	US 12,284,213 B2
	Method for domain name detection, device and storage medium
Wenbin Zhang, Beijing (CN); Wei Zeng, Beijing (CN); and Xiaodong Su, Beijing (CN)
Assigned to Beijing Volcano Engine Technology Co., Ltd., Beijing (CN)
Filed by Beijing Volcano Engine Technology Co., Ltd., Beijing (CN)
Filed on Aug. 26, 2024, as Appl. No. 18/815,535.
Claims priority of application No. 202311101918.0 (CN), filed on Aug. 29, 2023.
Prior Publication US 2025/0080578 A1, Mar. 6, 2025
Int. Cl. H04L 61/4511 (2022.01); H04L 9/40 (2022.01); H04L 61/30 (2022.01); H04L 61/3015 (2022.01)

CPC H04L 63/1483 (2013.01) [H04L 61/4511 (2022.05); H04L 63/0435 (2013.01); H04L 63/1408 (2013.01); H04L 63/16 (2013.01); H04L 61/30 (2013.01); H04L 61/3025 (2013.01); H04L 63/14 (2013.01)]

20 Claims

1. A method for domain name detection, comprising:

matching a to-be-detected domain name with a preset domain name set, wherein the preset domain name set comprises a plurality of trusted domain names;

in response to the to-be-detected domain name being not in the preset domain name set, calculating an edit distance between at least part of level domain names of the to-be-detected domain name and a preset domain name keyword in a domain name keyword set, wherein the domain name keyword set is constructed and generated based on a keyword in a trusted domain name;

in response to an edit distance between a target level domain name and a target preset domain name keyword being smaller than a preset distance threshold, acquiring a character pair in which the target level domain name differs from the target preset domain name keyword, and matching the character pair with a similar character pair set, wherein the similar character pair set comprises a plurality of similar character pairs, and each similar character pair comprises two visually similar characters or strings; and

in response to determining that the character pair is in the similar character pair set, determining that the to-be-detected domain name has a security risk.