基于OVAL的漏洞评估系统研究

【作者】 钟永松；

【导师】 李毅超；

【作者基本信息】 电子科技大学 ， 计算机应用， 2007， 硕士

【摘要】 随着计算机网络技术的迅速发展,网络安全问题己成为当前网络技术研究的重点。漏洞评估技术能够检测网络系统潜在的安全漏洞和脆弱性,评估网络系统的安全状况,是实现网络安全的重要技术之一。现有漏洞扫描、网络安全评估等安全工具不能满足现在网络安全的需要,没有一种标准化的方法和符合标准的产品或服务,不能准确检测出系统存在的漏洞、补丁错误、配置错误等问题,不能很好地实现各种网络安全产品和服务间兼容和互操作。这使得网络安全评估依然严峻。针对这些现状,本文研究了基于国际OVAL(open vulnerability and assessment language开放漏洞评估语言)的漏洞评估系统。目的是研究标准化的漏洞描述方法,实现漏洞描述、漏洞检测过程、漏洞评估地标准化,以及网络的整体安全态势的评估;基于OVAL的漏洞评估系统也能很好的解决与其他安全产品的互操作问题。漏洞评估系统采用一个控制中心与多代理的系统架构。本文研究了当前漏洞检测评估的现状与发展。主要分析了当前的一些洞检测产品,漏洞描述向规范化、结构化、标准化方向发展;研究了漏洞产生的原因,漏洞的危害,漏洞的检测的原理,以及漏洞检测技术的发展。本文研究了OVAL标准,对OVAL语言的定义,用OVAL定义漏洞,做了全面的研究。对单一漏洞安全级别,本文采用CVSS漏洞评估标准体系,本文对CVSS漏洞评分系统做了全面的研究,并用实例加以阐述。以OVAL漏洞定义和CVSS评分标准为基础,研究了基于安全案例的网络安全态势评估方法,对检测网络和系统的整体安全态势进行评估。本文在前面的研究基础上,综合传统的漏洞检测评估技术以及最新的漏洞评估的技术和标准,分析和设计了基于OVAL的漏洞评估系统。对系统的设计目标、系统的流程、体系结构、基本的功能模块、各模块的逻辑关系等进行了详细的分析和设计。最后实现了基于OVAL的漏洞评估模型系统的主要功能模块,并做了测试,给出了测试报告。更多还原

【Abstract】 With the rapid development of computer network technology, network security has becomed the focus of the current network technology. Vulnerabilitiy assessment technology can detect potential security vulnerabilities and assess the security situation of network .It is one of the most important network security technology.Now there are many vunerability scanners and network security assessment tools, but they could not satisfy the demand of network security. However, there is not one standardized method and product or the service which conforms to the standard. The product and the service cannot accurately dectect the existence vulnerability, patch mistake and configuration mistake of the system.And each kind of network security product and the service can not be well compatible and operate mutually. This causes the network security assessment to be still stern.In light of the status this paper has studied the vunerability assessment system based on the international open vulnerability and assessment language. The purpose is to study the standardized description method of the vulnerability and to realize the standardization of the vulnerability description and the process of the vulnerability detection and assessment and to assess the overall security situation of the network. The vunerability assessment system based on OVAL will be good to solve the problem of the compatibility. The vulnerability assessment system uses a control center with a multi-agent system architecture.The paper has studied the present situation and the development of the current vulnerability detection and assessment technology. Current popular vulnerability dectection products have been analyzed. The vulnerability detection technology develop ahead standardization .The paper has studied the reasons that the cause vulnerabilities, the harm of the vulnerability, the vulnerability detection principle as well as the development.of the vulnerability detection technology.The paper has studied the OVAL standard, the definition of the elements of the OVAL and the definition of the vulnerability with OVAL.To the single vulnerability security rank, this article uses the CVSS to assess it in the system.This article do the comprehensive research to the CVSS. CVSS assesses the vulnerability security rank from the basic factor, the life cycle factor and the environment factor. And this was elaborated with the example. Taking the oval vulnerability definition and the CVSS grading standard as foundations, the paper has studied network security situation assessment method based on the security case to assess the overall security situation of the network and the system.Finaly the paper has combined the traditional technology of the vulnerability detection and the newest OVAL and analyzed and designed the vulnerability assessment system based on OVAL.The paper has analyzed the goal of the system design, the management process of the system, the system architecture, and the basic functional modules. Finally the paper implemented and tested the main modules of the vulnerability assessment system based on the OVAL.更多还原