station address protected is needed; it is the website that network trading or ecommerce high frequency occur; the e-commerce websites such as such as Taobao, Ebay, Jingdone district; the bank transaction system such as industrial and commercial bank, Bank of China; the public recreation webpages such as " Chinese good sound ", " the most forte of China ", these are all the targets that counterfeiter attacks.
Blacklist: refer to the counterfeit list of websites verified by associated mechanisms, the website in this kind of list is all obtained by customer complaint, web price competition, artificial examination or other modes, and through the counterfeit website of regulatory authorities confirmation.
Existing counterfeit website is detected recognition technology and is mostly based on blacklist and white list mechanism.Given station address to be detected, judges described station address to be detected whether at the row of list by inquiry white list or blacklist, identifies regular website or counterfeit website.But existing black and white lists detects recognition technology only can identify existing counterfeit website in blacklist, if certain counterfeit website is not in blacklist, then None-identified.But, the variability of network is very large, and lawless person can pass through again to apply for that the mode of new station address continues to swindle, and existing recognition technology needs receiving the database reporting or could upgrade after the incident blacklist, cannot accomplish to detect identification, risk is warned in advance.
Summary of the invention
For the deficiencies in the prior art, the invention provides a kind of counterfeit website detection method based on page visual similarity and system, fishing website when the method can detect zero, effectively reduce the loss of the network user.
The object of the invention is to adopt following technical proposals to realize:
Based on a counterfeit website detection method for page visual similarity, described method comprises:
(1) search for website to be detected, obtain station address list to be detected;
(2) one by one the station address in station address list to be detected and default white list are matched, judge whether coupling, if coupling, allow user to access this station address and white list mark is added to this station address, jumping to step (6); Otherwise, continue step (3);
(3) current site address and default blacklist are matched, judge whether coupling, if coupling, forbid that user accesses this station address and adds blacklist mark to this station address;
(4) if current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value;
(5) more described maximum similarity value and predetermined threshold value T;
(6) judge whether to exist in station address list to be detected not add tagged station address, if exist, perform step (2); Otherwise terminate.
Preferably, the station address to be detected in described step (1), comprises immediate communication tool IM, mail server, forum and virtual community.
Preferably, namely described step (4) measuring similarity adopts land mobile distance algorithm EMD to carry out measuring similarity, specifically comprises:
Gather one by one and preset the Web page image that in white list, all websites are corresponding;
From described station address list to be detected, extract uniform resource position mark URL information, and obtain Web page image corresponding to described website to be detected by web download; Wherein, described Web page image comprises the viewing area image of general image and browser window;
Successively by general image corresponding for websites all in default white list, the general image corresponding with website to be detected mates, and obtains the general image similarity sequence S be made up of multiple Similarity value
1; And by this similarity S set
1in Similarity value sort from big to small after choose maximum;
Successively by the viewing area image of browser window corresponding for websites all in default white list, the viewing area image of the browser window corresponding with website to be detected mates, and obtains the viewing area image similarity degree series S be made up of multiple Similarity value
2, and by this similarity sequence S
2in Similarity value sort from big to small after choose maximum.
Further, described acquisition Similarity value comprises, and extracts the rgb space preset in white list in each self-corresponding Web page image in all websites and website to be detected respectively; The frequency that R, G, B component recording described rgb space occurs.
Preferably, maximum similarity value is compared in described step (5) and predetermined threshold value T comprises, if described similarity sequence S
1and S
2in arbitrary maximum similarity value be less than predetermined threshold value T, then judge that non-counterfeit mark is added as non-counterfeit website in current site address; Otherwise, then judge that counterfeit mark is added as counterfeit website in current site address.
Based on a counterfeit website detection system for page visual similarity, comprising: search module, for searching for website to be detected, obtaining station address list to be detected;
White list processing module, for the station address in station address list to be detected and default white list being matched one by one, judges whether coupling, if coupling, allows user to access this station address and adds white list mark to this station address;
Blacklist processing module, matches current site address and default blacklist, judges whether coupling, if coupling, forbids that user accesses this station address and adds blacklist mark to this station address;
Detection module, if for current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value;
Evaluation module, for more described maximum similarity value and predetermined threshold value T.
