CN113452670A - Phishing blocking method, device, equipment and medium based on SDN network - Google Patents

Phishing blocking method, device, equipment and medium based on SDN network Download PDF

Info

Publication number
CN113452670A
CN113452670A CN202110485790.7A CN202110485790A CN113452670A CN 113452670 A CN113452670 A CN 113452670A CN 202110485790 A CN202110485790 A CN 202110485790A CN 113452670 A CN113452670 A CN 113452670A
Authority
CN
China
Prior art keywords
blocked
sdn
instruction
blocking
forwarding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110485790.7A
Other languages
Chinese (zh)
Other versions
CN113452670B (en
Inventor
刘志强
王方圆
尚程
阿曼太
梁彧
蔡琳
杨满智
王杰
田野
金红
陈晓光
傅强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eversec Beijing Technology Co Ltd
Original Assignee
Eversec Beijing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eversec Beijing Technology Co Ltd filed Critical Eversec Beijing Technology Co Ltd
Priority to CN202110485790.7A priority Critical patent/CN113452670B/en
Publication of CN113452670A publication Critical patent/CN113452670A/en
Application granted granted Critical
Publication of CN113452670B publication Critical patent/CN113452670B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention relates to a phishing blocking method, a phishing blocking device, equipment and a medium based on an SDN network, wherein the SDN network comprises an anti-fraud application platform, an SDN controller and a plurality of SDN repeaters, and the method comprises the following steps: the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface; the SDN controller forwards the to-be-plugged instruction to the plurality of SDN repeaters through a control forwarding communication interface; and after any SDN repeater receives the forwarding task associated with the instruction to be blocked, blocking the forwarding task. The invention overcomes the problems of low efficiency, small concurrency and easy blockage of the traditional network blocking method, and can improve the blocking efficiency of phishing.

