CN103268447A - Anti-phishing method and system - Google Patents
Anti-phishing method and system Download PDFInfo
- Publication number
- CN103268447A CN103268447A CN2013101738526A CN201310173852A CN103268447A CN 103268447 A CN103268447 A CN 103268447A CN 2013101738526 A CN2013101738526 A CN 2013101738526A CN 201310173852 A CN201310173852 A CN 201310173852A CN 103268447 A CN103268447 A CN 103268447A
- Authority
- CN
- China
- Prior art keywords
- program
- interface
- user
- random value
- data inputting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses an anti-phishing method and system. By means of the method and the system, whether an application program which user data need to be input into and is operated by users is intercepted by a vicious phishing program can be verified by increasing random values, alarm prompting can be transmitted to the users if the application program is intercepted by the vicious phishing program. The users can further perform verification processing by utilizing the verification processing procedures of the anti-phishing method, if the relevant application program is intercepted by the vicious phishing program according to the verification, the users can unload the vicious phishing program and record a process number of the vicious phishing program permanently (namely the vicious phishing program is recorded in a backlist), the progress can be automatically killed and the vicious phishing program can be automatically unloaded next time the vicious phishing program is started, and safety of user on-line operation is greatly strengthened.
Description
Technical field
The present invention relates to internet security and use association area, be specifically related to a kind of anti-fishing method and system.
Background technology
Along with popularizing and the fast development of 3G mobile Internet of internet, increasing application system is moved on the net.The thing followed, the safety problem of network also becomes increasingly conspicuous, it is " fishing " that a kind of general crime is attacked, it attempts to defraud of the user provides personal information to the phishing attack person, the phishing attack person uses the information of obtaining to carry out criminal activity, briefly, the person that is exactly the phishing attack obtains victim's trust and response by spurious, thus the person's that reaches the phishing attack purpose.The phishing attack person often is directed to the user the closely similar fake site of interface appearance and real legitimate site when the user is landing network and carries out associative operation, to reach the purpose of profit.At present, existing several different methods and instrument help to it is found that fishing website to avoid exposing user's privacy information, for example connects safely by SSL, and digital certificate is perhaps set up shielding fishing website blacklist etc.Yet, when people when the various site information, often be difficult to recognize its true and false, only still be difficult to prevent by phishing attack effectively by above certain methods.
Summary of the invention
In view of this, the invention provides and a kind ofly can judge automatically that whether related application is malice fishing program, and destroy anti-fishing method and the system of malice fishing program,
A kind of method of anti-fishing, described method comprises:
S1, need the input user data application program in the log-on data inputting interface, generate and show a random value and wait for user's input validation data;
S2, obtain the verification msg of user input, judge whether the verification msg that the user imports is consistent with described random value;
S3, when the verification msg of user input and described random value are inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
S4, when the verification msg of user input is consistent with described random value, then the described data inputting interface of mark and described application program be from same program, the cycle and taking corresponding operation of the described application program of permission execution.
Further, described step S3 also comprises the checking treatment step, and described checking treatment step comprises:
S31, obtain and record the process number that blocks the interface program that covers described data inputting interface, and kill its interface program according to described process number;
S32, the start detection program detects described data inputting interface again, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, records and preserve the process number of this malice fishing program, with this malice fishing program unloading.
Further, described method also comprises:
S5, if detecting the interface program that is marked as malice fishing program starts, then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
Preferably, described random value is one or more the combined value in numeral, letter, symbol or the Chinese character that produces at random.
Based on foregoing invention design, the present invention also provide a kind of anti-fishing system, comprising:
The random value generation module is used for application program at needs input user data in the log-on data inputting interface, generates and shows a random value and wait for user's input validation data;
Judge module is used for obtaining the verification msg of user's input, and judges whether the verification msg of user's input is consistent with described random value;
First execution module, be used for the verification msg imported as the user and described random value when inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
Second execution module, when consistent with described random value for the verification msg of importing as the user, then the described data inputting interface of mark and described application program allow to carry out the cycle and taking corresponding operation of described application program from same program.
Further, also include the checking processing module during described first execution module advances:
The first checking processing module is used for obtaining and record the process number that blocks the interface program that covers described data inputting interface, and kills its interface program according to described process number;
The second checking processing module, be used for again the start detection program and detect described data inputting interface, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, record is also preserved the process number of this malice fishing program, with this malice fishing program unloading.
Further, described system also comprises:
Automatically Unload module is used for when detecting the interface program startup that is marked as malice fishing program, and then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
Preferably, the random value in the described random value generation module is one or more the combined value in numeral, letter, symbol or the Chinese character that produces at random.
