Research On Firewall Security Risk Analysis And Detection Technology

With the continuous development of information science and technology in recent years,the network has become more and more closely connected with people's production and life,and various network security incidents have emerged endlessly.As a security device that isolates and controls unauthorized access behaviors,the firewall is widely deployed between the internal network and the external network to protect the network security of internal users.Once a firewall device is compromised by an attack,it will pose a huge threat to the internal network.At present,there is a lack of sufficient research and effective detection tools for the security risk analysis and detection of firewalls.Therefore,in order to better protect and enhance users' network security,it is of great significance to conduct security risk analysis and detection technology research on firewall equipment.This article conducts research on firewall security risk analysis and detection technology,mainly including the following four aspects: First,based on multiple firewall incidents in recent years,the security threats in the firewall are analyzed,and the vulnerability of the firewall to the security risk analysis Were studied.Second,through in-depth research on intrusion detection,security device analysis,and vulnerability and utilization technologies,according to the analytic hierarchy process and the "Risk Mode Effect and Criticality Analysis" mechanism(RMECA),the firewall security risk points and In combination with the corresponding detection points,a Firewall Security Risk Analysis and Detection System(FSRADS)is proposed.Then,based on this system,a prototype of "firewall security risk analysis and detection system" was designed,the design ideas and design methods of the prototype system were introduced,and a firewall security vulnerability library was established through the disclosure of vulnerability resources,and a firewall security verification method wasproposed.Can help firewalls perform security verification analysis.Finally,the prototype system was implemented based on Tornado framework and Mongodb database,and the main system structure,control center,acquisition module,anomaly detection and other major modules were described in detail.Among them,according to the characteristics of the firewall device itself,a data acquisition method is proposed,and the firewall data can be obtained more accurately through multiple access methods and processed and analyzed.The research results provide new ideas for related personnel to continue to study the security risks and detection of firewalls.In order to verify the actual effect of firewall security analysis and detection,a functional test was performed on the prototype system implemented in this thesis.During the test,all functional modules are running normally,the operation is simple and smooth,and the detection results are more accurate,which basically meets the needs of firewall security risk analysis and detection.