Description

Phishing blocking method, device, equipment and medium based on SDN network
Technical Field
The embodiment of the invention relates to the technical field of network security, in particular to a phishing blocking method and device based on an SDN network, electronic equipment and a storage medium.
Background
Phishing blocking: the method mainly comprises the actions that an operator receives instructions of a supervision department or a law enforcement department and blocks specific domain names, URLs and IPs related to phishing.
The traditional phishing blocking is mostly carried out by adopting a domain name resolution system (DNS) blocking mode, the defects of low blocking efficiency, small concurrency and easiness in blocking are always puzzled to operators and supervision departments, and the requirements of phishing high-speed, large blocking quantity, high required speed, cross-operator cooperation and the like are difficult to meet.
Disclosure of Invention
In view of this, embodiments of the present invention provide an phishing blocking method, device, electronic device, and storage medium based on an SDN network, so as to improve efficiency of blocking phishing.
Additional features and advantages of embodiments of the invention will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of embodiments of the invention.
In a first aspect of the present disclosure, an embodiment of the present invention provides a phishing blocking method based on an SDN network, where the SDN network includes an anti-fraud application platform, an SDN controller, and a plurality of SDN forwarders, and the method includes:
the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface;
the SDN controller forwards the to-be-plugged instruction to the plurality of SDN repeaters through a control forwarding communication interface;
and after any SDN repeater receives the forwarding task associated with the instruction to be blocked, blocking the forwarding task.
In an embodiment, the instruction to be blocked includes identification information of a website or an application to be blocked.
In an embodiment, the identification information of the website or the application to be blocked includes: the method comprises the steps of obtaining a domain name of a website to be blocked, a Uniform Resource Locator (URL) of the website to be blocked and/or a server IP address of an application program to be blocked.
In an embodiment, the forwarding task associated with the instruction to be blocked includes:
a forwarding task with the domain name of the website to be blocked, the Uniform Resource Locator (URL) of the website to be blocked and/or the server IP address of the application program to be blocked as a source address; and/or
And the forwarding task takes the domain name of the website to be blocked, the uniform resource locator URL of the website to be blocked and/or the server IP address of the application program to be blocked as a target address.
In one embodiment, blocking the forwarding task comprises: and ignoring the forwarding task, and returning a predetermined webpage to a requester of the forwarding task to prompt the user that the requested network is a fraud network.
In one embodiment, the forwarding task includes a Get request and a POST request.
In an embodiment, the anti-fraud application platform generating the to-be-plugged instruction comprises: and the anti-fraud application platform generates the instruction to be blocked according to the phishing report information of the public security organization.
In a second aspect of the present disclosure, an embodiment of the present invention further provides an phishing blocking device based on an SDN network, the SDN network including an anti-fraud application platform, an SDN controller, and a plurality of SDN repeaters, the device including:
a blocking instruction receiving unit, configured to generate an instruction to be blocked by the anti-fraud application platform, and send the instruction to be blocked to the SDN controller through an open standard interface;
a blocking instruction forwarding unit, configured to forward, by the SDN controller, the to-be-blocked instruction to the multiple SDN repeaters through a control forwarding communication interface;
and the forwarding blocking unit is used for blocking the forwarding task after any SDN repeater receives the forwarding task associated with the instruction to be blocked.
In an embodiment, the instruction to be blocked includes identification information of a website or an application to be blocked.
In an embodiment, the identification information of the website or the application to be blocked includes: the method comprises the steps of obtaining a domain name of a website to be blocked, a Uniform Resource Locator (URL) of the website to be blocked and/or a server IP address of an application program to be blocked.
In an embodiment, the forwarding task associated with the instruction to be blocked includes:
a forwarding task with the domain name of the website to be blocked, the Uniform Resource Locator (URL) of the website to be blocked and/or the server IP address of the application program to be blocked as a source address; and/or
And the forwarding task takes the domain name of the website to be blocked, the uniform resource locator URL of the website to be blocked and/or the server IP address of the application program to be blocked as a target address.
In one embodiment, blocking the forwarding task comprises: and ignoring the forwarding task, and returning a predetermined webpage to a requester of the forwarding task to prompt the user that the requested network is a fraud network.
In one embodiment, the forwarding task includes a Get request and a POST request.
In an embodiment, the generating, by the blocking instruction receiving unit, an instruction to be blocked by the anti-fraud application platform includes: and the anti-fraud application platform is used for generating the instruction to be blocked according to the phishing report information of the public security organization.
In a third aspect of the disclosure, an electronic device is provided. The electronic device includes: a processor; and a memory for storing executable instructions that, when executed by the processor, cause the electronic device to perform the method of the first aspect.
In a fourth aspect of the disclosure, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the method in the first aspect.
The technical scheme provided by the embodiment of the invention has the beneficial technical effects that:
the embodiment of the invention executes the following method by matching an anti-fraud application platform, an SDN controller and a plurality of SDN repeaters, which are included in an SDN network: the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface; the SDN controller forwards the instruction to be blocked to the plurality of SDN repeaters through a control forwarding communication interface; after receiving the forwarding task associated with the instruction to be blocked, any SDN repeater blocks the forwarding task, so that the problems of low efficiency, small concurrency and easiness in blocking of the traditional network blocking method are solved, and the blocking efficiency of phishing can be improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly described below, and it is obvious that the drawings in the following description are only a part of the embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the contents of the embodiments of the present invention and the drawings without creative efforts.