Utilize the method and system of anti-fishing provided by the invention, verify by increasing random value, if when a certain application program meets with the interception of malice fishing program, can be to user's prompting that gives a warning; If the user can't judge that it is whether during malice fishing procedure operation, the user can utilize its checking treatment step to verify processing, in case the checking related application meets with the interception of malice fishing program, then unload this malice fishing program, and the process number of this malice fishing program carried out HC hard copy, when finding this malice fishing program start next time, kill this process automatically and unload this malice fishing program automatically.The present invention can prevent effectively by phishing attack, strengthen the security of operating on the user network greatly.
Description of drawings
Accompanying drawing 1 is the method flow synoptic diagram of the embodiment of the invention;
Accompanying drawing 2 is the construction module synoptic diagram of the anti-fishing system of the embodiment of the invention.
Embodiment
For the ease of those skilled in the art's understanding, the invention will be further described below in conjunction with accompanying drawing.
As shown in Figure 1, a kind of method of anti-fishing, described method comprises:
S1, need the input user data application program in the log-on data inputting interface, generate and show a random value and wait for user's input validation data;
S2, obtain the verification msg of user input, judge whether the verification msg that the user imports is consistent with described random value;
S3, when the verification msg of user input and described random value are inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
S4, when the verification msg of user input is consistent with described random value, then the described data inputting interface of mark and described application program be from same program, the cycle and taking corresponding operation of the described application program of permission execution.
Preferably, whether really be the interception of malice fishing program for the ease of the described application program of user rs authentication, also can increase the checking treatment step at described step S3, described checking treatment step comprises:
S31, obtain and record the process number that blocks the interface program that covers described data inputting interface, and kill its interface program according to described process number;
S32, the start detection program detects described data inputting interface again, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, record is also preserved the process number (being about to its process number record as in the blacklist) of this malice fishing program, and with this malice fishing program unloading.
Preserve the process number of rogue program at record after, when its program when starting, can kill its process according to the process number of record and unload this malice fishing program automatically.Therefore, can increase the step of an automatic unloading malice fishing program based on the above method:
S5, if detecting the interface program that is marked as malice fishing program starts, then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
Preferably, described random value is one or more the combined value in numeral, letter, symbol or the Chinese character that produces at random.For example, described random value can be numeral and the combination of letter, letter and the combination of symbol, the combination of numeral, letter and symbol, or even the combination of numeral, letter, symbol and Chinese character.
Based on foregoing invention design, the invention provides a kind of anti-fishing system, comprising:
The random value generation module is used for application program at needs input user data in the log-on data inputting interface, generates and shows a random value and wait for user's input validation data; Described random value is one or more the combined value in numeral, letter, symbol or the Chinese character that produces at random;
Judge module is used for obtaining the verification msg of user's input, and judges whether the verification msg of user's input is consistent with described random value;
First execution module, be used for the verification msg imported as the user and described random value when inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
Whether really be the interception of malice fishing program for the ease of the described application program of user rs authentication, also include the checking processing module during described first execution module advances:
The first checking processing module is used for obtaining and record the process number that blocks the interface program that covers described data inputting interface, and kills its interface program according to described process number;
The second checking processing module, be used for again the start detection program and detect described data inputting interface, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, record is also preserved the process number of this malice fishing program, with this malice fishing program unloading;
Second execution module, when consistent with described random value for the verification msg of importing as the user, then the described data inputting interface of mark and described application program allow to carry out the cycle and taking corresponding operation of described application program from same program.
Automatically Unload module is used for when detecting the interface program startup that is marked as malice fishing program, and then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
The method and system of anti-fishing provided by the invention are verified by increasing random value, can prevent by phishing attack effectively.The present invention verifies by increasing random value whether the user meets with the interception of malice fishing program in the application program of action need input user data, if, then can be to user's prompting that gives a warning; The user can also utilize checking treatment step of the present invention to verify processing, in case the checking related application meets with the interception of malice fishing program, then unload this malice fishing program, and the process number of this malice fishing program carried out HC hard copy (being about to it is recorded in the blacklist), when finding this malice fishing program start next time, kill this process automatically and unload this malice fishing program automatically, strengthen the security of operating on the user network greatly.
The content of mentioning in above-described embodiment is preferred implementation of the present invention, is not to be limitation of the invention, and without departing from the inventive concept of the premise, any apparent replacement is all within protection scope of the present invention.