Compared with the prior art, the beneficial effect that the present invention reaches is:
Counterfeit website detection method disclosed by the invention and system, achieve and detected counterfeit website before user be subject to individual interest infringement, reduces user's loss.
Adopt and based on EMD distance algorithm, targeted website Web page picture is mated with website and webpage picture to be detected, the counterfeit website that can detect from the essential aspect that vision is similar.Reduce the probability that user accesses counterfeit website to a certain extent; Thus the puzzlement in effectively avoid user to be strayed into work that fishing website brings and loss economically.
Accompanying drawing explanation
Fig. 1 is the counterfeit website detection method flow chart based on page visual similarity provided by the invention.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.
As shown in Figure 1, a kind of counterfeit website detection method based on page visual similarity, comprising:
(1) search for website to be detected, obtain station address list to be detected; Station address to be detected, comprises immediate communication tool IM, mail server, forum and virtual community.
(2) one by one the station address in station address list to be detected and default white list are matched, judge whether coupling, if coupling, allow user to access this station address and white list mark is added to this station address, jumping to step (6); Otherwise, continue step (3); The structural form of white list is mainly for application service, namely, when application is banking system, official of Everbright Bank network address http://www.cebbank.com, official of China Construction Bank network address " http://www.ccb.com " etc. can in " white list " in this patent, be added;
When application is entertainment sites, can add in the white list so in this patent " where father go " official website " http://www.hunantv.com/v/2013/bbqne ".
(3) current site address and default blacklist are matched, judge whether coupling, if coupling, forbid that user accesses this station address and adds blacklist mark to this station address;
The multiple known counterfeit website of structural form mainly corresponding to website protected in white list of blacklist, these counterfeit websites are reported by the network user and are produced after regulatory authorities confirms usually.
(4) if current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value; Namely step (4) measuring similarity adopts land mobile distance algorithm EMD to carry out measuring similarity, specifically comprises:
Gather one by one and preset the Web page image that in white list, all websites are corresponding;
From described station address list to be detected, extract uniform resource position mark URL information, and obtain Web page image corresponding to described website to be detected by web download; Wherein, described Web page image comprises the viewing area image of general image and browser window.Successively by general image corresponding for websites all in default white list, the general image corresponding with website to be detected mates, and obtains the general image similarity sequence S1 be made up of multiple Similarity value; And choose maximum after being sorted from big to small by the Similarity value in this similarity S set 1;
Successively by the viewing area image of browser window corresponding for websites all in default white list, the viewing area image of the browser window corresponding with website to be detected mates, obtain the viewing area image similarity degree series S2 be made up of multiple Similarity value, and choose maximum after being sorted from big to small by the Similarity value in this similarity sequence S2.
Described acquisition Similarity value comprises, and extracts the rgb space preset in white list in each self-corresponding Web page image in all websites and website to be detected respectively; The frequency that R, G, B component recording described rgb space occurs.
(5) more described maximum similarity value and predetermined threshold value T; Compare maximum similarity value in step (5) and predetermined threshold value T comprises, if arbitrary maximum similarity value is less than predetermined threshold value T in described similarity sequence S1 and S2, then judge that non-counterfeit mark is added as non-counterfeit website in current site address; Otherwise, then judge that counterfeit mark is added as counterfeit website in current site address.
(6) judge whether to exist in station address list to be detected not add tagged station address, if exist, perform step (2); Otherwise terminate.
Based on a counterfeit website detection system for page visual similarity, comprising: search module, for searching for website to be detected, obtaining station address list to be detected;
White list processing module, for the station address in station address list to be detected and default white list being matched one by one, judges whether coupling, if coupling, allows user to access this station address and adds white list mark to this station address;
Blacklist processing module, matches current site address and default blacklist, judges whether coupling, if coupling, forbids that user accesses this station address and adds blacklist mark to this station address;
Detection module, if for current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value;
Evaluation module, for more described maximum similarity value and predetermined threshold value T.