Fig. 1 is a schematic flow chart of an SDN network-based phishing blocking method according to an embodiment of the present invention;
FIG. 2 is a schematic interaction flow diagram of an SDN network-based phishing blocking method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an organization of an SDN network according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an SDN network-based phishing blocking device according to an embodiment of the present invention;
FIG. 5 shows a schematic diagram of an electronic device suitable for use in implementing embodiments of the present invention.
Detailed Description
In order to make the technical problems solved, the technical solutions adopted and the technical effects achieved by the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be described in further detail below with reference to the accompanying drawings, and it is obvious that the described embodiments are only some embodiments, but not all embodiments, of the embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, belong to the scope of protection of the embodiments of the present invention.
It should be noted that the terms "system" and "network" are often used interchangeably herein in embodiments of the present invention. Reference to "and/or" in embodiments of the invention is intended to include any and all combinations of one or more of the associated listed items. The terms "first", "second", and the like in the description and claims of the present disclosure and in the drawings are used for distinguishing between different objects and not for limiting a particular order.
It should be further noted that, in the embodiments of the present invention, each of the following embodiments may be executed alone, or may be executed in combination with each other, and the embodiments of the present invention are not limited in this respect.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The technical solutions of the embodiments of the present invention are further described by the following detailed description with reference to the accompanying drawings.
Fig. 1 shows a flow diagram of an SDN network-based phishing blocking method provided by an embodiment of the present invention, which is applicable to a case where a network operator blocks a phishing network based on an SDN network, and the method can be executed by an anti-fraud application platform, an SDN controller, and a plurality of SDN repeaters included in the SDN network, as shown in fig. 1, the SDN network-based phishing blocking method described in the present embodiment includes:
in step S110, the anti-fraud application platform generates an instruction to be blocked, and sends the instruction to be blocked to the SDN controller through an open standard interface.
The instruction to be blocked may include identification information of a website or an application to be blocked, for example, a domain name of the website to be blocked, a uniform resource locator URL of the website to be blocked, and/or a server IP address of the application to be blocked.
The instructions to be blocked can be generated by various methods, for example, the anti-fraud application platform can generate the instructions to be blocked according to the phishing report information of the public security organization. As another example, the instruction to be blocked may also be generated according to a fraud network blacklist and/or a fraud APP blacklist.
In step S120, the SDN controller forwards the instruction to be plugged to the SDN repeaters through a control forwarding communication interface.
It should be noted that, if the SDN network described in this embodiment serves multiple operators, such as telecommunications, connectivity, and mobility, the SDN network may include multiple SDN controllers, each SDN corresponds to multiple SDN repeaters, and an organization structure diagram of the SDN network corresponding to the application scenario is shown in fig. 3.
In step S130, after receiving the forwarding task associated with the instruction to be blocked, any SDN repeater blocks the forwarding task.
The forwarding task associated with the instruction to be blocked may include multiple types, for example, the forwarding task may include a forwarding task using a domain name of a website to be blocked, a uniform resource locator URL of the website to be blocked, and/or a server IP address of an application to be blocked as a source address. Wherein the form of the forwarding task may include a Get request and a POST request.
For another example, the forwarding task may further include taking a domain name of the website to be blocked, a uniform resource locator URL of the website to be blocked, and/or a server IP address of the application to be blocked as a target address.
The forwarding task can be blocked in a mode of not executing the forwarding task, namely, the forwarding task is ignored, and in order to improve the interface friendliness, a predetermined webpage can be returned to a requesting party of the forwarding task while the forwarding task is ignored so as to prompt a user that a requested network is a fraud network.
Fig. 2 is an interaction flow diagram of an phishing blocking method based on an SDN network according to an embodiment of the present invention, as shown in fig. 2, an anti-fraud application platform sends information to be blocked (e.g., domain name, URL, IP, etc.) to an SDN controller, the SDN controller performs instruction forwarding through a control forwarding communication interface, and the SDN repeater accepts an assignment and performs blocking.
For example, the blocking process may be: a terminal user sends a Get request to a Web server of a fraud website, an SDN repeater obtains the content of the Get request for study and judgment, if the content obtained by the SDN repeater belongs to the content to be blocked, a corresponding packet 'a' returned by the Web server is preceded, a corresponding packet 'b' of a 'forged' Get request report is sent, blocking is successful, and the link between the terminal user A and the Web server is disconnected.
The embodiment executes the following method through cooperation of an anti-fraud application platform, an SDN controller and a plurality of SDN repeaters, which are included in an SDN network: the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface; the SDN controller forwards the instruction to be blocked to the plurality of SDN repeaters through a control forwarding communication interface; after receiving the forwarding task associated with the instruction to be blocked, any SDN repeater blocks the forwarding task, so that the problems of low efficiency, small concurrency and easiness in blocking of the traditional network blocking method are solved, and the blocking efficiency of phishing can be improved.
