CN111464548B - Network communication method and device, network attack and defense exercise system and electronic equipment - Google Patents
Network communication method and device, network attack and defense exercise system and electronic equipment Download PDFInfo
- Publication number
- CN111464548B CN111464548B CN202010264450.7A CN202010264450A CN111464548B CN 111464548 B CN111464548 B CN 111464548B CN 202010264450 A CN202010264450 A CN 202010264450A CN 111464548 B CN111464548 B CN 111464548B
- Authority
- CN
- China
- Prior art keywords
- network
- attack
- address translation
- equipment
- control request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a network communication method, a network communication device, a network attack and defense exercise system and electronic equipment. The network attack and defense exercise system comprises an address conversion device, an attack device, a virtual special network server and an attacked device. In the network communication method, address conversion equipment acquires a control request sent by attack equipment; judging the type of the control request; if the control request is a first control request, establishing network connection with a virtual private network server, so that a virtual private network channel for launching network attack is formed between the attack equipment and the address translation equipment; if the control request is a second control request, network connection is interrupted, so that a virtual private network channel for launching network attack cannot be formed between the attack equipment and the address translation equipment.
Description
Technical Field
The present invention relates to the field of network communications, and in particular, to a network communication method, a device, a network attack and defense exercise system, and an electronic device.
Background
In the network attack and defense exercise, traffic information during network attack needs to be counted. Therefore, a virtual private network channel reaching the attacked device from the attack team device through the virtual private network server is usually created in the internet, so that when the attack device initiates the network attack to the attacked device through the virtual private network channel, the flow information during the network attack is copied through the virtual private network server, and the monitoring of the network attack process is conveniently realized. Because the exit network address of the attacked device in the virtual private network channel is a fixed network address, the attacked device can realize the sealing of the attacked device based on the exit network address, and then the situation is contrary to the actual network attack scenario.
Disclosure of Invention
In order to overcome at least one of the disadvantages in the prior art, an object of an embodiment of the present application is to provide a network communication method, which is applied to an address translation device in a network attack and defense exercise system, where the network attack and defense exercise system further includes an attack device, a virtual private network server, and an attacked device, where when the attack device initiates a network attack to the attacked device, the address translation device provides a network address translation service for the network attack, and the virtual private network server replicates traffic information generated by the network attack; the method comprises the following steps:
acquiring a control request sent by the attack equipment;
judging the type of the control request;
if the control request is a first control request, establishing network connection with the virtual private network server, so that a virtual private network channel for launching the network attack is formed between the attack equipment and the address translation equipment;
if the control request is a second control request, the network connection is interrupted, so that a virtual special network channel for launching the network attack cannot be formed between the attack equipment and the address translation equipment.
Optionally, the network attack and defense exercise system further includes a message queue device, where the message queue device is configured to accept the control request and send the control request to all address translation devices connected by communication, and the step of determining a type of the control request includes:
acquiring a device identifier and a request identifier carried in the control request;
if the equipment identifier is the same as the equipment identifier of the address conversion equipment and the request identifier is the same as a first preset identifier, determining the control request as a first control request;
and if the equipment identifier is the same as the equipment identifier of the address conversion equipment and the request identifier is the same as a second preset identifier, determining the control request as a second control request.
Optionally, the attack device sends the control request through a network address of the address translation device, and the step of determining the type of the control request includes:
acquiring a request identifier carried in the control request;
if the request identifier is the same as the first preset identifier, determining the control request as a first control request;
and if the request identifier is the same as the second preset identifier, determining the control request as a second control request.
A second object of the embodiment of the present invention is to provide a network communication method, which is applied to an attack device in a network attack and defense drilling system, where the network attack and defense drilling system further includes a virtual private network server, an attacked device, and a plurality of address translation devices, where when the attack device initiates a network attack to the attacked device, the address translation devices provide network address translation services for the network attack, and the virtual private network server replicates traffic information generated by the network attack; the method comprises the following steps:
determining a first address translation device to be used and a second address translation device to be interrupted from the plurality of address translation devices;
sending a first control request to the first address translation equipment, so that the first address translation equipment establishes network connection with the virtual private network server, and a virtual private network channel for launching the network attack is formed between the attack equipment and the first address translation equipment;
and sending a second control request to the second address translation device, so that the second address translation device interrupts the network connection with the virtual private network server, and a virtual private network channel for launching the network attack cannot be formed between the attack device and the second address translation device.
Optionally, the first control request carries a first preset identifier and an equipment identifier of the first address translation device, and the second control request carries a second preset identifier and an equipment identifier of the second address translation device.
A third object of the embodiment of the present invention is to provide a network communication device, which is applied to an attack device in a network attack and defense drilling system, where the network attack and defense drilling system further includes a virtual private network server, an attacked device, and a plurality of address translation devices, where when the attack device initiates a network attack to the attacked device, the address translation devices provide network address translation services for the network attack, and the virtual private network server replicates traffic information generated by the network attack, and the network communication device includes a first determination module, a first sending module, and a second sending module;
the first determining module is used for determining a first address translation device to be used and a second address translation device to be interrupted from the plurality of address translation devices;
the first sending module is used for sending a first control request to the first address translation equipment, so that the first address translation equipment establishes network connection with the virtual private network server, and a virtual private network channel for launching the network attack is formed between the attack equipment and the first address translation equipment;
the second sending module is configured to send a second control request to the second address translation device, so that the second address translation device interrupts a network connection with the virtual private network server, and a virtual private network channel for launching the network attack cannot be formed between the attack device and the second address translation device.
A fourth object of the embodiments of the present invention is to provide a network communication device, which is applied to an address translation device in a network attack and defense drilling system, where the network attack and defense drilling system further includes an attack device, a virtual private network server, and an attacked device, where when the attack device initiates a network attack to the attacked device, the address translation device provides a network address translation service for the network attack, and the virtual private network server replicates traffic information generated by the network attack, and the network communication device includes a request acquisition module, a request judgment module, a network connection module, and a network interrupt module;
the request acquisition module is used for acquiring a control request sent by the attack equipment;
the request judging module is used for judging the type of the control request;
the network connection module is used for establishing network connection with the virtual private network server if the control request is a first control request, so that a virtual private network channel for launching the network attack is formed between the attack equipment and the address translation equipment;
and the network interruption module is used for interrupting the network connection if the control request is a second control request, so that a virtual special network channel for launching the network attack cannot be formed between the attack equipment and the address translation equipment.
The fifth object of the embodiments of the present application is to provide a network attack and defense exercise system, where the network attack and defense exercise system includes an attack device, an attacked device, a virtual private network server, and a plurality of address translation devices, where when the attack device initiates a network attack to the attacked device, the address translation devices provide network address translation services for the network attack, and the virtual private network server replicates traffic information generated by the network attack;
the attack equipment determines a first address translation equipment to be used and a second address translation equipment to be interrupted from the plurality of address translation equipment;
the attack equipment sends a first control request to the first address translation equipment and sends a second control request to the second address translation equipment;
the first address conversion equipment establishes network connection with the virtual private network server according to the first control request, so that a virtual private network channel for launching the network attack is formed between the attack equipment and the first address conversion equipment;
and the second address conversion equipment interrupts network connection with the virtual private network server according to the second control request, so that a virtual private network channel for launching the network attack cannot be formed between the attack equipment and the second address conversion equipment.
A sixth object of the embodiments of the present application is to provide a storage medium having stored thereon a computer program, which when executed, implements the network communication method.
It is a seventh object of embodiments of the present application to provide an electronic device, which includes a processor and a memory, the memory storing machine executable instructions executable by the processor, the processor being capable of executing the machine executable instructions to implement the network communication method.
Compared with the prior art, the application has the following beneficial effects:
the embodiment of the application provides a network communication method, a network communication device, a network attack and defense exercise system and electronic equipment. In the network communication method, the attack equipment actively transmits the control request, selectively selects one of the plurality of address conversion equipment and establishes network connection with the virtual private network server, so that the attack equipment can actively switch different address conversion equipment to initiate network attack to the attacked equipment, the risk of being killed is reduced, and a more real network attack and defense scene can be simulated.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered limiting the scope, and that other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a network attack and defense exercise system according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a hardware result provided in an embodiment of the present application;
fig. 3 is one of the step flowcharts of the network communication method provided in the embodiment of the present application;
FIG. 4 is a second flowchart illustrating steps of a network communication method according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a network communication device according to an embodiment of the present application;
fig. 6 is a second schematic structural diagram of a network communication device according to an embodiment of the present application.
Icon: a 100-address translation device; 200-attack devices; 300-an attacked device; 400-virtual private network server; 110-a software virtual device; 120-memory; 130-a processor; 140-a communication unit; 1111-request acquisition module; 1112-request judgment module; 1113-a network connection module; 1114—a network disruption module; 1121-a device determination module; 1122-a first transmitting module; 1123-a second transmission module.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, as provided in the accompanying drawings, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
In the description of the present application, it should be noted that the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and are not to be construed as indicating or implying relative importance.
As described in the background, since the exit network address of the attacked device in the communication link is a fixed network address, the attacked device can realize the sealing of the attacked device based on the exit network address, which is contrary to the actual network attack scenario.
In view of this, the embodiment of the application provides a network communication method, which is applied to address translation equipment in a network attack and defense exercise system. Referring to fig. 1, a schematic structural diagram of the network attack and defense exercise system provided in the embodiment of the present application is shown. The network attack and defense exercise system includes an attack apparatus 200, a virtual private network server 400, a plurality of address translation apparatuses 100, and an attacked apparatus 300. Wherein the address translation device 100 provides a network address translation service (Network Address Translation, NAT) for a network attack when the attack device initiates the network attack on the attacked device 300.
For each address translation device 100, if a network connection is established between the address translation device 100 and the virtual private network server 400, a virtual private network (Virtual Private Network, VPN) channel is formed between the attack device 200 and the address translation device 100, which can be used to launch a network attack.
It should be appreciated that in existing virtual private networks, the functionality provided by the virtual private network server 400 and the functionality provided by the address translation device are typically integrated into the same electronic device, enabling a user to establish a virtual private network channel through the electronic device.
In the network communication method provided in the embodiment of the present application, the network attack and defense exercise system includes a virtual private network server 400 and a plurality of address translation devices 100. Wherein each address translation device 100 is assigned a public network address and is capable of providing network address translation services.
After establishing a network connection with the virtual private network server 400 for each address translation device 100, a virtual private network channel can be provided for the user through the address translation device and the virtual private network server 400. Meanwhile, since one virtual private network server 400 can provide only one virtual private network channel, the virtual private network server 400 can establish a network connection with only one address translation device 100 at a time.
In order to provide a plurality of address translation devices 100, in one possible example, public network addresses of all places may be applied through a cloud platform (an ali cloud, a hundred degree cloud, or a Hua cloud platform, etc.), and application software capable of providing a network address translation function is deployed in the public network device to which the public network addresses are allocated, so that the public network device is used as the address translation device 100.
Referring to fig. 2, a schematic hardware structure of the address translation device 100 and the attack device 200 provided in the present application includes a software virtual device 110, a memory 120, a processor 130, and a communication unit 140.
The memory 120, the processor 130, and the communication unit 140 are directly or indirectly connected to each other to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The software virtual device 110 includes at least one software function module that may be stored in the memory 120 in the form of software or firmware (firmware) or cured in an Operating System (OS) of the address translation device 100 or the attack device 200. The processor 130 is configured to execute executable modules stored in the memory 120, such as software functional modules and computer programs included in the software virtual device 110.
The Memory 120 may be, but is not limited to, a random access Memory (Random Access Memory, RAM), a Read Only Memory (ROM), a programmable Read Only Memory (Programmable Read-Only Memory, PROM), an erasable Read Only Memory (Erasable Programmable Read-Only Memory, EPROM), an electrically erasable Read Only Memory (Electric Erasable Programmable Read-Only Memory, EEPROM), etc. The memory 120 is configured to store a program, and the processor 130 executes the program after receiving an execution instruction. The communication unit 140 is configured to transmit and receive data through the network.
The processor 130 may be an integrated circuit chip with signal processing capabilities. The processor 130 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Referring to fig. 3, fig. 3 is a flowchart of a network communication method applied to the address translation device 100, and the method including the steps will be described in detail below.
Step S110, a control request sent by the attack apparatus 200 is acquired.
Step S120, determining the type of the control request.
In step S130, if the control request is the first control request, a network connection with the virtual private network server 400 is established, so that a virtual private network channel for launching a network attack is formed between the attack apparatus 200 and the address translation apparatus 100.
Wherein the first control request indicates that the address translation device 100 is a selected address translation device 100 to be used among the plurality of address translation devices 100.
In step S140, if the control request is the second control request, the network connection is interrupted, so that a virtual private network channel for launching the network attack cannot be formed between the attack apparatus 200 and the address translation apparatus 100.
Wherein the second control request indicates that the address translation device 100 is a selected address translation device 100 that needs to be interrupted among the plurality of address translation devices 100.
By actively sending a control request by the attack device 200, selectively selecting one of the plurality of address translation devices 100, and establishing network connection with the virtual private network server 400, the attack device 200 can actively switch different address translation devices 100 to initiate network attack on the attacked device 300, thereby reducing the risk of being killed.
Since each address translation device 100 is assigned a public network address, as a possible implementation manner, the attack device 200 sends the first control request or the second control request to the address translation device 100 through the internet by using the network address of the address translation device 100, and the control request carries the request identifier. Therefore, the address translation device 100 compares the request identifier carried in the control request with the first preset identifier and the second preset identifier, and if the request identifier is the same as the first preset identifier, determines that the control request is the first control request; and if the request identifier is the same as the second preset identifier, determining the control request as a second control request.
Since the attack apparatus 200 can directly communicate with the address translation apparatus 100 via the internet by the public network address thereof, it is possible to reduce the dependence of other apparatuses.
As another possible implementation manner, the network attack and defense exercise system further comprises a message queue device. The message queue device is deployed with a message queue for subscription by the address translation device 100. Wherein, once the message queue device receives the control request sent by the attack device 200 through the message queue, the message queue device forwards the control request to all address translation devices 100 subscribed to the message queue.
Because the control request carries the request identifier and the device identifier, the address translation device 100 compares the device identifier carried in the control request with the device identifier of itself and compares the request identifier with the first preset identifier after receiving the control request; if the equipment identifier is the same as the self equipment identifier and the request identifier is the same as the first preset identifier, determining the control request as a first control request; if the equipment identifier is the same as the equipment identifier of the equipment, and the request identifier is the same as the second preset identifier, the control request is determined to be a second control request.
Wherein the device identification may be a public network address of the address translation device.
Since the control request is forwarded to the address translation device 100 via the message queue device, the attack device 200 only needs to maintain communication with the message queue device, so that each attack device 200 does not need to maintain an address mapping table of each address translation device 100, and establishes network connection with different address translation devices 100 through the address mapping table.
The embodiment of the application also provides a network communication method, which is applied to the attack equipment 200 in the network attack and defense drilling system, wherein the network attack and defense drilling system further comprises a virtual special network server 400, an attacked equipment 300 and a plurality of address translation equipment 100, when the attack equipment 200 initiates a network attack to the attacked equipment 300, the address translation equipment 100 is used for providing network address translation service for the network attack, and the virtual special network server 400 is used for copying traffic information generated by the network attack.
Referring to fig. 4, fig. 4 is a flowchart of a network communication method applied to the attack apparatus 200, and the method including the steps will be described in detail.
In step S210, a first address translation device to be used and a second address translation device to be interrupted are determined from the plurality of address translation devices 100.
Step S200, a first control request is sent to the first address translation device, so that the first address translation device establishes a network connection with the virtual private network server 400, and a virtual private network channel for launching a network attack is formed between the attack device 200 and the first address translation device.
Step S300, a second control request is sent to the second address translation device, so that the second address translation device interrupts the network connection with the virtual private network server 400, and a virtual private network channel for launching a network attack cannot be formed between the attack device 200 and the second address translation device.
Since, for each address translation device 100, it is the first address translation device when it is required to establish a network connection with the virtual private network server 400; when the network connection with the virtual private network server 400 needs to be interrupted, the second address translation device is the second address translation device, and therefore, each address translation device 100 can obtain the first control request or the second control request.
In this way, the attack device 200 can select the first address translation device and the second address translation device from the plurality of address translation devices 100 as needed, and then launch a network attack through different address translation devices.
The network attack and defense exercise system further comprises a message queue device. The message queue device is deployed with a message queue for subscription by the address translation device 100. Wherein, once the message queue device receives the control request sent by the attack device 200 through the message queue, the message queue device forwards the control request to all address translation devices 100 subscribed to the message queue. If the attack device 200 sends the first control request or the second control request through the message queue device, the first control request carries a first preset identifier for indicating the first control request and a device identifier of the first address translation device, and the second control request carries a second preset identifier for indicating the second control request and a device identifier of the second address translation device.
The embodiment of the application also provides a network communication device, which is applied to the address translation device 100 in the network attack and defense drilling system, the network attack and defense drilling system further comprises an attack device 200, a virtual private network server 400 and an attacked device 300, wherein when the attack device 200 initiates a network attack to the attacked device 300, the address translation device 100 is used for providing network address translation service for the network attack, and the virtual private network server 400 is used for copying traffic information generated by the network attack. Referring to fig. 5, the network communication device includes a request acquisition module 1111, a request judgment module 1112, a network connection module 1113, and a network interrupt module 1114;
the request acquisition module 1111 is configured to acquire a control request sent by the attack apparatus 200.
In the embodiment of the present application, the request acquisition module 1111 is configured to execute step S110 in fig. 3, and for a detailed description of the request acquisition module 1111, reference is made to the detailed description of step S110.
The request determination module 1112 is configured to determine a type of the control request.
In the embodiment of the present application, the request determining module 1112 is configured to execute step S120 in fig. 3, and for a detailed description of the request determining module 1112, refer to the detailed description of step S120.
The network connection module 1113 is configured to establish a network connection with the virtual private network server 400 if the control request is a first control request, so that a virtual private network channel for launching a network attack is formed between the attack apparatus 200 and the address translation apparatus 100.
In the embodiment of the present application, the network connection module 1113 is configured to perform step S130 in fig. 3, and for a detailed description of the network connection module 1113, reference is made to the detailed description of step S130.
The network interruption module 1114 is configured to interrupt the network connection if the control request is the second control request, so that a virtual private network channel for launching a network attack cannot be formed between the attack apparatus 200 and the address translation apparatus 100.
In the embodiment of the present application, the network interrupt module 1114 is configured to execute step S140 in fig. 3, and for a detailed description of the network interrupt module 1114, refer to the detailed description of step S140.
The embodiment of the application also provides a network communication device, which is applied to the attack equipment 200 in the network attack and defense drilling system, wherein the network attack and defense drilling system further comprises a virtual special network server 400, an attacked equipment 300 and a plurality of address translation equipment 100, when the attack equipment 200 initiates a network attack to the attacked equipment 300, the address translation equipment 100 is used for providing network address translation service for the network attack, and the virtual special network server 400 is used for copying traffic information generated by the network attack. Referring to fig. 6, the network communication apparatus includes a device determining module 1121, a first transmitting module 1122, and a second transmitting module 1123;
the device determining module 1121 is configured to determine a first address translation device to be used and a second address translation device to be interrupted from the plurality of address translation devices 100.
In the embodiment of the present application, the device determining module 1121 is configured to perform step S210 in fig. 3, and for a detailed description of the device determining module 1121, reference is made to the detailed description of step S210.
The first sending module 1122 is configured to send a first control request to a first address translation device, so that the first address translation device establishes a network connection with the virtual private network server 400, and a virtual private network channel for initiating a network attack is formed between the attack device 200 and the first address translation device.
In the embodiment of the present application, the first transmitting module 1122 is configured to execute step S220 in fig. 3, and for a detailed description of the first transmitting module 1122, reference is made to the detailed description of step S220.
The second sending module 1123 is configured to send a second control request to the second address translation device, so that the second address translation device interrupts the network connection with the virtual private network server 400, and a virtual private network channel for launching a network attack cannot be formed between the attack device 200 and the second address translation device.
In the embodiment of the present application, the second transmitting module 1123 is configured to perform step S230 in fig. 3, and for a detailed description of the second transmitting module 1123, reference is made to the detailed description of step S230.
The embodiment of the application also provides a network attack and defense exercise system, which comprises an attack device 200, an attacked device 300, a virtual private network server 400 and a plurality of address translation devices 100, wherein when the attack device 200 initiates a network attack to the attacked device 300, the address translation devices 100 are used for providing network address translation services for the network attack, and the virtual private network server 400 is used for copying traffic information generated by the network attack.
The attack apparatus 200 determines a first address translation apparatus to be used and a second address translation apparatus to be interrupted from the plurality of address translation apparatuses 100.
The attack device 200 sends a first control request to the first address translation device and a second control request to the second address translation device.
The first address translation device establishes a network connection with the virtual private network server 400 according to the first control request, so that a virtual private network channel for launching a network attack is formed between the attack device 200 and the received first address translation device.
The second address translation device interrupts the network connection with the virtual private network server 400 according to the second control request, so that a virtual private network channel for launching a network attack cannot be formed between the attack device 200 and the second address translation device.
The present embodiment also provides a storage medium having stored thereon a computer program which, when executed, implements a network communication method applied to the address conversion apparatus 100 or a network communication method applied to the attack apparatus 200.
The embodiment of the present application also provides an electronic device, where the electronic device includes a processor 130 and a memory 120, where the memory 120 stores machine executable instructions that can be executed by the processor 130, and the processor 130 can execute the machine executable instructions to implement a network communication method applied to the address conversion device 100 or a network communication method applied to the attack device 200.
In summary, the embodiments of the present application provide a network communication method, a device, a network attack and defense exercise system, and an electronic device. In the network communication method, the attack equipment actively transmits the control request, selectively selects one of the plurality of address conversion equipment and establishes network connection with the virtual private network server, so that the attack equipment can actively switch different address conversion equipment to initiate network attack to the attacked equipment, the risk of being killed is reduced, and a more real network attack and defense scene can be simulated.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners as well. The apparatus embodiments described above are merely illustrative, for example, flow diagrams and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing is merely various embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered in the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (1)
1. The network attack and defense drilling system is characterized by comprising an attack device, an attacked device, a virtual special network server and a plurality of address conversion devices which are pre-allocated with public network addresses, wherein when the attack device initiates a network attack to the attacked device, the address conversion devices provide network address conversion service for the network attack, and the virtual special network server copies traffic information generated by the network attack;
the attack equipment determines a first address translation equipment to be used and a second address translation equipment to be interrupted from the plurality of address translation equipment;
the attack equipment sends a first control request to the first address translation equipment and sends a second control request to the second address translation equipment;
the first address conversion equipment establishes network connection with the virtual private network server according to the first control request, so that a virtual private network channel for launching the network attack is formed between the attack equipment and the first address conversion equipment;
and the second address conversion equipment interrupts network connection with the virtual private network server according to the second control request, so that a virtual private network channel for launching the network attack cannot be formed between the attack equipment and the second address conversion equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010264450.7A CN111464548B (en) | 2020-04-07 | 2020-04-07 | Network communication method and device, network attack and defense exercise system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010264450.7A CN111464548B (en) | 2020-04-07 | 2020-04-07 | Network communication method and device, network attack and defense exercise system and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111464548A CN111464548A (en) | 2020-07-28 |
| CN111464548B true CN111464548B (en) | 2023-04-25 |
Family
ID=71681493
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010264450.7A Active CN111464548B (en) | 2020-04-07 | 2020-04-07 | Network communication method and device, network attack and defense exercise system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111464548B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114500060B (en) * | 2022-01-29 | 2023-07-07 | 中国银联股份有限公司 | Attack monitoring system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965210A (en) * | 2017-05-19 | 2018-12-07 | 南京骏腾信息技术有限公司 | Safety test platform based on scene-type attacking and defending simulation |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102111394B (en) * | 2009-12-28 | 2015-03-11 | 华为数字技术(成都)有限公司 | Network attack protection method, equipment and system |
| CN106059826A (en) * | 2016-07-08 | 2016-10-26 | 中国电子科技集团公司电子科学研究院 | Method and device for monitoring virtualization platform |
| CN107483484A (en) * | 2017-09-13 | 2017-12-15 | 北京椰子树信息技术有限公司 | One kind attack protection drilling method and device |
| CN108040070A (en) * | 2017-12-29 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of network security test platform and method |
-
2020
- 2020-04-07 CN CN202010264450.7A patent/CN111464548B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965210A (en) * | 2017-05-19 | 2018-12-07 | 南京骏腾信息技术有限公司 | Safety test platform based on scene-type attacking and defending simulation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111464548A (en) | 2020-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109582684B (en) | Local cache data updating method and device, server and storage medium | |
| US11096051B2 (en) | Connection establishment method, device, and system | |
| US10009955B2 (en) | Method and device for providing SSID in WLAN | |
| US20220141311A1 (en) | Resource subscription method, device and server, and computer storage medium | |
| CN105430711B (en) | Transmission method, device and the equipment of information | |
| CN109644154B (en) | Location-based access control for human dialog entities | |
| EP3761710A1 (en) | Method and device for updating configuration | |
| US10944667B2 (en) | Loop check packets | |
| EP3337129A1 (en) | Dynamic allocation of a signal receiver for dissemination of threat information | |
| JP2019525604A (en) | Network function NF management method and NF management apparatus | |
| JP2020504557A (en) | Media downlink transmission control method and related devices | |
| CN110784549A (en) | Network node selection method and device, first network node and storage medium | |
| CN111464548B (en) | Network communication method and device, network attack and defense exercise system and electronic equipment | |
| EP4192077A1 (en) | Session update method, terminal, and network-side device | |
| US11870836B2 (en) | Accelerating connections to a host server | |
| CN113473576A (en) | Roaming networking processing method and device, mobile terminal and readable storage medium | |
| CN111586171B (en) | Server operation method and device, electronic equipment and storage medium | |
| CN108156247B (en) | Data communication method, device, system, terminal and readable storage medium | |
| CN110808967B (en) | Detection method for challenging black hole attack and related device | |
| WO2019134623A1 (en) | Capacity expansion and reduction method, device, apparatus and computer readable storage medium | |
| CN111371675B (en) | Intelligent addressing method, device, equipment and storage medium thereof | |
| JP7254166B2 (en) | Apparatus, methods, computer programs, and computer program products supporting mutually exclusive access to network slices | |
| EP3236633A1 (en) | Method and apparatus for processing resource operation request | |
| CN107835225B (en) | Method, device and equipment for acquiring data information | |
| CN111258739A (en) | Server process updating method, device, server and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |