本文選題：網(wǎng)絡(luò)安全 + 漏洞　； 參考：《電子科技大學(xué)》2014年碩士論文

【摘要】：隨著計(jì)算機(jī)技術(shù)的發(fā)展和廣泛的應(yīng)用,人們對(duì)互聯(lián)網(wǎng)越來(lái)越依賴,萌發(fā)了大批的中小型互聯(lián)網(wǎng)創(chuàng)業(yè)企業(yè),大量的傳統(tǒng)行業(yè)逐漸轉(zhuǎn)移到了互聯(lián)網(wǎng)。因而網(wǎng)絡(luò)所帶來(lái)的威脅已遠(yuǎn)非從前能比,層出不窮的網(wǎng)絡(luò)攻擊事件對(duì)個(gè)人、企業(yè)造成了嚴(yán)重影響。因此,網(wǎng)絡(luò)安全成為了當(dāng)今的研究熱點(diǎn),研究如何降低個(gè)人和企業(yè)所面臨的網(wǎng)絡(luò)威脅具有重大意義。特別是大量的中小型企業(yè),這些企業(yè)處于創(chuàng)業(yè)階段,缺乏網(wǎng)絡(luò)安全經(jīng)驗(yàn)與規(guī)范的管理,所面臨的的安全問(wèn)題尤為嚴(yán)重。而由于網(wǎng)絡(luò)漏洞掃描工具容易部署更新方便的特點(diǎn),非常適合企業(yè)的網(wǎng)絡(luò)環(huán)境,同時(shí)可以讓管理員在網(wǎng)絡(luò)攻擊發(fā)生之前發(fā)現(xiàn)系統(tǒng)中可能被利用的漏洞,從而采用相應(yīng)的補(bǔ)救措施阻止攻擊的發(fā)生。因此,基于網(wǎng)絡(luò)的漏洞掃描可以很好的保障企業(yè)的網(wǎng)絡(luò)安全,是網(wǎng)安全領(lǐng)域研究者追捧的熱點(diǎn)。本文針對(duì)如何保障中小型企業(yè)網(wǎng)絡(luò)安全這一問(wèn)題,開(kāi)展了基于網(wǎng)絡(luò)的掃描相關(guān)研究,采用多線程、插件機(jī)制以及NASL腳本語(yǔ)言設(shè)計(jì)并實(shí)現(xiàn)了一款基于NASL的系統(tǒng)漏洞掃描系統(tǒng),該系統(tǒng)具備高可擴(kuò)展性,既能發(fā)現(xiàn)主機(jī)端口服務(wù)信息,也能檢測(cè)主機(jī)存在的漏洞,以達(dá)到保障中小型企業(yè)網(wǎng)絡(luò)安全的目的,本文主要工作為:(1)漏洞及其檢測(cè)技術(shù)分析。介紹了漏洞的理論概念,著重分析了包括存活掃描技術(shù)、漏洞檢測(cè)技術(shù)、操作系統(tǒng)識(shí)別和端口掃描技術(shù)在內(nèi)的關(guān)鍵技術(shù),總結(jié)其技術(shù)特點(diǎn)進(jìn)行了分類對(duì)比。(2)系統(tǒng)設(shè)計(jì)與實(shí)現(xiàn)。在關(guān)鍵技術(shù)分析的基礎(chǔ)上,分析了系統(tǒng)的需求,對(duì)系統(tǒng)進(jìn)行了總體設(shè)計(jì),針對(duì)總體設(shè)計(jì)中各模塊進(jìn)行了詳細(xì)設(shè)計(jì)及實(shí)現(xiàn)。(3)測(cè)試驗(yàn)證系統(tǒng)。設(shè)計(jì)測(cè)試用例測(cè)試了系統(tǒng)的功能和性能,結(jié)果證明本系可以有效發(fā)現(xiàn)主機(jī)存在的隱患。驗(yàn)證了本系統(tǒng)的實(shí)現(xiàn)達(dá)到了預(yù)期的設(shè)計(jì)目標(biāo)。最終,本文完成了基于NASL的系統(tǒng)漏洞掃描系統(tǒng)的研制,性能較同類軟件有所提高,達(dá)到了課題的目標(biāo),對(duì)于同類系統(tǒng)的實(shí)現(xiàn)具有參考價(jià)值。
[Abstract]:With the development and wide application of computer technology, people have become more and more dependent on the Internet, and a large number of small and medium Internet start-ups have sprouted, and a large number of traditional industries are gradually transferred to the Internet. Therefore, the threats brought by the network have been far from before, and the endless network attacks have caused serious problems to individuals and enterprises. Therefore, network security has become a hot spot of research today. It is of great significance to study how to reduce the network threats faced by individuals and enterprises. In particular, a large number of small and medium-sized enterprises are in the stage of entrepreneurship, lack of network security experience and standard management, and the security problems facing them are particularly serious. The hole scanning tool is easy to deploy and easy to update. It is very suitable for the network environment of the enterprise. At the same time, it can let the administrator discover the possible vulnerabilities in the system before the network attack, and then use the corresponding remedies to prevent the attack. Therefore, the network based vulnerability scanning can guarantee the enterprise network well. Security is a hot spot in the field of network security. This paper, aiming at how to guarantee the network security of small and medium enterprises, has carried out a network based scanning related research, designed and implemented a NASL based vulnerability scanning system based on multithreading, plug-in mechanism and NASL scripting language. This system has high scalability. Not only can the host port service information be found, but also the vulnerabilities of the host can be detected in order to secure the network security of small and medium enterprises. The main work of this paper is: (1) vulnerability and its detection technology analysis. This paper introduces the theoretical concept of the vulnerability, and focuses on the analysis of the survival scan technology, the vulnerability detection technology, the operating system identification and port. The key technology, including scanning technology, is classified and compared. (2) system design and implementation. On the basis of key technology analysis, the system needs are analyzed, the system is designed and the modules are designed and implemented in detail. (3) test verification system. Design test case test. The function and performance of the system proved that the system can effectively find the hidden danger of the host. The realization of this system has reached the expected design goal. Finally, the paper completed the development of the system based on NASL, which has improved the performance of the system compared with the same kind of software, and achieved the goal of the project and the implementation of the same kind of system. It is of reference value.

【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 肖暉;張玉清;;Nessus插件開(kāi)發(fā)及實(shí)例[J];計(jì)算機(jī)工程;2007年02期

2 黃勤;;基于ICMP的網(wǎng)絡(luò)主機(jī)狀態(tài)判斷研究[J];科技廣場(chǎng);2012年08期

3 ;御敵于境外 防患于未然——淺談漏洞掃描產(chǎn)品在電子政務(wù)系統(tǒng)中的應(yīng)用[J];計(jì)算機(jī)與網(wǎng)絡(luò);2005年23期

4 蔡燕萍;凌捷;黃萬(wàn)民;;網(wǎng)絡(luò)安全掃描系統(tǒng)中插件技術(shù)的研究與實(shí)現(xiàn)[J];計(jì)算機(jī)工程與設(shè)計(jì);2010年07期

5 ;2009年安全漏洞態(tài)勢(shì)分析與展望[J];信息網(wǎng)絡(luò)安全;2010年02期

6 姜成斌;鄭薇;趙亮;姜麗萍;;論漏洞掃描技術(shù)與網(wǎng)絡(luò)安全[J];中國(guó)信息界;2012年03期

，

本文編號(hào)：1868873