| In recent years, as computer technology continues to evolve, the Internet goesdeeper and deeper into people’s daily life, while personal computers and mobile alsodevices face more security problems. Confronting endless malicious programs and theirvariants, traditional security software cannot guarantee personal computing devices,especially mobile devices safe from malicious programs. Therefore, local andinternational researchers present many malicious program detection solutions, and mostof them can be grouped into two categories, static detection and dynamic detection.However, these methods have their own inadequacies. Besides, they demand a certainamount of computing power. When it comes to mobile devices, these shortcomings aremore prominent.In response to problems mentioned above, this thesis proposes a sandbox detectionframework based on cloud platform. In the framework, the detection of maliciousprograms is moved to the cloud server, which will reduce the computational burden ofthe client. Meanwhile, the client does not need to install and update the local virus codefeature database frequently, which will save the client storage space. With sandboxbased on dynamic analysis adopted, to a certain extent, this system makes up for theshortcomings of the traditional static analysis methods. Getting help from the isolatedenvironment of sandbox, it ensures that the server is safe from malicious program. Inaddition, this framework also implements a multi-platform analysis sandbox, where thesystem can detect not only the executable files from the Windows operating system butalso the apk files from android operating system on mobile devices, making anti-viruswork achieved on multi-platform.Compared with the traditional malicious code detection software, this sandboxdetecting framework has following advantages: first, detection of malicious code isdone on the cloud server, reducing the burden on the client greatly; second, withdynamic analysis technology, the sandbox can detect unknown malicious programs;thirdly, the sandbox technology provides an isolated environment protecting the host system from destruction of malicious programs; fourth, the implementation of sandboxtechnology for multi-platform makes sure that the present system can simultaneouslydetect files from windows and android operating systems, with characteristics ofCross-platform.According to the system function test and the experimental results, this thesisshows that the framework above is able to receive and process analysis of the requestfrom the windows platform and android platform. As a feedback, the cloudsandbox-analysis server generates the test reports and sends them back to the client,proving the effectiveness of the system. |
PDF Full Text Request