Research On Security Early Warning Based On Network Assets Fingerprint Detection Method

Since entering the 21 st century,China has been enjoying benefits brought by the development of the Internet,while it has been severely threatened by the network security at home and abroad.Particularly in recent years,the network security issues have been increasingly prominent,which led to led to the work of all units in network security is getting more and more difficult and passive.It is urgent to find a new way or approach to help them sort out their own safety management scope in a convenient way,accurately and promptly discover potential network security risks within the jurisdiction,and take initiatives to well prepare for jobs related to security pre-warning and reinforcement,etc.On the basis of the relevant research results of identification approach for network asset fingerprint and security vulnerability evaluation and prediction models at home and abroad,and combined with project practice,exploration and research on security pre-warning based on detection approach for network asset fingerprint in view of the existing issues of insufficient network security personnel,blurring security management boundary and overdue security pre-warning,etc.The main research content is as follows:1.Research on detection approach for diversified network asset fingerprint.Through research and experiment on three kinds of new detection approaches for network asset,namely active IP scanning identification,passive flow analysis and identification and non-intrusive search engine recognition,an iterative detection approach model with lightweight asset detection as asset baseline is put forward in the paper.Compared with conventional asset detection and identification approaches,this model is capable of being access to asset information within a specific cyberspace domain in a more convenient and accurate way.2.A vulnerability prediction model based on genetic algorithm(GA)optimized Light GBl I algorithm is proposed.Light GBl I algorithm is a relatively new kind of algorithm model at present,which is suitable for processing massive security data and is capable of achieve more accurate prediction of vulnerability utilization intelligence.However,it has too many parameters,and its parameter adjustment mainly depends on numerous enumeration experiments at the beginning of the research,and the experiment parameters are not necessarily the optimal solution.In view of the above-mentioned issue,the genetic algorithm is introduced in this paper.By adopting the idea of evolutionary genetics,the optimal parameters adapted to the environment are obtained through simulating the mechanism of biological natural selection and heredity.Meanwhile,prediction accuracy of Light CBM algorithm in vulnerability utilization intelligence has been further improved through improvement and optimization.3.A security pre-warning system model based on detection approach for network asset fingerprint is put forward and is realized according to the project requirements.The whole system model is generally divided into three layers,that is,network asset collection layer,asset fingerprint identification layer and asset analysis and pre-warning layer.The system has established the network asset information base through detection approach for network asset fingerprint,extract vulnerability features by combining CVE vulnerability information,obtain vulnerability utilization intelligence by using the improved Light CBM algorithm,establish the vulnerability information base,finally identify risky assets and give them security pre-warning through the collision between asset fingerprint and vulnerability features.