關(guān)于計算機網(wǎng)絡(luò)安全漏洞的檢測和防范的檢索報告 韓貝(共6頁)

1、關(guān)于(guny)計算機網(wǎng)絡(luò)安全漏洞的檢測(jin c)和防范的檢索(jin su)報告軟件工程ZB122 韓貝 202120826一、分析研究課題隨著計算機技術(shù)的迅猛發(fā)展,計算機網(wǎng)絡(luò)向世 界各個角落延伸,人們通過網(wǎng)絡(luò)享受著巨大便利。計算機網(wǎng)絡(luò)安全問題隨之而來,安全隱患令人非常擔(dān)憂。目前,國內(nèi)使用的計算機主流操作系統(tǒng)平臺實現(xiàn)功能高度復(fù)雜,源代碼沒有完全開放,無法進行安全檢測驗證;計算機網(wǎng)絡(luò)通信協(xié)議也幾乎都是國外開發(fā)的協(xié)議,其可靠性也非常值得質(zhì)疑。實際應(yīng)用中,有相當(dāng)數(shù)量的計算機系統(tǒng)都存在安全漏洞,隨時可能遭受非法入侵。如何主動地針對不同操作系統(tǒng)、不同的網(wǎng)絡(luò)通信協(xié)議進行掃描與檢測,發(fā)現(xiàn)網(wǎng)絡(luò)安全漏洞,

2、特別是根據(jù)檢測結(jié)果進行防護是目前網(wǎng)絡(luò)安全研究的熱點。選擇數(shù)據(jù)庫或檢索工具數(shù)據(jù)庫： HYPERLINK /lib/?q=node/43 CNKI中國知網(wǎng) HYPERLINK /lib/?q=node/45 萬方數(shù)據(jù)知識服務(wù)平臺 HYPERLINK /lib/?q=node/49 t /lib/blank 外文文獻數(shù)據(jù)庫(ENPS)檢索工具：百度三、制定檢索策略（選擇檢索項、檢索詞，構(gòu)建檢索式）1、CNKI中國知網(wǎng)：主題 = (計算機網(wǎng)絡(luò)or安全漏洞)and檢測和防范 2、萬方數(shù)據(jù)知識服務(wù)平臺：主題 = (計算機網(wǎng)絡(luò)or安全漏洞)and檢測和防范3、外文文獻數(shù)據(jù)庫(ENPS)：主題 = (Comp

3、uter network or security vulnerability) and detection and Prevention四、記錄檢索結(jié)果1、檢索工具名稱： HYPERLINK /lib/?q=node/43 CNKI中國知網(wǎng) 檢索策略：文件分類目錄 高級檢索全選 主題 計算機網(wǎng)絡(luò) 模糊 或者 主題 安全漏洞 模糊 并且 主題 檢測和防范 模糊 20112014 命中結(jié)果總數(shù)：254 檢索結(jié)果列表：【1】趙雨. 電信公司內(nèi)部安全漏洞與攻擊入侵的檢測算法研究D.北京交通大學(xué),2012.(10):78. 【摘要(zhiyo)】隨著網(wǎng)絡(luò)在社會生活中的廣泛應(yīng)用,特別是在金融、商務(wù)、政府機

4、關(guān)、軍事、信息處理以及工業(yè)生產(chǎn)過程控制等方面的應(yīng)用,支持各種信息系統(tǒng)的網(wǎng)絡(luò)地位也變得越來越重要。用戶對網(wǎng)絡(luò)應(yīng)用的需求也在不斷提高,企業(yè)和用戶對計算機網(wǎng)絡(luò)的依賴程度也越來越大。電信網(wǎng)絡(luò)作為國家重要的信息基礎(chǔ)設(shè)施,是一個國家信息通信的神經(jīng)樞紐,在現(xiàn)代社會中扮演著非常重要的角色(ju s),利用開放的網(wǎng)絡(luò)環(huán)境進行全球的通信已經(jīng)成為時代發(fā)展的趨勢。 但是網(wǎng)絡(luò)在提供便利的共享資源的同時也帶來了各式各樣的安全風(fēng)險。如果在網(wǎng)絡(luò)系統(tǒng)設(shè)計中沒有很好地考慮網(wǎng)絡(luò)安全管理的問題,這個設(shè)計方案是有嚴(yán)重缺陷的,按這樣的設(shè)計組建的網(wǎng)絡(luò)系統(tǒng)是十分危險的。如果由于網(wǎng)絡(luò)性能下降.【2】孫恒濱. 關(guān)于檢驗檢測系統(tǒng)計算機網(wǎng)絡(luò)的安全隱

