[go: up one dir, main page]

CN102946391B - The method of prompting malice network address and a kind of browser in a kind of browser - Google Patents

The method of prompting malice network address and a kind of browser in a kind of browser Download PDF

Info

Publication number
CN102946391B
CN102946391B CN201210452563.5A CN201210452563A CN102946391B CN 102946391 B CN102946391 B CN 102946391B CN 201210452563 A CN201210452563 A CN 201210452563A CN 102946391 B CN102946391 B CN 102946391B
Authority
CN
China
Prior art keywords
url
website
browser
malicious
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210452563.5A
Other languages
Chinese (zh)
Other versions
CN102946391A (en
Inventor
蔡永建
任寰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201210452563.5A priority Critical patent/CN102946391B/en
Publication of CN102946391A publication Critical patent/CN102946391A/en
Application granted granted Critical
Publication of CN102946391B publication Critical patent/CN102946391B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

本发明公开了一种浏览器中提示恶意网址的方法和一种浏览器,涉及互联网技术领域。该方法包括:在浏览器中设置恶意网址判定模块,获取用户在浏览器地址栏中的输入信息,依据所述输入信息获取该输入信息对应的推荐网址,向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求,并在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果。本发明的技术方案,可以在用户在浏览器地址栏中输入信息时,就进行恶意网址的预先判断和提示,加速了恶意网址判断的效率,由此解决了现有技术在用户确认点击了某个网址发起该网址的请求时才进行恶意网址的确认,使得用户点击网址后才知道其是否为恶意网址,体验不好的问题。

The invention discloses a method for prompting a malicious website in a browser and a browser, and relates to the technical field of the Internet. The method includes: setting a malicious website determination module in the browser, obtaining user input information in the browser address bar, obtaining a recommended website corresponding to the input information according to the input information, and determining the malicious website on the browser side The module initiates a request to judge whether the recommended website is a malicious website, and displays the judgment result of the malicious website judgment module on the recommended website on the browser side. The technical solution of the present invention can pre-judge and prompt malicious URLs when the user inputs information in the browser address bar, which speeds up the efficiency of malicious URL judgments, thereby solving the problem of the prior art when the user confirms that a certain URL is clicked. Malicious URLs are confirmed only when a URL initiates a request for the URL, so that the user does not know whether it is a malicious URL until the user clicks on the URL, and the experience is not good.

Description

一种浏览器中提示恶意网址的方法和一种浏览器A method for prompting malicious web addresses in a browser and a browser

技术领域technical field

本发明涉及互联网技术领域,具体涉及一种浏览器中提示恶意网址的方法和一种浏览器。The invention relates to the technical field of the Internet, in particular to a method for prompting malicious URLs in a browser and a browser.

背景技术Background technique

恶意网站是指恶意种植木马、病毒等恶意程序在网站内,通过伪装的“网站服务内容”诱导用户访问该网站,一旦进入这些网站,便会触发网站内种植下的木马、病毒等程序,导致访问者计算机被感染,面临丢失帐号或者泄露隐私信息等危险。挂马网页是指被嵌入了木马网站链接的网页。访问这些网页,会触发到木马网站的访问请求,这种访问一旦成功,就会导致访问者计算机被感染,面临丢失帐号和泄露隐私信息的危险。Malicious websites refer to maliciously planting Trojan horses, viruses and other malicious programs in the website, and induce users to visit the website through the disguised "website service content". Once entering these websites, the Trojan horses, viruses and other programs planted in the website will be triggered, resulting in The visitor's computer is infected, facing the danger of losing account or leaking private information. A web page linked to a horse refers to a web page embedded with a link to a Trojan horse website. Visiting these webpages will trigger an access request to the Trojan horse website. Once this access is successful, the visitor's computer will be infected, facing the danger of losing the account and leaking private information.

现有的“恶意网址拦截”技术可以阻止用户的电脑连接恶意的网站,防止用户受到挂马网页、钓鱼网站以及携带病毒的恶意网站等的侵害。用户可以通过该“恶意网址拦截”功能屏蔽恶意网址。家长用户也可以通过该功能屏蔽不适合青少年浏览的网站,给孩子创建一个绿色健康的上网环境。因为网址过滤功能中包含了网站黑名单与网站白名单,用户可以把可疑或不适合浏览的网络地址设置到网站黑名单中,而把信任的网络地址设置到网站白名单中。此外,恶意网址拦截功能也可针对具体的端口号、代理以及可疑程序进行监控。The existing "malicious website blocking" technology can prevent the user's computer from connecting to malicious websites, and prevent users from being harmed by webpages linked to horses, phishing websites, and malicious websites carrying viruses. Users can block malicious URLs through the "malicious URL blocking" function. Parent users can also block websites that are not suitable for teenagers to browse through this function, creating a green and healthy online environment for children. Because the website filtering function includes website blacklist and website whitelist, users can set suspicious or unsuitable network addresses to the website blacklist, and set trusted network addresses to the website whitelist. In addition, the malicious URL blocking function can also monitor specific port numbers, proxies, and suspicious programs.

现有的“恶意网址拦截”技术,都是在用户确认点击了某个网址,发起对于该网址的请求时进行的,在确认为恶意网址后,会提示用户是否继续加载。但是这种方案,用户只有点击了网址后才知道其是否为恶意网址,对于用户来说其体验不好。The existing "malicious website blocking" technology is all performed when the user confirms clicking on a certain website and initiates a request for the website. After confirming that the website is malicious, the user will be prompted whether to continue loading. However, in this solution, the user only knows whether it is a malicious website after clicking on the website, which is not good for the user experience.

发明内容Contents of the invention

鉴于上述问题,提出了本发明以便提供一种克服上述问题或者至少部分地解决上述问题的一种浏览器中提示恶意网址的方法和一种浏览器。In view of the above problems, the present invention is proposed to provide a method for prompting malicious URLs in a browser and a browser that overcome the above problems or at least partially solve the above problems.

依据本发明的一个方面,提供了一种浏览器中提示恶意网址的方法,其中,在所述浏览器中设置有恶意网址判定模块,该方法包括:According to one aspect of the present invention, a method for prompting malicious URLs in a browser is provided, wherein a malicious URL determination module is set in the browser, and the method includes:

获取用户在浏览器地址栏中的输入信息;Obtain the user's input information in the browser address bar;

依据所述输入信息获取该输入信息对应的推荐网址;Acquiring a recommended website corresponding to the input information according to the input information;

向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求;Initiate a request to the malicious website determination module on the browser side to determine whether the recommended website is a malicious website;

在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果。Prompting and displaying the judgment result of the recommended website by the malicious website judgment module on the browser side.

可选地,在向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求之后,该方法进一步包括:对于所述推荐网址中的每个网址,恶意网址判定模块判断该网址是否属于白名单,如果该网址属于白名单,则恶意网址判定模块将该网址判定为可信。Optionally, after initiating a request to the browser-side malicious URL judging module to judge whether the recommended URL is a malicious URL, the method further includes: for each URL in the recommended URL, the malicious URL judging module Judging whether the URL belongs to the white list, if the URL belongs to the white list, the malicious URL judging module judges the URL as credible.

可选地,该方法进一步包括:如果该网址不属于白名单,则恶意网址判定模块判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果。Optionally, the method further includes: if the URL does not belong to the whitelist, the malicious URL judging module judges whether the URL belongs to the blacklist, if the URL belongs to the blacklist, query the server for the security information of the URL, and return the URL returned by the server The security information of the URL is used as the judgment result of the URL.

