Black Box Testing for Cloud-Based Client Security Software in Network Behaviors

Abstract

With the rapid growth of Internet, the amount of malicious codes is exploding. Some security software vendors provide new cloud-based safeguard software for client users. These software, as part of Internet ware, consist of many modules with different functions and Internet behaviors. The Trojan scanning module, for instance, is based on cloud scanning function, which is achieved by collecting a large number of suspicious files on users' hosts and scanning them in remote cloud platforms. While providing security, they also bring a serious problem of user privacy. In this paper, we use black box testing method to analyze the network behavior of four safeguard software, especially the Trojan scanning module based on cloud scanning function. In specific, we conduct extensive experiments to examine the network behaviors of the major function modules used by these safeguard software. In this paper we present a reasonable network behavior model that can help the safeguard software to protect users' privacy. One way of looking at our contributions is the network behavior comparison and analysis of four safeguard software which are widely used in China. And the experimental results validate our claims either.