5、患及防范(fngfn)探索J. 硅谷,2013,(09):126+80.【摘要】隨著信息化的不斷發(fā)展,計算機網(wǎng)絡(luò)已成為檢驗檢測系統(tǒng)工作不可或缺的手段。與此同時,網(wǎng)絡(luò)的安全性成為不可忽視的問題。本文從檢驗檢測工作實際中常見的計算機網(wǎng)絡(luò)安全隱患,對防范安全隱患的具體措施提出自己的觀點?！?】隋亮. 基于滲透測試的SQL注入漏洞檢測與防范D.東華大學(xué),2014.(09):56.【摘要】隨著Internet的進一步普及和計算機網(wǎng)絡(luò)技術(shù)的快速發(fā)展, Web技術(shù)得到了廣泛的應(yīng)用?；赪eb技術(shù)和數(shù)據(jù)庫架構(gòu)的應(yīng)用系 統(tǒng)已經(jīng)逐漸成為主流,廣泛應(yīng)用于企業(yè)內(nèi)部和外部的業(yè)務(wù)系統(tǒng)中。 然而,隨之而來的則是Web應(yīng)用系

6、統(tǒng)面臨的安全風(fēng)險與日劇增。Web安全滲透測試技術(shù)是一種針對Web應(yīng)用的積極防范技術(shù)。 該技術(shù)在應(yīng)用遭受攻擊前,模擬黑客攻擊Web應(yīng)用的方式對目標(biāo)系 統(tǒng)進行探測。而在眾多Web應(yīng)用攻擊手段中,SQL注入攻擊是最常 用的也是最易于實施的方法。因此,做好針對SQL注入攻擊的入侵 檢測和防范工作以保證整個信息基礎(chǔ)設(shè)施的安全,是Web應(yīng)用系統(tǒng) . 更多還原更多還原更多還原2、檢索工具名稱： HYPERLINK /lib/?q=node/45 萬方數(shù)據(jù)知識服務(wù)平臺 檢索策略：選擇文獻類型 高級檢索全選 主題 精確 計算機網(wǎng)絡(luò) 或 主題 精確 安全漏洞 與 主題 精確 檢測和防范 命中結(jié)果總數(shù)：38 檢索結(jié)

7、果列表：【1】陳慧洋.網(wǎng)絡(luò)安全問題的檢測與防范J.中外企業(yè)家,2013,(36):181-182. 【摘要】隨著科學(xué)技術(shù)的進步，計算機和網(wǎng)絡(luò)技術(shù)取得了快速發(fā)展，成為信息交流手段，滲透到社會的各個方面。目前，計算機網(wǎng)絡(luò)安全已經(jīng)成為國防、國家和國民經(jīng)濟重要的組成部分。、在實際的網(wǎng)絡(luò)中，由于其脆弱性就會出現(xiàn)各種安全問題，嚴(yán)重威脅了用戶信息的安全。只有采取強有力的安全策略，對網(wǎng)絡(luò)進行有效的檢測，才能保障計算信息的安全，才能真正享受到網(wǎng)絡(luò)信息帶給我們的便捷。首先，分析了計算機網(wǎng)絡(luò)的安全問題；然后，討論了網(wǎng)絡(luò)安全問題的檢測技術(shù)；最后，提出了防范措施，以保證計算機網(wǎng)絡(luò)的安全、穩(wěn)定，以更好的為社會服務(wù)?！?】

8、步山岳,沈益彬.校園網(wǎng)漏洞檢測與防范J.網(wǎng)絡(luò)安全技術(shù)與應(yīng)用,2008,(2):83-84.【摘要(zhiyo)】 本文對目前校園網(wǎng)常見的sql注入攻擊、上傳漏洞、密碼泄露典型安全隱患進行分析,給出了利用網(wǎng)絡(luò)(wnglu)安全測試工具測試校園網(wǎng)安全方法,提高診斷網(wǎng)絡(luò)安全效率.針對具體網(wǎng)絡(luò)安全漏洞,給出改進后編程代碼,并通過遠程方法直接為網(wǎng)絡(luò)漏洞嵌入補丁.【3】余剛娟.網(wǎng)絡(luò)攻擊的一般檢測(jin c)和防范J.考試周刊,2010,(13):161-162. 【摘要】 由于計算機網(wǎng)絡(luò)體系結(jié)構(gòu)的復(fù)雜性及其開放性等特征,網(wǎng)絡(luò)設(shè)備及數(shù)據(jù)的安全成為影響網(wǎng)絡(luò)正常運行的重要問題,網(wǎng)絡(luò)安全問題變得越來越重要.了解

