CN105656684A - Fault simulation method and device - Google Patents

Fault simulation method and device Download PDF

Info

Publication number
CN105656684A
CN105656684A CN201610082156.8A CN201610082156A CN105656684A CN 105656684 A CN105656684 A CN 105656684A CN 201610082156 A CN201610082156 A CN 201610082156A CN 105656684 A CN105656684 A CN 105656684A
Authority
CN
China
Prior art keywords
matching information
fault simulation
network data
fault
strategy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610082156.8A
Other languages
Chinese (zh)
Other versions
CN105656684B (en
Inventor
赵志鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Runke General Technology Co Ltd
Original Assignee
Beijing Runke General Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Runke General Technology Co Ltd filed Critical Beijing Runke General Technology Co Ltd
Priority to CN201610082156.8A priority Critical patent/CN105656684B/en
Publication of CN105656684A publication Critical patent/CN105656684A/en
Application granted granted Critical
Publication of CN105656684B publication Critical patent/CN105656684B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the invention discloses a fault simulation method and device. The method comprises the following steps: receiving network data transmitted by a data transmitting end, selecting target network data from the received network data according to predetermined matching information, determining a fault simulation strategy corresponding to the target network data according to the predetermined matching information contained in the target network data and a correlation between the pre-stored matching information and a fault simulation strategy, processing the target network data according to the determined fault simulation strategy to obtain simulation fault data, and transmitting the simulation fault data to the data receiving end. On the basis of the fault simulation method and device, according to the predetermined matching information and the correlation between the pre-stored matching information and the fault simulation strategy, the network data and the fault simulation strategy can be precisely matched, and the fault simulation is performed according to the matched fault simulation strategy, i.e. the fault simulation is performed for an event or a behavior occurring in real time in the network, so that the fault simulation precision is improved.

Description

Fault simulation method and device
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a fault simulation method and apparatus.
Background
In network communication (such as ethernet communication, bus network communication, etc.), in order to test the robustness of a device or system, it is often necessary to inject analog faults into the device or system.
Most of the current fault simulation modes simulate faults according to preset fixed fault simulation modes, and as the network becomes more complex, events or behaviors occurring in the network increasingly present unpredictable trends, so that the current fixed fault simulation mode based on preset cannot effectively perform fault simulation aiming at the events or behaviors occurring in the network, so that the fault simulation precision is low, and effective robustness test cannot be performed on equipment or systems in the network.
Therefore, how to improve the fault simulation accuracy becomes an urgent problem to be solved.
Disclosure of Invention
The invention aims to provide a fault simulation method and a fault simulation device so as to improve the fault simulation precision.
In order to achieve the purpose, the invention provides the following technical scheme:
a fault simulation method, comprising:
receiving network data sent by a data sending end;
determining target network data containing predetermined matching information from the received network data;
determining a fault simulation strategy corresponding to the target network data based on preset matching information contained in the target network data and a corresponding relation between the stored matching information and the fault simulation strategy;
processing the target network data based on the determined fault simulation strategy to obtain simulated fault data;
and sending the simulated fault data to a data receiving end.
In the method, preferably, the network data is a message.
In the above method, preferably, the predetermined matching information includes: the matching method comprises the following steps that at least one first-type matching message and/or at least one second-type matching message are/is obtained, wherein the first-type matching message is formed by the information of a single key field; the second type of matching information consists of information of at least two key fields;
the determining a fault simulation policy corresponding to the target network data based on predetermined matching information included in the target network data and a correspondence between stored matching information and the fault simulation policy includes:
if the preset matching information only comprises first-class matching information, determining a fault simulation strategy corresponding to each first-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy;
if the preset matching information only comprises second-class matching information, determining a fault simulation strategy corresponding to each second-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy;
if the preset matching information simultaneously comprises first-class matching information and second-class matching information, determining a fault simulation strategy corresponding to each first-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategies, and determining the fault simulation strategies corresponding to each second-class matching information in the preset matching information.
The above method, preferably, further comprises:
and when a corresponding relation updating instruction triggered by a user is received, updating the corresponding relation between the stored matching information and the fault simulation strategy, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
In the above method, preferably, before receiving the network data sent by the data sending end, the method further includes a predetermined matching information determining process, where the predetermined matching information determining process includes:
and determining the matching information corresponding to the fault simulation strategy selected by the user as preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy.
A fault simulation device, comprising:
the receiving module is used for receiving the network data sent by the data sending end;
the first determining module is used for determining target network data containing preset matching information from the received network data;
the second determining module is used for determining a fault simulation strategy corresponding to the target network data based on preset matching information contained in the target network data and the corresponding relation between the stored matching information and the fault simulation strategy;
the processing module is used for processing the target network data based on the determined fault simulation strategy to obtain simulated fault data;
and the sending module is used for sending the simulated fault data to a data receiving end.
Preferably, in the apparatus, the network data is a message.
In the above apparatus, preferably, the predetermined matching information includes: the matching method comprises the following steps that at least one first-type matching message and/or at least one second-type matching message are/is obtained, wherein the first-type matching message is formed by the information of a single key field; the second type of matching information consists of information of at least two key fields;
the second determining module includes:
a first determining unit, configured to determine, if the predetermined matching information includes only first-class matching information, a fault simulation policy corresponding to each first-class matching information in the predetermined matching information based on a correspondence between stored matching information and the fault simulation policy;
a second determining unit, configured to determine, if the predetermined matching information includes only second-class matching information, a fault simulation policy corresponding to each second-class matching information in the predetermined matching information based on a correspondence between stored matching information and the fault simulation policy;
a third determining unit, configured to determine, if the predetermined matching information includes both the first-class matching information and the second-class matching information, a fault simulation policy corresponding to each first-class matching information in the predetermined matching information based on a correspondence between stored matching information and fault simulation policies, and determine a fault simulation policy corresponding to each second-class matching information in the predetermined matching information.
The above apparatus, preferably, further comprises:
and the updating module is used for updating the corresponding relation between the stored matching information and the fault simulation strategy when a corresponding relation updating instruction triggered by a user is received, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
The above apparatus, preferably, further comprises:
and the third determining module is used for determining the matching information corresponding to the fault simulation strategy selected by the user as the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy.
As can be seen from the foregoing solutions, in the fault simulation method and apparatus provided in the embodiments of the present invention, network data sent by a data sending end is received, target network data is screened from the received network data based on predetermined matching information, a fault simulation policy corresponding to the target network data is determined according to the predetermined matching information included in the target network data and a correspondence between pre-stored matching information and the fault simulation policy, the target network data is processed based on the determined fault simulation policy, so as to obtain simulated fault data, and the simulated fault data is sent to a data receiving end. Therefore, the fault simulation method and the fault simulation device provided by the embodiment of the invention accurately match the network data and the fault simulation strategy based on the preset matching information and the corresponding relationship between the prestored matching information and the fault simulation strategy, and perform fault simulation according to the matched fault simulation strategy, that is, perform fault simulation aiming at events or behaviors occurring in the network in real time, thereby improving the fault simulation precision.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of an implementation of a fault simulation method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a fault simulation apparatus according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a second determining module according to an embodiment of the present invention;
fig. 4 is another schematic structural diagram of a fault simulation apparatus according to an embodiment of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings described above, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated herein.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
The fault simulation method and the fault simulation device provided by the embodiment of the invention can be applied to electronic equipment, and the electronic equipment can be electronic equipment independent of node equipment in a communication network.
Referring to fig. 1, fig. 1 is a flowchart of an implementation of a fault simulation method according to an embodiment of the present invention, which may include:
step S11: receiving network data sent by a data sending end;
in the embodiment of the present invention, the electronic device for simulating the fault is disposed between the data sending end and the data receiving end in the communication network, where the data sending end and the data receiving end may be independent communication devices, or may be subnets in the communication network.
In the process of communicating between the data sending end and the data receiving end, the electronic device receives the network data sent by the data sending end, that is, the data sent by the data sending end passes through the electronic device for simulating the fault.
Step S12: determining target network data containing predetermined matching information from the received network data;
in the embodiment of the invention, target network data are screened from the received network data according to the preset matching information. That is, the target network data is network data containing the above-described predetermined matching information.
The predetermined matching information may include multiple types of matching information, and the screened target network data may include only one type of matching information, or may include two or more types of matching information.
And if the network data does not contain any preset matching information, directly forwarding the network data to a data receiving end.
Step S13: determining a fault simulation strategy corresponding to the target network data based on preset matching information contained in the target network data and the corresponding relation between the stored matching information and the fault simulation strategy;
in the embodiment of the invention, the corresponding relation between the matching information and the fault simulation strategy is stored in advance, and the fault simulation strategy corresponding to the target network data is determined in the screened target network data according to the preset matching information contained in the target network data and the corresponding relation between the stored matching information and the fault simulation strategy.
The correspondence between the matching information and the fault simulation strategy may be established by a technician according to network scale, network characteristics, and the like.
When the network scale is enlarged or reduced or the network characteristics are changed, a technician can make a new corresponding relationship between the matching information more conforming to the network characteristics and the fault simulation strategy, and import the made new corresponding relationship between the matching information and the fault simulation strategy into the memory, wherein the newly imported corresponding relationship between the matching information and the fault simulation strategy can cover the original corresponding relationship between the matching information and the fault simulation strategy. Of course, according to the size of the memory space, if the remaining available space is still larger than a certain threshold after the corresponding relationship between the new matching information and the fault simulation policy is imported into the memory, the corresponding relationship between the original matching information and the fault simulation policy may be retained.
The correspondence of the matching information to the fault simulation strategy may be stored in a table.
Step S14: processing the target network data based on the determined fault simulation strategy to obtain simulated fault data;
step S15: and sending the obtained simulated fault data to a data receiving end.
In the fault simulation method provided by the embodiment of the invention, in the process of communication between a data sending end and a data receiving end, network data sent by the data sending end is received, target network data is screened from the received network data based on preset matching information, a fault simulation strategy corresponding to the target network data is determined according to the preset matching information contained in the target network data and the corresponding relationship between the prestored matching information and the fault simulation strategy, the target network data is processed based on the determined fault simulation strategy to obtain simulated fault data, and the simulated fault data is sent to the data receiving end. Therefore, the fault simulation method provided by the embodiment of the invention accurately matches the network data and the fault simulation strategy based on the predetermined matching information and the corresponding relationship between the pre-stored matching information and the fault simulation strategy, and performs fault simulation according to the matched fault simulation strategy, that is, performs fault simulation aiming at events or behaviors occurring in the network in real time, thereby improving the fault simulation precision.
Optionally, the network data may be a message, that is, the network data sent by the data sending end to the data receiving end is a message, and the message may include the predetermined matching information or may not include the predetermined matching information.
Accordingly, the predetermined matching information may include, but is not limited to, any one or any combination of the following key fields: destination MAC (media access control) address, source MAC address, message type, destination IP address, source IP address, etc.
Processing the target network data based on the determined fault simulation strategy to obtain simulated fault data, wherein one implementation manner of the simulated fault data can be as follows:
the matching information of the key fields in the target network data is modified based on the determined fault simulation policy.
For example, if the fault simulation policy is to simulate a network storm, the destination MAC address in the message may be tampered with as a broadcast address, and the destination IP address in the message may be tampered with as a broadcast address; if the fault simulation strategy is an application program simulating forgery, the port number of the UDP message can be tampered, and the like.
Optionally, the predetermined matching information may include: the matching method comprises the following steps that at least one first-class matching message and/or at least one second-class matching message are/is obtained, wherein the first-class matching message is formed by the information of a single key field, the second-class matching message is formed by the information of at least two key fields, and the information of at least two key fields in the second-class matching message is in a logic and relation or a logic or relation;
the first-type matching information is formed by information of a single key field, so that the first-type matching information is necessarily in a mutual exclusion relationship, and the second-type matching information is formed by information of at least two fields, so that the first-type matching information and the second-type matching information can be in an inclusion relationship or a mutual exclusion relationship. For example, assuming that there are two first-type matching information, the first matching information of the two first-type matching information is 192.168.0.100 as the destination IP address, and the second matching information of the two first-type matching information is 192.168.0.25 as the source IP address, obviously, there is a mutually exclusive relationship between the two first-type matching information; if the destination IP address of the first matching information in the two first-type matching information is 192.168.0.100, and the destination IP address of the second matching information in the two first-type matching information is 192.168.0.11, it is obvious that the two first-type matching information are also in a mutually exclusive relationship. Assuming that the destination IP address of the second-type matching information is 192.168.0.100 and the source IP address is 192.168.0.25, the destination IP address of the first-type matching information is 192.168.0.100, or the source IP address of the first-type matching information is 192.168.0.25, the first-type matching information and the second-type matching information are in an inclusion relationship, that is, the first-type matching information includes the second-type matching information. Of course, the first type matching information and the second type matching information may also be in a mutually exclusive relationship, for example, assuming that the destination IP address of a certain second type matching information is 192.168.0.10 and the source IP address is 192.168.0.26, and the destination IP address of a certain first type matching information is 192.168.0.11, it is obvious that the second type matching information and the first type matching information are in a mutually exclusive relationship.
If the predetermined matching information only includes the first type of matching information, based on the predetermined matching information included in the target network data and the corresponding relationship between the preset matching information and the fault simulation policy, one implementation manner of determining the fault simulation policy corresponding to the target network data may be:
and determining the fault simulation strategies corresponding to the first type of matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategies.
In the embodiment of the present invention, for each first-type matching information, a fault simulation policy corresponding to the first-type matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to target network data.
If the predetermined matching information only includes the second type of matching information, based on the predetermined matching information included in the target network data and the corresponding relationship between the preset matching information and the fault simulation policy, another implementation manner for determining the fault simulation policy corresponding to the target network data may be:
and determining the fault simulation strategies corresponding to the second type of matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategies.
In this embodiment of the present invention, for each second type of matching information, a fault simulation policy corresponding to the second type of matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to the target network data.
If the predetermined matching information includes both the first type matching information and the second type matching information, based on the predetermined matching information included in the target network data and the corresponding relationship between the preset matching information and the fault simulation policy, another implementation manner for determining the fault simulation policy corresponding to the target network data may be:
and determining the fault simulation strategies corresponding to the first type of matching information in the preset matching information and determining the fault simulation strategies corresponding to the second type of matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategies.
In the embodiment of the present invention, for each first type of matching information, a fault simulation policy corresponding to the first type of matching information is determined, and for each second type of matching information, a fault simulation policy corresponding to the second type of matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to target network data.
For each matching information, the fault simulation policy corresponding to the matching information may include only one sub-fault policy, that is, only one fault simulation policy corresponding to the matching information is provided, or may be composed of a plurality of sub-fault simulation policies, where whether the plurality of sub-fault simulation policies are executed or not is optional, that is, a user may determine which sub-fault simulation policies need to be executed and which sub-fault simulation policies are not executed by setting. Therefore, a plurality of events (different network events correspond to different network data) which occur in the network at the same time can be captured more accurately, so that more accurate faults can be simulated according to different events, the simulation precision of the faults is greatly improved, and the network or equipment is evaluated and analyzed more accurately.
Optionally, the fault simulation method provided in the embodiment of the present invention may further include:
and when a corresponding relation updating instruction triggered by a user is received, updating the corresponding relation between the stored matching information and the fault simulation strategy, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
That is, when the user triggers generation of the correspondence update instruction, the correspondence between the new matching information and the fault simulation policy specified in the correspondence update instruction is updated to the memory, and the updated matching information and the fault simulation policy may include both the correspondence between the original matching information and the fault simulation policy and the correspondence between the new matching information and the fault simulation policy, that is, the correspondence between the new matching information and the fault simulation policy is added on the basis of not deleting the correspondence between the original matching information and the fault simulation policy; or, the updated matching information and fault simulation strategy only include the corresponding relationship between the new matching information and the fault simulation strategy, that is, the corresponding relationship between the original matching information and the fault simulation strategy is covered by the corresponding relationship between the new matching information and the fault simulation strategy.
The corresponding relationship between the new matching information and the fault simulation strategy can be established by technical personnel according to the network scale, the network characteristics and the like.
Optionally, before receiving the network data sent by the data sending end, the fault simulation method provided in the embodiment of the present invention may further include a predetermined matching information determining process, where the predetermined matching information determining process may include:
and determining the matching information corresponding to the fault simulation strategy selected by the user based on the corresponding relation between the stored matching information and the fault simulation strategy.
In the embodiment of the present invention, the fault simulation policy in the correspondence between the stored matching information and the fault simulation policy is optional, and before receiving the network data sent by the data sending end, a user may select a fault to be simulated (i.e., a fault policy), and the user may select only a part of the fault policies or all the fault policies, and may specifically select the fault policies according to actual requirements. And determining the matching information corresponding to the fault simulation strategy selected by the user as the preset matching information.
And after the user selects the fault strategy needing to be simulated, triggering the electronic equipment to execute the fault simulation method.
Corresponding to the method embodiment, an embodiment of the present invention further provides a fault simulation apparatus, and a schematic structural diagram of the fault simulation apparatus provided in the embodiment of the present invention is shown in fig. 2, and may include:
a receiving module 21, a first determining module 22, a second determining module 23, a processing module 24 and a sending module 25; wherein,
the receiving module 21 is configured to receive network data sent by a data sending end;
in the embodiment of the present invention, the electronic device for simulating the fault is disposed between the data sending end and the data receiving end in the communication network, where the data sending end and the data receiving end may be independent communication devices, or may be subnets in the communication network.
In the process of communicating between the data sending end and the data receiving end, the electronic device receives the network data sent by the data sending end, that is, the data sent by the data sending end passes through the electronic device for simulating the fault.
The first determining module 22 is used for determining target network data containing predetermined matching information from the received network data; that is, the target network data is network data containing the above-described predetermined matching information.
The first determination module 22 screens the received network data for target network data according to predetermined matching information.
The predetermined matching information may include multiple types of matching information, and the screened target network data may include only one type of matching information, or may include two or more types of matching information.
And if the network data does not contain any preset matching information, directly forwarding the network data to a data receiving end.
The second determining module 23 is configured to determine a fault simulation policy corresponding to the target network data based on predetermined matching information included in the target network data and a correspondence between the stored matching information and the fault simulation policy;
in the embodiment of the invention, the corresponding relation between the matching information and the fault simulation strategy is stored in advance, and the fault simulation strategy corresponding to the target network data is determined in the screened target network data according to the preset matching information contained in the target network data and the corresponding relation between the prestored matching information and the fault simulation strategy.
The correspondence between the matching information and the fault simulation strategy may be established by a technician according to network scale, network characteristics, and the like.
When the network scale is enlarged or reduced or the network characteristics are changed, a technician can make a new corresponding relationship between the matching information more conforming to the network characteristics and the fault simulation strategy, and the made new corresponding relationship between the matching information and the fault simulation strategy is imported into the memory, so that the newly imported corresponding relationship between the matching information and the fault simulation strategy can cover the original corresponding relationship between the matching information and the fault simulation strategy. Of course, according to the size of the memory space, if the remaining available space is still larger than a certain threshold after the corresponding relationship between the new matching information and the fault simulation policy is imported into the memory, the corresponding relationship between the original matching information and the fault simulation policy may be retained.
The correspondence of the matching information to the fault simulation strategy may be stored in a table.
The processing module 24 is configured to process the target network data based on the determined fault simulation policy to obtain simulated fault data;
the sending module 25 is configured to send the simulated fault data generated by the processing module 24 to the data receiving end.
The fault simulation apparatus provided in the embodiment of the present invention receives network data sent by a data sending end in a communication process between the data sending end and a data receiving end, screens target network data from the received network data based on predetermined matching information, determines a fault simulation policy corresponding to the target network data according to the predetermined matching information included in the target network data and a correspondence between pre-stored matching information and the fault simulation policy, processes the target network data based on the determined fault simulation policy, obtains simulated fault data, and sends the simulated fault data to the data receiving end. As can be seen, the fault simulation apparatus provided in the embodiment of the present invention accurately matches network data and a fault simulation policy based on predetermined matching information and a correspondence between pre-stored matching information and the fault simulation policy, and performs fault simulation according to the matched fault simulation policy, that is, performs fault simulation for an event or a behavior occurring in a network in real time, thereby improving fault simulation accuracy.
Optionally, the network data may be a message, that is, the network data sent by the data sending end to the data receiving end is a message, and the message may include the predetermined matching information or may not include the predetermined matching information.
Accordingly, the predetermined matching information may include, but is not limited to, any one or any combination of the following key fields: destination MAC (media Access control) address, source MAC address, message type, destination IP address, source IP address and the like
The processing module 24 may be specifically configured to modify matching information of key fields in the target network data based on the determined fault simulation policy.
For example, if the fault simulation policy is to simulate a network storm, the destination MAC address in the message may be tampered with as a broadcast address, and the destination IP address in the message may be tampered with as a broadcast address; if the fault simulation strategy is an application program simulating forgery, the port number of the UDP message can be tampered, and the like.
Optionally, the predetermined matching information may include: the matching information of at least two key fields in the second matching information is in a logic and relationship or a logic or relationship;
the first-type matching information is formed by information of a single key field, so that the first-type matching information is necessarily in a mutual exclusion relationship, and the second-type matching information is formed by information of at least two fields, so that the first-type matching information and the second-type matching information can be in an inclusion relationship or a mutual exclusion relationship. For example, assuming that there are two first-type matching information, the first matching information of the two first-type matching information is 192.168.0.100 as the destination IP address, and the second matching information of the two first-type matching information is 192.168.0.25 as the source IP address, obviously, there is a mutually exclusive relationship between the two first-type matching information; if the destination IP address of the first matching information in the two first-type matching information is 192.168.0.100, and the destination IP address of the second matching information in the two first-type matching information is 192.168.0.11, it is obvious that the two first-type matching information are also in a mutually exclusive relationship. Assuming that the destination IP address of the second-type matching information is 192.168.0.100 and the source IP address is 192.168.0.25, the destination IP address of the first-type matching information is 192.168.0.100, or the source IP address of the first-type matching information is 192.168.0.25, the first-type matching information and the second-type matching information are in an inclusion relationship, that is, the first-type matching information includes the second-type matching information. Of course, the first type matching information and the second type matching information may also be in a mutually exclusive relationship, for example, assuming that the destination IP address of a certain second type matching information is 192.168.0.10 and the source IP address is 192.168.0.26, and the destination IP address of a certain first type matching information is 192.168.0.11, it is obvious that the second type matching information and the first type matching information are in a mutually exclusive relationship.
Optionally, a schematic structural diagram of the second determining module 23 provided in the embodiment of the present invention is shown in fig. 3, and may include:
the first determining unit 31 is configured to determine, if the predetermined matching information includes only first-class matching information, a fault simulation policy corresponding to each first-class matching information in the predetermined matching information based on a correspondence between the stored matching information and the fault simulation policy.
In the embodiment of the present invention, for each first-type matching information, a fault simulation policy corresponding to the first-type matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to target network data.
The second determining unit 32 is configured to determine, if the predetermined matching information includes only second-class matching information, a fault simulation policy corresponding to each second-class matching information in the predetermined matching information based on a correspondence between the stored matching information and the fault simulation policy.
In this embodiment of the present invention, for each second type of matching information, a fault simulation policy corresponding to the second type of matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to the target network data.
A third determining unit 33, configured to determine, based on a correspondence between stored matching information and fault simulation policies, a fault simulation policy corresponding to each first-type matching information in the predetermined matching information, and determine a fault simulation policy corresponding to each second-type matching information in the predetermined matching information, if the predetermined matching information includes both the first-type matching information and the second-type matching information.
In the embodiment of the present invention, for each first type of matching information, a fault simulation policy corresponding to the first type of matching information is determined, and for each second type of matching information, a fault simulation policy corresponding to the second type of matching information is determined, and all the determined fault simulation policies are determined as fault simulation policies corresponding to target network data.
For each matching information, the fault simulation policy corresponding to the matching information may include only one sub-fault policy, that is, only one fault simulation policy corresponding to the matching information is provided, or may be composed of a plurality of sub-fault simulation policies, where whether the plurality of sub-fault simulation policies are executed or not is optional, that is, a user may determine which sub-fault simulation policies need to be executed and which sub-fault simulation policies are not executed by setting. Therefore, a plurality of events (different network events correspond to different network data) which occur in the network at the same time can be captured more accurately, so that more accurate faults can be simulated according to different events, the simulation precision of the faults is greatly improved, and the network or equipment is evaluated and analyzed more accurately.
Optionally, the fault simulation apparatus provided in the embodiment of the present invention may further include:
and the updating module is used for updating the corresponding relation between the stored matching information and the fault simulation strategy when a corresponding relation updating instruction triggered by a user is received, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
That is, when the user triggers generation of the correspondence update instruction, the correspondence between the new matching information and the fault simulation policy specified in the correspondence update instruction is updated to the memory, and the updated matching information and the fault simulation policy may include both the correspondence between the original matching information and the fault simulation policy and the correspondence between the new matching information and the fault simulation policy, that is, the correspondence between the new matching information and the fault simulation policy is added on the basis of not deleting the correspondence between the original matching information and the fault simulation policy; or, the updated matching information and fault simulation strategy only include the corresponding relationship between the new matching information and the fault simulation strategy, that is, the corresponding relationship between the original matching information and the fault simulation strategy is covered by the corresponding relationship between the new matching information and the fault simulation strategy.
The corresponding relationship between the new matching information and the fault simulation strategy can be established by technical personnel according to the network scale, the network characteristics and the like.
Optionally, on the basis of the embodiment shown in fig. 2, another schematic structural diagram of the fault simulation apparatus provided in the embodiment of the present invention is shown in fig. 4, and may further include:
and a third determining module 41, configured to determine matching information corresponding to the fault simulation policy selected by the user based on the correspondence between the stored matching information and the fault simulation policy.
In the embodiment of the present invention, the fault simulation policy in the correspondence between the stored matching information and the fault simulation policy is optional, and before receiving the network data sent by the data sending end, a user may select a fault to be simulated (i.e., a fault policy), and the user may select only a part of the fault policies or all the fault policies, and may specifically select the fault policies according to actual requirements. And determining the matching information corresponding to the fault simulation strategy selected by the user as the preset matching information.
And after the user selects the fault strategy needing to be simulated, triggering the electronic equipment to execute the fault simulation method.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems (if any), apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system (if present), apparatus, and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of fault simulation, comprising:
receiving network data sent by a data sending end;
determining target network data containing predetermined matching information from the received network data;
determining a fault simulation strategy corresponding to the target network data based on preset matching information contained in the target network data and a corresponding relation between the stored matching information and the fault simulation strategy;
processing the target network data based on the determined fault simulation strategy to obtain simulated fault data;
and sending the simulated fault data to a data receiving end.
2. The method of claim 1, wherein the network data is a message.
3. The method of claim 1, wherein the predetermined matching information comprises: the matching method comprises the following steps that at least one first-type matching message and/or at least one second-type matching message are/is obtained, wherein the first-type matching message is formed by the information of a single key field; the second type of matching information consists of information of at least two key fields;
the determining a fault simulation policy corresponding to the target network data based on predetermined matching information included in the target network data and a correspondence between stored matching information and the fault simulation policy includes:
if the preset matching information only comprises first-class matching information, determining a fault simulation strategy corresponding to each first-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy;
if the preset matching information only comprises second-class matching information, determining a fault simulation strategy corresponding to each second-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy;
if the preset matching information simultaneously comprises first-class matching information and second-class matching information, determining a fault simulation strategy corresponding to each first-class matching information in the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategies, and determining the fault simulation strategies corresponding to each second-class matching information in the preset matching information.
4. The method of claim 1, further comprising:
and when a corresponding relation updating instruction triggered by a user is received, updating the corresponding relation between the stored matching information and the fault simulation strategy, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
5. The method according to claim 1, further comprising a predetermined matching information determination procedure before receiving the network data sent by the data sending end, wherein the predetermined matching information determination procedure comprises:
and determining the matching information corresponding to the fault simulation strategy selected by the user as preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy.
6. A fault simulation device, comprising:
the receiving module is used for receiving the network data sent by the data sending end;
the first determining module is used for determining target network data containing preset matching information from the received network data;
the second determining module is used for determining a fault simulation strategy corresponding to the target network data based on preset matching information contained in the target network data and the corresponding relation between the stored matching information and the fault simulation strategy;
the processing module is used for processing the target network data based on the determined fault simulation strategy to obtain simulated fault data;
and the sending module is used for sending the simulated fault data to a data receiving end.
7. The apparatus of claim 6, wherein the network data is a message.
8. The apparatus of claim 6, wherein the predetermined matching information comprises: the matching method comprises the following steps that at least one first-type matching message and/or at least one second-type matching message are/is obtained, wherein the first-type matching message is formed by the information of a single key field; the second type of matching information consists of information of at least two key fields;
the second determining module includes:
a first determining unit, configured to determine, if the predetermined matching information includes only first-class matching information, a fault simulation policy corresponding to each first-class matching information in the predetermined matching information based on a correspondence between stored matching information and the fault simulation policy;
a second determining unit, configured to determine, if the predetermined matching information includes only second-class matching information, a fault simulation policy corresponding to each second-class matching information in the predetermined matching information based on a correspondence between stored matching information and the fault simulation policy;
a third determining unit, configured to determine, if the predetermined matching information includes both the first-class matching information and the second-class matching information, a fault simulation policy corresponding to each first-class matching information in the predetermined matching information based on a correspondence between stored matching information and fault simulation policies, and determine a fault simulation policy corresponding to each second-class matching information in the predetermined matching information.
9. The apparatus of claim 6, further comprising:
and the updating module is used for updating the corresponding relation between the stored matching information and the fault simulation strategy when a corresponding relation updating instruction triggered by a user is received, wherein the updated corresponding relation between the matching information and the fault simulation strategy comprises the corresponding relation between the matching information specified by the corresponding relation updating instruction and the fault simulation strategy.
10. The apparatus of claim 6, further comprising:
and the third determining module is used for determining the matching information corresponding to the fault simulation strategy selected by the user as the preset matching information based on the corresponding relation between the stored matching information and the fault simulation strategy.
CN201610082156.8A 2016-02-05 2016-02-05 Failure simulation method and device Active CN105656684B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610082156.8A CN105656684B (en) 2016-02-05 2016-02-05 Failure simulation method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610082156.8A CN105656684B (en) 2016-02-05 2016-02-05 Failure simulation method and device

Publications (2)

Publication Number Publication Date
CN105656684A true CN105656684A (en) 2016-06-08
CN105656684B CN105656684B (en) 2019-10-18

Family

ID=56488314

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610082156.8A Active CN105656684B (en) 2016-02-05 2016-02-05 Failure simulation method and device

Country Status (1)

Country Link
CN (1) CN105656684B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107645397A (en) * 2016-07-21 2018-01-30 阿里巴巴集团控股有限公司 A kind of system, device and method that fault simulation is carried out in distributed system
CN108683553A (en) * 2018-03-30 2018-10-19 北京华为数字技术有限公司 The method and apparatus of direct fault location
CN108763039A (en) * 2018-04-02 2018-11-06 阿里巴巴集团控股有限公司 A kind of traffic failure analogy method, device and equipment
CN109559583A (en) * 2017-09-27 2019-04-02 华为技术有限公司 Failure simulation method and its device
CN111385147A (en) * 2020-03-06 2020-07-07 腾讯科技(深圳)有限公司 Fault simulation method, device and computer readable storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1658215A (en) * 2004-02-20 2005-08-24 高放 Fault simulation system of electronic equipment
CN1744533A (en) * 2005-10-14 2006-03-08 北京启明星辰信息技术有限公司 Computer network data calogue ultimate measuring method and system
CN101662388A (en) * 2009-10-19 2010-03-03 杭州华三通信技术有限公司 Network fault analyzing method and equipment thereof
CN101738206A (en) * 2009-12-17 2010-06-16 哈尔滨工业大学 GPS receiver simulation method with fault simulating function
CN102594589A (en) * 2012-02-01 2012-07-18 北京经纬恒润科技有限公司 Ethernet fault injection method, device and system
CN102662330A (en) * 2012-04-13 2012-09-12 哈尔滨工业大学 Fault simulation device of fiber channel avionics environment (FC-AE)-1533 device
CN103634146A (en) * 2013-11-27 2014-03-12 华为技术有限公司 Network data processing method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1658215A (en) * 2004-02-20 2005-08-24 高放 Fault simulation system of electronic equipment
CN1744533A (en) * 2005-10-14 2006-03-08 北京启明星辰信息技术有限公司 Computer network data calogue ultimate measuring method and system
CN101662388A (en) * 2009-10-19 2010-03-03 杭州华三通信技术有限公司 Network fault analyzing method and equipment thereof
CN101738206A (en) * 2009-12-17 2010-06-16 哈尔滨工业大学 GPS receiver simulation method with fault simulating function
CN102594589A (en) * 2012-02-01 2012-07-18 北京经纬恒润科技有限公司 Ethernet fault injection method, device and system
CN102662330A (en) * 2012-04-13 2012-09-12 哈尔滨工业大学 Fault simulation device of fiber channel avionics environment (FC-AE)-1533 device
CN103634146A (en) * 2013-11-27 2014-03-12 华为技术有限公司 Network data processing method and device

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107645397A (en) * 2016-07-21 2018-01-30 阿里巴巴集团控股有限公司 A kind of system, device and method that fault simulation is carried out in distributed system
CN107645397B (en) * 2016-07-21 2021-01-05 阿里巴巴集团控股有限公司 System, device and method for fault simulation in distributed system
CN109559583A (en) * 2017-09-27 2019-04-02 华为技术有限公司 Failure simulation method and its device
CN108683553A (en) * 2018-03-30 2018-10-19 北京华为数字技术有限公司 The method and apparatus of direct fault location
CN108763039A (en) * 2018-04-02 2018-11-06 阿里巴巴集团控股有限公司 A kind of traffic failure analogy method, device and equipment
CN108763039B (en) * 2018-04-02 2021-09-21 创新先进技术有限公司 Service fault simulation method, device and equipment
CN111385147A (en) * 2020-03-06 2020-07-07 腾讯科技(深圳)有限公司 Fault simulation method, device and computer readable storage medium

Also Published As

Publication number Publication date
CN105656684B (en) 2019-10-18

Similar Documents

Publication Publication Date Title
CN105656684B (en) Failure simulation method and device
US10122741B2 (en) Non-harmful insertion of data mimicking computer network attacks
CN105721424B (en) Policy-based network security
US10257020B2 (en) Alarm processing method and apparatus
CN110912927B (en) Method and device for detecting control message in industrial control system
CN105787364B (en) Automatic testing method, device and system for tasks
WO2018216000A1 (en) A system and method for on-premise cyber training
CN105939284B (en) The matching process and device of message control strategy
EP3282642A1 (en) Flow control method and equipment
US7954158B2 (en) Characterizing computer attackers
US11658863B1 (en) Aggregation of incident data for correlated incidents
CN110943969A (en) Network attack scene reproduction method, system, equipment and storage medium
KR20210063759A (en) Apparatus, method, computer-readable storage medium and computer program for constructing cyber threat scenario
CN105809066B (en) Encrypted data storage method and terminal
CN106941418B (en) SSL VPN configuration information synchronization method and device
CN110830500B (en) Network attack tracking method and device, electronic equipment and readable storage medium
CN110365682B (en) Anti-cheating method and device
CN110347683B (en) Data table merging processing method and device
US11604877B1 (en) Nested courses of action to support incident response in an information technology environment
CN115208671B (en) Firewall configuration method, device, electronic equipment and storage medium
CN107294989B (en) Method and device for preventing ARP gateway spoofing
CN114390509B (en) Machine-card binding pool realization method, device, equipment and medium based on Internet of things
CN110618989A (en) Information processing method, information processing device and related product
CN108833418A (en) Methods, devices and systems for defensive attack
CN111131198B (en) Updating method and device for network security policy configuration

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant