Design And Test Of Malicious Code Detection System

With the rapid development of Internet and computer, people at work or daily life are increasingly inseparable from the network. There are various forms of malicious code, such as Trojan horses, malicious URLs, viruses and phishing websites. Malicious code has been considered one important factor of the threat to network security. At present, how to identify and effectively prevent the malicious code has become the focus of network security, there are many ways on malicious code detection techniques home and abroad, in general there are two types:macroscopic analysis is monitoring the network to grasp the development trend of malicious code; microscopic analysis is the behavior of malicious code analysis to determine the types of malicious code.This paper presents a design of distributed malicious code detection system and a detailed description of how to test the system on the practical work. The system has been tested in real network environment to detect a valid URL for malicious code in real-time.In this paper, mainly works are about the following areas:(1) Discussed the status of Internet security and summarize the techniques of detecting malicious code domestic and international, such as feature detection technique, the detection methods based on the characteristic function, heuristic detection technology and behavior-based anomaly detection techniques, and the advantages and disadvantages of these techniques are discussed in this paper. (2) A summary of the system design is given. A brief introduction of the system design concept and overall structure, and function of each module is given in this paper. Each module is deployed on different servers. Analysis results of URL were compared with virus signature database to determine whether there is malicious feature for URL in order to protect users from access the URL. It played a role in maintaining network security.(3) Overview of software testing theory. In this paper, the software test theory is applied to testing the system. It contains the details of the testing process, including preparation of test environment, test planning, test preparation and implementation as well as a summary of test results and so on.