攻击流量生成技术的研究与实现

发布时间：2018-06-23 19:58

本文选题：计算机网络 + 攻击流量样本　；参考：《北京邮电大学》2017年硕士论文

【摘要】：攻击流量生成对于网络安全研究和网络设备评估具有重要意义。就现阶段攻击流量生成领域的研究而言,流量生成手段局限于单一代码构造和建模式构造两种,然而单一代码构造存在攻击流量单一和流量速度低的缺陷,相对的通过建模来构造攻击流量技术手段则还不够成熟,无法找到一个有效的数学模型对不同攻击流量进行建模。而本文介绍的攻击流量生成系统依赖于原始攻击流量样本,只要攻击流量样本足够丰富,本系统就能生成复杂的攻击流量。并且在流量生成领域,本文介绍的系统也能发挥重要作用。随着网络设备性能不断提升,对测试流量大小也有着相应提高,然而现阶段流量生成系统分为两类,基于硬件的流量生成系统价格昂贵,基于软件的系统则最大速率上无法满足当前需求。本系统生成的网络流量可达到万兆网卡极限速率,并且能够根据需求进行高精度流速控制,以达到个性化测试需求。本文提出了一种高速流量生成系统,可用于攻击流量生成过程。攻击流量生成系统通过捕获的流量样本文件来实现攻击流量的生成过程,采用拷贝者和发送的协同合作实现线程并发式的流量发送模型,同时通过高精度的时间控制系统和流量控制算法来控制流量发送的精度。在整个生成过程中,分析了流量数据结构,以及设计了流量在内存中的数据流和处理流。最后,通过实验模拟对比成熟的流量生成系统,从结果数据层面反应了本系统的优越性。
[Abstract]:Attack traffic generation is of great significance for network security research and network equipment evaluation. As far as the research of attack traffic generation is concerned at present, traffic generation methods are limited to single code construction and construction pattern construction. However, single code construction has the defects of single attack traffic and low traffic speed. Relatively, it is not mature enough to construct attack traffic by modeling, and it is impossible to find an effective mathematical model to model different attack traffic. The attack traffic generation system introduced in this paper relies on the original attack traffic samples, so long as the attack traffic samples are abundant enough, the system can generate complex attack traffic. And in the field of traffic generation, the system introduced in this paper can also play an important role. With the continuous improvement of network equipment performance, there is a corresponding increase in the size of test traffic. However, traffic generation systems are divided into two categories at the present stage, and the hardware based traffic generation system is expensive. Software-based systems cannot meet current requirements at maximum rate. The network flow generated by the system can reach the limit rate of the ten thousand megabit network card and can be controlled with high precision according to the demand to achieve the individualized test demand. This paper presents a high-speed traffic generation system, which can be used to generate attack traffic. The attack traffic generation system realizes the attack traffic generation process by capturing the traffic sample files, and implements the thread concurrent traffic sending model by the cooperation of copy and send. At the same time, the accuracy of traffic transmission is controlled by high precision time control system and flow control algorithm. In the whole generation process, the data structure of traffic is analyzed, and the data flow and processing flow of traffic in memory are designed. Finally, the superiority of the system is reflected from the result data level by comparing the mature flow generation system with experimental simulation.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP393.08

【参考文献】