摘要
网络安全漏洞检测在网络信息系统保障中发挥着重要的基础作用。文章首先对漏洞扫描器的原理和漏洞数据库进行了分析,接着介绍了模拟攻击脚本定制和插件技术两种常见技术,最后给出了软件实现和利用该工具对系统进行安全分析得到的检测结果。实践证明,在该工具软件在已实现功能的基础上,及时进行漏洞和插件更新,就可用于网络系统安全检测。
The cyberspace security vulnerability detection plays an important basic role in network information system guarantee.This paper first analyzes the principle of vulnerability scanner and vulnerabil i ty database,then introduces two common technologies,i.e.s imulat ion at tack scr ipt customization and plug-in technology,finally,the software implementation and the test results of the system security analysis by using the tool are given.It has been proved that,on the basis of the realized function of the tool software,the vulnerability and plug-in update in time can be used for network system security detection.
作者
张昊
贺江敏
屈晔
Zhang Hao;He Jiangmin;Qu Ye(The 5th Electronics Research Institute of the Ministry of Industry and Information Technology,GuangdongGuangzhou 510610;South China University of Technology,GuangdongGuangzhou 510641)
出处
《网络空间安全》
2020年第9期84-89,共6页
Cyberspace Security
关键词
网络安全
漏洞
数据库
测评工具
cyberspace security
vulnerability
database
evaluation tools