Design And Implementation Of Vulnerability Scanning Engine Supporting Automatic Validation Of Results

Recently with the rapid development of computer network, network application has become increasingly rich, and it attracts a lot of people. Internet has gradually become a part of people’s life. Although the open web has provided convenient and efficient for people, at the same time brought a lot of potential security problems. Much software, hardware, and system security strategy has related loopholes, and the attacker can find these holes through certain technical means, and then use these holes to obtain user’s privacy, destroy the system, which causes huge losses to the user. So we need to find all these holes of the system, and report these holes, so the user can fix all these holes. And vulnerability scanning system can provide all these functions.As an important part of vulnerability scanning system, vulnerability scanning engine is mainly responsible for specific scanning task, provides scanning executive function, and provides interface for scanning management platform to accept task management. In order to enhance the execution efficiency of vulnerability scanning engine, and improve the execution efficiency of the whole vulnerability scanning system, this paper proposes a vulnerability scanning engine supporting automatic validation of scanning results, and then designs and implements the engine.This paper firstly analyzes the current vulnerability scanning technology, and then introduces the architecture and working process of vulnerability scanner which is based on network, finally introduces NASL scripting language which is widely used in writing vulnerability scanning plug-in currently. Based on all the above background, this paper puts forward the functional requirements of vulnerability scanning engine. The engine must be able to provide vulnerability scanning services in division of task, reliable plug-in scheduling strategy, and can carry on the dynamic strategy adjustment according to the scanning results, at the same time it needs to provide the whole plug-in library, and partly compatible on the existing NASL plug-in.Finally this paper proposes the design and implementation of the vulnerability scanning engine that accords with afore-mentioned functional requirements, and then uses the engine to scan the target hosts in the Internet. The test results show that the vulnerability scanning engine has complete function and great performance.