检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]西北大学信息科学与技术学院,西安710127
出 处:《东南大学学报(自然科学版)》2008年第A01期94-99,共6页Journal of Southeast University:Natural Science Edition
基 金:陕西省自然科学基金资助项目(2005f36);国家科技支撑计划资助项目(2007BAH08B01)
摘 要:针对目前主流的漏洞检测工具检测时间长、误报率高以及使用攻击代码影响系统运行等缺点,提出了一种基于OVAL的分布式漏洞检测系统,采用基于主机的漏洞检测方法发现系统存在的安全漏洞.该系统由检测代理和中心管理子系统组成,其中检测代理执行检测插件对目标主机系统进行漏洞检测,而中心管理子系统提供安全知识定义和检测算法.经实验测试,与其他漏洞检测工具相比,具有检测速度快、精度高、对网络运行状况影响小和可扩展性强的优点.适用于检测大规模局域网中各主机系统的漏洞状况.The current vulnerability detection tools have shortcomings of long-term detecting period and high false rate. Also, normal running of the system could be affected by using aggressive codes. To overcome these shortcomings, a distributed vulnerability detection system based on open vulnerability assessment language is proposed, which detects the security deficiency of the system by using deficiency detecting method based on host. The proposed system consists of two modules: a detecting agent and a central management subsystem. The former executes the function of making detecting plug-in to detect the deficiency of the target host system and the latter provides a definition of the security principles and the methodology of detection. Experimental results shows that the proposed system can achieve faster detection, higher precision, lower impact on the network system performance and higher extensibility than other vulnerability tools. This system is suitable for system vulnerability detection in large-scale local area network.
关 键 词:OVAL 分布式漏洞检测 检测代理 中心管理子系统
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.112