摘要
网络安全扫描技术受到了攻防双方的高度重视。对攻击者而言,可用于对目标网络的侦察探测,获取其环境及存在的漏洞等;对防御者而言,可用于对受保护网络渗透测试的基础性工作。根据是否与目标网络发生交互,网络安全扫描可划分为入侵式和非入侵式。其中,非入侵式可有效隐蔽扫描行为,减小对目标网络运行的影响,并避免触发防火墙、入侵检测系统的报警。回顾了传统入侵式网络安全扫描技术的发展,针对当前借助搜索引擎实现非入侵扫描的方法,分析总结了基于通用搜索引擎和专用搜索引擎两类非入侵式扫描技术的原理与方法,并结合相关实验结果对各自的优缺点进行了总结。最后,讨论了非入侵式扫描技术的发展趋势和进一步的研究方向。
Network security scanning technology (NSST) is highly appreciated by both attackers and defenders. With NSST, attack- ers may detect targeted network for the intelligence of its environment and exiting vulnerabilities, and defenders may complete ancillary work like penetration testing for protected networks. Based on existence or non-existence of interaction with targeted network, NSST may be divided into two categories-intrusive and non-intrusive, of which the non-intrusive could effectively coven its scanning behav- ior, reduce its impact on the targeted network and avoid triggering the alarm of firewalls and intrusion detection systems. This paper re- views the development of traditional intrusive NSST. As for that the current realization of non-intrusive NSST relies on search engines, the principles and methods of two non-intrusive NSST technologies based on general and specialized seareh engines, are analyzed and summarized, and in combination of relevant experiment, their advantages and disadvantages are summed up. The development trend of non-intrusive NSST and next-step research directions are finally discussed in the paper.
出处
《信息安全与通信保密》
2016年第9期67-72,76,共7页
Information Security and Communications Privacy
