Distributed Scanning Technology Based On The Relationship Between Internet Host

The development of Internet information technology has driven the increase in network openness and connectivity.The continuous demand for network applications is driving clusters of key infrastructure,industrial control systems,and IoT clusters to access the Internet,exposing more network vulnerabilities and providing opportunities for unscrupulous applicants.Network scanning can be combined with the latest vulnerability information to proactively detect vulnerabilities in network devices and network clusters.It can also measure network space security and timely control the damage caused by vulnerabilities.Traditional network scanning tools tend to increase the scanning efficiency,ignoring the impact of scanning on the target network,and reducing the accuracy of the scanning results while causing adverse effects.In response to this problem,this paper studies common port scanning methods and port scanning tools,and models the scanning methods that reduce the impact of target scanning.The research on the network host relationship model,combined with host port service information and network topology relationship,uses unsupervised clustering technology to discover the relationship between hosts,and adjust the scanning strategy according to the host relationship in the scanning target to reduce the scanning impact.In practical applications,scanning efficiency is often limited by the local network environment and the TCP/IP protocol stack.Therefore,the subject designed a distributed scanning system and a correspondingly scalable stateless scanner.Then the topic discussed the overall framework of the distributed scanning system and some problems in the implementation,and designed a distributed task scheduling algorithm to meet the scanning impact constraints.In order to verify the reduction of the impact on port scan of the system designed by the project.The subject designed a number of experiments to test and evaluate the characteristics of the clustering algorithm and the selection of parameters,the scanning effect of the actual application of the system,and compare it with the Masscan scanner using random scanning.The experimental results show that the system designed by the subject has higher accuracy and lower detection rate than the Masscan random scanner,that is,the scanning method designed by the subject has a lower impact on the scanning target.