本文選題：釣魚網(wǎng)站 + 頁面特征��； 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：網(wǎng)絡(luò)釣魚是指釣魚攻擊者將人們?nèi)粘Ｉ钪惺褂妙l繁普遍的網(wǎng)絡(luò)作為載體,通過網(wǎng)絡(luò)這個(gè)載體利用垃圾郵件、即時(shí)通訊、社交網(wǎng)絡(luò)、手機(jī)短信群發(fā)等,設(shè)計(jì)出與被攻擊網(wǎng)站非常相似的釣魚網(wǎng)站作為魚餌,在用戶沒有覺察時(shí)欺騙引誘出用戶敏感信息,例如個(gè)人賬戶信息、密碼、或信用卡詳細(xì)信息,被攻擊的用戶受到不同程度的信息泄露甚至嚴(yán)重的經(jīng)濟(jì)損失。 網(wǎng)絡(luò)釣魚近年來在全世界范圍內(nèi)變得越來越猖狂,嚴(yán)重影響到人們正常的工作和日常生活。為此,本文在分析了當(dāng)前已有的反釣魚技術(shù)基礎(chǔ)上,提出了一種基于專家知識庫的反釣魚系統(tǒng)。本文在利用專家知識庫本身特點(diǎn)的同時(shí),改進(jìn)專家知識庫存在的缺點(diǎn),結(jié)合釣魚網(wǎng)站的特點(diǎn)設(shè)計(jì)了一種基于專家知識庫的釣魚識別系統(tǒng)。該系統(tǒng)從釣魚網(wǎng)站URL結(jié)構(gòu)特點(diǎn)和頁面結(jié)構(gòu)特點(diǎn)出發(fā),設(shè)計(jì)出由黑白名單知識庫、URL特征庫以及頁面特征庫為主要部分的反釣魚系統(tǒng),通過嚴(yán)謹(jǐn)?shù)臄?shù)據(jù)篩選、詳細(xì)的實(shí)現(xiàn)過程以及大量的數(shù)據(jù)評估,本系統(tǒng)得到了比較良好的效果。本文的主要?jiǎng)?chuàng)新工作歸納如下： 1、提出了一種基于專家知識庫的反釣魚識別系統(tǒng)。由于傳統(tǒng)知識庫識別單一、效率低等缺點(diǎn),本文在利用傳統(tǒng)知識庫匹配簡單、快速、更新時(shí)效等優(yōu)點(diǎn)的基礎(chǔ)上,進(jìn)一步改進(jìn)了傳統(tǒng)知識庫匹的局限性,設(shè)計(jì)出能夠?qū)崟r(shí)更新的URL特征庫和頁面特征庫。 2、該系統(tǒng)從URL特征方面分析釣魚網(wǎng)站的特點(diǎn),將釣魚網(wǎng)站的URL特征和匹配規(guī)則存儲于特征知識庫中。如果有新的URL特征出現(xiàn),可直接更新到知識庫中；如果要更新匹配規(guī)則,可直接更改知識庫中已經(jīng)存儲的匹配算法,增強(qiáng)了URL特征庫先驗(yàn)數(shù)據(jù)和檢測算法在存儲方便和更新及時(shí)方面的能力。 3、該系統(tǒng)從頁面特征方面分析釣魚網(wǎng)站的特點(diǎn),結(jié)合頁面DOM特征在釣魚網(wǎng)站頁面中的體現(xiàn),提出了八種釣魚網(wǎng)站的頁面特征,應(yīng)用支持向量機(jī)SVM算法實(shí)施對特征頁面的分類,同時(shí)將也頁面特征和特征檢測算法存儲于知識庫,使得頁面特征和檢測算法的方便存儲和更新有了進(jìn)一步改善。 4、本文提出的反釣魚識別系統(tǒng)除了設(shè)計(jì)專家知識庫外,還結(jié)合了網(wǎng)站ALEAX排名、ICP備案和域名注冊信息對網(wǎng)站的識別做補(bǔ)充判斷,在最后的環(huán)節(jié)減少了誤判、錯(cuò)判現(xiàn)象的發(fā)生。 以往的反釣魚識別技術(shù)要么只針對釣魚網(wǎng)站的URL特征,要么只針對釣魚網(wǎng)站的頁面特征,在特征更新方面考慮也比較欠缺。與以往的反釣魚識別系統(tǒng)相比,本文設(shè)計(jì)的反釣魚識別系統(tǒng)從URL方面和頁面特征方面綜合考慮釣魚總體相似特性,并且在專家知識庫的基礎(chǔ)上,對特征的存儲、匹配規(guī)則以及更新都有了比較大的改進(jìn),在前人的研究基礎(chǔ)上本文設(shè)計(jì)的系統(tǒng)能實(shí)現(xiàn)較好的性能。
[Abstract]:Phishing refers to the use of frequent and popular networks as carriers in people ' s daily life . The carrier uses spam , instant messaging , social networks , mobile phone short messages and the like to design a phishing website which is very similar to the attacked website as bait . When the user does not perceive , the user can induce user - sensitive information , such as personal account information , password , or credit card details , and the attacked user is subject to different degrees of information disclosure or even serious economic loss .

Phishing has become more and more rampant in the whole world in recent years , which seriously affects people ' s normal work and daily life . In this paper , based on the analysis of the existing anti - phishing technology , this paper proposes an anti - phishing system based on expert knowledge base .

1 . A kind of anti - phishing identification system based on expert knowledge base is put forward . Because the traditional knowledge base is simple , the efficiency is low and so on , this paper further improves the limitation of traditional knowledge base , and designs the URL feature library and page feature library which can be updated in real time .

2 , the system analyzes the characteristics of the phishing website from the aspect of the URL characteristics , stores the URL characteristics and matching rules of the phishing website in the feature knowledge base .
if that match rule is to be updated , the matching algorithm already stored in the knowledge base can be directly changed , and the prior data of the URL feature library and the ability of the detection algorithm to store convenience and timely update are enhanced .

3 . The system analyzes the characteristics of the phishing website from the aspect of the page feature , combines the characteristics of the page DOM on the page of the phishing website , and puts forward the page feature of the eight fishing websites , and applies the SVM algorithm of the support vector machine to classify the feature pages , and also stores the page feature and the feature detection algorithm in the knowledge base , so that the convenience storage and updating of the page feature and the detection algorithm are further improved .

4 . In addition to the design expert knowledge base , the anti - phishing identification system proposed in this paper also makes a supplementary judgment on the website recognition based on the ranking , ICP filing and domain name registration information of the website , and reduces the occurrence of misjudgment and misjudgment in the last link .

Compared with the previous anti - phishing identification system , the anti - phishing identification system designed by this paper comprehensively considers the overall similar characteristics of the fishing in terms of the URL and the page characteristics , and has a great improvement on the storage , matching rules and updating of the features on the basis of the expert knowledge base .
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 郭敏哲;袁津生;王雅超;;網(wǎng)絡(luò)釣魚Web頁面檢測算法[J];計(jì)算機(jī)工程;2008年20期

2 張衛(wèi)豐;周毓明;許蕾;徐寶文;;基于匈牙利匹配算法的釣魚網(wǎng)頁檢測方法[J];計(jì)算機(jī)學(xué)報(bào);2010年10期

相關(guān)博士學(xué)位論文 前1條

1 張健毅;大規(guī)模反釣魚識別引擎關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2012年

，

本文編號：2042146