Claims (8)
1. the method for an anti-fishing is characterized in that described method comprises:
S1, need the input user data application program in the log-on data inputting interface, generate and show a random value and wait for user's input validation data;
S2, obtain the verification msg of user input, judge whether the verification msg that the user imports is consistent with described random value;
S3, when the verification msg of user input and described random value are inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
S4, when the verification msg of user input is consistent with described random value, then the described data inputting interface of mark and described application program be from same program, the cycle and taking corresponding operation of the described application program of permission execution.
2. method according to claim 1 is characterized in that, also comprises the checking treatment step among the described step S3, and described checking treatment step comprises:
S31, obtain and record the process number that blocks the interface program that covers described data inputting interface, and kill its interface program according to described process number;
S32, the start detection program detects described data inputting interface again, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, records and preserve the process number of this malice fishing program, with this malice fishing program unloading.
3. method according to claim 2 is characterized in that, described method also comprises:
S5, if detecting the interface program that is marked as malice fishing program starts, then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
4. according to claim 1 or 2 or 3 described methods, it is characterized in that: described random value is one or more the combined value in the numeral, letter, symbol or the Chinese character that produce at random.
An anti-fishing system, it is characterized in that, comprising:
The random value generation module is used for application program at needs input user data in the log-on data inputting interface, generates and shows a random value and wait for user's input validation data;
Judge module is used for obtaining the verification msg of user's input, and judges whether the verification msg of user's input is consistent with described random value;
First execution module, be used for the verification msg imported as the user and described random value when inconsistent, then the described application program of mark is tackled by malice fishing program, and the start detection program detects described data inputting interface, blocked by interface program and cover and when the user data input operation is arranged, forbid that then the user imports and eject the warning prompt frame when detecting described data inputting interface;
Second execution module, when consistent with described random value for the verification msg of importing as the user, then the described data inputting interface of mark and described application program allow to carry out the cycle and taking corresponding operation of described application program from same program.
6. system according to claim 5 is characterized in that, described first execution module further comprises the checking processing module, and described checking processing module comprises
The first checking processing module is used for obtaining and record the process number that blocks the interface program that covers described data inputting interface, and kills its interface program according to described process number;
The second checking processing module, be used for again the start detection program and detect described data inputting interface, block the interface program that covers described data inputting interface if detect again, then the described interface program of mark is malice fishing program, record is also preserved the process number of this malice fishing program, with this malice fishing program unloading.
7. system according to claim 6 is characterized in that, described system also comprises:
Automatically Unload module is used for when detecting the interface program startup that is marked as malice fishing program, and then the process number according to its record and preservation kills its process, and unloads this interface program automatically.
8. according to claim 5 or 6 or 7 described systems, it is characterized in that; Random value in the described random value generation module is one or more the combined value in numeral, letter, symbol or the Chinese character that produces at random.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310173852.6A CN103268447B (en) | 2013-05-10 | 2013-05-10 | A kind of anti-fishing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310173852.6A CN103268447B (en) | 2013-05-10 | 2013-05-10 | A kind of anti-fishing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103268447A true CN103268447A (en) | 2013-08-28 |
| CN103268447B CN103268447B (en) | 2016-03-02 |
Family
ID=49012075
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310173852.6A Expired - Fee Related CN103268447B (en) | 2013-05-10 | 2013-05-10 | A kind of anti-fishing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103268447B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103826008A (en) * | 2014-02-18 | 2014-05-28 | 华为终端有限公司 | Mobile terminal notification message prompting method and device and mobile terminal |
| CN105677221A (en) * | 2015-12-30 | 2016-06-15 | 广州优视网络科技有限公司 | Method and device for improving application data detecting accuracy and equipment |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN106339627A (en) * | 2016-08-17 | 2017-01-18 | 深圳市金立通信设备有限公司 | Click event processing method and terminal |
