摘要
针对在真实网络中对防御进行测试存在高成本高风险的不足,将半实物网络仿真方法引入防御测试研究中,分析了半实物网络仿真的原理,建立了一种基于半实物的网络防御仿真测试模型,给出了模型的两种基本应用。着重对网络防御半实物仿真测试的实现技术进行了分析,通过自定义包转换的方法来扩展OPNET所能支持的攻击的半实物仿真,最后通过仿真实验来验证了模型的有效性。该模型能够将实际节点映射到虚拟网络中,使防御测试中的实际攻防行为在虚拟网络中运行,从而既避免了建立复杂的真实测试平台,又使得测试过程安全可控,还提高了仿真测试结果的可信度。
Aiming at the deficiency of high cost and risk in testing network defense in real network,Hardware-in-the-loop simulation is introduced in network defense testing research,and a defense testing model is erected based on HITLS through analyzing of the elements of HITLS,and then two basic applications of model are given.The implementation technology of this model,and a method used to extend attacking simulation based on hardware-in-the-loop support are analyzed in detail by OPNET through creating custompacket-translation functions.At last,a HITLS experiment is given to prove the validity of this model.This model can make real attacking and defending behaviors run in simulation network,which maps the real node into the simulation network.The model can not only avoid building complex hardware experiment platform but also make the process of testing in security and control,even more it can improve the reliability of simulation.
出处
《计算机工程与设计》
CSCD
北大核心
2011年第1期66-70,共5页
Computer Engineering and Design
基金
军队预研基金项目(200904)
