Security/Safe Browsing/Chromium Implementation Overview: Difference between revisions
< Security | Safe Browsing
Jump to navigation
Jump to search
(Initial version of the page based on notes I took on 2015-10-06) |
(Fix dead links and point to pver4 code) |
||
| Line 21: | Line 21: | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_store_file.h File store] (inherits from [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_store.h SB Store]) | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_store_file.h File store] (inherits from [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_store.h SB Store]) | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_blocking_page.h Interstitial pages] (will allow users to opt into reporting malware details) | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_blocking_page.h Interstitial pages] (will allow users to opt into reporting malware details) | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/local_database_manager.h Local DB manager] (inherits from [https://code.google.com/p/chromium/codesearch#chromium/src/ | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/local_database_manager.h Local DB manager] (inherits from [https://code.google.com/p/chromium/codesearch#chromium/src/components/safe_browsing_db/database_manager.h DB manager]) | ||
** [https://code.google.com/p/chromium/codesearch#chromium/src/ | ** [https://code.google.com/p/chromium/codesearch#chromium/src/components/safe_browsing_db/remote_database_manager.h Remote DB manager] (in trial on Android) | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/prefix_set.h Prefix set] | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/prefix_set.h Prefix set] | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/protocol_manager.h Protocol interactions] with service (including [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/protocol_parser.h parsing server responses]) | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/protocol_manager.h Protocol interactions] with service (including [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/protocol_parser.h parsing server responses]) | ||
| Line 29: | Line 29: | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_database.h URL classification helpers] | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_database.h URL classification helpers] | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_util.h Utilities for handling chunks and hashes] | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/safe_browsing_util.h Utilities for handling chunks and hashes] | ||
== Protocol Version 4 == | |||
* [https://code.google.com/p/chromium/codesearch#chromium/src/components/safe_browsing_db/ Safe Browsing DB component] | |||
== Testing == | == Testing == | ||
Revision as of 20:53, 1 April 2016
Notes on the Safe Browsing implementation in Chromium.
Documentation
- Design doc that explains how Safe Browsing works in Chromium.
- Protocol version 3 (the one that Chrome implements)
Application Reputation
- Protobuf definition
- Utility functions
- Extracting signatures (also see cli tool)
- Extracting features of binary files (also windows executables)
- Mac DMGs and the sandboxed analyzer (also see dependencies)
- ZIP analyzer (and the sandboxed analyzer)
- File uploads to a download feedback service
- Download protection service
Malware and phishing
- File store (inherits from SB Store)
- Interstitial pages (will allow users to opt into reporting malware details)
- Local DB manager (inherits from DB manager)
- Remote DB manager (in trial on Android)
- Prefix set
- Protocol interactions with service (including parsing server responses)
- Range parsing
- SB stats reporting (optional, includes malware details reporting, see protobuf definition)
- URL classification helpers
- Utilities for handling chunks and hashes
Protocol Version 4
Testing
- Test server (also see this v2 test server)
- Test data (including executables and archives as well as mac binaries and a signed DLL)
Client-side malware/phishing detection (CSD)
- Protobuf definitions
- Browser feature extractor and matching renderer code
- Client model
- "Site reputation" service
Software Removal Tool (SRT)
- Code (Windows only)