可选地,该方法进一步包括:如果该网址既不属于白名单也不属于黑名单,则恶意网址判定模块向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。Optionally, the method further includes: if the URL does not belong to the whitelist or the blacklist, the malicious URL determination module initiates a cloud query request for the URL to the server, and uses the cloud query result of the URL returned by the server as the URL. URL verdict.

可选地,该方法进一步包括:在浏览器的本地缓存服务器返回的所述云查询结果,供后续的恶意网址判断中使用。Optionally, the method further includes: caching the cloud query result returned by the server locally in the browser for use in subsequent determination of malicious URLs.

可选地,所述白名单和/或黑名单是从在服务器侧进行更新后下载到浏览器本地的。Optionally, the whitelist and/or blacklist are downloaded to the local browser after being updated on the server side.

可选地,所述输入信息为汉字或英文;所述依据所述输入信息获取该输入信息对应的推荐网址包括:将该输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址;其中,所述网址集合包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址。Optionally, the input information is Chinese characters or English; the obtaining the recommended website corresponding to the input information according to the input information includes: matching the input information with the websites in the website collection to obtain more than one recommended website; Wherein, the URL collection includes at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server.

可选地,所述在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果包括:在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果;或者,以弹窗的形式显示对所述推荐网址的判定结果。Optionally, prompting and displaying the judgment result of the recommended website by the malicious website judgment module on the browser side includes: displaying each recommended website in a drop-down prompt box in the address bar of the browser, and displaying the recommended website on the left side of the drop-down prompt box The corresponding judgment result of each recommended website is displayed on the side; or, the judgment result of the recommended website is displayed in the form of a pop-up window.

可选地,当收到用户对判定结果为恶意网址的推荐网址进行访问的指令后,浏览器发起对该恶意网址的请求时,该方法进一步包括:对该恶意网址进行拦截操作和/或提示用户。Optionally, when the browser initiates a request for the malicious website after receiving an instruction from the user to visit the recommended website that is determined to be a malicious website, the method further includes: intercepting the malicious website and/or prompting user.

可选地,该方法进一步包括:将白名单、黑名单以及缓存的云查询结果作为浏览器用户的个人数据进行同步保存。Optionally, the method further includes: synchronously saving the whitelist, blacklist and cached cloud query results as personal data of the browser user.

根据本发明的另一方面,提供了一种浏览器,其中,该浏览器包括:提示模块和恶意网址判定模块,其中,According to another aspect of the present invention, a browser is provided, wherein the browser includes: a prompt module and a malicious URL determination module, wherein,

所述提示模块,适于获取用户在浏览器地址栏中的输入信息,依据所述输入信息获取该输入信息对应的推荐网址,向所述恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求,并在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果;The prompt module is adapted to obtain user input information in the browser address bar, obtain the recommended website corresponding to the input information according to the input information, and initiate a judgment to the malicious website determination module whether the recommended website is a malicious website request, and display the judgment result of the recommended website by the malicious website judgment module on the browser side;

所述恶意网址判定模块,适于根据所述提示模块的请求判断所述推荐网址是否为恶意网址,并将判定结果返回给所述提示模块。The malicious website judgment module is adapted to judge whether the recommended website is a malicious website according to the request of the prompt module, and return the judgment result to the prompt module.

可选地,所述恶意网址判定模块包括:存储子模块和判断子模块,其中,Optionally, the malicious URL judging module includes: a storage submodule and a judging submodule, wherein,

所述存储子模块,适于保存白名单;The storage submodule is suitable for storing a white list;

所述判断子模块,适于对于所述推荐网址中的每个网址,判断该网址是否属于白名单,如果该网址属于白名单,则将该网址判定为可信,并将判定结果返回给所述提示模块。The judging submodule is suitable for judging whether the URL belongs to the whitelist for each URL in the recommended URL, and if the URL belongs to the whitelist, then judge the URL as credible, and return the judgment result to the The above prompt module.

可选地,所述存储子模块,进一步适于保存黑名单;Optionally, the storage submodule is further adapted to save the blacklist;

所述判断子模块,进一步适于在该网址不属于白名单时,判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果返回给所述提示模块。The judging submodule is further suitable for judging whether the website belongs to the blacklist when the website does not belong to the whitelist, and if the website belongs to the blacklist, query the server for the security information of the website, and return the security information of the website returned by the server. The information is returned to the prompt module as the judgment result of the URL.

可选地,所述判断子模块,进一步适于在该网址既不属于白名单也不属于黑名单时,向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。Optionally, the judging submodule is further adapted to initiate a cloud query request for the URL to the server when the URL does not belong to the whitelist or blacklist, and use the cloud query result of the URL returned by the server as the URL verdict.

可选地,所述恶意网址判定模块进一步包括:缓存子模块;Optionally, the malicious URL judging module further includes: a caching submodule;

所述判断子模块,进一步适于将服务器返回的该网址的云查询结果保存到所述缓存子模块中;The judging submodule is further adapted to save the cloud query result of the website returned by the server into the cache submodule;

所述缓存子模块,适于保存所述判断子模块发送的云查询结果,供后续的恶意网址判断中使用。The caching sub-module is adapted to save the cloud query result sent by the judging sub-module for subsequent use in judging malicious URLs.

可选地,所述恶意网址判定模块进一步包括:更新下载子模块;Optionally, the malicious URL judging module further includes: an update download submodule;

所述更新下载子模块,适于从在服务器侧下载更新后白名单和/或黑名单,并保存到所述存储子模块中。The update downloading submodule is adapted to download the updated whitelist and/or blacklist from the server side and save them in the storage submodule.

可选地,所述提示模块,适于获取用户在浏览器地址栏中的汉字或英文的输入信息,该输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址;其中,所述网址集合包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址。Optionally, the prompt module is adapted to obtain user input information in Chinese characters or English in the address bar of the browser, and the input information is matched with the URLs in the URL collection to obtain more than one recommended URL; wherein, the The URL collection includes at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server.

可选地,所述提示模块,适于在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果;或者,所述提示模块,适于以弹窗的形式显示对所述推荐网址的判定结果。Optionally, the prompt module is adapted to display each recommended website in a drop-down prompt box in the browser address bar, and display the corresponding judgment results of each recommended website on the left side of the drop-down prompt box; or, the prompt module, It is suitable for displaying the judgment result of the recommended website in the form of a pop-up window.

可选地,该浏览器进一步包括:恶意网址拦截模块,适于在浏览器收到用户对判定结果为恶意网址的推荐网址进行访问的指令后,发起对该恶意网址的请求时,对该恶意网址进行拦截操作和/或通过所述提示模块提示用户。Optionally, the browser further includes: a malicious website blocking module, adapted to block the The URL is intercepted and/or the user is prompted through the prompt module.

可选地,该浏览器进一步包括:同步保存模块,适于将所述存储子模块中的白名单和黑名单以及所述缓存子模块中的云查询结果作为浏览器用户的个人数据进行同步保存。Optionally, the browser further includes: a synchronous preservation module adapted to synchronously preserve the whitelist and blacklist in the storage submodule and the cloud query results in the cache submodule as personal data of the browser user .

