| With the IMS technology continues to rise, the communications environment has undergone great changes, from a simple manner of telegraph and telephone to the diversification of communication including voice, data and multimedia, and network convergence technology emerged. The trend of network convergence breaks the original communication network closure. The realization of the network structure optimization and the full utilization of network resources also forced people to start thinking about the security problems which already exist in the communication network, but has been overlooked.After the convergence of fixed, mobile networks and the Internet, IMS will be the most central part of the network, so the consequences of IMS network failure will be disastrous. Thus, the study of IMS security and to understand how attackers invade an IMS network can reveal the problems existing in the network, thus contributing to further improve the IMS network and improve ability to resist risks.The paper first gives the IMS vulnerability evaluation system's structure, as well as vulnerability assessment methods and means, which introduce the unique position where the detection module is. By comparing a variety of present network detection technologies and considering the functional requirements of evaluation system, using C/S structural model, a complete set of user interface has been designed; in order to ensure the widespread use and portability of detection module, the paper describes software architecture in detail based on the design of POSIX dynamic library. As a result of the design of dynamic libraries, the detection module can implement the high reliability requirements that software upgrades can be done without interrupting; subsequent article describes the flexible application of the dynamic library design in software dynamic deployment, which supports flexible and scalable deployment model of the detection of modules. The paper also describes in detail interface design and database design of each sub-module within detection module. In order to support multi-threaded concurrent processing, the overall interface design uses asynchronous communication mechanisms, which effectively enhances the Business processing capabilities of detection module and reduces the system load. At the same time, the paper provides detailed test methods and test data, and makes an analysis. Experiments show that this system can collect and store critical network data according to the external policy, provide users with convenient and efficient interfaces for a variety of operation, serve the entire IMS vulnerability evaluation system. |
PDF Full Text Request