S. Zhou,Guanghui Ren,Yaling Liu,Xinyu Yang

2018-02-07

Abstract:In recent years, the Internet as a symbol of the computer network protocols, standards and application technology development is extremely rapid. But the Internet is like a sharp double-edged sword, it is for the convenience of people at the same time, but also for computer viruses and computer crime to provide the soil, for systems, network protocols and databases, whether it is its own design flaws, or due to human factors caused by a variety of security vulnerabilities, may be some of the other attempts to use hackers and attack, so the establishment of an effective network security system is even more urgent. To ensure network security, reliable, you must be familiar with the general process of hacker network attacks. The only way to do before the hacker attack the necessary precautions is to ensure that the network is safe and reliable operation. This article comprehensively analyzes the steps, methods and common attack tools of network attack, and tells the concrete precautionary measures from several aspects, so that readers have a comprehensive network of knowledge, in the treatment of network threats are well prepared.

Computer Science,Engineering

Chungang Liu,Jianhua Li,Xiuzhen Chen

DOI: https://doi.org/10.1007/978-3-642-28490-8_29

2012-01-01

Abstract:The research on network vulnerability analysis and management has gained increased attention during last decade since many studies have proved that combination of exploits is typical means to compromise a network system. This paper presents an intelligent method for analyzing and classifying vulnerabilities based on text mining technology. The proposed mechanism can automatically classify vulnerabilities into different predefined categories and obtain valuable information from abundant vulnerability texts. A series of experiments on 1060 new reported vulnerabilities in last three years by CERT are performed to demonstrate the efficiency of this mechanism. The results generated by this study can be applied to detecting multistage attack, correlating intrusion alerts, and generating attack graph.

Xueshuai Ge,Tieming Liu,Yaobin Xie,Yuanyuan Zhang

DOI: https://doi.org/10.1117/12.2683413

2023-01-01

Abstract:The mining and exploitation of security vulnerabilities have always been the focus of offensive and defensive confrontations. In recent years, with the application of technologies such as fuzzing in vulnerability mining, the number of discovered vulnerabilities continues to increase, which seriously threatens the security of the network world. With so many vulnerabilities, it is unrealistic to rely solely on manual analysis by security experts, which is not only costly, but also time-consuming, and cannot meet the needs of vulnerability assessment and defense. Therefore, an automated exploit solution for vulnerabilities is urgently needed to solve the problem of low efficiency of manual vulnerability assessment. Existing research has proposed some solutions and achieved certain results. The purpose of this paper is to review and analyze the existing typical research results.

Wei Pan,Weihua Li

DOI: https://doi.org/10.1109/ispa.2009.73

2009-01-01

Abstract:In information era advocating ubiquitous computing, computing resources are susceptible to attack without guaranteeing security of network system. It is necessary and desirable for network system to employ powerful safeguard to protect itself against diversified vulnerabilities. In this paper, we present reverse analysis and vulnerability detection for network system software (RAVDNSS), a novel approach which uses reverse analysis and vulnerability detection technologies to deal with security problems on critical network system. Adaptive reverse analysis we propose is used to dig out potential vulnerabilities, which might be abused by unauthorized and unlawful communities. A new vulnerability detection model is designed to provide safety precautions through detecting vulnerabilities and monitoring program behaviors. Our investigation aims to improve the ability to guard network system against malicious attacks. The proposed schemes demonstrate that our approach can effectively perform security detection and management of network system software.

Wei-wei CHENG,Yu-liang LU,Yang XIA,Guo-zheng YANG

DOI: https://doi.org/10.3969/j.issn.1000-2162.2007.04.008

2007-01-01

Abstract:Computer network vulnerability assessment is the important part of the computer security domain,it is very important to improve oneself security level of computer network.This paper introduces the computer network vulnerability firstly,expatiate on the problem which should be solved by the vulnerability assessment,embody introduce some main methods of computer network vulnerability assessment and the issues faced,and then it gives the future work of computer network vulnerability assessment.

XIA Yang,LU Yu-liang,YANG Guo-zheng

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.19.050

2007-01-01

Abstract:Computer network security vulnerability assessment is a research focus in network security field.This paper puts forward the research target of computer network vulnerability assessment and the major problems appeared in the course of research.It analyses some resent research methods and techniques aimed at computer network vulnerability assessment,such as network vulnerability assessment in terms of network connectivity,intrusion path,graph theory,analysis tools,agent,AHP,as well as vulnerability dependence relation graph.Based on the analysis,it points out the advantage and disadvantage of each method.

Liwei Wang,Robert Abbas,Fahad M. Almansour,Gurjot Singh Gaba,Roobaea Alroobaea,Mehedi Masud

DOI: https://doi.org/10.1515/jisys-2020-0145

2021-01-01

Journal of Intelligent Systems

Abstract:Abstract With the advancement of internet and the emergence of network globalization, security has always been a major concern. During the trial operation, the management control platform discussed in this article included more than 600 network security vulnerabilities in the industry, with dozens of incidents, which were promptly dealt with and rectified, effectively improving the level of network security management and protection in the industry. As networks are very much vulnerable to denial of service attacks, much more emphasis has been given to security. By improving their network security, network administrators have often tried their best. To attempt penetration testing, it is the best way of ensuring the system security. With the development of information technology, the security requirement of information system is increasing day by day. The use of penetration testing technology is conducive to the realization of accurate positioning, accurate detection, and active alarm of security vulnerabilities, and the optimization of monitoring and rectification of the combination of network security management control system. Taking penetration testing technology as one of the core elements of management and control, the risk index model is optimized to make network security management controllable and efficient, and effectively achieve management and control objectives.

Yonggang Li,Jie Li

DOI: https://doi.org/10.1088/1742-6596/1684/1/012005

2020-11-01

Journal of Physics: Conference Series

Abstract:Abstract —Traditional network security vulnerability detection system is affected by detection tools, and the detection accuracy of complex network vulnerability is low. Therefore, this paper designs an intelligent detection system of asset security vulnerabilities under the multi heterogeneous web network. By crawling the asset security data in web network by crawler, the crawling data is integrated by using the characteristics of multi heterogeneous network. According to different types of security vulnerabilities, vulnerability detection is carried out to realize the intelligent detection of network asset security vulnerabilities. In order to verify the detection effect of system security vulnerabilities, comparative experiments are designed. The results show that the average false alarm rate of the designed system is only 12.3%, which is nearly 40% lower than that of the traditional system, which effectively improves the vulnerability detection accuracy.

Ya Ma

DOI: https://doi.org/10.52783/jes.3438

2024-04-25

Abstract:The protection of industrialized management systems and related network protocols is guaranteed by vulnerability mining innovation. The inadequate receiving efficiency and insufficient vulnerability mining capacity of vulnerability mining strategies are their drawbacks. So, this study analyzes the network protocol vulnerability mining using fuzz testing combined with deep learning (DL). In this study, Modbus TCP is employed as a network protocol regarding vulnerability mining. This paper presents a unique threshold-sample-driven deep neural network (T-s DNN) framework. Based on the TSDNN, we construct a fuzzing framework (T-s DNN Fuzzer) for Modbus TCP protocols. The DNN algorithm is first trained to understand the meaning of the protocol's data unit using this framework. The likelihood distribution of every value in the information is quantified using the softmax mechanism. The technique then examines the highest likelihood and the random variable's threshold in deciding whether to use the information value with the optimal likelihood in place of the existing information value. The MBAP header has been finished by the protocol standard. Fuzz tests demonstrate that in addition to increasing sample receipt levels and exploitability, fuzzing devices can identify protocol vulnerabilities rapidly. Experiments conducted with the T-s DNN fuzzer demonstrate that it can detect industrial control protocol vulnerabilities greater in addition to increasing test case reception scores and exploitability.

Computer Science,Engineering

Jin He,Boxiang Shang,Yan Li,Bo Yin

DOI: https://doi.org/10.1088/1742-6596/1550/3/032057

2020-05-01

Journal of Physics: Conference Series

Abstract:Abstract With the promotion of the ubiquitous power IoT strategy, as well as the extensive application of advanced information communication technology and Internet + in the power grid, the power system has gradually broken the previous closure and exclusivity. The construction and deployment of open, interactive, extensive and interconnected power web business system are becoming more and more widespread. The inherent vulnerability and hidden danger of power web system make power face the risk transfer from network and information security to power system. Aiming at the potential security problems of vulnerability in the massive power web system, an in-depth study is made on the automatic mining and utilization technology of the vulnerability in the power web system. By carrying out researches on the framework design of automatic mining and utilization of vulnerabilities in power web system and the intelligent new mode of exploiting vulnerabilities in power web system, the overall design is made for the mechanism and model of automatic mining of asset vulnerabilities in power information system.