As an implementation of the methods shown in the above figures, the present application provides an embodiment of an SDN network-based phishing blocking device, and fig. 4 shows a schematic structural diagram of an SDN network-based phishing blocking device provided in this embodiment, where the SDN network includes an anti-fraud application platform, an SDN controller, and a plurality of SDN repeaters, and an embodiment of the device corresponds to the method embodiments shown in fig. 1 to fig. 3, and the device may be specifically applied to various electronic devices. As shown in fig. 4, the phishing blocking device based on the SDN network according to the present embodiment includes a blocking instruction receiving unit 410, a blocking instruction forwarding unit 420, and a forwarding blocking unit 430.
The blocking instruction receiving unit 410 is configured to be used by the anti-fraud application platform to generate an instruction to be blocked, and send the instruction to be blocked to the SDN controller through an open standard interface.
The blocking instruction forwarding unit 420 is configured to forward the to-be-blocked instruction to the plurality of SDN repeaters through a control forwarding communication interface by the SDN controller.
The forwarding blocking unit 430 is configured to block a forwarding task associated with the instruction to be blocked after any SDN repeater receives the forwarding task.
According to one or more embodiments of the present disclosure, the instruction to be blocked includes identification information of a website or an application to be blocked.
According to one or more embodiments of the present disclosure, the identification information of the website or application to be blocked includes: the method comprises the steps of obtaining a domain name of a website to be blocked, a Uniform Resource Locator (URL) of the website to be blocked and/or a server IP address of an application program to be blocked.
According to one or more embodiments of the present disclosure, the forwarding task associated with the instruction to be blocked includes: a forwarding task with the domain name of the website to be blocked, the Uniform Resource Locator (URL) of the website to be blocked and/or the server IP address of the application program to be blocked as a source address; and/or a forwarding task taking the domain name of the website to be blocked, the Uniform Resource Locator (URL) of the website to be blocked and/or the server IP address of the application program to be blocked as a target address.
According to one or more embodiments of the present disclosure, blocking the forwarding task includes: and ignoring the forwarding task, and returning a predetermined webpage to a requester of the forwarding task to prompt the user that the requested network is a fraud network.
According to one or more embodiments of the present disclosure, the forwarding task includes a Get request and a POST request.
According to one or more embodiments of the present disclosure, the blocking instruction receiving unit for generating an instruction to be blocked by an anti-fraud application platform comprises: and the anti-fraud application platform is used for generating the instruction to be blocked according to the phishing report information of the public security organization.
The phishing blocking device based on the SDN network provided by the embodiment can execute the phishing blocking method based on the SDN network provided by the embodiment of the method disclosed by the present disclosure, and has corresponding functional modules and beneficial effects of the execution method.
Referring now to FIG. 5, a block diagram of an electronic device 500 suitable for use in implementing embodiments of the present invention is shown. The terminal device in the embodiment of the present invention is, for example, a mobile device, a computer, or a vehicle-mounted device built in a floating car, or any combination thereof. In some embodiments, the mobile device may include, for example, a cell phone, a smart home device, a wearable device, a smart mobile device, a virtual reality device, and the like, or any combination thereof. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, electronic device 500 may include a processing means (e.g., central processing unit, graphics processor, etc.) 501 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage means 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the electronic apparatus 500 are also stored. The processing device 501, the ROM 502, and the RAM 503 are connected to each other through a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
Generally, the following devices may be connected to the I/O interface 505: input devices 506 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 507 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, and the like; storage devices 508 including, for example, magnetic tape, hard disk, etc.; and a communication device 509. The communication means 509 may allow the electronic device 500 to communicate with other devices wirelessly or by wire to exchange data. While fig. 5 illustrates an electronic device 500 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to an embodiment of the present invention, the processes described above with reference to the flowcharts may be implemented as a computer software program. For example, embodiments of the invention include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 509, or installed from the storage means 508, or installed from the ROM 502. The computer program performs the above-described functions defined in the method of the embodiment of the present invention when executed by the processing apparatus 501.
It should be noted that the computer readable medium mentioned above can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In yet another embodiment of the invention, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface; the SDN controller forwards the to-be-plugged instruction to the plurality of SDN repeaters through a control forwarding communication interface; and after any SDN repeater receives the forwarding task associated with the instruction to be blocked, blocking the forwarding task.
Computer program code for carrying out operations for embodiments of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software or hardware. Where the name of a unit does not in some cases constitute a limitation of the unit itself, for example, the first retrieving unit may also be described as a "unit for retrieving at least two internet protocol addresses".
The foregoing description is only a preferred embodiment of the invention and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure in the embodiments of the present invention is not limited to the specific combinations of the above-described features, but also encompasses other embodiments in which any combination of the above-described features or their equivalents is possible without departing from the spirit of the disclosure. For example, the above features and (but not limited to) the features with similar functions disclosed in the embodiments of the present invention are mutually replaced to form the technical solution.

