Research On Techniques Of Vulnerability Detection And Security Evaluation Based On Correlation Analysis

Along with the rapid development of Internet technology, various kinds of network security problems caused by vulnerability bring a lot of trouble to people’s daily life and work. Therefore, vulnerability detection and network security evaluation become hot spots in network security research. However, for the existing vulnerability detection tools, the vulnerability information sharing among different vulnerability databases is poor. These tools support single type of operating system and have poor compatibility. And network security evaluation doesn’t reference the relationship among vulnerabilities, can’t provide effective guidance to the network security protection work.This thesis based on National Science And Technology Support Projects and the existing research on vulnerability detection and network security evaluation, carry out the research work from the following several aspects:1. Discuss the OVAL standard, definition and file structure in detail, design an OVAL-based vulnerability detection system model which contains the server and client function module. The OVAL-based vulnerability detection system model resolves the vulnerability information sharing problem and support cross-platform vulnerability detection.2. Change part of elements in CVSS, introduce a probability calculation model, improve the CVSS vulnerability scoring system, and solve the problem of CVSS quantitative calculation.3. Establish network security evaluation model based on vulnerability correlation analysis. Improve the network attack graph generating algorithm, introduce PageRank model to calculate the weight of attack graph node. Find out attack graph key attack path by attack graph node weight, then measure network security by network attack graph key attack path, give the network security measure computation model, realize the network security quantitative analysis by network attack graph. 4. This thesis gives the network experiment, designs the experiment model and attack graph analysis, and verifies the feasibility and validity of network security evaluation method based on attack graph correlation analysis.