根据本发明的这种在浏览器中设置恶意网址判定模块,获取用户在浏览器地址栏中的输入信息,依据所述输入信息获取该输入信息对应的推荐网址,向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求,并在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果的技术方案,可以在用户在浏览器地址栏中输入信息时,在浏览器发起实际访问之前就进行恶意网址的判断并进行提示,加速了恶意网址判断的效率,由此解决了现有技术在用户确认点击了某个网址发起该网址的请求时才进行恶意网址的确认,使得用户点击网址后才知道其是否为恶意网址,体验不好的问题,取得了用户在浏览器地址栏中进行输入的过程中就获取是否为恶意网址的提示,提高了用户体验的有益效果。According to the malicious website determination module set in the browser of the present invention, the input information of the user in the browser address bar is obtained, and the recommended website corresponding to the input information is obtained according to the input information, and the malicious website on the browser side is sent The website judgment module initiates a request to judge whether the recommended website is a malicious website, and prompts and displays the technical solution of the judgment result of the recommended website by the malicious website judgment module on the browser side, which can be displayed by the user in the browser address bar When inputting information, the malicious website is judged and prompted before the browser initiates an actual visit, which speeds up the efficiency of malicious website judgment, thereby solving the problem of the existing technology when the user confirms that a certain website is clicked to initiate a request for the website The confirmation of malicious URLs is carried out, so that users can only know whether it is a malicious URL after clicking the URL, and the problem of bad experience has obtained the prompt whether the user is a malicious URL during the process of inputting in the browser address bar, which improves beneficial effect on user experience.

上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段,而可依照说明书的内容予以实施,并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂,以下特举本发明的具体实施方式。The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same parts. In the attached picture:

图1示出了根据本发明一个实施例的一种浏览器中提示恶意网址的方法的流程图;FIG. 1 shows a flow chart of a method for prompting malicious URLs in a browser according to an embodiment of the present invention;

图2示出了根据本发明一个实施例的设置于浏览器中的恶意网址判定模块的恶意网址判定方法的流程图;FIG. 2 shows a flow chart of a method for judging a malicious website in a malicious website judging module provided in a browser according to an embodiment of the present invention;

图3示出了根据本发明一个实施例的在浏览器的下拉提示框中进行恶意网址提示的示意图;FIG. 3 shows a schematic diagram of prompting malicious URLs in a drop-down prompt box of a browser according to an embodiment of the present invention;

图4示出了根据本发明一个实施例的一种浏览器的结构示意图;Fig. 4 shows a schematic structural diagram of a browser according to an embodiment of the present invention;

图5示出了根据本发明另一个实施例的一种浏览器的结构示意图。Fig. 5 shows a schematic structural diagram of a browser according to another embodiment of the present invention.

具体实施方式detailed description

下面将参照附图更详细地描述本公开的示例性实施例。虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

图1示出了根据本发明一个实施例的一种浏览器中提示恶意网址的方法的流程图。其中,在浏览器中设置有恶意网址判定模块,则参见图1,该方法包括:Fig. 1 shows a flowchart of a method for prompting malicious URLs in a browser according to an embodiment of the present invention. Wherein, a malicious website determination module is set in the browser, as shown in Fig. 1, the method includes:

步骤S110,获取用户在浏览器地址栏中的输入信息。Step S110, acquiring user input information in the address bar of the browser.

在本发明的一个实施例中,获取的用户在浏览器地址栏中输入的信息可以是汉字,也可以是英文,或者也可以是其它任何一种语言的文字。In an embodiment of the present invention, the obtained information input by the user in the address bar of the browser may be Chinese characters, English, or any other language.

步骤S120,依据输入信息获取该输入信息对应的推荐网址。Step S120, according to the input information, obtain the recommended website corresponding to the input information.

在本发明的一个实施例中,可以将输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址。这里所述的网址集合可以包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址。即在本发明的一个实施例中,可以将输入信息与浏览器的本地浏览历史记录、本地收藏夹以及服务器提供的云网址中的网址进行匹配,匹配上的网址即为推荐网址,匹配得到的推荐网址的个数可能为一个或多个。In an embodiment of the present invention, the input information may be matched with the URLs in the URL collection to obtain more than one recommended URL. The URL collection described here may include at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server. That is, in one embodiment of the present invention, the input information can be matched with the browser's local browsing history, local favorites, and URLs in the cloud URL provided by the server. The matched URL is the recommended URL, and the matched URL is the recommended URL. There may be one or more recommended URLs.

步骤S130,向浏览器侧的恶意网址判定模块发起判断是否推荐网址为恶意网址的请求。Step S130, sending a request to the malicious website determination module on the browser side to determine whether the recommended website is a malicious website.

步骤S140,在浏览器侧提示显示恶意网址判定模块对推荐网址的判定结果。Step S140, prompting and displaying the judgment result of the recommended website by the malicious website judgment module on the browser side.

在本发明的一个实施例中,可以在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果。或者,在本发明的另一个实施例中,以弹窗的形式显示对推荐网址的判定结果。In an embodiment of the present invention, each recommended website may be displayed in a drop-down prompt box in the address bar of the browser, and the corresponding determination results of each recommended website may be displayed on the left side of the drop-down prompt box. Or, in another embodiment of the present invention, the determination result of the recommended website is displayed in the form of a pop-up window.

通过图1所示的方法,可以在用户在浏览器地址栏中输入信息时,即在浏览器发起实际访问之前就进行恶意网址的判断并进行提示,加速了恶意网址判断的效率。这相对现有技术中在用户确认点击了某个网址发起该网址的请求时才进行恶意网址的确认,使得用户点击网址后才知道其是否为恶意网址的方案,大大提高了用户体验。Through the method shown in FIG. 1 , when the user inputs information in the browser address bar, that is, before the browser initiates an actual visit, the malicious website can be judged and prompted, which speeds up the efficiency of malicious website judgment. Compared with the prior art, the malicious URL is confirmed only when the user clicks on a certain URL to initiate a request for the URL, so that the user does not know whether it is a malicious URL until the user clicks the URL, which greatly improves the user experience.

在本发明的一个实施例中,浏览器侧的恶意网址判定模块可采用如下方式进行推荐网址中的各网址是否为恶意网址的判断:对于推荐网址中的每个网址,恶意网址判定模块判断该网址是否属于白名单,如果该网址属于白名单,则恶意网址判定模块将该网址判定为可信。这样,可以确认出推荐网址中的可信任网址。In one embodiment of the present invention, the malicious website judgment module on the browser side can judge whether each website in the recommended website is a malicious website in the following manner: for each website in the recommended website, the malicious website judgment module judges the Whether the URL belongs to the white list, if the URL belongs to the white list, the malicious URL determination module determines the URL as credible. In this way, trusted URLs among recommended URLs can be confirmed.

在本发明的一个实施例中,浏览器侧的恶意网址判定模块在根据白名单进行判断之后,还可以进行如下判断:如某个网址不属于白名单,则恶意网址判定模块判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果。这样可以进一步确认出推荐网址中的不可信任的网址。In one embodiment of the present invention, after the malicious website judgment module on the browser side judges according to the white list, it can also make the following judgment: if a certain website does not belong to the white list, the malicious website judgment module judges whether the website belongs to Blacklist, if the URL belongs to the blacklist, query the security information of the URL from the server, and use the security information of the URL returned by the server as the judgment result of the URL. In this way, untrustworthy URLs in the recommended URLs can be further confirmed.

在本发明的一个实施例中,浏览器侧的恶意网址判定模块在根据白名单和黑名单进行判断之后,还可以进行如下判断:如果某个网址既不属于白名单也不属于黑名单,则恶意网址判定模块向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。这样可以进一步地补充推荐网址中的一批网址是否为恶意网址的信息。In one embodiment of the present invention, after the malicious website judgment module on the browser side judges according to the whitelist and blacklist, it can also make the following judgment: if a certain website does not belong to the whitelist or blacklist, then The malicious website determination module initiates a cloud query request of the website to the server, and uses the cloud query result of the website returned by the server as the determination result of the website. In this way, information on whether a batch of URLs in the recommended URLs are malicious URLs can be further supplemented.

