| 基于OVAL的漏洞实时监测系统 |
| |
| 引用本文: | 傅德胜,蒋大明.基于OVAL的漏洞实时监测系统[J].四川大学学报(自然科学版),2013,50(6):1211-1216. |
| |
| 作者姓名: | 傅德胜 蒋大明 |
| |
| 作者单位: | 南京信息工程大学江苏省网络监控工程中心;南京信息工程大学江苏省网络监控工程中心 |
| |
| 基金项目: | 江苏省高校自然科学研究计划基金(11KJB620011) |
| |
| 摘 要: | 传统检测工具时效性差,难以应对多变的系统环境带来的漏洞威胁,本文在基于主机漏洞检测方法的基础上,提出了漏洞实时检测方法,将使用钩子技术实现的主机实时监控与漏洞检测技术相结合,改进了传统检测方法时效性差的缺点.本文讲述了漏洞监测系统的设计与实现,主要论述了两方面的内容,使用钩子技术进行系统监控和将开放漏洞评估语言进行检测流程改进,使之能够用于漏洞的实时检测.最后对系统进行了有效性测试,结果表明,本系统能够及时对系统环境变化做出反应,同时能够准确有效的检测到漏洞威胁,弥补了传统检测工具的不足
|
| 关 键 词: | 开放漏洞评估语言 实时监测 漏洞检测 |
| 收稿时间: | 2013/2/28 0:00:00 |
A real time vulnerability monitoring system based on OVAL |
| |
| FU De-Sheng and JIANG Da-Ming.A real time vulnerability monitoring system based on OVAL[J].Journal of Sichuan University (Natural Science Edition),2013,50(6):1211-1216. |
| |
| Authors: | FU De-Sheng and JIANG Da-Ming |
| |
| Abstract: | Traditional vulnerability detection tools can hardly prevent host system away from vulnerabilities in variable system environment. A real time vulnerability monitoring system based on host based detection method is proposed in this paper, it combines host real time monitoring techniques and vulnerability detection method, overcomes the drawback of poor timeliness.The paper describes the design and implimention of the monitoring system.It discusesses tow main aspects:use hook techniques to implement host monitoring and improve the open vulnerability assessment language,so that it can be used in real time monitoring.Finally the paper gives out an validity test of the system,the result shows that this system is able to timely respond to the changes in the system environment, at the same time be able to accurately and effectively detecte vulnerabilities.It makes up for the deficiency of traditional detection methods |
| |
| Keywords: | OVAL real time monitoring vulnerability detecton |
|
| 点击此处可从《四川大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《四川大学学报(自然科学版)》下载免费的PDF全文 |