Finally should be noted that: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although with reference to above-described embodiment to invention has been detailed description, those of ordinary skill in the field are to be understood that: still can modify to the specific embodiment of the present invention or equivalent replacement, and not departing from any amendment of spirit and scope of the invention or equivalent replacement, it all should be encompassed in the middle of right of the present invention.
Claims (6)
1., based on a counterfeit website detection method for page visual similarity, it is characterized in that, described method comprises:
(1) search for website to be detected, obtain station address list to be detected;
(2) one by one the station address in station address list to be detected and default white list are matched, judge whether coupling, if coupling, allow user to access this station address and white list mark is added to this station address, jumping to step (6); Otherwise, continue step (3);
(3) current site address and default blacklist are matched, judge whether coupling, if coupling, forbid that user accesses this station address and adds blacklist mark to this station address;
(4) if current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value;
(5) more described maximum similarity value and predetermined threshold value T;
(6) judge whether to exist in station address list to be detected not add tagged station address, if exist, perform step (2); Otherwise terminate.
2. the method for claim 1, is characterized in that, the station address to be detected in described step (1), comprises immediate communication tool IM, mail server, forum and virtual community.
3. the method for claim 1, is characterized in that, namely described step (4) measuring similarity adopts land mobile distance algorithm EMD to carry out measuring similarity, is specially:
Gather one by one and preset the Web page image that in white list, all websites are corresponding;
From described station address list to be detected, extract uniform resource position mark URL information, and obtain Web page image corresponding to described website to be detected by web download; Wherein, described Web page image comprises the viewing area image of general image and browser window;
Successively general image corresponding with website to be detected for general image corresponding for websites all in default white list is mated, obtain the general image similarity sequence S be made up of multiple Similarity value
1; And by this similarity S set
1in Similarity value sort from big to small after choose maximum;
Successively by the viewing area image of browser window corresponding for websites all in default white list, the viewing area image of the browser window corresponding with website to be detected mates, and obtains the viewing area image similarity degree series S be made up of multiple Similarity value
2, and by this similarity sequence S
2in Similarity value sort from big to small after choose maximum.
4. method as claimed in claim 3, it is characterized in that, described acquisition Similarity value comprises: extract the rgb space preset in white list in each self-corresponding Web page image in all websites and website to be detected respectively; The frequency that R, G, B component recording described rgb space occurs.
5. method as claimed in claim 3, is characterized in that, compares maximum similarity value and predetermined threshold value T is in described step (5): if described similarity sequence S
1and S
2in arbitrary maximum similarity value be less than predetermined threshold value T, then judge that non-counterfeit mark is added as non-counterfeit website in current site address; Otherwise, then judge that counterfeit mark is added as counterfeit website in current site address.
6., based on a counterfeit website detection system for page visual similarity, it is characterized in that, comprising:
Search module, for searching for website to be detected, obtains station address list to be detected;
White list processing module, for the station address in station address list to be detected and default white list being matched one by one, judges whether coupling, if coupling, allows user to access this station address and adds white list mark to this station address;
Blacklist processing module, matches current site address and default blacklist, judges whether coupling, if coupling, forbids that user accesses this station address and adds blacklist mark to this station address;