在本发明的一个实施例中,还可以在浏览器的本地缓存服务器返回的云查询结果,供后续的恶意网址判断中使用。这样可以提高恶意网址的判断效率。In an embodiment of the present invention, the cloud query result returned by the server can also be cached locally in the browser for use in subsequent malicious website judgments. In this way, the efficiency of judging malicious URLs can be improved.

这里,黑名单和白名单都是网址的集合,其中黑名单中包含的网址为不可信任的网址,白名单中包含的网址为可信任的网址。黑名单和白名单可以是用户自己手动设置的。Here, both the blacklist and the whitelist are collections of URLs, wherein the URLs included in the blacklist are untrusted URLs, and the URLs included in the whitelist are trusted URLs. The blacklist and whitelist can be manually set by the user.

在本发明的一个实施例中,白名单、黑名单或者白名单和黑名单两者是在服务器侧进行更新后下载到浏览器本地的,以加快上述云查询的效率,否则浏览器侧可能会有大量的云查询请求。由于有了及时更新的已经确定的黑名单和白名单,就可以省去查询的次数。在黑名单和白名单没有及时更新的情况下,可以通过上述缓存在浏览器本地的云查询结果进行恶意网址的判断,这样可以在黑名单和白名单的更新不及时,也可以进行高效而准确的恶意网址判断。In one embodiment of the present invention, the whitelist, the blacklist, or both the whitelist and the blacklist are downloaded locally to the browser after being updated on the server side, so as to speed up the efficiency of the above-mentioned cloud query, otherwise the browser side may There are a lot of cloud query requests. Due to the confirmed blacklist and whitelist updated in time, the number of inquiries can be saved. In the case that the blacklist and whitelist are not updated in time, malicious URLs can be judged through the cloud query results cached locally in the browser, so that the blacklist and whitelist can be updated efficiently and accurately. judgment of malicious URLs.

具体来说,在本发明的一个实施例中,当用户在浏览器的地址栏中输入关键字(汉字,或者英文)时,浏览器会在后台进行对本地浏览历史记录、本地收藏夹和服务器提供的云网址中的网址进行匹配,将并匹配的URL提示在地址栏的下拉提示框中。由设置于浏览器中的恶意网址判定模块对下拉提示框中的每个URL进行是否为恶意网址的判定,具体如图2所示。Specifically, in one embodiment of the present invention, when a user enters keywords (Chinese characters, or English) in the address bar of the browser, the browser will perform local browsing history records, local favorites, and server The URL in the provided cloud URL is matched, and the matched URL is prompted in the drop-down prompt box in the address bar. Whether each URL in the drop-down prompt box is a malicious website is judged by the malicious website judgment module set in the browser, as shown in FIG. 2 .

图2示出了根据本发明一个实施例的设置于浏览器中的恶意网址判定模块的恶意网址判定方法的流程图。如图2所示,对于每个需要判定的网址(URL),恶意网址判定模块执行如下步骤:Fig. 2 shows a flow chart of a method for judging a malicious website by a module for judging a malicious website in a browser according to an embodiment of the present invention. As shown in Figure 2, for each website (URL) that needs to be determined, the malicious website determination module performs the following steps:

步骤S210,判断该URL是否属于白名单,是则执行步骤S220,否则执行步骤SS230。Step S210, judging whether the URL belongs to the white list, if yes, execute step S220, otherwise execute step SS230.

步骤S220,直接对该URL进行正常的内核渲染和加载,显示其为可信网址。结束本流程。In step S220, normal kernel rendering and loading is directly performed on the URL to display that it is a trusted URL. End this process.

步骤S230,判断该URL是否属于黑名单,是则执行步骤S240,否则执行步骤SS250。Step S230, judging whether the URL belongs to the blacklist, if yes, execute step S240, otherwise execute step SS250.

步骤S240,进行对网盾服务器的请求,细查该URL的安全信息,并由网盾服务器返回该URL的安全信息查询结果,浏览器侧显示该URL的安全信息。结束本流程。Step S240, making a request to the NetShield server to check the security information of the URL, and the NetShield server returns the query result of the URL's security information, and the browser side displays the URL's security information. End this process.

步骤S250,如果在黑名单和白名单中都匹配不到,则向网盾服务器侧进行该URL的云网址安全查询,在网盾服务器查询检测到任何安全信息后,向浏览器侧返回云查询结果。Step S250, if there is no match in the blacklist and the whitelist, perform a cloud URL security query of the URL to the network shield server side, and return the cloud query to the browser side after any security information is detected by the network shield server query result.

步骤S260,浏览器侧,在地址提示栏中对应显示该URL的云查询结果,并在浏览器本地缓存该云查询结果。结束本流程。Step S260, on the browser side, correspondingly display the cloud query result of the URL in the address prompt column, and cache the cloud query result locally in the browser. End this process.

由图2所示的上述过程可见,在本实施例中,对于待判断的URL,恶意网址判定模先进行第一轮的黑白名单的判断,如果该URL既不属于白名单,也不属于黑名单,则恶意网址判定模进行第二轮的云网址安全查询过程。这样,通过第一、第二轮的判断后,就可以完成对该URL是否为恶意网址的判断。对于与用户输入的关键匹配的各个URL,逐个进行图2所示的判断,就可以实现对所匹配的所有URL的判断,并将判断结果显示在浏览器地址栏的下拉提示框中。It can be seen from the above-mentioned process shown in Fig. 2 that in this embodiment, for the URL to be judged, the malicious website judgment module first performs the judgment of the first round of black and white lists, if the URL neither belongs to the white list nor belongs to the black list list, the malicious URL judgment module performs the second round of cloud URL security query process. In this way, after passing the first and second rounds of judgment, it is possible to complete the judgment of whether the URL is a malicious website. For each URL that matches the key input by the user, the judgment shown in FIG. 2 is performed one by one to realize the judgment of all the matched URLs, and the judgment result is displayed in the drop-down prompt box of the browser address bar.

图3示出了根据本发明一个实施例的在浏览器的下拉提示框中进行恶意网址提示的示意图。如图3所示,在本实施例中,在浏览器的下拉提示框的左侧显示匹配的推荐网址,并在下拉提示框的右侧对应地显示各推荐网址的判定结果。Fig. 3 shows a schematic diagram of prompting malicious URLs in a drop-down prompt box of a browser according to an embodiment of the present invention. As shown in FIG. 3 , in this embodiment, the matched recommended URLs are displayed on the left side of the browser's drop-down prompt box, and the judgment results of each recommended URL are correspondingly displayed on the right side of the drop-down prompt box.

在本发明的其它实施例中,还可以以弹框的形式来提示为恶意网址的URL。In other embodiments of the present invention, the URL that is a malicious URL may also be prompted in the form of a bullet box.

根据本发明的上述技术方案,可以在不打开网页的情况下,就可以实现对匹配的URL是否为恶意网址的预先判断,满足了用户的网络安全方面的需要。According to the above-mentioned technical solution of the present invention, it is possible to realize the prejudgment of whether the matched URL is a malicious URL without opening the webpage, which satisfies the needs of users in terms of network security.

在本发明的一个实施例中,如果用户仍然对判定结果为恶意网址的推荐网址进行访问,则本发明中的还进一步对该恶意网址进行拦截。即在收到用户访问被判定为恶意网址的URL的指令后,浏览器发起对该恶意网址的请求时,对该恶意网址进行拦截操作或提示用户,或者对该恶意网址进行拦截操作并提示用户。In one embodiment of the present invention, if the user still visits the recommended website that is determined to be a malicious website, the malicious website is further intercepted in the present invention. That is, after receiving an instruction from a user to access a URL that is determined to be a malicious website, when the browser initiates a request for the malicious website, it will block the malicious website or prompt the user, or block the malicious website and prompt the user .

