Research And Implenmentation Of Malicious Web Page Code Detection Technology

Now because the Web2.0 era and the development of cloud technology, more and more applications tend to provide services to the user with the B/S architecture. At the same time, the virus trojan and extortion software is also more inclined to spread their own through the web.Web page malicious codes always use browser's vulnerabilities or plug-in vulnerabilities to obtain user sensitive data or even embed system backdoor and extortion software. This way has become the main channel for the spread of web page malicious code. This approach hasbecome the main channel for the spread of web page malicious code and also an important part of the underground economy.With in-depth study of web page malicious code's attack types and operation processes, this article analysised of the main direction and effective way of the web page malicious code detection technology and put forward a scheme of web page malicious code dynamic detection based on parsing engine.Also, a web page malicious code detection system were designed and implemented.The main work and achievements of this paper include the following aspects:(1) Aiming at the problem that the static text analysis can not effectively detect the confused malicious code of the web page,this paper realized the dynamic detection and extraction of malicious code features based on the parsing engine;(2) Based on dynamic feature detection technology, this paper proposed on the malicious feature extraction model for the standardized feature extraction process and formatting feature vector; based on machine learning theory and malicious feature extraction model,this paper proposed on the web page malicious code classification model based on analytical engine and achieved the target of malicious code sample training and learning;(3) This paper designed and implemented the web page malicious code detection system, and also each module of this system is designed in detail;(4)Finally this paper set up the system test environment and tested the performance of the classification model and the function of the malicious code detection system.The test results show that the system can solve the problem of low detection rate of confused malicious code.