| 王梦雨* **,朱树永*,张玉军* **.一种基于行为特征的网络靶场大规模攻击流量生成方法[J].高技术通讯(中文),2024,34(11):1153~1163 |
| 一种基于行为特征的网络靶场大规模攻击流量生成方法 |
| A method of generating large-scale attack traffic in Cyber ranges based on behavioral features |
| |
| DOI: |
| 中文关键词: 网络靶场; 攻击模拟; 行为特征; 流量生成 |
| 英文关键词: Cyber range, attack simulation, behavioral feature, traffic generation |
| 基金项目: |
| 作者 | 单位 | | 王梦雨* ** | (*中国科学院计算技术研究所北京 100190)
(** 中国科学院大学北京 100049) | | 朱树永* | | | 张玉军* ** | |
|
| 摘要点击次数: 15 |
| 全文下载次数: 25 |
| 中文摘要: |
| 网络靶场是进行网络安全研究和攻防对抗演练的重要基础设施,生成攻击流量是网络靶场复杂行为模拟的主要组成内容。现有的攻击流量生成方法存在攻击类型有限、生成速率低下、流量内容单一等问题,难以满足网络靶场的应用需求。针对上述问题,本文提出了一种基于行为特征的网络靶场大规模攻击流量生成方法,根据攻击的动作序列和关键载荷等行为特征构建攻击模型,通过动态填充数据包模板的方式高速生成内容可变的大规模攻击流量。在此基础上,本文实现了攻击流量生成系统FATG。实验结果表明,与现有工具相比,FATG在攻击类型、可扩展性、流量内容灵活性以及生成速率等方面均存在优势,能够有效地模拟漏洞利用、拒绝服务等攻击行为支撑对网络靶场各类靶标设备的安全测试。 |
| 英文摘要: |
| Cyber range serves as an important infrastructure for conducting network security research as well as offensive and defensive adversarial exercises. Generating attack traffic is the main component of simulating complex behaviors in Cyber ranges. Existing attack traffic generation methods suffer from limitations in terms of attack types, generation rates, and traffic content, making it challenging to meet the requirements of Cyber ranges. To address these problems, this article proposes a method of generating large-scale attack traffic in Cyber ranges based on behavioral features. It constructs attack models with action sequences and key payloads, and efficiently generates large-scale traffic with variable content through the process of dynamically filling packets’ templates. On this basis, a fast and flexible attack traffic generator (FATG) is implemented. The experimental results show that FATG has advantages in attack types, scalability, flexibility of traffic content and generation rate compared to existing other attack tools. It can effectively simulate various types of attacks, such as vulnerability exploitation and denial of service, to support security testing of diverse target devices in Cyber ranges. |
|
查看全文
查看/发表评论 下载PDF阅读器 |
| 关闭 |
|
|
|