在本发明的一个实施例中,还可以将白名单、黑名单以及缓存的云查询结果作为浏览器用户的个人数据进行同步保存。即不同的用户使用不同的账号使用浏览器时,浏览器可以为不同账号的用户提供不同的个性化服务。用户可以在自己的账号下根据自己的喜好设置黑白名单。这样,可以为不同的用户根据其喜好提供不同的网络安全服务。In an embodiment of the present invention, the whitelist, blacklist and cached cloud query results can also be stored synchronously as personal data of the browser user. That is, when different users use different accounts to use the browser, the browser can provide different personalized services for users of different accounts. Users can set black and white lists according to their preferences under their own accounts. In this way, different network security services can be provided for different users according to their preferences.

图4示出了根据本发明一个实施例的一种浏览器的结构示意图。该浏览器400能够提示恶意网址,参见图4,该浏览器400包括:提示模块410和恶意网址判定模块420。Fig. 4 shows a schematic structural diagram of a browser according to an embodiment of the present invention. The browser 400 is capable of prompting malicious URLs. Referring to FIG. 4 , the browser 400 includes: a prompting module 410 and a malicious URL judging module 420 .

提示模块410,适于获取用户在浏览器地址栏中的输入信息,依据该输入信息获取该输入信息对应的推荐网址,向恶意网址判定模块420发起判断是否所述推荐网址为恶意网址的请求,并在浏览器侧提示显示恶意网址判定模块420对推荐网址的判定结果;The prompting module 410 is adapted to obtain the user's input information in the browser address bar, obtain the recommended website corresponding to the input information according to the input information, and initiate a request to the malicious website determination module 420 to determine whether the recommended website is a malicious website, And display the judgment result of the recommended website by the malicious website judgment module 420 on the browser side;

恶意网址判定模块420,适于根据提示模块410的请求判断推荐网址是否为恶意网址,并将判定结果返回给提示模块410。The malicious website determining module 420 is adapted to determine whether the recommended website is a malicious website according to the request of the prompting module 410 , and return the determination result to the prompting module 410 .

图4所示的浏览器,可以在用户在浏览器地址栏中输入信息时,即在浏览器发起实际访问之前就进行恶意网址的判断并进行提示,加速了恶意网址判断的效率。这相对现有技术中在用户确认点击了某个网址发起该网址的请求时才进行恶意网址的确认,使得用户点击网址后才知道其是否为恶意网址的方案,大大提高了用户体验。The browser shown in FIG. 4 can judge and prompt malicious URLs when the user inputs information in the address bar of the browser, that is, before the browser initiates an actual visit, which speeds up the efficiency of judging malicious URLs. Compared with the prior art, the malicious URL is confirmed only when the user clicks on a certain URL to initiate a request for the URL, so that the user does not know whether it is a malicious URL until the user clicks the URL, which greatly improves the user experience.

图5示出了根据本发明另一个实施例的一种浏览器的结构示意图。该浏览器500能够提示恶意网址,参见图5,该浏览器500包括:提示模块510、恶意网址判定模块520和恶意网址拦截模块530。Fig. 5 shows a schematic structural diagram of a browser according to another embodiment of the present invention. The browser 500 can prompt malicious URLs. Referring to FIG. 5 , the browser 500 includes: a prompting module 510 , a malicious URL judging module 520 and a malicious URL blocking module 530 .

提示模块510,适于获取用户在浏览器地址栏中的输入信息,依据该输入信息获取该输入信息对应的推荐网址,向恶意网址判定模块520发起判断是否所述推荐网址为恶意网址的请求,并在浏览器侧提示显示恶意网址判定模块520对推荐网址的判定结果。The prompting module 510 is adapted to obtain the user's input information in the browser address bar, obtain the recommended website corresponding to the input information according to the input information, and initiate a request to the malicious website determination module 520 to determine whether the recommended website is a malicious website, And the browser prompts and displays the judgment result of the malicious website judgment module 520 on the recommended website.

具体来说,提示模块510获取用户在浏览器地址栏中的汉字或英文的输入信息,将该输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址。其中,所述网址集合包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址。Specifically, the prompting module 510 obtains the user's input information in Chinese characters or English in the address bar of the browser, matches the input information with the URLs in the URL collection, and obtains one or more recommended URLs. Wherein, the URL collection includes at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server.

提示模块510可以在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果。或者,提示模块510也可以以弹窗的形式显示对各推荐网址的判定结果。The prompting module 510 may display each recommended website in a drop-down prompt box in the address bar of the browser, and display the corresponding determination results of each recommended website on the left side of the drop-down prompt box. Alternatively, the prompt module 510 may also display the determination results of each recommended website in the form of a pop-up window.

恶意网址判定模块520,适于根据提示模块510的请求判断推荐网址是否为恶意网址,并将判定结果返回给提示模块510。The malicious website determining module 520 is adapted to determine whether the recommended website is a malicious website according to the request of the prompting module 510 , and return the determination result to the prompting module 510 .

恶意网址拦截模块530,适于在浏览器收到用户对判定结果为恶意网址的推荐网址进行访问的指令后,发起对该恶意网址的请求时,对该恶意网址进行拦截操作和/或通过所述提示模块提示用户,以进一步加强网络安全。The malicious website interception module 530 is adapted to intercept the malicious website and/or pass the The prompt module prompts the user to further strengthen network security.

这里,恶意网址拦截模块530为可选模块。在本发明的一个实施例中,如果只需要预先提示用户哪些网址是恶意网址,而在用户实际访问恶意网址时不需要进行拦截或相关提示,则可以省略恶意网址拦截模块530。Here, the malicious website blocking module 530 is an optional module. In one embodiment of the present invention, if it is only necessary to pre-prompt the user which URLs are malicious URLs, and does not need to intercept or provide related prompts when the user actually visits the malicious URLs, the malicious URL blocking module 530 can be omitted.

以下对恶意网址判定模块520具体判断推荐网址是否为恶意网址进行详细说明。具体来说,在本实施例中,恶意网址判定模块520包括:存储子模块521、判断子模块522、缓存子模块523、更新下载子模块524和同步保存子模块525。The specific determination of whether the recommended website is a malicious website by the malicious website determining module 520 will be described in detail below. Specifically, in this embodiment, the malicious website determination module 520 includes: a storage submodule 521 , a determination submodule 522 , a cache submodule 523 , an update download submodule 524 and a synchronization storage submodule 525 .

其中,存储子模块521适于保存白名单。判断子模块522适于对于推荐网址中的每个网址,判断该网址是否属于白名单,如果该网址属于白名单,则将该网址判定为可信,并将判定结果返回给提示模块510。这样,可以确认出推荐网址中的可信任网址。Wherein, the storage submodule 521 is suitable for saving the white list. The judging sub-module 522 is adapted to judge whether each website in the recommended website belongs to the whitelist, if the website belongs to the whitelist, judge the website as credible, and return the judgment result to the prompt module 510 . In this way, trusted URLs among recommended URLs can be confirmed.

存储子模块521还可以进一步保存黑名单。判断子模块522可以进一步在该网址不属于白名单时,判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果返回给提示模块510。这样可以进一步确认出推荐网址中的不可信任的网址。The storage submodule 521 can further save the blacklist. The judging submodule 522 can further judge whether the website belongs to the blacklist when the website does not belong to the whitelist, if the website belongs to the blacklist, query the server for the security information of the website, and use the security information of the website returned by the server as the The determination result of the URL is returned to the prompting module 510 . In this way, untrustworthy URLs in the recommended URLs can be further confirmed.

