The System Of Network Security Evaluation Based On Information Detected

The network systems have serious vulnerabilities. The Network Security Evaluation based on information detection is an important and effective protection method, which is under the foundation of information discovery and vuhierability evaluation. It is also an important aspect of the rapid development in network security field in recent years.The main research content of this paper is network information detection technology and network security evaluation method. In a network environment, the detection of active hosts is the iirst step, the second is to obtain their opening ports, services and operating system version, at last the vuhierability information of the network system can be acquired for comprehensive evaluation.The paper introduces the theory of the information detection and security evaluation technology first, discusses domestic and international research and development trends, the technical fields this subject belongs to.The paper mainly studies on the key techniques of information detection and the methods of security evaluation in chapter 2 and 3. On the base of protocol analysis, the existing detection technologies are classified; various technical principles, features and the application environment are studied. The security evaluation system based on vuhierability adopts the fuzzy venture evaluation model for security analysis, and rule matching for information detection. Thus the existent venture of the network system can be discovered. These strategies provide the complete foundation for the realization of the system.According to the key techniques above, the paper designs system of network security evaluation based on information detection in chapter 3, and supplies method for the system realization. First, this chapter elaborates the total designation, frame and workflows of information detection. Then the main information characters are explained. Last the paper introduces in detail about modules of active hosts discovery, opening ports and services discovery, route information discovery, OS version discovery and vulnerability evaluation.Finally, this paper verifies the system performance .by the thorough tests. According to the defects of the system, the future improvements are put forward.