Design And Implementation Of Network Security Exercises System For Web Applications

The exposure of the U.S. surveillance program codenamed PRISM that was leaked by Edward Snowden in2013, once again draws global attention to Internet information security. Many countries have expanded military research in Cyberwarfare technology one after another, a variety of Internet target range projects have been put into practice as well.75%of all security incidents occurred in web applications, in which a great number of governments, enterprises, organizations and individuals interchanging core business and sensitive information. It is critical to develop an Internet security exercise system that’s aimed at web applications, since network-based protection methods such as Firewall, IDS/IPS are no longer efficient to prevent application-layer attacks.This thesis consists of these following sections:1、Completion of the overall design of Internet security exercise system against web applications. And development of both system function modules and operation interface. Based on sufficient research in domestic and foreign Internet security and web applications defense system.2、Accomplishing analog simulation of complex virtual network environment by using virtualization technology. Ensuring prompt setup of all sorts of exercise environment by taking advantage of configuration file based Internet environment quick-setup technology.3、Analysis of vulnerability database construction. Proposing the description method of XML-based catalog web application vulnerability. Building the database for web applications defense exercise, along with defense toolbox.4、Optimizing layered analysis model of results evaluation index. Integrating the merits of Quantitative of Relationships of Subjective Evaluation and Entropy method. Confirmation of all index weights, improving accuracy of evaluation.5、Developing of B/S Framework management subsystem and exercise subsystem. Ensuring good interaction between users and systems, by adopting the combination of Apache+MySQL+PHP.This thesis designs and develops an Internet security exercise system focused on web applications, and the test result discloses that this system has accomplished its pre-anticipated goal. The outcome of this dissertation can be applied to provide researchers whom associated to web appliance technology with relevant and viable materials to read upon, it also improves the ability of safety protection and emergency response.