The Design And Testing Of Malicious URL Dynamic Scanning Engine Based On Cloud Security

With the rapid development and the popularity of internet technology, and the wide application of B/S (Browser/Server) architecture, we rely increasingly on browsers. So analyse and detect the malicious code in web page is becoming more important in the field of information security. Nowadays there are so many people active in weibo、social networks、network game and internet shopping. Hackers have kept their eyes on internet user’s individual privacy and E bank, they resort every possible means to break it or try to gain economic interests. It happens all the time, for example:attacking social networks、stealing account information of network game users、stealing money from E bank users, and so on.This article will introduce a malicious URL dynamic scanning engine which is based on cloud security technology. It gives a design scheme of this system and introduces the software testing of the system in detail。This system can currently analyse and detect the URL from HTTP request messages which is visited by internet users. Then it will determine whether there is any malicious action, and feedback the result to service inspection gateway. Now, this system is deployed in carriers. A user uses internet explorer to visit a web page, the network traffic will go by service inspection gateway which is also deployed in carriers. Service inspection gateway will block the malicious URL which is feedback from dynamic scanning engine. So internet users can not visit this malicious URL. It reduces the damage of malicious web pages and malicious software from source.Specific research activities include the followings: 1. It described present situation of information security in internet at home and abroad. And it gave a preliminary introduction to the cloud security technology from three respects:the cloud security technology’s concept、characteristic and present situation.2. It discussed the technology of malicious web pages in two ways, one is Trojan horse, and the other web page malicious code. It is mainly related to process and methods of Trojan horse, the common method of web page malicious code, the defence method of malicious web page, and so on.3. researched the malicious web page detect technology which is popular and pratical, such as traditional feature matching technology, heuristic scanning technology, sendbox and Honeypot system. Based on these theories, this paper dissects deeply the advantage of combining traditional feature matching technology with heuristic scanning technology.4. It researched the characteristic, classification and development tendency of malicious software, and briefly introduced the technology of anti-virus software which is popular. For example:Kaspersky, Norton, AntiVir, avast and so on. In additional, it discussed the malicious software detect technology in dynamic scanning engine form a technical viewpoint.5. Gives a design scheme, design method, overall architecture and interface definition of the dynamic scanning engine. Based on agility test method and the process of software testing in this project, it introduces the software testing of dynamic scanning engine in detail.