判断子模块522还可以进一步在该网址既不属于白名单也不属于黑名单时,向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。这样可以进一步地补充推荐网址中的一批网址是否为恶意网址的信息。The judging sub-module 522 may further initiate a cloud query request of the URL to the server when the URL does not belong to the whitelist or blacklist, and use the cloud query result of the URL returned by the server as the judgment result of the URL. In this way, information on whether a batch of URLs in the recommended URLs are malicious URLs can be further supplemented.

判断子模块522还可以进一步将服务器返回的该网址的云查询结果保存到缓存子模块523中。缓存子模块523保存判断子模块522发送的云查询结果,供后续的恶意网址判断中使用。这样可以提高恶意网址的判断效率和准确度。The judging sub-module 522 may further save the cloud query result of the URL returned by the server in the caching sub-module 523 . The caching sub-module 523 saves the cloud query result sent by the judging sub-module 522 for subsequent use in judging malicious URLs. In this way, the efficiency and accuracy of judging malicious URLs can be improved.

更新下载子模块524适于从在服务器侧下载更新后白名单和/或黑名单,并保存到存储子模块521中。这可以加快判断子模块522的云查询的效率,否判断子模块522可能会有大量的云查询请求。由于有了及时更新的已经确定的黑名单和白名单,就可以省去查询的次数。在黑名单和白名单没有及时更新的情况下,可以通过缓存子模块523中保存的云查询结果进行恶意网址的判断,这样可以在黑名单和白名单的更新不及时,也可以进行高效而准确的恶意网址判断。The update download submodule 524 is adapted to download the updated whitelist and/or blacklist from the server side, and store them in the storage submodule 521 . This can speed up the efficiency of the cloud query of the judging sub-module 522, otherwise the judging sub-module 522 may have a large number of cloud query requests. Due to the confirmed blacklist and whitelist updated in time, the number of inquiries can be saved. In the case that the blacklist and the whitelist are not updated in time, the malicious website can be judged through the cloud query results stored in the cache submodule 523, so that the update of the blacklist and the whitelist can be performed efficiently and accurately. judgment of malicious URLs.

同步保存模块525,适于将存储子模块521中的白名单和黑名单以及缓存子模块523中的云查询结果作为浏览器用户的个人数据进行同步保存。这样不同的用户使用不同的账号使用浏览器时,浏览器可以为不同账号的用户提供不同的个性化服务。用户可以在自己的账号下根据自己的喜好设置黑白名单。这样,可以为不同的用户根据其喜好提供不同的网络安全服务。The synchronous saving module 525 is adapted to synchronously save the white list and black list in the storage sub-module 521 and the cloud query results in the cache sub-module 523 as personal data of the browser user. In this way, when different users use different accounts to use the browser, the browser can provide different personalized services for users of different accounts. Users can set black and white lists according to their preferences under their own accounts. In this way, different network security services can be provided for different users according to their preferences.

综上所述,本发明的这种在浏览器中设置恶意网址判定模块,获取用户在浏览器地址栏中的输入信息,依据所述输入信息获取该输入信息对应的推荐网址,向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求,并在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果的技术方案,可以在用户在浏览器地址栏中输入信息时,在浏览器发起实际访问之前就进行恶意网址的判断并进行提示,加速了恶意网址判断的效率,由此解决了现有技术在用户确认点击了某个网址发起该网址的请求时才进行恶意网址的确认,使得用户点击网址后才知道其是否为恶意网址,体验不好的问题,取得了用户在浏览器地址栏中进行输入的过程中就获取是否为恶意网址的提示,提高了用户体验的有益效果。To sum up, in the present invention, the malicious website determination module is set in the browser to obtain the input information of the user in the address bar of the browser, obtain the recommended website corresponding to the input information according to the input information, and submit the browser to the browser. The malicious website judgment module on the server side initiates a request to judge whether the recommended website is a malicious website, and prompts and displays the technical solution of the judgment result of the recommended website by the malicious website judgment module on the browser side, which can be used when the user is browsing When inputting information in the browser address bar, the malicious website is judged and prompted before the browser initiates an actual visit, which speeds up the efficiency of malicious website judgment, thus solving the problem of the prior art when the user confirms clicking on a certain website to initiate the malicious website. Malicious URLs are confirmed only when the URL is requested, so that the user does not know whether it is a malicious URL until the user clicks on the URL. The problem of poor experience is that the user can obtain whether it is a malicious URL during the process of inputting in the browser address bar. The tips have beneficial effects that improve the user experience.

需要说明的是:It should be noted:

在此提供的算法和显示不与任何特定计算机、虚拟系统或者其它设备固有相关。各种通用系统也可以与基于在此的示教一起使用。根据上面的描述,构造这类系统所要求的结构是显而易见的。此外,本发明也不针对任何特定编程语言。应当明白,可以利用各种编程语言实现在此描述的本发明的内容,并且上面对特定语言所做的描述是为了披露本发明的最佳实施方式。The algorithms and displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of specific languages is for disclosing the best mode of the present invention.

在此处所提供的说明书中,说明了大量具体细节。然而,能够理解,本发明的实施例可以在没有这些具体细节的情况下实践。在一些实例中,并未详细示出公知的方法、结构和技术,以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

类似地,应当理解,为了精简本公开并帮助理解各个发明方面中的一个或多个,在上面对本发明的示例性实施例的描述中,本发明的各个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而,并不应将该公开的方法解释成反映如下意图:即所要求保护的本发明要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说,如下面的权利要求书所反映的那样,发明方面在于少于前面公开的单个实施例的所有特征。因此,遵循具体实施方式的权利要求书由此明确地并入该具体实施方式,其中每个权利要求本身都作为本发明的单独实施例。Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline this disclosure and to facilitate an understanding of one or more of the various inventive aspects, various features of the invention are sometimes grouped together in a single embodiment, figure, or its description. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

本领域那些技术人员可以理解,可以对实施例中的设备中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个设备中。可以把实施例中的模块或单元或组件组合成一个模块或单元或组件,以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外,可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述,本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings), as well as any method or method so disclosed, may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

此外,本领域的技术人员能够理解,尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征,但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。例如,在下面的权利要求书中,所要求保护的实施例的任意之一都可以以任意的组合方式来使用。Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

本发明的各个部件实施例可以以硬件实现,或者以在一个或者多个处理器上运行的软件模块实现,或者以它们的组合实现。本领域的技术人员应当理解,可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的浏览器中的一些或者全部部件的一些或者全部功能。本发明还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如,计算机程序和计算机程序产品)。这样的实现本发明的程序可以存储在计算机可读介质上,或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到,或者在载体信号上提供,或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) may be used in practice to implement some or all functions of some or all components in the browser according to the embodiments of the present invention. The present invention can also be implemented as an apparatus or an apparatus program (for example, a computer program and a computer program product) for performing a part or all of the methods described herein. Such a program for realizing the present invention may be stored on a computer-readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

应该注意的是上述实施例对本发明进行说明而不是对本发明进行限制,并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中,不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计算机来实现。在列举了若干装置的单元权利要求中,这些装置中的若干个可以是通过同一个硬件项来具体体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a unit claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The use of the words first, second, and third, etc. does not indicate any order. These words can be interpreted as names.

