本文選題：網(wǎng)絡(luò)安全 + 漏洞��； 參考：《電子科技大學》2014年碩士論文

【摘要】：隨著計算機技術(shù)的發(fā)展和廣泛的應用,人們對互聯(lián)網(wǎng)越來越依賴,萌發(fā)了大批的中小型互聯(lián)網(wǎng)創(chuàng)業(yè)企業(yè),大量的傳統(tǒng)行業(yè)逐漸轉(zhuǎn)移到了互聯(lián)網(wǎng)。因而網(wǎng)絡(luò)所帶來的威脅已遠非從前能比,層出不窮的網(wǎng)絡(luò)攻擊事件對個人、企業(yè)造成了嚴重影響。因此,網(wǎng)絡(luò)安全成為了當今的研究熱點,研究如何降低個人和企業(yè)所面臨的網(wǎng)絡(luò)威脅具有重大意義。特別是大量的中小型企業(yè),這些企業(yè)處于創(chuàng)業(yè)階段,缺乏網(wǎng)絡(luò)安全經(jīng)驗與規(guī)范的管理,所面臨的的安全問題尤為嚴重。而由于網(wǎng)絡(luò)漏洞掃描工具容易部署更新方便的特點,非常適合企業(yè)的網(wǎng)絡(luò)環(huán)境,同時可以讓管理員在網(wǎng)絡(luò)攻擊發(fā)生之前發(fā)現(xiàn)系統(tǒng)中可能被利用的漏洞,從而采用相應的補救措施阻止攻擊的發(fā)生。因此,基于網(wǎng)絡(luò)的漏洞掃描可以很好的保障企業(yè)的網(wǎng)絡(luò)安全,是網(wǎng)安全領(lǐng)域研究者追捧的熱點。本文針對如何保障中小型企業(yè)網(wǎng)絡(luò)安全這一問題,開展了基于網(wǎng)絡(luò)的掃描相關(guān)研究,采用多線程、插件機制以及NASL腳本語言設(shè)計并實現(xiàn)了一款基于NASL的系統(tǒng)漏洞掃描系統(tǒng),該系統(tǒng)具備高可擴展性,既能發(fā)現(xiàn)主機端口服務信息,也能檢測主機存在的漏洞,以達到保障中小型企業(yè)網(wǎng)絡(luò)安全的目的,本文主要工作為:(1)漏洞及其檢測技術(shù)分析。介紹了漏洞的理論概念,著重分析了包括存活掃描技術(shù)、漏洞檢測技術(shù)、操作系統(tǒng)識別和端口掃描技術(shù)在內(nèi)的關(guān)鍵技術(shù),總結(jié)其技術(shù)特點進行了分類對比。(2)系統(tǒng)設(shè)計與實現(xiàn)。在關(guān)鍵技術(shù)分析的基礎(chǔ)上,分析了系統(tǒng)的需求,對系統(tǒng)進行了總體設(shè)計,針對總體設(shè)計中各模塊進行了詳細設(shè)計及實現(xiàn)。(3)測試驗證系統(tǒng)。設(shè)計測試用例測試了系統(tǒng)的功能和性能,結(jié)果證明本系可以有效發(fā)現(xiàn)主機存在的隱患。驗證了本系統(tǒng)的實現(xiàn)達到了預期的設(shè)計目標。最終,本文完成了基于NASL的系統(tǒng)漏洞掃描系統(tǒng)的研制,性能較同類軟件有所提高,達到了課題的目標,對于同類系統(tǒng)的實現(xiàn)具有參考價值。
[Abstract]:With the development and wide application of computer technology, people have become more and more dependent on the Internet, and a large number of small and medium Internet start-ups have sprouted, and a large number of traditional industries are gradually transferred to the Internet. Therefore, the threats brought by the network have been far from before, and the endless network attacks have caused serious problems to individuals and enterprises. Therefore, network security has become a hot spot of research today. It is of great significance to study how to reduce the network threats faced by individuals and enterprises. In particular, a large number of small and medium-sized enterprises are in the stage of entrepreneurship, lack of network security experience and standard management, and the security problems facing them are particularly serious. The hole scanning tool is easy to deploy and easy to update. It is very suitable for the network environment of the enterprise. At the same time, it can let the administrator discover the possible vulnerabilities in the system before the network attack, and then use the corresponding remedies to prevent the attack. Therefore, the network based vulnerability scanning can guarantee the enterprise network well. Security is a hot spot in the field of network security. This paper, aiming at how to guarantee the network security of small and medium enterprises, has carried out a network based scanning related research, designed and implemented a NASL based vulnerability scanning system based on multithreading, plug-in mechanism and NASL scripting language. This system has high scalability. Not only can the host port service information be found, but also the vulnerabilities of the host can be detected in order to secure the network security of small and medium enterprises. The main work of this paper is: (1) vulnerability and its detection technology analysis. This paper introduces the theoretical concept of the vulnerability, and focuses on the analysis of the survival scan technology, the vulnerability detection technology, the operating system identification and port. The key technology, including scanning technology, is classified and compared. (2) system design and implementation. On the basis of key technology analysis, the system needs are analyzed, the system is designed and the modules are designed and implemented in detail. (3) test verification system. Design test case test. The function and performance of the system proved that the system can effectively find the hidden danger of the host. The realization of this system has reached the expected design goal. Finally, the paper completed the development of the system based on NASL, which has improved the performance of the system compared with the same kind of software, and achieved the goal of the project and the implementation of the same kind of system. It is of reference value.

【學位授予單位】：電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前6條

1 肖暉;張玉清;;Nessus插件開發(fā)及實例[J];計算機工程;2007年02期

2 黃勤;;基于ICMP的網(wǎng)絡(luò)主機狀態(tài)判斷研究[J];科技廣場;2012年08期

3 ;御敵于境外 防患于未然——淺談漏洞掃描產(chǎn)品在電子政務系統(tǒng)中的應用[J];計算機與網(wǎng)絡(luò);2005年23期

4 蔡燕萍;凌捷;黃萬民;;網(wǎng)絡(luò)安全掃描系統(tǒng)中插件技術(shù)的研究與實現(xiàn)[J];計算機工程與設(shè)計;2010年07期

5 ;2009年安全漏洞態(tài)勢分析與展望[J];信息網(wǎng)絡(luò)安全;2010年02期

6 姜成斌;鄭薇;趙亮;姜麗萍;;論漏洞掃描技術(shù)與網(wǎng)絡(luò)安全[J];中國信息界;2012年03期

，

本文編號：1868873