CN101488890B - Method and system for network attack test - Google Patents
Method and system for network attack test Download PDFInfo
- Publication number
- CN101488890B CN101488890B CN2009100012440A CN200910001244A CN101488890B CN 101488890 B CN101488890 B CN 101488890B CN 2009100012440 A CN2009100012440 A CN 2009100012440A CN 200910001244 A CN200910001244 A CN 200910001244A CN 101488890 B CN101488890 B CN 101488890B
- Authority
- CN
- China
- Prior art keywords
- test
- attack
- command
- agent side
- main control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention embodiment discloses a network attack test method and system, wherein, the system comprises a main control terminal and a plurality of proxy terminals, the main control terminal is used for creating test commands for transmitting the test commands to a plurality of proxy terminals and analyzing the attack test results transmitted by a plurality of proxy terminals; a plurality of proxy terminals are used for receiving the test commands for transmitting the attack messages to the apparatus to be tested according to the test commands and transmitting the test results to the main control terminal. When a plurality of proxy terminals simultaneously transmit the attack messages to the apparatus to be tested, the enough attack message pressure can be reached, thereby improving the network attack test quality.
Description
Technical field
The present invention relates to computer network security field, particularly relate to a kind of method and system of network attack test.
Background technology
At present, universal day by day along with Internet, it has been penetrated into the various aspects of daily life, and the network security problem of Yin Ruing also day by day becomes the problem that people pay close attention to thus.Current network attack mode presents variation and complicated trend, makes that carrying out professional mechanism and systems face based on Internet unprecedented threat, and these mechanisms and system will be in case by success attack, will cause enormous economic loss.Therefore, at the network equipment or system is actual reach the standard grade before, it is carried out network attack test, assess the coefficient of safety of the network equipment or system, to prevent that the network equipment or system from paralysing owing to coefficient of safety is low when being attacked by attack message, promptly network attack test is the prerequisite that guarantees the network equipment or system safety operation.
The principle that the current main method that the network equipment is carried out attack test is based on the network attack mode is developed corresponding network attack instrument, and assailant's attack tool Network Based sends attack message to realize attack test to equipment under test.Wherein, especially at the Denial of Service attack mode, this attack pattern needs the assailant to send a large amount of attack messages to equipment under test can finish attack test.
But, in the prior art, when equipment under test being carried out the Denial of Service attack test, only equipment under test is sent attack message by main frame as the assailant, because the pressure of the attack message that main frame sent is limited, usually can not reach enough attack message pressure, therefore, also just influence the quality of network attack test.
Summary of the invention
Embodiments of the invention provide a kind of method and system of network attack test, to improve the quality of network attack test.
The embodiment of the invention discloses a kind of system of network attack test, comprising: main control end and a plurality of agent side, wherein, described main control end, be used to create test command, described test command is sent to described a plurality of agent side, and the attack test result that described agent side is sent analyzes; Described a plurality of agent side is used to receive described test command, sends out attack message to carry out attack test according to described test command to equipment under test, and the attack test result is sent to described main control end.
The embodiment of the invention also discloses a kind of method of network attack test, described method comprises: receive the test command that main control end sends; Described test command is resolved to attack operation to equipment under test; Send attack message to carry out attack test according to described attack operation to equipment under test; The result sends to main control end with attack test, by described main control end described attack test result is analyzed.
Pass through such scheme, a kind of system of network attack test is provided, agent side in the system replaces main control end and sends attack message to equipment under test, when a plurality of agent sides simultaneously when equipment under test sends attack message, can reach enough attack message pressure, and then improve the quality of network attack test.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do one to the accompanying drawing of required use in embodiment or the description of the Prior Art below introduces simply, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the logical schematic of the system of a kind of network attack test of disclosing of the embodiment of the invention one;
Fig. 2 is the structure chart of the main control end in the embodiment of the invention one;
Fig. 3 is the structure chart of the agent side in the embodiment of the invention one;
Fig. 4 is the special-purpose networking model test logic of the present invention networking schematic diagram;
Fig. 5 is a line model test logic networking schematic diagram of the present invention;
Fig. 6 is the flow chart of the method for a kind of network attack test of disclosing of the embodiment of the invention two.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
Embodiment one
See also Fig. 1, Fig. 1 is the logical schematic of the system of a kind of network attack test of disclosing of the embodiment of the invention one, and this system comprises: main control end 101 and a plurality of agent side 102, wherein,
Described main control end 101 is used to create test command, and described test command is sent to described agent side 102, and the attack test result that described agent side 102 is sent analyzes;
Described a plurality of agent side 102 is used to receive the test command that described main control end 101 sends, and sends attack message according to described test command to equipment under test, and the attack test result is sent to described main control end 101.
