期刊文献+

基于模糊测试的工控网漏洞发现技术研究 被引量:2

Research on Vulnerability Detection Technology of Industrial Control Network based on Fuzzy Test
下载PDF
导出
摘要 本文通过深入研究当前漏洞发现技术,分析常用漏洞发现技术的优劣势,以及应用领域。基于CVE漏洞库改进了现有NMAP源码设计,对其扫描流程进行改进,提升对已知漏洞扫描的能力。对未知漏洞挖掘,优化设计漏洞挖掘测试生成算法和漏洞挖掘算法,对目标工控测试系统进行网络漏洞挖掘,从而得到工控系统已知或未知的漏洞分析报告,形成工控系统安全评估报告及安全应对策略。 This paper analyzes advantages and disadvantages of commonly used vulnerability detection technology and application areas through in-depth research on current vulnerability detection technology.The existing Nmap(Network Mapper)source code design is improved based on CVE(Common Vulnerabilities and Exposures)vulnerability library.Scanning process and ability to scan for known vulnerabilities are also improved.Known or unknown vulnerability analysis reports can be obtained in a few ways including mining unknown vulnerabilities,optimizing design of vulnerability mining test generation algorithms and vulnerability mining algorithms,and mining the target industrial control test system for network vulnerabilities.Industrial control system security assessment reports and security response strategies are also formed.
作者 刘坤 LIU Kun(Institute of Software and Service Outsourcing,Suzhou Chine-shiung Institute of Technology,Taicang215411,China)
出处 《软件工程》 2020年第12期27-29,23,共4页 Software Engineering
关键词 Fuzzing测试框架 漏洞扫描技术 漏洞发现技术 漏洞挖掘技术 fuzzy test framework vulnerability scanning technology vulnerability detection technology vulnerability mining technology
  • 相关文献

参考文献3

二级参考文献13

共引文献12

同被引文献25

引证文献2

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部