Analysis Of Knowledge-based Systems Design And Implementation, Network Security Vulnerabilities

With the rapid development of network technology, software bugs have become the major accessing point of hackers and virus attacking main hosts. Every system has its vulnerabilities, and no matter how superb it is, there are always some features and flaws to be taken advantage of, which is also called while the priest climbs a foot, the devil climbs ten. But it is never too late to self-detect the bugs before the attacking. Namely, restoring the system upon finding the bug to minimize the loss. This paper sets out to provide a knowledge base system featuring overall examining and analysing such vulnerabilities.First of all, this paper discusses the definition, features, property description, classification principles of the vulnerabilities, as well as the current researches at home and abroad on this topic. Then it introduces the network security vulnerability scanning technology based on bug bases to indicate the system structure of the traditional network security bug scanning structure, its working principle and its advantages and disadvantages, to demonstrate the direction in the network security vulnerability knowledge base system designing.Based on the collecting of the vulnerabilities of some operating systems, a network security vulnerability base with CVE standard is built by analysing the concerned bug information, and then a vulnerability patch data base is built on the platform of the knowledge base system of the bug base. The synchronization of the two systems and the patch distributing strategy are taken into full consideration during the designing and implementing process, and meanwhile log administration, module password, knowledge base correlation analysis and manual analysis is also designed in detail. This paper is to utilize the expandability of the plug-in module strengthening system aiming at different bug scanners and attacking tools to realize the basic functions mentioned. As for the application, this paper puts forward a project based on campus network to use network security vulnerability knowledge base system as campus vulnerability patching service platform to scan the vulnerabilities and download patches as well as providing advice for all the campus clients. The combination of the network security knowledge base system and simulation teaching is capable of spreading network security knowledge, and can also train high-quality network security technology talents for enterprises and colleges.