9、網(wǎng)絡(luò)攻擊的方法和防范對于維護網(wǎng)絡(luò)安全有著重要的意義.下面,我根據(jù)自己的教學(xué)經(jīng)驗談幾點看法.3、檢索工具名稱： HYPERLINK /lib/?q=node/49 t /lib/blank 外文文獻數(shù)據(jù)庫(ENPS) 檢索策略：選擇文獻類型 高級檢索 外文期刊 主題 模糊 Computer network 或外文會議 主題 模糊 security vulnerability 與 主題 模糊 detection and Prevention 命中結(jié)果總數(shù)：184 檢索結(jié)果列表：【1】Hongbiao Song,Mladen Kezunovic.A new analysis method for e

10、arly detection and prevention of cascading eventsJ.Electric Power SystemsResearch,2007,77(8):1132-1142.【Abstract】This paper introduces a new analysis method for early detection and prevention of power system cascading events. It uses the vulnerability index (VI) and margin index (MI) to evaluate the

11、 vulnerability and security of the individual system parts, as well as the whole system during an operating state. It identifies the vulnerable parts of the power system using the topology processing and operation index methods. For a given disturbance, it calculates the power flow, evaluates the vu

12、lnerability and security, identifies the vulnerable part, finds the transmission line overload and bus voltage problems, and predicts the possible successive events. The approach defines the control means using the following methods for early detection and prevention of cascading events: network con

13、tribution factor (NCF), generator distribution factor (GDF), load distribution factor (LDF), and selected minimum load shedding (SMLS). This approach has been tested using the IEEE RTS-96 24-bus system and promising results have been obtained. The proposed approach allows the power system operator t

14、o detect initial stages of cascading events and assert actions that will prevent such events from unfolding.【2】Sanjay Rawat,Ashutosh Saxena.Application security code analysis: a step towards software assuranceJ.International journal of information and computer security,2009,3(1):86-110.【Abstract】The

15、 last few years have witnessed a rapid growth in cyber attacks, with daily new vulnerabilities being discovered in computer applications. Various security-related technologies, e.g., anti-virus programs, Intrusion Detection Systems (IDSs)/Intrusion Prevention Systems (IPSs), firewalls, etc., are dep

16、loyed to minimise the number of attacks and incurred losses. However, such technologies are not enough to completely eliminate the attacks to some extent; they can only minimise them. Therefore, software assurance is becoming a priority and an important characteristic of the software development lif

17、e cycle. Application code analysis is gaining importance, as it can help in writing safe code during the development phase by detecting bugs that may lead to vulnerabilities. As a result, tremendous research on code analysis has been carried out by industry and academia and there exist many commerci

18、al and open source tools and approaches for this purpose. These have their own pros and cons. Therefore, the main objective of this article is to explore the state-of-the-art in code analysis and a few major tools which benefit not only security professionals, but also novice Information Technology

19、(IT) professionals. We study the tools and techniques under the basic four types of analysis (Static Source Code (SSC), Static Binary Code (SBC), Dynamic Source Code (DSC) and Dynamic Binary Code (DBC) analysis) and briefly discuss them.【3】Zhang, J.,Zulkernine, M.,Haque, A. et al.Random-Forests-Base

20、d Network Intrusion Detection SystemsJ.IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews,2008,38(5):649-659.【Abstract】Prevention of security breaches completely using the existing security technologies is unrealistic. As a result, intrusion detection is an important

21、 component in network security. However, many current intrusion detection systems (IDSs) are rule-based systems, which have limitations to detect novel intrusions. Moreover, encoding rules is time-consuming and highly depends on the knowledge of known intrusions. Therefore, we propose new systematic

22、 frameworks that apply a data mining algorithm called random forests in misuse, anomaly, and hybrid-network-based IDSs. In misuse detection, patterns of intrusions are built automatically by the random forests algorithm over training data. After that, intrusions are detected by matching network acti

23、vities against the patterns. In anomaly detection, novel intrusions are detected by the outlier detection mechanism of the random forests algorithm. After building the patterns of network services by the random forests algorithm, outliers related to the patterns are determined by the outlier detecti

24、on algorithm. The hybrid detection system improves the detection performance by combining the advantages of the misuse and anomaly detection. We evaluate our approaches over the knowledge discovery and data mining 1999 (KDDpsila99) dataset. The experimental results demonstrate that the performance p

25、rovided by the proposed misuse approach is better than the best KDDpsila99 result; compared to other reported unsupervised anomaly detection approaches, our anomaly detection approach achieves higher detection rate when the false positive rate is low; and the presented hybrid system can improve the overall performance of the aforem