Research On Distributed Vulnerability Scanning Technology Based On P2P

With the rapid development of the internet,the network not only brings convenience to people,but also brings a variety of potential threats.Hackers use the vulnerabilities in the network to illegally enter other people's networks and destroy their computers,which caused a huge loss to the attacker.The potential threat that brought by the vulnerabilities makes people think of how to defend against hackers'attacks by proactively discovering vulnerabilities and repairing them in time.This is vulnerability scanning technology.However,with the increase of vulnerabilities,the number of plug-ins for vulnerability scanning has reached 100,000.The traditional single-machine vulnerability scanning system cannot quickly complete the scanning taskes,and the scope of scanning is also limited,which cannot meet the requirements of large enterprises.Centralized distributed systems is prone to single point of failure.Therefore,this paper deeply researches vulnerability scanning technology and P2P network technology,and successfully implements a decentralized distributed vulnerability scanning system.Firstly,the paper introduces some security issues.Enterprises and governments are faced with the threat of hackers that use vulnerabilities to invade security hosts.It is very effective to reduce such threats by detecting and fixing vulnerabilities in time.However,it is difficult to deal with a wide range of vulnerability scanning tasks to research on vulnerability scanning products at home and abroad.Secondly,the vulnerabilities scanning technology and P2P network technology are deeply studied.Combined with the characteristics of vulnerability scanning technology and the structure of P2P network,a distributed vulnerability scanning model of P2P structure is put forward.The characteristic of this model is that each scanning node is in the same position,and the malfunction of a single node does not affect the normal operation of the entire system.It is introduced in detail about the joining and exiting of scanning nodes,the collaborative operations between scanning nodes,the task scheduling technology that uses load balancing improve the resource utilization of each node in the model.Finally,a distributed vulnerability scanning system was designed and implemented based on the model.According to the characteristics of the distributed system,the system is divided into four parts:client,controller,scanner and database.The client's function is to communicate with the user.The user can create vulnerability scanning strategies,create and execute scan tasks,download scan reports,and so on.The function of the controller is to connect the client and the scanner,to be responsible for the communication between the nodes,the scheduling of tasks,the analysis of the scan results,and the operation of the database.The scanner calls the scan plugin to perform scan tasks.The database is used to store data about the system.Subsequently,the system test environment was built and tested according to the functional design of each part.The test showed that the distributed vulnerability scanning system improved the efficiency of vulnerability scanning.