Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and device for analyzing phishing based on dns logs

A technology of phishing and analysis methods, applied in the field of phishing analysis methods and devices based on DNS logs, can solve the problems of poor identification accuracy of phishing websites, etc., and achieve short survival period of sites, poor mitigation identification accuracy, and strong camouflage Effect

Active Publication Date: 2020-12-25
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the object of the present invention is to provide a phishing analysis method and device based on DNS logs to alleviate the technical problem of poor accuracy of phishing website identification in traditional website phishing analysis methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for analyzing phishing based on dns logs
  • A method and device for analyzing phishing based on dns logs
  • A method and device for analyzing phishing based on dns logs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] A kind of phishing analysis method based on DNS log that the embodiment of the present invention provides, such as figure 1 shown, including:

[0055] Step S102, obtaining log data to be analyzed, wherein the log data to be analyzed includes domain name resolution logs, and the number of domain names is at least one;

[0056] Step S104, searching for the target resolution log from the log data to be analyzed, wherein the target resolution log is a resolution log with preset characteristic information, and the preset characteristic information is information contained in the domain name resolution log of the phishing website;

[0057] Step S106, determining the website corresponding to the domain name of the target parsing log as a phishing website.

[0058] In the embodiment of the present invention, the target resolution log is searched from the log data to be analyzed, the log data to be analyzed includes the domain name resolution log, the target resolution log is a...

Embodiment 2

[0132] An embodiment of the present invention provides a DNS log-based phishing analysis device, such as Figure 4 shown, including:

[0133] The acquiring module 100 is configured to acquire log data to be analyzed, wherein the log data to be analyzed includes domain name resolution logs, and the number of domain names is at least one;

[0134] The search module 200 is used to search for the target analysis log from the log data to be analyzed, wherein the target analysis log is an analysis log with preset characteristic information, and the preset characteristic information is information contained in the domain name resolution log of the phishing website;

[0135] The determination module 300 is configured to determine the website corresponding to the domain name of the target parsing log as a phishing website.

[0136] In the embodiment of the present invention, firstly, the acquisition module 100 acquires the log data to be analyzed, and then the search module 200 search...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a DNS log-based phishing analysis method and device, relating to the technical field of network security. The method includes: obtaining log data to be analyzed, wherein the log data to be analyzed includes domain name resolution logs, and the number of domain names At least one; find the target resolution log from the log data to be analyzed, wherein the target resolution log is a resolution log with preset characteristic information, and the preset characteristic information is the information contained in the domain name resolution log of the phishing website; The website corresponding to the domain name of the log is determined to be a phishing website. The invention alleviates the technical problem of poor identification accuracy of phishing websites by traditional website phishing analysis methods.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a DNS log-based phishing analysis method and device. Background technique [0002] Phishing is a method of attack by sending a large number of fraudulent spam emails claiming to be from banks or other well-known institutions, with the intention of luring recipients to give sensitive information (such as user names, passwords, account or credit card details). The most typical phishing attack lures the recipient to a well-designed phishing website that is very similar to the target organization's website, and obtains sensitive personal information entered by the recipient on this website. [0003] Phishing incidents often occur, causing extremely serious harm to online trading systems and financial platforms. However, phishing has the characteristics of high concealment of transmission routes, strong camouflage of website pages, and short survival period of websites. At ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1483H04L61/4511
Inventor 蒋海峰范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com