| 分布式漏洞检测系统的设计与实现 |
| |
| 作者单位: | 西北大学信息科学与技术学院 |
| |
| 摘 要: | 针对目前主流的漏洞检测工具检测时间长、误报率高以及使用攻击代码影响系统运行等缺点,提出了一种基于OVAL的分布式漏洞检测系统,采用基于主机的漏洞检测方法发现系统存在的安全漏洞.该系统由检测代理和中心管理子系统组成,其中检测代理执行检测插件对目标主机系统进行漏洞检测,而中心管理子系统提供安全知识定义和检测算法.经实验测试,与其他漏洞检测工具相比,具有检测速度快、精度高、对网络运行状况影响小和可扩展性强的优点.适用于检测大规模局域网中各主机系统的漏洞状况.
|
| 关 键 词: | OVAL 分布式漏洞检测 检测代理 中心管理子系统 |
Design and implementation of distributed vulnerability detection system |
| |
| Authors: | Hua Qing Gao Ling Zhang Lin |
| |
| Abstract: | The current vulnerability detection tools have shortcomings of long-term detecting period and high false rate.Also,normal running of the system could be affected by using aggressive codes.To overcome these shortcomings,a distributed vulnerability detection system based on open vulnerability assessment language is proposed,which detects the security deficiency of the system by using deficiency detecting method based on host.The proposed system consists of two modules: a detecting agent and a central management subsystem.The former executes the function of making detecting plug-in to detect the deficiency of the target host system and the latter provides a definition of the security principles and the methodology of detection.Experimental results shows that the proposed system can achieve faster detection,higher precision,lower impact on the network system performance and higher extensibility than other vulnerability tools.This system is suitable for system vulnerability detection in large-scale local area network. |
| |
| Keywords: | open vulnerability assessment language(OVAL) distributed vulnerability detection detecting agent central management subsystem |
| 本文献已被 CNKI 等数据库收录! |
|