Kaiyu Shi,Xiangzhan Yu,Yue Zhao

DOI: https://doi.org/10.1145/3444370.3444625

2020-01-01

Abstract:With the rapid advancement of modern technology, software are getting more and more intelligent, whereas the related security issues are also becoming more and more prominent [1]. Developers can easily introduce bugs into a system due to mistakes or poor consideration, which in serious cases may lead to security breaches that can jeopardize the entire system or the entire network. Therefore, efficient and automated security testing techniques or theories are of great importance to software testing and vulnerability detection.

Donglan Liu,Xin Liu,Yingxian Chang,Jianfei Chen,Fangzhe Zhang,Rui Wang,Hao Zhang,Lili Sun,Fuhui Zhao,Mengqian Sun

DOI: https://doi.org/10.1109/ICEIEC58029.2023.10199571

2023-01-01

Abstract:In order to solve the security problems such as the lack of secure key management in the electric Internet of Things protocol, this paper studies the security enhancement technology of electric Internet of Things protocol based on lightweight cryptography technology and new trusted technology. A key exchange scheme based on lightweight cryptography technology is proposed to adapt to the resource-limited scenario of the Internet of Things. To protect keys and data on restricted devices and remote servers, explore lightweight cryptography and new trusted technologies. Performs cryptographic operations without exposing the private key and is resistant to tampering and probing attacks. To realize end-to-end communication and key management between Internet of Things devices and remote servers. At the same time, based on the fuzz testing technology, the unknown vulnerability mining technology of the edge device protocol of the electric Internet of Things is carried out. Firstly, the fuzz testing case intelligent optimization method is studied, and the test case set is reduced based on artificial intelligence algorithms such as genetic algorithm, protocol state machine and stain algorithm, so as to improve the test efficiency. Then, the unknown vulnerability discovery method based on state monitoring is studied, and the test case can be judged whether abnormal occurs by monitoring the state of returned data packets of the tested object, so as to determine whether there are vulnerabilities. Finally, the method of vulnerability intelligent location based on automatic location analysis is studied to accurately locate the test cases that cause vulnerability.

YU Li-li,DU Meng-sha,ZHANG Ping,JI Ling-li

DOI: https://doi.org/10.3969/j.issn.1001-3695.2012.11.001

2012-01-01

Abstract:A thorough test for Web application programs can be beneficial to finding security vulnerabilities promptly and improving the security quality of Web application.This paper firstly introduced the classification of Web application security threat and summarized common Web application security vulnerabilities.Then it comprehensively surveyed the state of Web security testing technology research,respectively compared weaknesses and merits of the static technologies and the dynamic technologies.At the same time,it introduced and concluded the detail of fuzzing,which was the new emerging technology in Web security testing.At last,this paper presented the problem to be solved and the future research direction.

Fan Yan,Yang Jian-Wen,Cheng Lin

DOI: https://doi.org/10.1109/icmtma.2015.77

2015-06-01

Abstract:The rapid development of computer network system brings both a great convenience and new security threats for users. Network security problem generally includes network system security and data security. Specifically, it refers to the reliability of network system, confidentiality, integrity and availability of data information in the system. Network security problem exists through all the layers of the computer network, and the network security objective is to maintain the confidentiality, authenticity, integrity, dependability, availability and audit-ability of the network. This paper introduces the network security technologies mainly in detail, including authentication, data encryption technology, firewall technology, intrusion detection system (IDS), antivirus technology and virtual private network (VPN). Network security problem is related to every network user, so we should put a high value upon network security, try to prevent hostile attacks and ensure the network security.

Xiang Gao,Liyuan Liu,Xuanbing Zhu

DOI: https://doi.org/10.1088/1755-1315/632/5/052065

2021-01-01

IOP Conference Series: Earth and Environmental Science

Abstract:Abstract with the arrival of information age, network has become an essential part of people's life, no longer exists as a tool. At the same time, network security has attracted more and more attention. In order to make the network more secure and reliable to play its value, understanding the main threat and its countermeasures of the current computer network is very necessary. This article first makes a brief introduction to the computer network security, introduces the concept, the development present situation and development trend, then expounds the computer network of the main threats, including five aspects such as hackers, spyware, computer virus and so on. Finally discusses the commonly used 5 prevention technologies at present, including firewall technology, antivirus technology, data encryption technology, intrusion detection technology and access control technology. Only by paying attention to network security can we protect our own interests.

Yong-Zheng Zhang,Xiao-Chun Yun,Bin-Xing Fang,Tao Zhang

2005-01-01

Abstract:With the development of computer software system, computer vulnerabilities are continually increasing. These vulnerabilities have severe impacts on confidentiality, authenticity and availability of computer system and network. In the field of host system vulnerability assessment, the traditional method is only to consider the threats of isolated vulnerability to software systems. However, through analyzing multistage attacks and vulnerabilities on Internet, we find that attackers often synthetically exploit several correlative vulnerabilities to badly compromise the systems. Therefore, study on vulnerability correlation is important for improving the accuracy and validity of security assessment. This paper firstly gives the definition, expression and significance of vulnerability correlation. Then a mining method for vulnerability correlation is proposed. Finally, an experiment is conducted to verify the efficiency of the new approach.

Meng Sun,Qi Wang,Jue He,Huailin Huang,Yu Huang,Xiaojie Shen,Yaohui Xiao,Suchun Fan

DOI: https://doi.org/10.1088/1742-6596/2290/1/012036

2022-01-01

Journal of Physics Conference Series

Abstract:Abstract Power system network is an important guarantee for the smooth operation of power enterprises. Considering the current automatic network vulnerability scanning method of power system, the detection rate of network vulnerability scanning is low due to its poor scheduling ability. Therefore, this paper designs a new automatic scanning method for network vulnerabilities in power system. According to the infrastructure of power system network vulnerability scanner, the power system web page interaction behavior recognition model is constructed to complete the power system web page interaction behavior recognition. On this basis, the power system network scanning scheduling algorithm is designed. Combined with genetic algorithm, the variation process of power system network vulnerabilities is determined, the power system network security situation is determined, the power system network scanning scheduling and vulnerability mining are realized, and the design of power system network leakage automatic scanning method is completed. The experimental link is constructed to verify this method. The verification shows that this method can effectively improve the detection rate of network vulnerability scanning and the efficiency of vulnerability scanning to a certain extent.

Xiang Li,Jinfu Chen,Zhechao Lin,Lin Zhang,Zibin Wang,Minmin Zhou,Wanggen Xie

DOI: https://doi.org/10.1109/cbd.2017.58

2017-08-01

Abstract:Software vulnerability remains a serious challenge to the software engineering domain over the past decade as a result of the recent technological advancement in information systems. The rapid development in software applications and failure on the part of system developers to properly analyze program codes before been released to the market increases the chance for data breaches. It is a known fact that most system failures are as a result of bugs and errors detected in software applications. Although code errors significantly affect software quality, there is no effective method that can be used in eliminating software errors to improve its reliability. Data Mining and its related algorithms are an active area which can successfully be applied in analyzing software vulnerability. However the concept of applying data mining techniques has not been empirically proven as an effective method for obtaining the essential characteristics of software vulnerability. To investigate this effect, we propose a vulnerability mining algorithm to analyze and obtain the essential characteristics of Software vulnerability based data mining techniques. We first extracted and preprocessed the software vulnerabilities using data mining techniques and common vulnerability database. We evaluate the proposed technique using the Common Vulnerability and Exposure (CVE) Database, Common Weakness Enumeration (CWE) Database, National Vulnerability Database (NVD) datasets. Empirical results show that the proposed vulnerability mining algorithm has a remarkable improvement in the vulnerability mining process. The most interesting finding is that, we observed that across all the three projects, recall was around 70% and precision was approximately 60%.

Hongkai Lin,Feng Zhao,Lina Qin,Hongkai Lin

DOI: https://doi.org/10.12694/scpe.v22i2.1881

2021-10-24

Abstract:With the advancement in communication technology, computer network will become important for information exchange. However, the network has the potential therefore the strong security policy is needed for network security ensuring. To prevent the computer network from the virus invasion, the computer network security technology is ensured, having a clear network virus understanding. In this paper, the structural model of network security detection and monitoring system is established in a proactive way, the function of each component is described, and the design model is introduced to conduct comprehensive and effective automatic security detection on the client and each layer of the network, so as to find and avoid the system from being attacked.Result: The observed example shows that the flow rate of information in and out of the network is relatively stable, with few changes, and the rate of change is close to zero per unit time. In the case of network attack, the amount of data flowing into the target network is far more than the amount of data flowing out of the network.Computer security technology is used to improve the security of the network and prevent network virus from attacking the computer network.