| In recent years,the number and impact of network device vulnerability are on the rise.As the core component of information infrastructure,the security analysis of network device has important theoretical and social significance.Starting from the key problem of network device security analysis method,this paper studies the key technologies of network device security analysis.Three security analysis methods of network device are proposed from three aspects: the utilization of existing network device vulnerability data and the design and implementation of common network device protocols.The main work of this paper is as follows.(1)An ontology based knowledge base construction method for network device vulnerability is proposed.The knowledge base construction was divided into three parts: the vulnerability ontology of network device was constructed based on the Common Weakness List(CWE)to form the semantic knowledge of vulnerability domain;In order to solve the difficulty of obtaining network device vulnerability data,a concurrent crawler tool is designed and developed to efficiently build network device vulnerability database.In order to improve the mining effect of association rules,with the help of the semantic knowledge of vulnerability domain,the low-level vulnerability in the constructed vulnerability database is upgraded to the highlevel vulnerability,and the support degree of itemset is improved.Apriori algorithm is used to mine the association rules between network devices and vulnerability.The experimental results show that the constructed network device vulnerability knowledge base contains more network device and vulnerability association rules,and the vulnerability of network device can be effectively analyzed and predicted according to the association rules,so as to analyze the security of network device.(2)A method of network device security analysis based on protocol designed is proposed.Firstly,the protocol design specification of network device is analyzed and abstracted and simplified,and its formal representation is presented.Then,based on the formal representation of the protocol,the protocol model is constructed,and the properties that the protocol needs to satisfy are defined.Finally,model checker is used to verify whether the protocol model satisfies the properties specification.The results show that the security of network devices can be analyzed effectively by analyzing the protocol design of network devices.(3)A method of network device security analysis based on protocol implementation is proposed.By understanding protocol design specification of network device and using Wireshark to analyze protocol messages,extract protocol characteristics;based on the protocol characteristics and network device vulnerability knowledge base,the protocol message template is constructed heuristically,and the protocol implementation test code is written.Finally,using fuzzer to perform fuzz testing on network devices.The results show that the security of network devices can be analyzed effectively by analyzing the protocol implementation in network devices. |
PDF Full Text Request