Security/Safe Browsing/Chromium Implementation Overview: Difference between revisions
< Security | Safe Browsing
Jump to navigation
Jump to search
(→Protocol Version 4: link to most up-to-date protobuf definition) |
(Mention chrome://safe-browsing/) |
||
| Line 37: | Line 37: | ||
== Testing == | == Testing == | ||
* See <tt>chrome://safe-browsing/</tt> for Chrome's equivalent of <tt>about:url-classifier</tt> | |||
* [https://code.google.com/p/google-safe-browsing/ Test server] (also see this [https://code.google.com/p/chromium/codesearch#chromium/src/third_party/safe_browsing/testing/safebrowsing_test_server.py&q=safebrowsing_test&sq=package:chromium&type=cs v2 test server]) | * [https://code.google.com/p/google-safe-browsing/ Test server] (also see this [https://code.google.com/p/chromium/codesearch#chromium/src/third_party/safe_browsing/testing/safebrowsing_test_server.py&q=safebrowsing_test&sq=package:chromium&type=cs v2 test server]) | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/ Test data] (including [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/download_protection/ executables and archives] as well as [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/mach_o/ mac binaries] and a [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/signed_binary.dll signed DLL]) | * [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/ Test data] (including [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/download_protection/ executables and archives] as well as [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/mach_o/ mac binaries] and a [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/data/safe_browsing/signed_binary.dll signed DLL]) | ||
Latest revision as of 00:15, 7 September 2017
Notes on the Safe Browsing implementation in Chromium.
Documentation
- Design doc that explains how Safe Browsing works in Chromium.
- Protocol version 3 (the one that Chrome implements)
Application Reputation
- Protobuf definition
- Utility functions
- Extracting signatures (also see cli tool)
- Extracting features of binary files (also windows executables)
- Mac DMGs and the sandboxed analyzer (also see dependencies)
- ZIP analyzer (and the sandboxed analyzer)
- File uploads to a download feedback service
- Download protection service
Malware and phishing
- File store (inherits from SB Store)
- Interstitial pages (will allow users to opt into reporting malware details)
- Local DB manager (inherits from DB manager)
- Remote DB manager (in trial on Android)
- Prefix set
- Protocol interactions with service (including parsing server responses)
- Range parsing
- SB stats reporting (optional, includes threat details reporting)
- URL classification helpers
- Utilities for handling chunks and hashes
Protocol Version 4
Testing
- See chrome://safe-browsing/ for Chrome's equivalent of about:url-classifier
- Test server (also see this v2 test server)
- Test data (including executables and archives as well as mac binaries and a signed DLL)
Client-side malware/phishing detection (CSD)
- Protobuf definitions
- Browser feature extractor and matching renderer code
- Client model
- "Site reputation" service
Software Removal Tool (SRT)
- Code (Windows only)