1. The result is a web application that allows the user to perform malicious document
2. Allow users to upload their documents and include a comment.
3. Preliminary scan functionality for PDF documents.
4. Enable the user to browse uploaded files.
5. Enable the user to view the contents of uploaded files.
6. In-depth analysis functionality for PDF documents that includes:
• view of object structure.
• removal of PDF obfuscation.
• view of contents of decoded objects.
• user alert functionality for suspicious elements.
• results displayed in form of report.
• ability to access the analysis report later, or share it with others.
7. Comment system that allow users to attach comments to analysis reports.
8. Implementing support for other document types must be simple and possible
without making additional changes to the application.
To go with the requirement list, we also prepare short use case list:
1. User visits the index (upload) page, chooses a file he wishes to upload and attaches a comment
if he so desires. User is taken to the file browser category with his uploaded file actively
selected. User reviews quick scan results and file statistics and proceeds to view the report
page by selecting the 'analyze' option. In the report page, user views file statistics, suspicious
objects and inspects contents of relevant objects based on this information. User attaches a
comment to the report.
2. User visits the index page and selects 'files' option to load a list of uploaded documents.
Selecting 'view' option opens new browser tab that shows the document's content and
provides navigation tools.
3. User visits the index page and selects 'files' option to load a list of uploaded documents. User
views file statistics and quick scan results by selecting them in the list. Selecting 'analyze'
option takes the user to the report page of selected file. User views contents of the report,
attached comments and leaves his own comment.
4. User visits the report page directly via a direct link to a report. He may view the contents of
the report, attached comments and leave his own comment.
To minimize the number of clicks required to go through the analysis process, we can
perform quick scan automatically right after the file is uploaded. The results can then be
saved into database along with other metadata. A potential issue is performance of server-
side scripts for document analysis. Having the scripts generate HTML markup, saving it in a
separate file and then displaying it on the report page ensures that we have to analyze each
file only once. Subsequent user views of the report page are then a simple matter of
displaying the report file. This also solves the issue of extensibility and each file type can use