云漏洞扫描平台人机交互与开放接口子系统的设计与实现

发布时间：2018-05-07 04:03

本文选题：网络安全 + 漏洞扫描　；参考：《北京邮电大学》2014年硕士论文

【摘要】：开放和共享的现代互联网精神,在让网络世界变得丰富多彩的同时,也将网络安全问题摆在了每个人的面前,安全问题已经造成了巨大的损失。漏洞扫描技术是一种事先主动完善系统从而预防攻击的安全防御方法,逐渐成为保障网络安全不可或缺的一部分。现在行业内已有多种漏洞扫描产品存在,但这些产品由于其功能特性、执行性能等限制大多只适用于单机部署、小规模扫描的应用场景,需要研究并实现一种适用于大规模网络资产安全状态评估的漏洞扫描器,以实现企业级网络资产安全状态评估的应用需求,为企业安全风险防御提供可靠的基础数据。本文针对大规模网络漏洞扫描这一应用需求,基于漏洞扫描技术,利用新兴的云计算技术,并结合RESTful Web Services技术,针对大规模网络漏洞扫描的应用场景,设计并实现了云漏洞扫描平台人机交互与开放接口子系统,作为基于云的漏洞扫描平台的子系统。本文首先对网络漏洞扫描技术以及扫描插件开发技术进行了研究,对扫描引擎关键技术、工作原理和机制进行了详细的分析。其次,总结了大规模网络漏洞扫描的应用场景的特殊性,分析网络漏洞扫描器的需求,分析用户的需求和使用习惯,完成人机交互界面的设计,并使用Ruby On Rails框架实现该功能。再次,完成了RESTful Web Services开放接口的设计与实现,让第三方应用以及非浏览器用户可以使用漏洞扫描服务,并使用HTTPS安全传输来保护用户的数据。最后本文实现将云漏洞扫描平台人机交互与开放接口子系统部署在云平台中,并与基于云的漏洞扫描平台的其他模块进行联调与测试,测试结果说明了本文研究的云漏洞扫描平台人机交互与开放接口子系统具有良好的可用性。
[Abstract]:The open and shared spirit of modern Internet makes the network world rich and colorful, but also puts the network security problem in front of everyone. The security problem has caused huge losses. Vulnerability scanning is a kind of security defense method which can preactively perfect the system and prevent attacks. It has gradually become an indispensable part of the network security. At present, there are many kinds of vulnerability scanning products in the industry, but most of these products are only suitable for single-machine deployment and small-scale scanning applications due to their functional characteristics and performance constraints. It is necessary to study and implement a vulnerability scanner suitable for large-scale network asset security state assessment in order to meet the application requirements of enterprise network asset security state assessment and provide reliable basic data for enterprise security risk defense. In this paper, aiming at the application requirement of large-scale network vulnerability scanning, based on vulnerability scanning technology, using the emerging cloud computing technology and combining with RESTful Web Services technology, this paper aims at the application scenario of large-scale network vulnerability scanning. The man-machine interaction and open interface subsystem of the cloud vulnerability scanning platform is designed and implemented, which is used as the subsystem of the cloud-based vulnerability scanning platform. In this paper, the network vulnerability scanning technology and scanning plug-in development technology are studied, and the key technology, working principle and mechanism of scanning engine are analyzed in detail. Secondly, the particularity of the application scene of large-scale network vulnerability scanning is summarized, the requirement of network vulnerability scanner is analyzed, the user's needs and usage habits are analyzed, the design of man-machine interface is completed, and the Ruby on Rails framework is used to realize the function. Thirdly, the design and implementation of RESTful Web Services open interface is completed, which enables third-party applications and non-browser users to use vulnerability scanning services, and uses HTTPS secure transfer to protect users' data. Finally, this paper implements the deployment of the Human-Computer interaction and Open Interface Subsystem of the Cloud vulnerability scanning platform in the Cloud platform, and combines and tests with the other modules of the cloud-based vulnerability scanning platform. The test results show that the Human-Computer interaction and Open Interface Subsystem of the cloud vulnerability scanning platform studied in this paper has good usability.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】