摘要
针对Iaa S平台主机的安全漏洞问题,提出了一种基于监视代理的Iaa S平台漏洞扫描框架。该框架通过增加监视代理,改进并优化传统漏洞扫描工具,增加软件版本更新检测功能,实现主机漏洞检测。该框架具有良好的扩展性、稳定性和实用性,并且易于在大规模集群中部署。实验证明,该框架可以有效检测主机中存在的漏洞和低版本软件并提供安全报告与建议,有助于降低物理节点和虚拟机安全风险,维护Iaa S平台的安全性。
A vulnerability scanning framework based on monitoring agents for Iaa S Platforms was presented,through adding monitoring agents to optimize the mechanism of traditional vulnerability scanning tools,including software version-updates detection function.The framework was scalable,stable and practical,and easy to be deployed in large-scale cluster.Experimental results showed that the vulnerability scanning framework could effectively detect the vulnerabilities and the legacy software in physical hosts and virtual machines,provide security reports and recommendations,and be helpful to mitigate the security risks and maintain the security of Iaa S platforms.
出处
《四川大学学报(工程科学版)》
CSCD
北大核心
2014年第S2期116-121,共6页
Journal of Sichuan University (Engineering Science Edition)
基金
国家科技支撑计划资助项目(2012BAH18B05)