基于协同自主的网络渗透测试技术研究

发布时间：2018-06-21 18:20

本文选题：决策 + 协同　；参考：《电子科技大学》2014年硕士论文

【摘要】：互联网安全从互联网的商业化开始就一直受到严重的威胁,目前国内外通常采用安全评估系统来检测系统的安全性。渗透测试则是最常见也是有效的检测系统安全性的方法。本文从渗透测试和智能化决策角度出发,设计并实现了基于协同决策的渗透测试系统。该系统可以有效的调度最佳的主机对目标系统进行自动化渗透测试。本文的主要工作内容如下:1)针对国内外的主要渗透测试技术和智能决策协同等进行了相应研究。2)针对渗透测试设计了决策协同模块,并对任务的表述及切分、节点的选择、节点通信与异常处理等核心技术进行了研究与实现。对多个节点共同执行复杂任务进行了有效划分,使得任务可以由多节点协同完成,提高了工作效率。3)对metasploit进行渗透测试进行了相关的研究,特别是nmap的核心功能以及nse脚本引擎。为自动化渗透测试提供了技术路径。4)编写bash shell脚本并利用metasploit提供的接口编写脚本调用nmap、payloads、exploit等组件完成自动化渗透测试。5)针对协同决策的渗透测试进行了实际网络的渗透测试与验证。成功获取了目标系统的sam数据库内容。结果表明:本文研究与实现的基于协同自主的渗透测试系统相对于传统的渗透测试方式而言,具有更高的执行效率和更低的成本(主要是人力、时间、知识学习等成本)等特点。
[Abstract]:Internet security has been seriously threatened by the commercialization of the Internet. At present, the security assessment system is usually used to detect the security of the system at home and abroad. Penetration testing is the most common and effective method for detecting system security. This paper, based on the penetration test and intelligent decision making, designs and implements the method. This system can effectively dispatch the best host to the automatic penetration test of the target system. The main contents of this paper are as follows: 1) according to the main osmosis testing technology at home and abroad and intelligent decision coordination, the corresponding.2 is studied.) the decision coordination module is designed for the penetration test. The key technologies such as the representation and segmentation of the task, the selection of nodes, the node communication and the exception handling are studied and implemented. The complex tasks of the nodes are effectively divided, and the tasks can be completed by multi nodes and improved the efficiency of.3). The related research is carried out on the penetration test of Metasploit. Not the core function of nmap and the NSE scripting engine. It provides a technical path for automated penetration testing.4) writing bash shell scripts and using the interface writing script provided by Metasploit to call nmap, payloads, exploit and other components to complete the automated penetration test.5) for the penetration test of collaborative decision making the penetration test of the actual network. The sam database content of the target system is successfully obtained. The results show that the research and implementation of the collaborative autonomous osmosis testing system is more efficient and lower cost (mainly human, time, knowledge learning and other costs) compared with the traditional osmosis testing.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】