Claims (10)

1. An SDN network-based phishing blocking method, wherein the SDN network comprises an anti-fraud application platform, an SDN controller, and a plurality of SDN forwarders, the method comprising:
the anti-fraud application platform generates an instruction to be blocked and sends the instruction to be blocked to the SDN controller through an open standard interface;
the SDN controller forwards the to-be-plugged instruction to the plurality of SDN repeaters through a control forwarding communication interface;
and after any SDN repeater receives the forwarding task associated with the instruction to be blocked, blocking the forwarding task.
2. The method according to claim 1, wherein the instruction to be blocked comprises identification information of a website or application to be blocked.
3. The method according to claim 2, wherein the identification information of the website or application to be blocked comprises:
the method comprises the steps of obtaining a domain name of a website to be blocked, a Uniform Resource Locator (URL) of the website to be blocked and/or a server IP address of an application program to be blocked.
4. The method according to claim 3, wherein the forwarding task associated with the instruction to be blocked comprises:
a forwarding task with the domain name of the website to be blocked, the Uniform Resource Locator (URL) of the website to be blocked and/or the server IP address of the application program to be blocked as a source address; and/or
And the forwarding task takes the domain name of the website to be blocked, the uniform resource locator URL of the website to be blocked and/or the server IP address of the application program to be blocked as a target address.
5. The method of claim 1, wherein blocking the forwarding task comprises:
and ignoring the forwarding task, and returning a predetermined webpage to a requester of the forwarding task to prompt the user that the requested network is a fraud network.
6. The method of claim 1, wherein the forwarding task comprises a Get request and a POST request.
7. The method as recited in claim 1, wherein said anti-fraud application platform generating an instruction to be blocked comprises:
and the anti-fraud application platform generates the instruction to be blocked according to the phishing report information of the public security organization.
8. An SDN network-based phishing blocking device, the SDN network comprising an anti-fraud application platform, an SDN controller, and a plurality of SDN repeaters, the device comprising:
a blocking instruction receiving unit, configured to generate an instruction to be blocked by the anti-fraud application platform, and send the instruction to be blocked to the SDN controller through an open standard interface;
a blocking instruction forwarding unit, configured to forward, by the SDN controller, the to-be-blocked instruction to the multiple SDN repeaters through a control forwarding communication interface;
and the forwarding blocking unit is used for blocking the forwarding task after any SDN repeater receives the forwarding task associated with the instruction to be blocked.
9. An electronic device, comprising:
one or more processors; and
a memory to store executable instructions that, when executed by the one or more processors, cause the electronic device to perform the method of any of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-7.
CN202110485790.7A 2021-04-30 2021-04-30 Phishing blocking method, device, equipment and medium based on SDN network Active CN113452670B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110485790.7A CN113452670B (en) 2021-04-30 2021-04-30 Phishing blocking method, device, equipment and medium based on SDN network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110485790.7A CN113452670B (en) 2021-04-30 2021-04-30 Phishing blocking method, device, equipment and medium based on SDN network

Publications (2)

Publication Number Publication Date
CN113452670A true CN113452670A (en) 2021-09-28
CN113452670B CN113452670B (en) 2023-07-28

Family

ID=77809731

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110485790.7A Active CN113452670B (en) 2021-04-30 2021-04-30 Phishing blocking method, device, equipment and medium based on SDN network

Country Status (1)