| CN106485170A (en) * | 2015-09-02 | 2017-03-08 | 阿里巴巴集团控股有限公司 | A kind of data inputting method and device |
| CN108985056A (en) * | 2018-06-27 | 2018-12-11 | 努比亚技术有限公司 | A kind of data interception method, electronic equipment and computer readable storage medium |
| CN110309647A (en) * | 2019-06-28 | 2019-10-08 | 北京金山安全软件有限公司 | Processing method and device for application program, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1770683A (en) * | 2004-11-04 | 2006-05-10 | 徐勃光 | Method for preventing counterfeit website and counterfeit client in trade on line |
| CN101267311A (en) * | 2008-04-14 | 2008-09-17 | 中国工商银行股份有限公司 | A method, device and system for preventing network bank from hijacking data |
| EP2003590A1 (en) * | 2007-06-11 | 2008-12-17 | Richard Mervyn Gardner | Integrated systems for simultaneous mutual authentification of database and user |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
| CN102982283A (en) * | 2012-11-27 | 2013-03-20 | 蓝盾信息安全技术股份有限公司 | System and method for killing protected malicious computer process |
| JP5176629B2 (en) * | 2008-03-21 | 2013-04-03 | 沖電気工業株式会社 | Server apparatus, authentication method, and program |
-
2013
- 2013-05-10 CN CN201310173852.6A patent/CN103268447B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1770683A (en) * | 2004-11-04 | 2006-05-10 | 徐勃光 | Method for preventing counterfeit website and counterfeit client in trade on line |
| EP2003590A1 (en) * | 2007-06-11 | 2008-12-17 | Richard Mervyn Gardner | Integrated systems for simultaneous mutual authentification of database and user |
| JP5176629B2 (en) * | 2008-03-21 | 2013-04-03 | 沖電気工業株式会社 | Server apparatus, authentication method, and program |
| CN101267311A (en) * | 2008-04-14 | 2008-09-17 | 中国工商银行股份有限公司 | A method, device and system for preventing network bank from hijacking data |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
| CN102982283A (en) * | 2012-11-27 | 2013-03-20 | 蓝盾信息安全技术股份有限公司 | System and method for killing protected malicious computer process |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103826008A (en) * | 2014-02-18 | 2014-05-28 | 华为终端有限公司 | Mobile terminal notification message prompting method and device and mobile terminal |
| CN103826008B (en) * | 2014-02-18 | 2016-01-06 | 华为终端有限公司 | A kind of mobile terminal notification message reminding method, device and mobile terminal |
| CN106485170A (en) * | 2015-09-02 | 2017-03-08 | 阿里巴巴集团控股有限公司 | A kind of data inputting method and device |
| CN105677221A (en) * | 2015-12-30 | 2016-06-15 | 广州优视网络科技有限公司 | Method and device for improving application data detecting accuracy and equipment |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN106339627A (en) * | 2016-08-17 | 2017-01-18 | 深圳市金立通信设备有限公司 | Click event processing method and terminal |
| CN108985056A (en) * | 2018-06-27 | 2018-12-11 | 努比亚技术有限公司 | A kind of data interception method, electronic equipment and computer readable storage medium |
| CN110309647A (en) * | 2019-06-28 | 2019-10-08 | 北京金山安全软件有限公司 | Processing method and device for application program, electronic equipment and storage medium |
| CN110309647B (en) * | 2019-06-28 | 2022-02-25 | 北京乐蜜科技有限责任公司 | Processing method and device for application program, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103268447B (en) | 2016-03-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Aurangzeb et al. | Ransomware: a survey and trends | |
| US10791126B2 (en) | System and methods for protecting users from malicious content | |
| CN103268447A (en) | Anti-phishing method and system | |
| Prasad et al. | Cyber security: the lifeline of information and communication technology | |
| Wu et al. | Effective defense schemes for phishing attacks on mobile computing platforms | |
| Vukalović et al. | Advanced persistent threats-detection and defense | |
| Palaniappan et al. | Secure user authentication using honeywords | |
| US11645943B2 (en) | Method and apparatus for training email recipients against phishing attacks using real threats in realtime | |
| CN105939326A (en) | Message processing method and device | |
| Zaidi et al. | A survey on security for smartphone device | |
| EP3508999B1 (en) | Dissuading stolen password reuse | |
| Kang et al. | Security considerations for smart phone smishing attacks | |
| CN107809438A (en) | A kind of network authentication method, system and its user agent device used | |
| US20210051176A1 (en) | Systems and methods for protection from phishing attacks | |
| ES2937143T3 (en) | Procedure for monitoring and protecting access to an online service | |
| JP2016532936A (en) | Network identification authentication using communication device identification code | |
| Kalla et al. | Phishing detection implementation using databricks and artificial Intelligence | |
| CN105939314A (en) | Network protection method and device | |
| CN114727294A (en) | Identity recognition method and system for communication | |
| Karim et al. | Online Banking User Authentication Methods: A Systematic Literature Review | |
| AT&T | ||
| Javeed et al. | Artificial intelligence (AI)-based intrusion detection system for IoT-enabled networks: A state-of-the-art survey | |
| Orucho et al. | Security threats affecting user-data on transit in mobile banking applications: A review | |
| CN107181766A (en) | The management-control method and device of log-on message | |
| TWI609287B (en) | Using communication device identification code and network operation password as methods for network authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. Address before: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee before: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160302 |