Claims (16)

1.一种浏览器中提示恶意网址的方法,其中,在所述浏览器中设置有恶意网址判定模块,在浏览器发起实际访问之前该方法包括:1. A method for prompting a malicious website in a browser, wherein a malicious website determination module is provided in the browser, and the method includes before the browser initiates an actual visit: 获取用户在浏览器地址栏中的输入信息;所述输入信息为汉字、英文或其他任何一种语言的文字;Obtain the user's input information in the browser address bar; the input information is written in Chinese characters, English or any other language; 依据所述输入信息获取该输入信息对应的推荐网址,包括:将该输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址;Obtaining the recommended URL corresponding to the input information according to the input information includes: matching the input information with the URLs in the URL collection to obtain more than one recommended URL; 其中,所述网址集合包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址;Wherein, the set of URLs includes at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server; 向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求;所述恶意网址判定模块根据本地的白名单和/或黑名单判断所述推荐网址是否为恶意网址;Initiate a request to determine whether the recommended website is a malicious website to the malicious website judgment module on the browser side; the malicious website judgment module judges whether the recommended website is a malicious website according to the local white list and/or blacklist; 在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果,包括:Prompting and displaying the judgment result of the recommended website by the malicious website judgment module on the browser side, including: 在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果;Each recommended URL is displayed in the drop-down prompt box in the address bar of the browser, and the corresponding judgment result of each recommended URL is displayed on the left side of the drop-down prompt box; 或者,or, 以弹窗的形式显示对所述推荐网址的判定结果。The result of judging the recommended URL is displayed in the form of a pop-up window. 2.如权利要求1所述的方法,其中,在向所述浏览器侧的恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求之后,该方法进一步包括:2. The method according to claim 1, wherein, after initiating a request to determine whether the recommended website is a malicious website to the malicious website determination module on the browser side, the method further comprises: 对于所述推荐网址中的每个网址,恶意网址判定模块判断该网址是否属于白名单,如果该网址属于白名单,则恶意网址判定模块将该网址判定为可信。For each URL in the recommended URLs, the malicious URL judging module judges whether the URL belongs to the white list, and if the URL belongs to the white list, the malicious URL judging module judges the URL as credible. 3.如权利要求2所述的方法,其中,该方法进一步包括:3. The method of claim 2, wherein the method further comprises: 如果该网址不属于白名单,则恶意网址判定模块判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果。If the URL does not belong to the whitelist, the malicious URL judging module judges whether the URL belongs to the blacklist, if the URL belongs to the blacklist, query the server for the security information of the URL, and use the security information of the URL returned by the server as the URL of the URL judgement result. 4.如权利要求3所述的方法,其中,该方法进一步包括:4. The method of claim 3, wherein the method further comprises: 如果该网址既不属于白名单也不属于黑名单,则恶意网址判定模块向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。If the URL does not belong to the whitelist or the blacklist, the malicious URL determination module initiates a cloud query request of the URL to the server, and takes the cloud query result of the URL returned by the server as the determination result of the URL. 5.如权利要求4所述的方法,其中,该方法进一步包括:5. The method of claim 4, wherein the method further comprises: 在浏览器的本地缓存服务器返回的所述云查询结果,供后续的恶意网址判断中使用。The cloud query result returned by the browser's local cache server is used for subsequent judgment of malicious URLs. 6.如权利要求3所述的方法,其中,6. The method of claim 3, wherein, 所述白名单和/或黑名单是从在服务器侧进行更新后下载到浏览器本地的。The white list and/or black list are downloaded to the local browser after being updated on the server side. 7.如权利要求1至6中任一项所述的方法,其中,当收到用户对判定结果为恶意网址的推荐网址进行访问的指令后,浏览器发起对该恶意网址的请求时,该方法进一步包括:7. The method according to any one of claims 1 to 6, wherein, when the browser initiates a request for the malicious website after receiving an instruction from the user to visit the recommended website that is determined to be a malicious website, the The method further includes: 对该恶意网址进行拦截操作和/或提示用户。Block the malicious URL and/or prompt the user. 8.如权利要求5所述的方法,其中,该方法进一步包括:8. The method of claim 5, wherein the method further comprises: 将白名单、黑名单以及缓存的云查询结果作为浏览器用户的个人数据进行同步保存。Synchronously save the whitelist, blacklist and cached cloud query results as personal data of browser users. 9.一种浏览器,其中,该浏览器包括:提示模块和恶意网址判定模块,其中,9. A browser, wherein the browser includes: a prompt module and a malicious URL determination module, wherein, 所述提示模块,适于在浏览器发起实际访问之前获取用户在浏览器地址栏中的输入信息,依据所述输入信息获取该输入信息对应的推荐网址,向所述恶意网址判定模块发起判断是否所述推荐网址为恶意网址的请求,并在所述浏览器侧提示显示恶意网址判定模块对所述推荐网址的判定结果;其中,所述输入信息为汉字、英文或其他任何一种语言的文字;The prompt module is adapted to obtain user input information in the browser address bar before the browser initiates an actual visit, obtain the recommended website corresponding to the input information according to the input information, and initiate a judgment to the malicious website determination module whether The recommended website is a request for a malicious website, and the browser prompts to display the judgment result of the recommended website by the malicious website judgment module; wherein, the input information is written in Chinese characters, English or any other language ; 所述恶意网址判定模块,适于根据所述提示模块的请求,并根据本地的白名单和/或黑名单判断所述推荐网址是否为恶意网址,并将判定结果返回给所述提示模块;The malicious website judgment module is adapted to judge whether the recommended website is a malicious website according to the request of the prompt module and according to the local white list and/or blacklist, and return the judgment result to the prompt module; 所述提示模块,适于获取用户在浏览器地址栏中的输入信息,该输入信息与网址集合中的网址进行匹配,得到一个以上的推荐网址;The prompting module is adapted to obtain the user's input information in the browser address bar, and the input information is matched with the URLs in the URL collection to obtain more than one recommended URL; 其中,所述网址集合包括如下中的至少一种:浏览器的本地浏览历史记录、本地收藏夹、服务器提供的云网址;Wherein, the set of URLs includes at least one of the following: local browsing history records of the browser, local favorites, and cloud URLs provided by the server; 所述提示模块,还适于在浏览器地址栏的下拉提示框中显示各推荐网址,并在下拉提示框的左侧显示各推荐网址的对应判定结果;或者,所述提示模块,适于以弹窗的形式显示对所述推荐网址的判定结果。The prompt module is also suitable for displaying each recommended website in the drop-down prompt box of the browser address bar, and displays the corresponding judgment results of each recommended website on the left side of the drop-down prompt box; or, the prompt module is suitable for using The result of judging the recommended URL is displayed in the form of a pop-up window. 10.如权利要求9所述的浏览器,其中,所述恶意网址判定模块包括:存储子模块和判断子模块,其中,10. The browser as claimed in claim 9, wherein the malicious URL judging module comprises: a storage submodule and a judging submodule, wherein, 所述存储子模块,适于保存白名单;The storage submodule is suitable for storing a white list; 所述判断子模块,适于对于所述推荐网址中的每个网址,判断该网址是否属于白名单,如果该网址属于白名单,则将该网址判定为可信,并将判定结果返回给所述提示模块。The judging submodule is suitable for judging whether the URL belongs to the whitelist for each URL in the recommended URL, and if the URL belongs to the whitelist, then judge the URL as credible, and return the judgment result to the The above prompt module. 11.如权利要求10所述的浏览器,其中,11. The browser of claim 10, wherein: 所述存储子模块,进一步适于保存黑名单;The storage submodule is further adapted to save the blacklist; 所述判断子模块,进一步适于在该网址不属于白名单时,判断该网址是否属于黑名单,如果该网址属于黑名单,向服务器查询该网址的安全信息,将服务器返回的该网址的安全信息作为该网址的判定结果返回给所述提示模块。The judging submodule is further suitable for judging whether the website belongs to the blacklist when the website does not belong to the whitelist, and if the website belongs to the blacklist, query the server for the security information of the website, and return the security information of the website returned by the server. The information is returned to the prompt module as the judgment result of the URL. 12.如权利要求11所述的浏览器,其中,12. The browser of claim 11, wherein: 所述判断子模块,进一步适于在该网址既不属于白名单也不属于黑名单时,向服务器发起该网址的云查询请求,将服务器返回的该网址的云查询结果作为该网址的判定结果。The judging submodule is further adapted to initiate a cloud query request of the URL to the server when the URL does not belong to the whitelist or blacklist, and use the cloud query result of the URL returned by the server as the judgment result of the URL . 13.如权利要求12所述的浏览器,其中,所述恶意网址判定模块进一步包括:缓存子模块;13. The browser according to claim 12, wherein, the malicious URL judging module further comprises: a caching submodule; 所述判断子模块,进一步适于将服务器返回的该网址的云查询结果保存到所述缓存子模块中;The judging submodule is further adapted to save the cloud query result of the website returned by the server into the cache submodule; 所述缓存子模块,适于保存所述判断子模块发送的云查询结果,供后续的恶意网址判断中使用。The caching sub-module is adapted to save the cloud query result sent by the judging sub-module for subsequent use in judging malicious URLs. 14.如权利要求11所述的浏览器,其中,所述恶意网址判定模块进一步包括:更新下载子模块;14. The browser as claimed in claim 11, wherein the malicious URL determination module further comprises: an update download submodule; 所述更新下载子模块,适于从在服务器侧下载更新后白名单和/或黑名单,并保存到所述存储子模块中。The update downloading submodule is adapted to download the updated whitelist and/or blacklist from the server side and save them in the storage submodule. 15.如权利要求9至14中任一项所述的浏览器,其中,该浏览器进一步包括:恶意网址拦截模块;15. The browser according to any one of claims 9 to 14, wherein the browser further comprises: a malicious website blocking module; 所述恶意网址拦截模块,适于在浏览器收到用户对判定结果为恶意网址的推荐网址进行访问的指令后,发起对该恶意网址的请求时,对该恶意网址进行拦截操作和/或通过所述提示模块提示用户。The malicious website interception module is suitable for intercepting the malicious website and/or passing The prompting module prompts the user. 16.如权利要求13所述的浏览器,其中,该浏览器进一步包括:同步保存模块;16. The browser according to claim 13, wherein the browser further comprises: a synchronous storage module; 同步保存模块,适于将所述存储子模块中的白名单和黑名单以及所述缓存子模块中的云查询结果作为浏览器用户的个人数据进行同步保存。The synchronous storage module is suitable for synchronously storing the white list and black list in the storage sub-module and the cloud query results in the cache sub-module as personal data of the browser user.
CN201210452563.5A 2012-11-12 2012-11-12 The method of prompting malice network address and a kind of browser in a kind of browser Active CN102946391B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210452563.5A CN102946391B (en) 2012-11-12 2012-11-12 The method of prompting malice network address and a kind of browser in a kind of browser