Country Link
CN (1) CN113452670B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601557A (en) * 2014-12-29 2015-05-06 广东顺德中山大学卡内基梅隆大学国际联合研究院 Method and system for defending malicious websites based on software-defined network
US20170187686A1 (en) * 2015-12-25 2017-06-29 Sanctum Networks Limited Enhancing privacy and security on a SDN network using SND flow based forwarding control
CN107645507A (en) * 2017-10-16 2018-01-30 北京知道创宇信息技术有限公司 A kind of data processing method, anti-swindle equipment and computer-readable recording medium
CN107925627A (en) * 2015-06-26 2018-04-17 迈克菲有限责任公司 The system and method that data are route using software defined network
CN108259444A (en) * 2016-12-28 2018-07-06 南宁富桂精密工业有限公司 Malicious websites means of defence and system
CN109088901A (en) * 2018-10-31 2018-12-25 杭州默安科技有限公司 Deception defence method and system based on SDN building dynamic network
US10296744B1 (en) * 2015-09-24 2019-05-21 Cisco Technology, Inc. Escalated inspection of traffic via SDN
CN111865925A (en) * 2020-06-24 2020-10-30 国家计算机网络与信息安全管理中心 Network traffic based fraud group identification method, controller and medium
CN112491864A (en) * 2020-11-23 2021-03-12 恒安嘉新(北京)科技股份公司 Method, device, equipment and medium for detecting phishing deep victim user

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601557A (en) * 2014-12-29 2015-05-06 广东顺德中山大学卡内基梅隆大学国际联合研究院 Method and system for defending malicious websites based on software-defined network
CN107925627A (en) * 2015-06-26 2018-04-17 迈克菲有限责任公司 The system and method that data are route using software defined network
US10296744B1 (en) * 2015-09-24 2019-05-21 Cisco Technology, Inc. Escalated inspection of traffic via SDN
US20170187686A1 (en) * 2015-12-25 2017-06-29 Sanctum Networks Limited Enhancing privacy and security on a SDN network using SND flow based forwarding control
CN108259444A (en) * 2016-12-28 2018-07-06 南宁富桂精密工业有限公司 Malicious websites means of defence and system
CN107645507A (en) * 2017-10-16 2018-01-30 北京知道创宇信息技术有限公司 A kind of data processing method, anti-swindle equipment and computer-readable recording medium
CN109088901A (en) * 2018-10-31 2018-12-25 杭州默安科技有限公司 Deception defence method and system based on SDN building dynamic network
CN111865925A (en) * 2020-06-24 2020-10-30 国家计算机网络与信息安全管理中心 Network traffic based fraud group identification method, controller and medium
CN112491864A (en) * 2020-11-23 2021-03-12 恒安嘉新(北京)科技股份公司 Method, device, equipment and medium for detecting phishing deep victim user

Also Published As

Publication number Publication date
CN113452670B (en) 2023-07-28

Similar Documents

Publication Publication Date Title
CN111177617A (en) Web direct operation and maintenance method and device based on operation and maintenance management system and electronic equipment
CN111177112A (en) Database blocking method and device based on operation and maintenance management system and electronic equipment
CN112866385B (en) Interface calling method and device, electronic equipment and storage medium
CN115801299B (en) Meta universe identity authentication method, device, equipment and storage medium
CN111163324A (en) Information processing method and device and electronic equipment
CN115357761A (en) Link tracking method and device, electronic equipment and storage medium
CN114513552B (en) Data processing method, device, equipment and storage medium
CN116668402A (en) Intelligent cloud box access method, device, equipment and storage medium
CN108880923A (en) The method and apparatus that policer operation applied to application server is requested
CN110908921A (en) Game problem positioning method and device, electronic equipment and storage medium
CN112152879B (en) Network quality determination method, device, electronic equipment and readable storage medium
CN103051722B (en) A kind ofly determine the method whether page is held as a hostage and relevant device
CN113391860A (en) Service request processing method and device, electronic equipment and computer storage medium
CN115174558B (en) Cloud network end integrated identity authentication method, device, equipment and storage medium
CN113452670B (en) Phishing blocking method, device, equipment and medium based on SDN network
CN115022106B (en) Group information processing method, device, equipment and medium
CN115600964A (en) Voice approval method and device and related equipment
CN111241368B (en) Data processing method, device, medium and equipment
CN114979128A (en) Cross-region communication method and device and electronic equipment
CN109669679B (en) Service detection and processing method and device and electronic equipment
CN111382057B (en) Test case generation method, test method and device, server and storage medium
CN112929453A (en) Method and device for sharing session data
CN113765972A (en) Data request response method, device, system, server and storage medium
CN110262756B (en) Method and device for caching data
CN114222005B (en) Request processing method, apparatus, device, computer readable storage medium and product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant