本文選題：Web應用 + 虛擬化　； 參考：《中國科學院大學（工程管理與信息技術學院）》2014年碩士論文

【摘要】：發(fā)生于2013年的斯諾登曝光美國國家安全局“棱鏡”監(jiān)控項目的事件再一次使網(wǎng)絡信息安全成為全球矚目的焦點,各國政府在軍事上相繼展開網(wǎng)絡戰(zhàn)技術研究,各類網(wǎng)絡靶場項目也相繼實施。在政府、企業(yè)、組織和個人越來越多地將核心業(yè)務和敏感信息通過Web應用進行交互的同時,75%的網(wǎng)絡安全事件發(fā)生在這些Web應用上,傳統(tǒng)的基于網(wǎng)絡層的防火墻、IDS/IPS等網(wǎng)絡安全防護設備已經(jīng)不足以阻止來自應用層的網(wǎng)絡攻擊,不斷爆出的Web應用安全漏洞使得建立專門用來研究針對Web應用的網(wǎng)絡安全演練系統(tǒng)的需求變得十分迫切。 本文的主要研究內(nèi)容包括： 1、在充分調(diào)研國內(nèi)外網(wǎng)絡攻防演練系統(tǒng)和Web應用攻防技術的基礎上,針對現(xiàn)有的演練系統(tǒng)普遍存在的演練環(huán)境模擬仿真、漏洞庫更新和效果評估等方面的問題,完成了面向Web應用的網(wǎng)絡安全演練系統(tǒng)的總體設計,開發(fā)了系統(tǒng)功能模塊和操作界面。 2、采用虛擬化技術實現(xiàn)了現(xiàn)實復雜網(wǎng)絡環(huán)境的仿真模擬,利用基于配置文件的網(wǎng)絡場景快速構建技術實現(xiàn)了各類演練環(huán)境的快速搭建。 3、分析了各種漏洞庫的建設,提出了基于XML的目錄型Web應用安全漏洞描述方法,構建了用于Web應用攻防演練的漏洞庫和攻防工具箱。 4、針對Web應用安全,優(yōu)化了效果評估指標體系層次化分析模型,綜合了主觀賦值法和熵權法的優(yōu)點,確定了各指標權重,提升了評估評價的準確度。 5、采用Apache+MySQL+PHP的組合模式,開發(fā)了B/S架構的管理子系統(tǒng)和演練子系統(tǒng),實現(xiàn)了系統(tǒng)與用戶的良好交互。 本文設計和實現(xiàn)了一套面向Web應用的網(wǎng)絡安全演練系統(tǒng),測試結(jié)果表明本系統(tǒng)達到了預期設計目標。論文研究成果可為Web應用安全技術相關研究人員提供支撐和借鑒,并有助于提高Web應用系統(tǒng)的安全防護能力和應急響應能力。
[Abstract]:The incident that occurred in 2013 when Snowden exposed the US National Security Agency's "prism" surveillance program has once again made network information security the focus of global attention. The governments of various countries have launched military research on cyber warfare technology one after another. All kinds of network shooting range projects have been implemented. While governments, enterprises, organizations and individuals increasingly interact core business and sensitive information through Web applications, 75% of network security events occur in these Web applications. The traditional firewall based on network layer, such as IDS / IPS, is not enough to prevent the network attack from the application layer. The constantly exploding Web application security vulnerabilities make it urgent to set up a network security walkthrough system which is specially used to study Web applications. The main contents of this paper are as follows: 1. On the basis of investigating the network attack and defense drilling system and Web applied attack and defense technology at home and abroad, aiming at the problems such as the simulation of the environment, the update of the vulnerability library and the evaluation of the effect, and so on, The overall design of network security drill system for Web application is completed, and the system function module and operation interface are developed. 2. Virtual technology is used to realize the simulation of real complex network environment, and the rapid construction technology of network scene based on configuration file is used to realize the rapid construction of all kinds of drilling environment. 3. The construction of various vulnerability libraries is analyzed, and the security vulnerability description method of Web application based on XML is put forward, and the vulnerability library and attack and defense toolbox for Web application attack and defense drill are constructed. 4. Aiming at the safety of Web application, this paper optimizes the hierarchical analysis model of effect evaluation index system, synthesizes the advantages of subjective assignment method and entropy weight method, determines the weight of each index, and improves the accuracy of evaluation. 5. The management subsystem and the drill subsystem of the B / S architecture are developed by using the combination mode of Apache MySQL PHP, which realizes the good interaction between the system and the user. A network security drill system for Web application is designed and implemented in this paper. The test results show that the system achieves the expected design goal. The research results of this paper can provide support and reference for the researchers concerned in Web application security technology, and help to improve the ability of security protection and emergency response of Web application system.
【學位授予單位】：中國科學院大學（工程管理與信息技術學院）
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【相似文獻】

相關期刊論文 前10條

1 ;美國專家提出加強網(wǎng)絡安全的10條建議[J];w攣胖蕓，

本文編號：1858982