Design And Implementation Of Vulnerability Detecting Tool For Iaas Cloud Platform

Security issues have been worrying cloud service providers and users since the cloud computing technology had been proposed. With the popularity of cloud computing, more and more hackers are interested in the vulnerability discovery and utilization of the new computing model and the corresponding platform. Therefore, it has attract more and more attentions on cloud computing security that help to promote the improvement of cloud computing security. With vulnerability detection tool for IaaS cloud, we would be able to discover vulnerabilities in the cloud and patch them before they are exploited by attackers. In this way, the detection tool would effectively improve the security of IaaS services, prevent from the potential attacks and promote the healthy development of IaaS cloud computing.In this paper, the basic mechanism of IaaS cloud computing is studied, common security threats faced by the virtual machine are classified, and the effect of virtualization to the traditional tool security is analyzed. Those studies provide guidance to the system administrator for rational using and configuring vulnerability detection tools. Besides, in order to provide theoretical support for the design principle of vulnerability detection tools, vulnerability detection technology is summarized, including the vulnerability scanning technology of known vulnerabilities and the static and dynamic detecting technologies for unknown vulnerabilities. Considering the fact that most security issues are caused by known vulnerabilities, vulnerability scanning is used to implement the tools. Furthermore, the framework of OpenVAS is adopted to provide technical support for the implementation of the vulnerability detection tool. A vulnerability detecting tool for IaaS Cloud is designed and implemented. The tool is designed using modularization. Each module can be upgraded independently. The scanning function is implemented with plug-ins, which provides good scalability. This vulnerability detecting tool provides security information management functions as well as report functions that are convenient for the IaaS cloud platform security management. Futhermore, over30common vulnerability scanning plug-ins for virtualization system are developed for detecting IaaS vulnerabilities. The test results show the effectiveness of the implemented tool.