Security Technology Research Based On Client Malicious Webpage Collection And Analysis System

In today’s world, the Internet has already become an indispensable part inpeople’s life, rapid development of network technology has changed people’s way oflife to a large extent, but the new network security problems are constantly emerging.Nowadays network attack more and more as the object of attack by the client, a largenumber of malicious Webpage which flooded the Internet is a kind of commonintrusion methods. The HTML5specification is proposed and applied in brought alarge number of new functions at the same time, inevitably brings new securityvulnerabilities.This paper will be based on the analysis of existing client honeypot andmalicious Webpage collection system, focuses on the study of HoneyClient honeypotsystem safety improvements, depth Webpage crawler and malicious Webpage codeanalysis technology based on DeepWeb dynamic Webpage data capture technology,designs a malicious Webpage collection and analysis system prototype which cananalyze HTML4or HTML5produced Webpage and the data in their database,andcapture the malicious code. The main work of this paper are as follows:1client attacks research, in this paper, the popular for the client to attacksconducted the full research, from three aspects of the attack principle, client softwarevulnerabilities and attack approach analyzes the common situation for the client toattack.2Improved the safety of high interaction client honeypots are HoneyClient.Malicious URL collection function of the system will use the HoneyClient tocomplete, due to the high interaction client honeypots itself there is a certain degree ofrisk, so the security system of HoenyClient have been studied and configured,reducethe possibility of the fall of the runtime.3Depth Webpage crawler design. In this paper, the accession to the DeepWebtechnology based on traditional crawler, designed a new depth Webpage crawlerwhich can get the depth webpage data, so that it can discovery the malicious contentboth from the website which were built to attack and the common ones which weretaken by attackers..4Analysis Webpage code security, this paper analyzed the latest HTML5security vulnerabilities, and studied its basic principle and attack methods,alsoextracted the general features of the existing webpage there may be written in HTML and JS attack code.5Malicious code detection, the attack characteristics according to the extracted,using HtmlAgility Pack and traditional regular expression of two methods wereretrieved and analyzed for the website data, found a lot with offensive content features,and of which a considerable part of the attack code is in Webpage database to theinformation.