See also Fig. 2, Fig. 2 is the structure chart of main control end in the embodiment of the invention one, described main control end 101 comprises: test command development block 201, proxy management unit 202, test command transmitting element 203, test result receiving element 204 and test result analysis unit 205, wherein
Test command development block 201 is used for the principle according to network test mode to be achieved, exploitation and the described corresponding test command of network attack mode to be achieved;
Wherein, test command development block 201 specifically can be according to the principle of network test mode to be achieved, and the protos test suite PROTOS of exploitation specified tissue structure carries test command in described protos test suite PROTOS.Wherein, the institutional framework of protos test suite PROTOS comprises: test script, configuration script, support script and explanation document.Described test script is the set of the orderly operating procedure that realizes that the particular attack mode is tested; Described configuration script provides the configuration feature to test parameter, provides simultaneously the pre-configured of equipment under test and configure function; Described support script has defined the order of some the public subprocess during the particular attack mode is tested, and this subprocess comprises: the general-purpose algorithm process of the more complicated of in the orderly operation set of certain subprocess in attack pattern, certain mutual segment of attacking reciprocal process, certain attack pattern message being handled; Constitute the test command that equipment under test is tested by the set of ordering in described test script, configuration script and the support script, finish attack test jointly equipment under test.Described explanation document comprises operation manual, attack principle, attack step and the logic networking diagram etc. of this protos test suite PROTOS.
Simultaneously, test command development block 201 can also have the debug function to test command, can debug test command, and provide detailed miscue and preliminary location of mistake.
Described proxy management unit 202 is used to connect and discharges described agent side 102 under the test environment.
Wherein, behind the agent side of acting on behalf of under the administrative unit 202 discovery test environments 102, can find the agent side 102 that moves in the local area network (LAN) of main control end place automatically and connect, also can find the agent side under the arbitrary network and connect simultaneously by assigned address with agent side with agent side 102.When preparing to discharge certain agent side 102, to realize discharging by the communication message that sends point-to-point, after this d/d agent side 102 can also be used by other main control end again.
Described test command transmitting element 203 is used for described test command is sent to the agent side 102 that described proxy management unit 202 connects.
Described test result receiving element 204 is used to receive the attack test result that described agent side 102 sends.
Wherein, the attack test result that test result receiving element 204 receives mainly comprises the cpu busy percentage of agent side 102, memory usage information etc.
Described test result analysis unit 205 is used for described attack test result is analyzed.
Wherein, when the 205 pairs of attacks in test result analysis unit test result is analyzed, the attack test result can be drawn out statistical graphs such as broken line graph, pie chart, column diagram, and the comparative analysis chart between each correlation attack test result, find out information such as the performance bottleneck point of system and success attack point, require to generate automatically test report according to user's definite value at last and with the form display analysis result of form.
Except comprising above-mentioned test command development block 201, proxy management unit 202, test command transmitting element 203, test result receiving element 204 and test result analysis unit 205, described main control end 101 can further include: test result memory cell 206 and test result processing unit 207, wherein, test result memory cell 206 is used to store the attack test result that described agent side 102 sends; Test result processing unit 207 is used for inquiring about and deleting the attack test result of described test result memory cell 206.
Perhaps, described main control end 101 can further include unit of testing and controlling 208, is used for sending the test control command to described agent side 102, is controlled the execution of described test command by described test control command.
Wherein, described test control command comprises: begin test, suspend test, recover test and stop test, by the execution of above-mentioned test control command control test command.
Need to prove that described main control end 101 also can comprise test result memory cell 206, test result processing unit 207 and unit of testing and controlling 208 simultaneously.
See also Fig. 3, Fig. 3 is the structure chart of agent side in the embodiment of the invention one, and described agent side 102 comprises: test command receiving element 301, test command resolution unit 302, attack test unit 303 and test result transmitting element 304, wherein,
Test command receiving element 301 is used to receive the test command that main control end 101 sends;
Test command resolution unit 302 is used for described test command is resolved to attack operation to equipment under test;
Wherein, when the principle of test command development block 201 according to network test mode to be achieved, the protos test suite PROTOS of exploitation specified tissue structure, and after sending to agent side 102 by the protos test suite PROTOS that test command transmitting element 203 will carry test command, resolve by the test command in 302 pairs of protos test suite PROTOSs of test command resolution unit of agent side 102, obtain attack operation equipment under test.
Test command resolution unit 302 can be the imperative language interpreter of an extensibility, is specifically as follows TCL (Tool Command Language, Tool Command Language) interpreter, certainly, also can select other interpreters for use.For the irrealizable function of some TCL, perhaps carry out efficient in order to improve TCL, the user can conveniently expand some newer commands, and the C function library of TCL has interface and easy to use clearly, can expand TCL easily with the C language.
Attack test unit 303 is used for sending attack message according to the described attack operation that test command resolution unit 302 is resolved to equipment under test;
Test result transmitting element 304 is used to generate the attack test result, and sends the attack test result to described main control end 101.
In addition, described agent side 102 can further include: test control command receiving element 305 and execution control unit 306, and wherein, test control command receiving element 305 is used to receive the test control command that main control end 101 sends; Carry out control unit 306, be used for controlling the execution of described test command according to described test control command.
Need to prove that described system can support two kinds of Test Networking patterns, shown in Figure 4 and 5, be respectively special-purpose networking model and line model.Wherein, in special-purpose networking model, main control end 101, agent side 102 and equipment under test are formed the special test network by switch or hub, and the network equipment all can be controlled by the tester.In line model, main control end 101, agent side 102 and equipment under test are distributed in the actual Internet environment.
Pass through present embodiment, a kind of system of network attack test is provided, agent side in the system replaces main control end and sends attack message to equipment under test, when a plurality of agent sides simultaneously when equipment under test sends attack message, can reach enough attack message pressure, and then improve the quality of network attack test.
In addition, when main control end, agent side and equipment under test are distributed in the Internet environment, can by main control end and agent side is online equipment under test be tested, thereby realized online test function.
Simultaneously, based on the test mode of command interpreter, the user can conveniently add new test command, and platform is with good expansibility.
Embodiment two
See also Fig. 6, Fig. 6 is the flow chart of the method for a kind of network attack test of disclosing of the invention process two, and this method may further comprise the steps:
Step 601: receive the test command that main control end sends;
Need to prove, in the test command that receives the main control end transmission, can also receive main control end and send hungry test control command, control the execution of described test command according to described test control command.Wherein, comprising: control described test command according to the test control command and begin test, suspend test, recover test or stop test.
Step 602: described test command is resolved to attack operation to equipment under test;
Step 603: send attack message to equipment under test according to described attack operation;
Step 604: the result sends to main control end with attack test, by described main control end described attack test result is analyzed.
Need to prove, after the attack test result is sent to main control end, can also store described attack test result, and the attack test result after the storage is inquired about and deletes by main control end.
Pass through present embodiment, a kind of system of network attack test is provided, agent side in the system replaces main control end and sends attack message to equipment under test, when a plurality of agent sides simultaneously when equipment under test sends attack message, can reach enough attack message pressure, and then improve the quality of network attack test.
In addition, when main control end, agent side and equipment under test are distributed in the Internet environment, can by main control end and agent side is online equipment under test be tested, thereby realized online test function.
Simultaneously, based on the test mode of command interpreter, the user can conveniently add new test command, and platform is with good expansibility.
One of ordinary skill in the art will appreciate that all or part of flow process that realizes in the foregoing description method, be to instruct relevant hardware to finish by computer program, described program can be stored in the computer read/write memory medium, this program can comprise the flow process as the embodiment of above-mentioned each side method when carrying out.Wherein, described storage medium can be magnetic disc, CD, read-only storage memory body (Read-OnlyMemory, ROM) or at random store memory body (Random Access Memory, RAM) etc.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (12)
1. the system of a network attack test is characterized in that, described system comprises: main control end and a plurality of agent side, wherein,
Described main control end, be used to create test command, described test command is sent to described a plurality of agent side, and the attack test result that described agent side is sent analyzes, described main control end comprises the proxy management unit, described proxy management unit is used to connect the described agent side under the test environment, behind the agent side of acting on behalf of under the administrative unit discovery test environment, automatically find the agent side that moves in the local area network (LAN) of main control end place and connect with agent side, perhaps find the agent side under the arbitrary network and connect with agent side by assigned address, when preparing to discharge agent side, realize discharging by the communication message that sends point-to-point;
Described a plurality of agent side is used to receive described test command, sends out attack message to carry out attack test according to described test command to equipment under test, and the attack test result is sent to described main control end.
2. system according to claim 1 is characterized in that, described main control end, agent side and equipment under test are formed the special test network by switch or hub.
3. system according to claim 1 is characterized in that described main control end, agent side and equipment under test are distributed in the Internet environment.
4. system according to claim 1 is characterized in that, described main control end comprises: test command development block, proxy management unit, test command transmitting element, test result receiving element and test result analysis unit, wherein,
Described test command development block is used for the principle according to network test mode to be achieved, exploitation and the described corresponding test command of network attack mode to be achieved;
Described proxy management unit is used to connect the described agent side under the test environment;
Described test command transmitting element is used for described test command is sent to the agent side that described proxy management unit connects;
Described test result receiving element is used to receive the attack test result that described agent side sends;
Described test result analysis unit is used for described attack test result is analyzed.
5. according to right 4 described systems, it is characterized in that described main control end also comprises: test result memory cell and test result processing unit, wherein,
Described test result memory cell is used to store the attack test result that described agent side sends;
Described test result processing unit is used for inquiring about and deleting the attack test result of described test result memory cell.
6. system according to claim 1 is characterized in that, described agent side comprises: test command receiving element, test command resolution unit, attack test unit and test result transmitting element, wherein,
Described test command receiving element is used to receive the test command that main control end sends;
Described test command resolution unit is used for described test command is resolved to attack operation to equipment under test;
Described attack test unit is used for sending attack message according to described attack operation to equipment under test;
Described test result transmitting element is used to generate the attack test result, and sends described attack test result to described main control end.
7. system according to claim 1 is characterized in that, described main control end also comprises:
Unit of testing and controlling is used for sending the test control command to described agent side, is controlled the execution of described test command by described test control command.
8. system according to claim 7 is characterized in that, described agent side also comprises: test control command receiving element and execution control unit, wherein,
Described test control command receiving element is used to receive the test control command that main control end sends;
Described execution control unit is used for controlling according to described test control command the execution of described test command.
9. the method for a network attack test is characterized in that, described method comprises:
Receive the test command that main control end sends, behind the agent side under the main control end discovery test environment, automatically find the agent side that moves in self place local area network (LAN) and connect with agent side, perhaps find the agent side under the arbitrary network and connect with agent side by assigned address, when preparing to discharge agent side, realize discharging by the communication message that sends point-to-point;
Described test command is resolved to attack operation to equipment under test;
Send attack message to carry out attack test according to described attack operation to equipment under test;
The result sends to main control end with attack test, by described main control end described attack test result is analyzed.
10. method according to claim 9 is characterized in that, described method also comprises:
Receive the test control command that main control end sends;
Control the execution of described test command according to described test control command.
11. method according to claim 10 is characterized in that, the described execution of controlling described test command according to the test control command comprises:
Controlling described test command according to the test control command begins test, suspends test, recovers test or stops test.
12. method according to claim 9 is characterized in that, described method also comprises:
After the attack test result is sent to main control end, store described attack test result by main control end, and the attack test result after the storage is inquired about and deletes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100012440A CN101488890B (en) | 2009-01-14 | 2009-01-14 | Method and system for network attack test |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100012440A CN101488890B (en) | 2009-01-14 | 2009-01-14 | Method and system for network attack test |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101488890A CN101488890A (en) | 2009-07-22 |
| CN101488890B true CN101488890B (en) | 2011-04-13 |
Family
ID=40891576
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009100012440A Expired - Fee Related CN101488890B (en) | 2009-01-14 | 2009-01-14 | Method and system for network attack test |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101488890B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075997B (en) * | 2011-02-24 | 2013-08-14 | 山东省计算中心 | Energy consumption attack testing method for wireless sensor network |
| CN103684890B (en) * | 2012-08-30 | 2017-12-08 | 中国银联股份有限公司 | Server stress method of testing and system |
| CN105208584A (en) * | 2015-10-19 | 2015-12-30 | 上海斐讯数据通信技术有限公司 | Method and device for testing safety of WIFI equipment |
| CN106817382A (en) * | 2015-11-30 | 2017-06-09 | 北京计算机技术及应用研究所 | Attack test platform based on tool agent |
| CN106302412A (en) * | 2016-08-05 | 2017-01-04 | 江苏君立华域信息安全技术有限公司 | A kind of intelligent checking system for the test of information system crushing resistance and detection method |
| CN109104335A (en) * | 2018-08-27 | 2018-12-28 | 广东电网有限责任公司 | A kind of industrial control equipment network attack test method and system |
| CN112398781B (en) * | 2019-08-14 | 2022-04-08 | 大唐移动通信设备有限公司 | Attack testing method, host server and control server |
| CN111092790A (en) * | 2019-12-19 | 2020-05-01 | 国网山东省电力公司泰安供电公司 | Power distribution terminal network stability testing method, system, terminal and storage medium |
| CN114301640B (en) * | 2021-12-15 | 2023-09-01 | 中电信数智科技有限公司 | Attack and defense exercise method and system based on SRv6 network protocol |
-
2009
- 2009-01-14 CN CN2009100012440A patent/CN101488890B/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN101488890A (en) | 2009-07-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101488890B (en) | Method and system for network attack test | |
| US6199172B1 (en) | Method and apparatus for testing the responsiveness of a network device | |
| CN104834602A (en) | Program issuing method, device and system | |
| WO2023125590A1 (en) | Remote diagnosis method and apparatus, and electronic device and storage medium | |
| CN112653577A (en) | Network element management method, device and storage medium | |
| CN109273045A (en) | Store equipment on-line detection method, device, equipment and readable storage medium storing program for executing | |
| CN113407469B (en) | Parameter configuration method and device, storage medium and electronic device | |
| CN111651320A (en) | High-concurrency connection method and system | |
| CN109510729B (en) | Implementation method for discovering application topological relation based on CMDB and Netstat | |
| CN112333013B (en) | Self-adaptive networking method, device, router and storage medium | |
| CN112994934B (en) | Data interaction method, device and system | |
| CN104270431A (en) | Method and device for concurrency control | |
| CN107872493A (en) | A kind of information processing method, terminal and server | |
| CN108387257A (en) | A kind of method of ageing system slave ID distribution | |
| CN113612659A (en) | Equipment networking test method and device, electronic equipment and storage medium | |
| CN106972963A (en) | Enabling for business module enables control method after control method, collapse are restarted | |
| CN112800604A (en) | Simulation method, device, equipment and storage medium applied to industrial detection | |
| KR100535584B1 (en) | Method of management for broadband access network in network management system | |
| CN1863201B (en) | Method for inquiring client terminal to tactics condition executive result | |
| CN113783769B (en) | Method and device for transmitting message in automatic driving and relay equipment | |
| CN114189426B (en) | Proxy service self-adaptive tape configuration reply method, system, device and storage medium | |
| CN113067818B (en) | Probe distribution method and device based on network asset checking | |
| CN106789211A (en) | A kind of NMS and management method | |
| CN109871277B (en) | Inter-process multi-request management method and device, terminal equipment and readable storage medium | |
| KR100416044B1 (en) | Method of Managing System State Information in the Manager's Interface System |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee after: Huawei Symantec Technologies Co., Ltd. Patentee after: University of Science and Technology of China Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: Chengdu Huawei Symantec Technologies Co., Ltd. Patentee before: University of Science and Technology of China |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110413 Termination date: 20190114 |