Detection module, if for current site address neither in default white list again not in default blacklist, then corresponding with default white list according to the web page contents that station address list to be detected is corresponding web page contents carries out measuring similarity, obtains maximum similarity value;
Evaluation module, for more described maximum similarity value and predetermined threshold value T.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510434950.XA CN105119909B (en) | 2015-07-22 | 2015-07-22 | A kind of counterfeit website detection method and system based on page visual similarity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510434950.XA CN105119909B (en) | 2015-07-22 | 2015-07-22 | A kind of counterfeit website detection method and system based on page visual similarity |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105119909A true CN105119909A (en) | 2015-12-02 |
| CN105119909B CN105119909B (en) | 2019-02-19 |
Family
ID=54667797
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510434950.XA Expired - Fee Related CN105119909B (en) | 2015-07-22 | 2015-07-22 | A kind of counterfeit website detection method and system based on page visual similarity |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105119909B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105763543A (en) * | 2016-02-03 | 2016-07-13 | 百度在线网络技术(北京)有限公司 | Phishing site identification method and device |
| CN106603490A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Phishing website detecting method and system |
| CN107786529A (en) * | 2016-08-31 | 2018-03-09 | 阿里巴巴集团控股有限公司 | The detection method of website, apparatus and system |
| CN107968769A (en) * | 2016-10-19 | 2018-04-27 | 中兴通讯股份有限公司 | Webpage security detection method and device |
| CN107992547A (en) * | 2017-11-27 | 2018-05-04 | 深信服科技股份有限公司 | Apply dispositions method and device in a kind of website |
| CN110020075A (en) * | 2017-10-20 | 2019-07-16 | 南京烽火软件科技有限公司 | Device is excavated in illegal website automatically |
| CN110535806A (en) * | 2018-05-24 | 2019-12-03 | 中国移动通信集团重庆有限公司 | Monitor method, apparatus, equipment and the computer storage medium of abnormal website |
| CN110855716A (en) * | 2019-11-29 | 2020-02-28 | 北京邮电大学 | Self-adaptive security threat analysis method and system for counterfeit domain names |
| CN111698256A (en) * | 2020-06-17 | 2020-09-22 | 绿盟科技集团股份有限公司 | Method and device for detecting illegal link |
| CN112348104A (en) * | 2020-11-17 | 2021-02-09 | 百度在线网络技术(北京)有限公司 | Counterfeit program identification method, apparatus, device and storage medium |
| CN113132340A (en) * | 2020-01-16 | 2021-07-16 | 中国科学院信息工程研究所 | Phishing website identification method based on vision and host characteristics and electronic device |
| CN114124564A (en) * | 2021-12-03 | 2022-03-01 | 北京天融信网络安全技术有限公司 | Counterfeit website detection method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001045085A1 (en) * | 1999-12-17 | 2001-06-21 | Sony Corporation | Method and apparatus for information processing, and medium for storing program |
| CN101145902A (en) * | 2007-08-17 | 2008-03-19 | 东南大学 | Fishing webpage detection method based on image processing |
| CN101820366A (en) * | 2010-01-27 | 2010-09-01 | 南京邮电大学 | Pre-fetching-based phishing web page detection method |
| CN103442014A (en) * | 2013-09-03 | 2013-12-11 | 中国科学院信息工程研究所 | Method and system for automatic detection of suspected counterfeit websites |
-
2015
- 2015-07-22 CN CN201510434950.XA patent/CN105119909B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001045085A1 (en) * | 1999-12-17 | 2001-06-21 | Sony Corporation | Method and apparatus for information processing, and medium for storing program |
| CN101145902A (en) * | 2007-08-17 | 2008-03-19 | 东南大学 | Fishing webpage detection method based on image processing |
| CN101820366A (en) * | 2010-01-27 | 2010-09-01 | 南京邮电大学 | Pre-fetching-based phishing web page detection method |
| CN103442014A (en) * | 2013-09-03 | 2013-12-11 | 中国科学院信息工程研究所 | Method and system for automatic detection of suspected counterfeit websites |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105763543B (en) * | 2016-02-03 | 2019-08-30 | 百度在线网络技术(北京)有限公司 | A kind of method and device identifying fishing website |
| CN105763543A (en) * | 2016-02-03 | 2016-07-13 | 百度在线网络技术(北京)有限公司 | Phishing site identification method and device |
| CN107786529A (en) * | 2016-08-31 | 2018-03-09 | 阿里巴巴集团控股有限公司 | The detection method of website, apparatus and system |
