网络空间安全对抗演练方法研究

发布时间：2018-03-27 07:45

本文选题：信息安全技术竞赛　切入点：对抗演练　出处：《北京理工大学》2016年硕士论文

【摘要】：互联网面临的安全问题越来越严重,网络安全人才极度匮乏,如何快速培养安全技术人才是亟待解决的问题。网络空间安全对抗演练是一种客观地考察选手安全综合能力的方法,也是一种快速培养安全人才、提高网络安全技术能力的方法。对抗演练是一种将参演选手接入到预设的网络中相互攻击对抗,锻炼安全技术的过程。现在的安全竞赛普遍采取这种方法考察和评价参赛选手的能力。但是目前的信息安全对抗演练平台,在对抗演练模型、题目自动部署、目标网络架构、效果评价及其可视化方面还有较大的研究发展空间。现有的网络安全竞赛主要包括单对单对抗、单向攻击对抗、高地抢夺和阵地互攻击4种对抗演练模式,但是各个模式间含义相互交叉且其特征模糊。依据选手角色和目标网络的特征对模型进行分类,基于选手角色构建了单角色、双角色模型,基于目标网络构建了单级别和多级别网络模型,提出并构建了一种双角色多级别的网络对抗演练模型。该模型中参演选手既为攻击方也为防守方,演练目标网络由选手阵地网络和高地网络组成,题目形式多种多样,可采用串并联形式形成多个级别;模型网络结构真实性强;演练策略灵活多样;效果评价方法有利于选手展示激烈的对抗。针对现有信息安全竞赛系统存在着手动配置所占比例高、演练管理功能不全面、硬件依赖程度高等缺陷,以云计算、虚拟化平台为基础设计并实现了一个网络空间安全对抗演练系统,系统主要包括题目管理、网络部署、演练管理3个子系统。其中,题目管理子系统能够管理选择题、分项挑战题、综合对抗题等多种类型的题目。网络部署子系统部署网络的速度快、资源消耗低,能够灵活地对网络进行分域管理。演练管理子系统中包含的用户管理、积分管理等有效地降低了演练过程的管理成本。通过云计算和虚拟化技术有效地降低了网络环境对物理设备的依赖程度。通过2014、2015年信息安全与对抗技术竞赛实践,系统运行稳定,可靠性、适用性强。
[Abstract]:Internet security issues facing more and more serious, the network security personnel shortage, how to develop safety technical personnel quickly is a problem to be solved. Cyberspace confrontation training is a method of objective investigation on player safety comprehensive ability, is a kind of fast training method to improve the ability of security personnel, technology of network security. Confrontation drills is a participating players access to the default network attack against each other, the process of training security technology. Security competition now generally adopted this method to investigate and evaluate the ability of the contestants. But on information security training platform at present, in the confrontation training model, topic automatic deployment, network structure, and its effect evaluation there is a large research and development of visual space. The existing network security competition including one-on-one confrontation, one-way attacks against Highland Snatch and positional attack 4 mutual confrontation training mode, but each mode between the meaning and the characteristics of fuzzy intersection. According to the model classification of player character and target network, based on the player character to build a single dual role, role model, target network to build a single level and multi level network model based on the proposed and constructed the network confrontation drills a double role of multi level model. In this model the participants both for the attacker to defender, drill target network composed of players and high position of the Internet network, subject a variety of forms, can be used to form multiple level parallel network structure model; strong authenticity; flexible exercise strategy diversity; effect evaluation method is conducive to the players show intense confrontation. In view of the existing information security competition system has to manually configure the high proportion, exercise management function is not comprehensive, Hardware dependence on higher defects, cloud computing, virtualization platform based design and implementation of a network security space confrontation training system, system mainly includes topic management, network deployment, exercise management 3 subsystems. Among them, the topic management subsystem can choose the management problem, partial challenge problem and other integrated countermeasure one type of problem. Network deployment subsystem in network deployment speed, low consumption of resources, can Fenwick management of network flexibly. The user management includes exercise management subsystem, integration management can effectively reduce the cost of management. Through the simulation of cloud computing and virtualization technology can effectively reduce the network environment the degree of dependence on the physical device. Through 20142015 years of information security and competition countermeasure technology practice, system stability, reliability and applicability.

【学位授予单位】：北京理工大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP393.08

【相似文献】