共查询到16条相似文献,搜索用时 187 毫秒
1.
2.
3.
本文介绍了基于Nessus的漏洞扫描系统设计结构,分析了Nessus漏洞扫描工具及其代码结构,设计出了基于Nessus的漏洞扫描系统,详细阐述了漏洞扫描系统的框架;给出了预定IP范围模块、配置漏洞扫描策略模块、预定插件集模块的详细设计;最后给出了实验结果及分析。实验表明,该系统对目标主机的漏洞检测是较为有效的。 相似文献
4.
5.
6.
本文介绍了Nessus插件相关的技术及插件间的运行关系,给出了Nessus调度算法;设计了一种更为简单、效率更高的贪心算法;实验表明,该算法有着较好的性能。 相似文献
7.
当前,主要的开源Web漏洞扫描工具如Nikto、Nessus等都存在误报率与漏报率较高、评估不准确、扫描效率较低等问题。本文对漏洞扫描过程进行建模,在传统的基于配置的扫描策略上,提出了一种基于场景的扫描策略。使用场景树描述漏洞场景,并给出了场景树的构建及维护策略。最后,以Nikto的漏洞数据库为例,示范了如何将多条漏洞用例转化为场景树描述。使用漏洞场景扫描策略可以提高扫描效率,减小误报率,提高评估的准确度。 相似文献
8.
9.
10.
渗透测试是通过模拟恶意黑客的攻击方法,评估计算机网络系统安全的一种评估方法。文章基于Kali Linux系统探究了MS17-010漏洞,利用虚拟化平台搭建渗透测试环境,并模拟实际攻击环境。先使用Nessus、Nmap、MSF等工具收集信息,再利用MS17-010漏洞进行渗透,获取了靶机的shell控制权,渗透效果明显,完成了对目标主机的渗透。基于MS17-010漏洞的攻击原理,提出了相应的防范方法,结果表明防范方法具有通用性,对其他漏洞的防范具有借鉴作用。 相似文献
11.
《Computer》2002,35(3):18-21
As the computer industry focuses on system and network security, a growing number of users are taking a closer look at open source software in order to gauge whether its potential advantages outweigh its possible disadvantages. Although open source security has been around for years, it has never been as widely used as open source products like the Linux OS or Apache Web server have been. John Pescatore, Internet security research director at market-research firm Gartner Inc., said open source security tools now represent 3 to 5 percent of security-software usage but could comprise 10 to 15 percent by 2007. A key factor in this potential growth is the quality of numerous open source security packages. Open source software products include free tools that users can download from the Internet, packages that come with commercial vendor support, and tools bundled with closed source products. The most popular tools include Netfilter and iptables; intrusion-detection systems such as Snort, Snare, and Tripwire; vulnerability scanners like Nessus and Saint; authentication servers such as Kerberos; and firewalls like T.Rex. Some companies are even beginning to use open source security to protect mission-critical applications 相似文献
12.
渗透测试的核心问题是渗透测试路径的规划,手动规划依赖测试人员的经验,而自动生成渗透路径主要基于网络安全的先验知识和特定的漏洞或网络场景,所需成本高且缺乏灵活性。针对这些问题,提出一种基于强化学习的渗透路径推荐模型QLPT,通过多回合的漏洞选择和奖励反馈,最终给出针对渗透对象的最佳渗透路径。在开源靶场的渗透实验结果表明,与手动测试的渗透路径相比,所提模型推荐的路径具有较高一致性,验证了该模型的可行性与准确性;与自动化渗透测试框架Metasploit相比,该模型在适应所有渗透场景方面也更具灵活性。 相似文献
13.
Software exploits, especially zero-day exploits, are major security threats. Every day, security experts discover and collect numerous exploits from honeypots, malware forensics, and underground channels. However, no easy methods exist to classify these exploits into meaningful categories and to accelerate diagnosis as well as detailed analysis. To address this need, we present SeismoMeter, which recognizes both control-flowhijacking, and data-only attacks by combining approximate control-flow integrity, fast dynamic taint analysis and API sandboxing schemes. Once it detects an exploit incident, SeismoMeter generates a succinct data representation, called an exploit skeleton, to characterize the captured exploit. SeismoMeter then classifies the captured exploits into different exploit families by performing distance computing on the extracted skeletons. To evaluate the efficiency of SeismoMeter, we conduct a field test using exploit samples from public exploit databases, such as Metasploit, as well as wild-captured exploits. Our experiments demonstrate that SeismoMeter is a practical system that successfully detects and correctly classifies all these exploit attacks. 相似文献
14.
Takeshi Okamoto 《Artificial Life and Robotics》2011,16(1):44-47
We propose an artificial intelligence membrane to detect network intrusion, which is analogous to a biological membrane that
prevents viruses from entering cells. This artificial membrane is designed to monitor incoming packets and to prevent a malicious
program code (e.g., a shellcode) from breaking into a stack or heap in a memory. While monitoring incoming TCP packets, the
artificial membrane constructs a TCP segment of incoming packets, and derives the byte frequency of the TCP segment (from
0 to 255 bytes) as well as the entropy and size of the segment. These features of the segment can be classified by a data-mining
technique such as a decision tree or neural network. If the data-mining method finds a suspicious byte sequence, the sequence
is emulated to ensure that it is just a shellcode. If the byte sequence is a shellcode, the sequence is dropped. At the same
time, an alert is communicated to the system administrator. Our experiments examined seven data-mining methods for normal
and malicious network traffic. The malicious traffic included 114 shellcodes, provided by the Metasploit framework, and including
10 types of metamorphic or polymorphic shellcodes. In addition, real network traffic involving shellcodes was examined. We
found that a random forest method outperformed all the other datamining methods and had a very high detection accuracy, including
a true-positive rate of 99.6% and a false-positive rate of 0.4%. 相似文献
15.
16.
一种基于最小二乘估计的玻壳曲面拟合方法 总被引:1,自引:0,他引:1
位移传感器测量已经成为一种重要的测量手段。为估计一种基于线性可变差动传感器(LVDT)玻壳测试系统的质量,用最小二乘法对测试曲面进行球面拟合,得到相对应的玻壳曲面。利用该曲面计算曲率半径,检验各位移传感器(LVDT)安装是否准确,从而测试生产的玻壳是否合格,并利用坐标值即可对系统进行系统误差的校正。由于最小二乘法可削弱误差较大的点的影响,根据其特点建立数学模型进行拟合,其结果对6寸玻壳的生产加工环节具有更直接的指导意义。 相似文献