基于NASL的系统漏洞扫描系统的研究与实现

发布时间：2018-05-10 10:04

本文选题：网络安全 + 漏洞　；参考：《电子科技大学》2014年硕士论文

【摘要】：随着计算机技术的发展和广泛的应用,人们对互联网越来越依赖,萌发了大批的中小型互联网创业企业,大量的传统行业逐渐转移到了互联网。因而网络所带来的威胁已远非从前能比,层出不穷的网络攻击事件对个人、企业造成了严重影响。因此,网络安全成为了当今的研究热点,研究如何降低个人和企业所面临的网络威胁具有重大意义。特别是大量的中小型企业,这些企业处于创业阶段,缺乏网络安全经验与规范的管理,所面临的的安全问题尤为严重。而由于网络漏洞扫描工具容易部署更新方便的特点,非常适合企业的网络环境,同时可以让管理员在网络攻击发生之前发现系统中可能被利用的漏洞,从而采用相应的补救措施阻止攻击的发生。因此,基于网络的漏洞扫描可以很好的保障企业的网络安全,是网安全领域研究者追捧的热点。本文针对如何保障中小型企业网络安全这一问题,开展了基于网络的扫描相关研究,采用多线程、插件机制以及NASL脚本语言设计并实现了一款基于NASL的系统漏洞扫描系统,该系统具备高可扩展性,既能发现主机端口服务信息,也能检测主机存在的漏洞,以达到保障中小型企业网络安全的目的,本文主要工作为:(1)漏洞及其检测技术分析。介绍了漏洞的理论概念,着重分析了包括存活扫描技术、漏洞检测技术、操作系统识别和端口扫描技术在内的关键技术,总结其技术特点进行了分类对比。(2)系统设计与实现。在关键技术分析的基础上,分析了系统的需求,对系统进行了总体设计,针对总体设计中各模块进行了详细设计及实现。(3)测试验证系统。设计测试用例测试了系统的功能和性能,结果证明本系可以有效发现主机存在的隐患。验证了本系统的实现达到了预期的设计目标。最终,本文完成了基于NASL的系统漏洞扫描系统的研制,性能较同类软件有所提高,达到了课题的目标,对于同类系统的实现具有参考价值。
[Abstract]:With the development and wide application of computer technology, people have become more and more dependent on the Internet, and a large number of small and medium Internet start-ups have sprouted, and a large number of traditional industries are gradually transferred to the Internet. Therefore, the threats brought by the network have been far from before, and the endless network attacks have caused serious problems to individuals and enterprises. Therefore, network security has become a hot spot of research today. It is of great significance to study how to reduce the network threats faced by individuals and enterprises. In particular, a large number of small and medium-sized enterprises are in the stage of entrepreneurship, lack of network security experience and standard management, and the security problems facing them are particularly serious. The hole scanning tool is easy to deploy and easy to update. It is very suitable for the network environment of the enterprise. At the same time, it can let the administrator discover the possible vulnerabilities in the system before the network attack, and then use the corresponding remedies to prevent the attack. Therefore, the network based vulnerability scanning can guarantee the enterprise network well. Security is a hot spot in the field of network security. This paper, aiming at how to guarantee the network security of small and medium enterprises, has carried out a network based scanning related research, designed and implemented a NASL based vulnerability scanning system based on multithreading, plug-in mechanism and NASL scripting language. This system has high scalability. Not only can the host port service information be found, but also the vulnerabilities of the host can be detected in order to secure the network security of small and medium enterprises. The main work of this paper is: (1) vulnerability and its detection technology analysis. This paper introduces the theoretical concept of the vulnerability, and focuses on the analysis of the survival scan technology, the vulnerability detection technology, the operating system identification and port. The key technology, including scanning technology, is classified and compared. (2) system design and implementation. On the basis of key technology analysis, the system needs are analyzed, the system is designed and the modules are designed and implemented in detail. (3) test verification system. Design test case test. The function and performance of the system proved that the system can effectively find the hidden danger of the host. The realization of this system has reached the expected design goal. Finally, the paper completed the development of the system based on NASL, which has improved the performance of the system compared with the same kind of software, and achieved the goal of the project and the implementation of the same kind of system. It is of reference value.

【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】