Research And Implementation Of Vulnerability Scanning Technology Based On B/S Framework

Software loopholes in the system, have become the main factors threatening the security of information. Every moment, every second, in place of Internet are happening, hackers use the loopholes of software, unauthorized attempt to access system resources, destruction of the confidential data, threatening the security of the information system, and then cause the inestimable losses to the enterprise and national. So if can before the software system in the process of software release or used, timely detection of the existence of loopholes and repair, prevent malicious use, which will improve the security of information system to a great extent.This paper studied the vulnerability scanning system architecture of the B/S MVC model as well as its transport protocol based on OMP. On this basis, according to the characteristics of vulnerability scanning system, analyzes the shortcomings of the traditional MVC model, design a suitable for vulnerability scanning system of OW_MVC model, and based on the implementation of a high availability of vulnerability scanning system. The main results are as follows:(1) Proposed for high availability of vulnerability scanning system, and B/S framework based on the MVC model--OW MVC. OW MVC model based on the conventional MVC model, according to the characteristics of vulnerability scanning system control layer content large, complex business logic, it was divided into Manger layer and Scan_Engin layer two layer. The business logic of differentiation, between each module level clarity, improve the reusability of modules and reduces the cost of system maintenance.(2) According to the OW_MVC model, the design and implementation of high availability of vulnerability scanning system based on B/S architecture. The system was composed of WEB client module, the scanning control module, module and database module scan engine. This thesis described in detail the various modules of the module was connected between the through OMP protocol, the scan engine using the technology of multi thread and NASL plug-in, and adopted the active attack mode to realize the vulnerability detection function.(3) The vulnerability scanning system was evaluated on function and performance. The first evaluation of the integrity of the WEB client function of each module, and then the vulnerability scanning function for vulnerability scanning system, using the current major PC operating system (Linux, Windows and MAC) platform, we test the function of vulnerability scanning, and finally compared the performance of OpenVAS and vulnerability scanning system. The evaluation results showed that, vulnerability scanning system of B/S architecture based on OW_MVC model was designed in this paper, complete functions, high performance.This paper presented the OW_MVC model for complex system based on B/S framework effectively solves the logic relation of each module of the business processing vulnerability scanning system, used in the process of vulnerability scanning in multi thread technology and NASL plug-in technology, effectively solved the vulnerability scanning system performance and scalability problems. In the future development of vulnerability scanning system based on B/S architecture provides a new solution.