Design And Implementation Of Network Detection System Based On PaaS

In recent years,due to the development of computer and network,as well as the development of cloud computing,big data,deep learning and other cutting-edge technologies,our life and working style has also undergone tremendous changes,especially the "Internet plus" era,the network openness,sharing,and constantly expand and improve the degree of interconnection,the importance of network and its impact on social and economic life has become more and more great.At the same time,various network security incidents emerge in an endless stream,including mobile Internet malware,distributed denial of service attacks,domain name security,system vulnerabilities,phishing,web tampering,Website Malicious Code.Internet infrastructure,important information system is still facing great security risks and challenges.In particular,the continuous development and maturity of cloud technologies have made the security of cyberspace more important.Cyberspace security will become more difficult to prevent with the deepening of cloud computing and mobile computing.Without doubt,network security is a very arduous and lasting task.It has become an urgent problem in cyberspace.In order to assist the security administrators to detect and deal with a variety of network security incidents and threats,to nip in the bud,the system realizes the network detection system based on PaaS,mainly adopts active detection mode,the implementation of basic information collection(service port and operating system),web site tamper detection.Network scanning to host discover and service port detection,operating system,has important significance,can help network administrators to find potential vulnerabilities and threats in the network,such as the WannaCry outbreak in May 2017,is to use port 445 Windows network sharing agreement.In this project,the detection and acquisition of information such as service port and operating system is realized based on Nmap network scanning technology.In 2016,according to CNCERT monitoring found that in China about 17 thousand websites were tampered,though fewer than in 2015,but the site tampering is still underestimated.Therefore,based on the different types of tampering with the system,we deign different detection engine,mainly including page detection,insertion detection,darklink detection and comprehensive detection method and so on.This system mainly includes the development of detection engine and the development of web application management system,engine program using Python development,management system using Java language development B/S Web application architecture,resource management,task management,result display and so on.In order to test the safety of a huge number of website,the PaaS cloud platform to carry out exploration tasks based on first engine program package to the Docker image,and then released to the PaaS cloud platform,cloud platform to make full use of resources,to carry out exploration tasks.Cloud platform will probe the state information and the detection results of task execution were placed in the Kafka cluster,the corresponding task by subscribing to consumer news,and then processed,and stored in the MySQL database and Hive database,at the same time,the results are presented to the user in real time through the Redis cache.The project system mainly target users for network security staff.They through active detection of network using this system,it can help to detect almost all kinds of security risks,so as to quickly and accurately deal with security incidents.At present,the system has been in the trial operation stage,the system is running well.