| Entering the Web 2.0 era, the developing progress of Internet is so rapid that various websites come out one after another. Meanwhile, the malicious websites, as a security risk, show its danger more and more evidently. According to the report of statistics, status of the malicious website is not optimistic. The deluging of malicious websites always come with or lead to outbreaks of malicious code such as viruses and Trojan, and the destructive affections cannot be overlooked. In response, the security firms have also given the corresponding solutions. However, because of the irreparable defects of the current detection method which lead to poor performance, the solutions are basically with shortcomings such as passive, backward and inaccurate.Aimed on assessing whether a given website is malicious or not, with a network spider as an evaluating tool, and assessing with behavior based malicious code detection method, the Website Malice Assessing System is a system which can reduce the passive and backward of the current security products, avoid the defects of current malicious code detection method and improve assessment accuracy efficiently. It uses file system filter drivers and SSDT hook as measurement tools, and builds a modified attack tree to analyze the codes. It has characteristics of objective and accurate.According to the test results, the system can accurately capture the behaviors generated by the site and the executable codes contained by the site and make an objective evaluation by the behaviors. |
PDF Full Text Request