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210452563.5A CN102946391B (en) 2012-11-12 2012-11-12 The method of prompting malice network address and a kind of browser in a kind of browser

Publications (2)

Publication Number Publication Date
CN102946391A CN102946391A (en) 2013-02-27
CN102946391B true CN102946391B (en) 2016-09-28

Family

ID=47729298

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210452563.5A Active CN102946391B (en) 2012-11-12 2012-11-12 The method of prompting malice network address and a kind of browser in a kind of browser

Country Status (1)

Country Link
CN (1) CN102946391B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102938766B (en) * 2012-11-12 2016-08-24 北京奇虎科技有限公司 Maliciously website prompt method and device
CN104158789A (en) * 2013-05-13 2014-11-19 腾讯科技(深圳)有限公司 Method and device for detecting security of payment type website
CN104426863B (en) * 2013-08-27 2019-09-20 腾讯科技(深圳)有限公司 A kind of page request method, page request device, transfer server and terminal
US8812705B1 (en) * 2013-10-15 2014-08-19 Google Inc. Accessing location-based content
CN103634317A (en) * 2013-11-28 2014-03-12 北京奇虎科技有限公司 Method and system of performing safety appraisal on malicious web site information on basis of cloud safety
CN105376290B (en) * 2014-09-02 2020-07-03 腾讯科技(北京)有限公司 Method, device and system for controlling display and release of network media information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102355469A (en) * 2011-10-31 2012-02-15 北龙中网(北京)科技有限责任公司 Method for displaying credibility certification for website in address bar of browser
CN102467633A (en) * 2010-11-19 2012-05-23 奇智软件(北京)有限公司 Method and system for safely browsing webpage
CN102724186A (en) * 2012-06-06 2012-10-10 珠海市君天电子科技有限公司 System and method for detecting phishing websites
CN102724187A (en) * 2012-06-06 2012-10-10 奇智软件(北京)有限公司 Method and device for safety detection of universal resource locators
CN102938766A (en) * 2012-11-12 2013-02-20 北京奇虎科技有限公司 Vicious website prompt method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101539949B (en) * 2008-11-13 2011-08-31 北京搜狗科技发展有限公司 URL completion prompting method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102467633A (en) * 2010-11-19 2012-05-23 奇智软件(北京)有限公司 Method and system for safely browsing webpage
CN102355469A (en) * 2011-10-31 2012-02-15 北龙中网(北京)科技有限责任公司 Method for displaying credibility certification for website in address bar of browser
CN102724186A (en) * 2012-06-06 2012-10-10 珠海市君天电子科技有限公司 System and method for detecting phishing websites
CN102724187A (en) * 2012-06-06 2012-10-10 奇智软件(北京)有限公司 Method and device for safety detection of universal resource locators
CN102938766A (en) * 2012-11-12 2013-02-20 北京奇虎科技有限公司 Vicious website prompt method and device

Also Published As

Publication number Publication date
CN102946391A (en) 2013-02-27

Similar Documents

Publication Publication Date Title
CN102938766B (en) Maliciously website prompt method and device
CN102930211B (en) A kind of multi-core browser intercepts method and the multi-core browser of malice network address
CN102932356B (en) Malicious website blocking method and device in multi-core browser
US11128621B2 (en) Method and apparatus for accessing website
CN102946391B (en) The method of prompting malice network address and a kind of browser in a kind of browser
CN102957694B (en) A kind of method and device judging fishing website
CN102882886B (en) A kind of network terminal and method presenting the relevant information of access websites
CN103268442B (en) A kind of method and apparatus realizing secure access video website
CN106254325B (en) The display methods and browser of website authentication information
WO2013044757A1 (en) Method, device and system for detecting security of download link
CN103491543A (en) Method for detecting malicious websites through wireless terminal, and wireless terminal
CN103685258A (en) Method and device for fast scanning website loopholes
CN102981705B (en) Server-side browser implementation method and server
CN105530127A (en) Method and proxy server for processing network access request by proxy server
CN103605924A (en) Method and device for preventing malicious program from attacking online payment page
US9191392B2 (en) Security configuration
CN105260421A (en) Webpage loading method and apparatus
CN103870573A (en) Method and device for website analysis
CN103077349B (en) A kind of method of browser side prompting access secure information and device
CN103116725B (en) The method of screen locking, device and browser are carried out to webpage
CN105791293B (en) Malice network address hold-up interception method and device in multi-core browser
CN103581321B (en) A kind of creation method of refer chains, device and safety detection method and client
CN105959280A (en) Malicious website intercepting method and device
CN102937982A (en) Method and system for creating collection contents
CN104301300B (en) A kind of method, client and the system of detection phishing scam risk

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220725

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.