Design And Implementation Of Webpage Trojan Detection System

Along with the rapid developments of computer technology and network communications technology, every corner of society is closely bound up to networks. People are fully enjoying the enormous convenience network brings to their work and life. However, network provides a hotbed for viruses and Trojan flooding at the same time, especially immeasurable loss to the defense, government, public security, education, finance and commerce and so on. At present, computer viruses and Trojans are the main threat for Internet computer. Trojans make up a great proportion and the most common is that a web is plugged with Trojans, which brings great distress to the site administrators and managers and also potential hazards to users. If a user suffers from attacked by Trojans while browsing a web site, it brings not only great loss to the user but also ruined reputation to corporations.Against the above hazards, this paper focuses on a web Trojan detection, i.e., how to judge whether if a web page has malicious code. First, a brief introduction to the website Trojans is presented; then, we systematically describe the ways how the web site is plugged with Trojan, attack principles and defensive measures, etc. After the comprehensive analysis, we design a set of Web Trojans detection systems pertinently which aims to effectively detect the Trojans corresponding to classified types. The detection systems consists of the following modules:1. URL collecting and download module;2. JS parsing module;3. HTML parsing module;4. interface design module.The main work is as follows:1. Requirements analysis for the web page Trojans detection system. Web page Trojans has serious threat to information security of all the Internet users. Considering the consistency difficulty for the detection rate and the system complexity of the previous materials and literatures, this paper design a web page Trojans detection system aiming to improve the detection rate and reduce the system complexity at the same time.2. Outline design for the web page Trojans detection system. Based on the comprehensive researches and analysis, the main methods to extract the web page Trojans include the regular expressions and the codes matching.3. Detailed design for the web page Trojans detection system. This system adopts the feature database of the malicious codes to match the source codes based on BM algorithm. If failed, continue to extract the malicious codes with regular expressions and then update the feature database.4. Coding for the web page Trojans detection system. This paper implements the system with Python, which include the searching and download of URL, JS analysis and HTML extracting. We implement the interface part with PyQt4, which can output the detection results intuitively.5. Test and verify the web page Trojans detection system. Test cases are designed for the functional testing and then scanning time, detection rate and error rate are verified respectively. According the testing results, the system meets the expected requirements.As is shown in the comprehensive testing results, this proposed system has high detection rate and low error rate, which demonstrates the efficiency of our system. And the interface is concise and practical, which meets the expected requirements.