Research Of A Distributed Vulnerability Detecting Technology

As a fundamental technology in field of network and information security, vulnerability detecting technology directly related to the accurateness of network security evaluating and the effectiveness of safety prevention. The existing technology and system of vulnerability detecting, however, have difficulties on dealing with network crossing, interceptor crossing and bottle-neck effect, etc. Therefore, it is necessary to put forward a new vulnerability detecting technology.This paper analyzed the limitations of tranditional vulnerability detecting system and proposed a distributed vulnerability detecting technology based on unifying the new requirements of detecting and the technical points of traditinal distributed technology. The distributed detecting technology has the character of virtualization, intellectualization, dynamic scalability and platformization. In order to achieve design object of this technology, this paper expounded the distributed vulneability detecting mechanism and its design principles.Based on these princples, this mechanism is described in the terms of distributed architecture, scheduling structure, service providing mode and global view.For domain-oriented distributed architecture, it contains service domain, management domain and bearer domain. The architecture supports three detecting types that subnetworkMatch, virtualLANIDMatch and hostClusterIDMatch.Through configuring DomainMgr server, ScanMgr server, scanning resources and related properties,a typical distributed detecting system is deployed. For hierarchical strategy scheduling structure, it has domain scheduler, Scanning resource scheduler and two types of control message. Both of them satisfy distributed detecting mechanism's management demand of service domain scheduling, detecting resource scheduling and detecting task scheduling.For SOA-like service providing mode, it adds three new extended operations(Register, Synchronize, Submit) and a distributed vulnerability detecting schedule management protocol called DvdSMP on the basis of SOA. These new features implement virtualization, intellectualization, and platformization of the distributed detecting. At the same time, a global view of detecting mechanism is presented to illustrate internal relation and usage mode of mechanism's three elements in the view of system deployer, system administrator, service developer and service consumer.Based on algorithm researching of Grid resource management and task scheduling, this paper also put forward a hierachical strategy schedule algorithm called HSSA for the hierachical scheduling structure. This algorithm is made up of service domain level schedule algorithm call SDLSA and scanning resource level schedule algorithm call SRLSA which are realized and used by Domain Schduler and Scanning Resource scheduler respectively. Finally, the paper design and implement the prototype of distributed vulnerability detecting system called PODVDS.By the deployment of PODVDS in real network and the simulation experiment of HSSA, the paper showed the advantage of the new detecting mechanism and schedule algorithm.