A Study Of Network Security Assessment Based On Penetration Testing

With the rapid development of the computer network technology, information system goes deep into every aspect of daily life gradually , People pay more attention to the topic. An information system usually faces the risk of internal and external threat,as a network manager,it's hard to protect the network security only if essential experience and knowledge of hacker was equipped.Network security assessment is an emerging field of network security branch, which uses a proactive approach to detect network security issues, it can effectively analyze the network host, a variety of network devices security policy, which found a variety of security implied vulnerability of a network security overall assessment of the situation, and gives solutions and suggestions.In recent years, network security assessment is widely used in a variety of network systems.From the point of penetration testing, we analysis and comparison the key technology of penetration testing , on this basis, a network security system based on assessment penetration testing was designed with the establishment of a network based on AHP security model. The main work of this paper is as follows:(1) Studied the status of domestic and international network security assessment, network security assessment and penetration testing techniques and use of assessment methods are analyzed ,and compared the safety assessment of vulnerability detection technology used in the trend.(2) On the Common Vulnerability Assessment System and AHP, we present a hierarchical analysis method based on network security assessment model .the model can be used to assess network vulnerability risk value of each component size and components in the network importance weights.(3) Designed a network security assessment system based on penetration testing, the system architecture, function modules, relationship between each module is detailed to introduce and constructed a Vulnerability Database information collection model.(4) Completed the design and implementation of a security assessment,which included the port scanning, OS detection, vulnerability detection, and other core functions.(5) By case analysis of the network security evaluation system, the feasibility and effectiveness of the system was proved.