| CN107968769A (en) * | 2016-10-19 | 2018-04-27 | 中兴通讯股份有限公司 | Webpage security detection method and device |
| CN106603490A (en) * | 2016-11-10 | 2017-04-26 | 上海斐讯数据通信技术有限公司 | Phishing website detecting method and system |
| CN110020075A (en) * | 2017-10-20 | 2019-07-16 | 南京烽火软件科技有限公司 | Device is excavated in illegal website automatically |
| CN107992547A (en) * | 2017-11-27 | 2018-05-04 | 深信服科技股份有限公司 | Apply dispositions method and device in a kind of website |
| CN110535806B (en) * | 2018-05-24 | 2022-04-01 | 中国移动通信集团重庆有限公司 | Method, device and equipment for monitoring abnormal website and computer storage medium |
| CN110535806A (en) * | 2018-05-24 | 2019-12-03 | 中国移动通信集团重庆有限公司 | Monitor method, apparatus, equipment and the computer storage medium of abnormal website |
| CN110855716A (en) * | 2019-11-29 | 2020-02-28 | 北京邮电大学 | Self-adaptive security threat analysis method and system for counterfeit domain names |
| CN110855716B (en) * | 2019-11-29 | 2020-11-06 | 北京邮电大学 | Self-adaptive security threat analysis method and system for counterfeit domain names |
| CN113132340A (en) * | 2020-01-16 | 2021-07-16 | 中国科学院信息工程研究所 | Phishing website identification method based on vision and host characteristics and electronic device |
| CN111698256A (en) * | 2020-06-17 | 2020-09-22 | 绿盟科技集团股份有限公司 | Method and device for detecting illegal link |
| CN111698256B (en) * | 2020-06-17 | 2022-05-10 | 绿盟科技集团股份有限公司 | Method and device for detecting illegal link |
| CN112348104A (en) * | 2020-11-17 | 2021-02-09 | 百度在线网络技术(北京)有限公司 | Counterfeit program identification method, apparatus, device and storage medium |
| CN112348104B (en) * | 2020-11-17 | 2023-08-18 | 百度在线网络技术(北京)有限公司 | Identification method, device, equipment and storage medium for counterfeit program |
| CN114124564A (en) * | 2021-12-03 | 2022-03-01 | 北京天融信网络安全技术有限公司 | Counterfeit website detection method and device, electronic equipment and storage medium |
| CN114124564B (en) * | 2021-12-03 | 2023-11-28 | 北京天融信网络安全技术有限公司 | Method and device for detecting counterfeit website, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105119909B (en) | 2019-02-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105119909A (en) | Fake website detection method and fake website detection system based on page visual similarity | |
| Prabhu Kavin et al. | Machine Learning‐Based Secure Data Acquisition for Fake Accounts Detection in Future Mobile Communication Networks | |
| EP3482334B1 (en) | System and methods for detecting online fraud | |
| EP2805286B1 (en) | Online fraud detection dynamic scoring aggregation systems and methods | |
| CN103442014A (en) | Method and system for automatic detection of suspected counterfeit websites | |
| US10484426B2 (en) | Auto-generated synthetic identities for simulating population dynamics to detect fraudulent activity | |
| WO2019067993A1 (en) | Phishing attack detection | |
| CN107026831B (en) | Identity recognition method and device | |
| CN103530367B (en) | A kind of fishing website identification system and method | |
| WO2019199712A1 (en) | Mail protection system | |
| CN102638448A (en) | Method for judging phishing websites based on non-content analysis | |
| US20130263263A1 (en) | Web element spoofing prevention system and method | |
| CN102299918A (en) | Network transaction safety system and method thereof | |
| CN102647408A (en) | Method for judging phishing website based on content analysis | |
| JP2006285844A (en) | Phishing fraud prevention system | |
| CN110784462B (en) | Three-layer phishing website detection system based on hybrid method | |
| CN104954372A (en) | Method and system for performing evidence acquisition and verification on phishing website | |
| US10341382B2 (en) | System and method for filtering electronic messages | |
| CN106470204A (en) | User identification method based on request behavior characteristicss, device, equipment and system | |
| CN103745156B (en) | Method and device for prompting risk information in search engine | |
| CN105959330A (en) | False link interception method, device and system | |
| CN107155186B (en) | Pseudo base station positioning method and device | |
| CN109214177A (en) | A kind of anti-fake system of internet finance | |
| CN110443031A (en) | A kind of two dimensional code Risk Identification Method and system | |
| Kayode-Ajala | Applying Machine Learning Algorithms for Detecting Phishing Websites: Applications of SVM, KNN, Decision Trees, and Random Forests |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190219 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |