Analysis and Research of Computer System Common Vulnerabilities Exposures(CVE)

摘要

Recently , network has a great development in the world , while the security problem of network is standing out. The main threat comes from intrusions and destructions using the vulnerability of system or network. At the same time, since the development of computer software and network, the form and scope of the vulnerability have a great evolvement and extend. So to collect and keep away the vulnerability of system and network, protect computer system, network and all the foundation of information establishment have been a urgent project. This paper is a thesis about network security which is stronger in technology and practicability, it has certain theories according and consult value.This text introduces the present condition of network security in current, and puts forword the leak analyzes which is one of the core techniques in network.Since the description of vulnerability information is disorderly , simple and inaccurate in china currently, we research the computer public weakness/ risk( CVE) in deep from manifold point, and establish up the Chinese description standard of CVE on this base. We particularity classify the CVE leaks in many ways,also analyze the three-dimension structure of CVE according to the leak's abstract level, and establish a database information system of computer public weakness/ risk( CVE) which is practicability and has abundant contents. It will be a theoretical foundation for OS design, IDS development and Network Security valuation.