CN114257506A - Network target range construction method and device, back-end server and readable storage medium - Google Patents
Network target range construction method and device, back-end server and readable storage medium Download PDFInfo
- Publication number
- CN114257506A CN114257506A CN202111571964.8A CN202111571964A CN114257506A CN 114257506 A CN114257506 A CN 114257506A CN 202111571964 A CN202111571964 A CN 202111571964A CN 114257506 A CN114257506 A CN 114257506A
- Authority
- CN
- China
- Prior art keywords
- shooting range
- range
- network
- parameters
- end server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000010276 construction Methods 0.000 title claims abstract description 51
- 238000000034 method Methods 0.000 claims abstract description 37
- 230000006399 behavior Effects 0.000 claims description 11
- 238000012795 verification Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 5
- 238000004590 computer program Methods 0.000 claims description 5
- 238000010304 firing Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 abstract description 10
- 238000010586 diagram Methods 0.000 description 12
- 230000003993 interaction Effects 0.000 description 4
- 239000000243 solution Substances 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000002347 injection Methods 0.000 description 3
- 239000007924 injection Substances 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 230000007123 defense Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000003796 beauty Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005553 drilling Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/024—Standardisation; Integration using relational databases for representation of network management data, e.g. managing via structured query language [SQL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/0816—Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the application provides a network target range construction method and device, a back-end server and a readable storage medium, and relates to the technical field of computers. After a user selects the shooting range parameters through the front-end interface, the client sends the shooting range parameters to the back-end server, then the back-end server carries out validity check on the shooting range parameters, a configuration file can be generated only under the condition that the shooting range parameters are legal, and finally the back-end server constructs a shooting range configuration environment according to the configuration file to generate a network shooting range. The construction of the network shooting range can be completed by manually configuring the shooting range parameters once by a user through the front-end interface, the construction process of the network shooting range is simplified, the network shooting range is automatically constructed through the rear-end server, the automation degree of the network shooting range is improved, and meanwhile the construction efficiency of the network shooting range is also improved.
Description
Technical Field
The application relates to the technical field of computers, in particular to a network shooting range construction method and device, a back-end server and a readable storage medium.
Background
The network target Range (Cyber Range) is a product for simulating and reproducing a network architecture, the running state of system equipment and a running environment in a real network space through a virtualization technology, and by combining a virtual environment and real equipment, an attack and defense combat environment of the real network space is simulated, so that the research on combat capability and the verification on weaponry can be supported.
With the development of network warfare weaponry, the construction of a network target range to demonstrate the equipment of network warfare weaponry and the training of the tactical tactics of network fighters become an important task in the aspect of information security technology development of all countries. And each manufacturer also develops network shooting ranges under different scenes, and in order to simulate a complex network environment, the network shooting ranges are interconnected to jointly construct a network topology scene.
However, the current construction method needs to manually configure configuration information such as IP addresses and ports of the network shooting range for many times, which results in a complex process of constructing the network shooting range and also needs a certain professional foundation for configuration personnel. The method has low automation degree, complex process and high error probability, which often causes the conditions of long configuration time, low efficiency, high maintenance cost and the like, and seriously influences the normal operation, popularization and application of the network target range experimental environment.
Disclosure of Invention
The application provides a network shooting range construction method and device, a back-end server and a readable storage medium, and aims to improve the automation degree of a network shooting range and provide convenience for the establishment of the network shooting range.
In order to achieve the above purpose, the embodiments of the present application employ the following technical solutions:
in a first aspect, an embodiment of the present application provides a network shooting range construction method, which is applied to a back-end server, where the back-end server is in communication connection with a client, the client includes a front-end interface, and the method includes:
receiving shooting range parameters sent by the client, wherein the shooting range parameters are selected by a user through the front-end interface;
carrying out validity check on the firing range parameters;
if the shooting range parameters are legal, generating a configuration file according to the shooting range parameters;
and constructing a shooting range configuration environment according to the configuration file so as to generate a network shooting range.
Further, the method further comprises:
and if the range parameters are illegal, returning configuration error information to the front-end interface to remind the user to reselect the range parameters.
Further, the shooting range parameters include shooting range templates and student groups, and the step of performing validity check on the shooting range parameters includes:
if the target range template belongs to a preset template library and the student group belongs to a preset student group, determining that the target range parameters are legal;
and if the range template does not belong to a preset template library or the student group does not belong to a preset student group, determining that the range parameters are illegal.
Further, the back-end server comprises a database, and the network target range comprises IP address information and port information;
after the step of building an aperture configuration environment from the configuration file to generate a network aperture, the method further comprises:
and writing the IP address information and the port information of the network target range into the database so that the user can conveniently inquire through the front-end interface.
Further, after the step of generating a configuration file according to the shooting range parameter if the shooting range parameter is legal, the method further includes:
judging whether a hacker attack behavior exists;
if the hacker attack behavior exists, deleting the configuration file;
and if the hacking behavior does not exist, executing the step of constructing the shooting range configuration environment according to the configuration file to generate the network shooting range.
In a second aspect, an embodiment of the present application further provides a network shooting range constructing apparatus, which is applied to a backend server, where the backend server is in communication connection with a client, the client includes a front-end interface, and the apparatus includes:
the receiving module is used for receiving the shooting range parameters sent by the client, wherein the shooting range parameters are selected by a user through the front-end interface;
the checking module is used for checking the legitimacy of the firing range parameters;
the generating module is used for generating a configuration file according to the shooting range parameter if the shooting range parameter is legal;
and the construction module is used for constructing the shooting range configuration environment according to the configuration file so as to generate the network shooting range.
Further, the apparatus further comprises:
and the return module is used for returning configuration error information to the front-end interface if the shooting range parameters are illegal so as to remind the user to reselect the shooting range parameters.
Further, the verification module includes:
the determining submodule is used for determining that the shooting range parameters are legal if the shooting range template belongs to a preset template library and the student group belongs to a preset student group;
and if the range template does not belong to a preset template library or the student group does not belong to a preset student group, determining that the range parameters are illegal.
In a third aspect, an embodiment of the present application further provides a backend server, including: a processor, a memory and a bus, wherein the memory stores program instructions executable by the processor, when the backend server runs, the processor and the memory communicate through the bus, and the processor executes the program instructions to execute the network range construction method according to any one of the first aspect.
In a fourth aspect, this application further provides a readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the network range construction method according to any one of the first aspects is performed.
Compared with the prior art, the embodiment of the application provides a network range construction method and device, a back-end server and a readable storage medium, after a user selects range parameters through a front-end interface, a client sends the range parameters to the back-end server, then the back-end server carries out validity check on the range parameters, a configuration file can be generated only under the condition that the range parameters are legal, and finally the back-end server constructs a range configuration environment according to the configuration file to generate the network range. Compared with the prior art, the network shooting range is constructed by manually configuring shooting range parameters once by a user through the front-end interface, the construction process of the network shooting range is simplified, the network shooting range is automatically constructed through the rear-end server, the automation degree of the network shooting range is improved, and meanwhile the efficiency of constructing the network shooting range is also improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 shows an application scenario diagram of a network shooting range construction method provided in an embodiment of the present application.
Fig. 2 shows a schematic flow chart of a network shooting range construction method provided in an embodiment of the present application.
Fig. 3 illustrates an example diagram of a front-end interface provided by an embodiment of the present application.
Fig. 4 is a diagram illustrating another example of a front-end interface provided by an embodiment of the present application.
Fig. 5 shows another schematic flow chart of a network shooting range construction method provided in the embodiment of the present application.
Fig. 6 shows another schematic flow chart of a network shooting range construction method provided in the embodiment of the present application.
Fig. 7 shows a schematic structural diagram of a network range construction apparatus provided in an embodiment of the present application.
Fig. 8 shows a schematic structural diagram of a backend server provided in an embodiment of the present application.
Icon: 10-a back-end server; 20-a client; 100-network range construction means; 110-a receiving module; 120-a verification module; 130-a generating module; 140-a judgment module; 150-a building block; 160-a write module; 170-a return module; 180-delete module; 11-a processor; 12-a memory; 13-bus.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without inventive step, are within the scope of the present disclosure.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The network target range is a product for simulating and reproducing a network architecture, the running state of system equipment and the running environment in a real network space through a virtualization technology, and the attack and defense combat environment of the real network space is simulated through the combination of a virtual environment and real equipment, so that the research on combat capability and the verification of weaponry can be supported.
The existing network target range construction method needs to manually configure configuration information such as IP addresses, ports and the like of the network target range for many times, so that the network target range construction process becomes complicated, and configuration personnel also need to have certain professional basic knowledge. Due to the low automation degree, the process is complicated and error is easy to occur, and the normal operation of the network target range experimental environment is seriously influenced.
In view of the above technical problems, embodiments of the present application provide a network shooting range construction method, a user only needs to manually configure shooting range parameters once to implement construction of a network shooting range, so that the construction process of the network shooting range is simplified, a back-end server can also automatically construct the network shooting range, and the automation degree of the network shooting range is improved, which is described in detail below.
Referring to fig. 1, fig. 1 is a diagram illustrating an application scenario of a network shooting range construction method according to an embodiment of the present application, including a back-end server 10 and a client 20.
The client 20 and the backend server 10 are connected through a network to implement data communication interaction between the client 20 and the backend server 10, where the interaction manner may be, for example, a wired network, and the wired network may include, for example, a coaxial cable, a twisted pair, an optical fiber, and the like, and may also be a wireless network, and the wireless network may be a 2G network, a 3G network, a 4G network, or a 5G network, a WIFI network, and the like, which is not limited in this embodiment of the present application.
The back-end server 10 is configured to perform validity check on the shooting range parameter, generate a configuration file for the shooting range parameter when the shooting range parameter is valid, and then construct a shooting range configuration environment by using the configuration file to generate a network shooting range. The parameters of the shooting range include parameters of a shooting range template, student grouping, high availability and the like, and the comparison in the embodiment of the application is not limited.
The client 20 is configured to send the parameters of the shooting range to the back-end server 10, and may be an intelligent electronic device such as a smart phone, a tablet computer, and a desktop computer with an Application program (APP) or loaded in a web Application, which is not limited in this Application.
The client 20 includes a front-end interface, where the front-end interface refers to an interface capable of being displayed in various platforms, is an overall design of human-computer interaction, operation logic, and interface beauty of software, and is a medium for interaction and information exchange between a system and a user. Wherein, the platform refers to an environmental system suitable for front-end interface display, including but not limited to: web, H5, Android, iOS, etc. Front-end interfaces include, but are not limited to: a UI (User Interface) displayed by the application on the client 20, an operation Interface displayed by the application on a PC (Personal Computer), and the like.
The network shooting range construction method applied to the back-end server 10 provided by the embodiment of the application can not only demonstrate equipment of network battle weapons and train tactics of network fighters, but also be applied to the following scenes:
1. the cloud computing management platform can visually manage cloud computing resources and improve operation and engineering efficiency.
2. Information security research and teaching efforts, including but not limited to: risk assessment, training education, technical research and development, emergency drilling and the like.
Referring to fig. 2 on the basis of the application scenario diagram shown in fig. 1, fig. 2 shows a flowchart of a network shooting range constructing method provided in the embodiment of the present application, where the network shooting range constructing method applied to the back-end server 10 may include the following steps:
and S110, receiving the shooting range parameters sent by the client, wherein the shooting range parameters are selected by the user through a front-end interface.
When a user needs to construct a network shooting range, the client 20 will present a front-end interface to the user for the user to select shooting range parameters for constructing the network shooting range, such as shooting range templates, student grouping, high availability information, and the like, and after the user has selected the shooting range parameters, the client 20 will send the shooting range parameters selected by the user to the back-end server 10 for processing.
The front-end interface can enable a user to rapidly and conveniently configure parameters of the shooting range through simple drag and drop operation, and can also set the attributes of various network devices. The parameters of the shooting range selected by the user are determined by providing a front-end interface and detecting the operation triggered by the user in the front-end interface.
In a possible implementation manner, when the parameters of the shooting range selected by the user are the shooting range template, the group of trainees, and whether the availability is high, the client 20 pops up a new front-end interface, please refer to fig. 3, and fig. 3 shows an exemplary diagram of the front-end interface provided by the embodiment of the present application.
In the front-end interface shown in fig. 3, the front-end interface presents a specific shooting range configuration to a user, and includes: the target range template selection, the trainee group selection, the first configuration page, the second configuration page, the high availability and generation keys and the like, and different software environments for the user to select are contained in the target range template selection, such as a first software environment, a second software environment, a third software environment and the like, and similarly, the trainee group selection also has options of a first class, a second class, a third class and the like.
The first configuration interface is used for bearing the shooting range template selected by the user, and prompt information can be displayed to the user on the first configuration interface, for example, the prompt information can be "please drag the shooting range template desired to be set (drag multiple is allowed)". Similarly, the second configuration interface is used for carrying the trainee group selected by the user, and prompt information, for example, the prompt information is "please drag a shooting range template (multiple dragging is allowed)" can be displayed to the user on the second configuration interface.
Please refer to fig. 4 when a user operates on the front-end interface, and fig. 4 shows another exemplary diagram of the front-end interface provided in the embodiment of the present application.
The user wants the back-end server 10 to generate a required network target range, drags a 'second software environment' in the target range template selection to a first configuration interface through a mouse in a front-end interface, drags a 'first class' and a 'second class' in the trainee grouping selection to a second configuration interface, selects a 'high availability' option, and finally clicks a generated case to finish the operation of the user on the front-end interface, and the client 20 sends the information selected by the user to the back-end server 10.
In a possible implementation manner, the manner in which the client 20 sends the parameters of the target range to the backend server 10 may be implemented by using an API (Application Programming Interface) calling method, where the API calling method is to call a corresponding API through an API access request, and taking an HTTP protocol as an example, the API calling method is a calling method in the HTTP protocol, such as a calling method in get, post, put, head, trace, and the like.
According to the embodiment of the application, a vivid front-end interface can be quickly generated according to a network environment, preparation for constructing a network shooting range is achieved, and the method has strong automation, intelligentization and visualization effects and excellent user experience.
And S120, carrying out validity check on the parameters of the shooting range.
After receiving the range parameters, the back-end server 10 needs to verify the legitimacy of the range parameters in order to prevent problems such as program errors caused by incorrect range parameters.
And S130, if the shooting range parameters are legal, generating a configuration file according to the shooting range parameters.
The configuration file may be a yaml file, which is generated by the back-end server 10 when the parameters of the range are legal, taking the yaml file as an example.
In a possible implementation manner, the process of generating the yaml file by the target range parameter generates the yaml file by creating a virtual machine through an OpenStack cloud platform if in the windows system software environment, and generates the yaml file by calling a docker container by using a K8S cluster if in the Linux system software environment.
The method for creating the virtual machine through the OpenStack cloud platform comprises the following steps: arranging basic resources provided by OpenStack, including calculation, network, storage and the like, creating a basic virtual machine, providing Software Configuration, Software Deployment and the like to perform complex Configuration on the virtual machine, installing and configuring specific Software, providing load balancing to support, creating a group of virtual machines with load balancing, and analyzing a target court parameter into a yaml file through horizon;
the method for calling the docker container by using the K8S cluster comprises the following steps: the back-end server 10 uses the project code configured by the developer, pulls the code through a git clone/pull command to generate a yaml file, creates a docker mirror image, pushes the generated docker mirror image to a mirror warehouse, then sends a kubecect application-f yaml file name command to obtain the docker mirror image from the mirror warehouse, and creates a container by using the configuration in the yaml file, starts the container, and deploys the container to the k8s cluster.
S140, constructing a shooting range configuration environment according to the configuration file to generate a network shooting range.
The back-end server 10 finds the shooting range environment resource corresponding to the yaml file according to the yaml file, and loads the shooting range environment resource into the operating environment to construct a shooting range configuration environment, so as to generate a network shooting range.
Next, step S120 is described in detail, with reference to fig. 2 on the basis of fig. 5, fig. 5 shows another schematic flow chart of the network range construction method provided in the embodiment of the present application, and step S120 includes:
and S121, if the shooting range template belongs to the preset template library and the student group belongs to the preset student group, determining that the shooting range parameters are legal.
And S122, if the range template does not belong to the preset template library or the student group does not belong to the preset student group, determining that the range parameters are illegal.
The back-end server 10 can pre-store a preset template library and a preset student group, when the back-end server 10 receives a shooting range template and a student group in the shooting range parameters, the shooting range template and the student group can be subjected to legality verification, and the legality verification mode can be as follows: whether the target range template belongs to the preset template library or not and whether the student group belongs to the preset student group or not are respectively judged, when the target range template belongs to the preset template library and the student group belongs to the preset student group, the target range parameter is determined to be legal, and if the back-end server 10 judges that the target range template does not belong to the preset template library or the student group does not belong to the preset student group, the target range parameter is determined to be illegal.
When the range parameter is illegal, please refer to fig. 5 again, which further includes after S122:
and S160, if the shooting range parameters are illegal, returning configuration error information to the front-end interface to remind a user to reselect the shooting range parameters.
After the rear-end server 10 checks the legitimacy of the range parameters, it is determined that the range template in the range parameters does not belong to the preset template library or the trainee group does not belong to the preset trainee group, and the range parameters are illegal, the rear-end server 10 generates configuration error information, and then returns the configuration error information to the front-end interface of the client 20 to be displayed, so as to remind the user of reselecting the range parameters.
After the back-end server 10 generates the configuration file according to the shooting range parameter, with reference to fig. 6 on the basis of fig. 5, fig. 6 shows another flow diagram of the network shooting range construction method provided in the embodiment of the present application, and after step S130, the method further includes steps S101 to S102:
s101, judging whether a hacking behavior exists or not.
In the present embodiment, if the determination result of step S101 is "yes", that is, there is hacking behavior, step S102 is executed; if the judgment result of the step S101 is no, that is, there is no hacking behavior, the step S140 is performed.
And S102, deleting the configuration file.
S140, constructing a shooting range configuration environment according to the configuration file to generate a network shooting range.
The backend server 10 characterizes whether there is a hacking behavior by detecting whether a characteristic string containing SQL (Structured Query Language) injection or XSS (Cross Site Scripting) attack is detected, and if the backend server 10 detects a characteristic string containing SQL injection or XSS attack, it indicates that there is a hacking behavior, and the backend server 10 immediately deletes the configuration file. When the backend server 10 does not detect the signature string containing the SQL injection or the XSS attack, step S140 is executed.
Optionally, after step S140, the network range construction method provided in the embodiment of the present application further includes step S150.
S150, writing the IP address information and the port information of the network target range into a database so that a user can inquire through a front-end interface.
The network target range includes IP address information and port information, the back-end server 10 includes a database for storing information, such as the IP address information and the port information, required by the back-end server 10 according to the parameters of the target range, the IP address information and the port information of the network target range are stored in the database after the network target range generated by the back-end server 10, and when a user wants to query the IP address information or the port information of the network target range, the client 20 obtains the IP address information or the port information from the back-end server 10 and displays the IP address information or the port information in the front-end interface.
Compared with the prior art, the embodiment of the application has the following beneficial effects:
firstly, compared with the prior art, the method and the device have the advantages that the construction of the network shooting range can be completed by manually configuring the shooting range parameters once by the user through the front-end interface, the construction process of the network shooting range is simplified, the use experience is greatly enhanced, and the method and the device are more humanized.
And secondly, a network target range is automatically constructed through a back-end server, so that the automation degree of the network target range is improved, and the efficiency of constructing the network target range is also improved.
Thirdly, the problems of program errors and the like caused by incorrect shooting range parameters can be prevented by carrying out validity check on the shooting range parameters.
The following provides a possible implementation manner of the network range construction apparatus 100, which is used to execute the steps and corresponding technical effects of the network range construction method shown in the foregoing embodiments and possible implementation manners. Referring to fig. 7, fig. 7 is a schematic structural diagram illustrating a network shooting range constructing apparatus 100 according to an embodiment of the present application, where the apparatus is applied to a back-end server 10, and the network shooting range constructing apparatus 100 includes: the system comprises a receiving module 110, a checking module 120, a generating module 130, a returning module 170, a judging module 140, a constructing module 150, a deleting module 180 and a writing module 160;
the receiving module 110 is configured to receive the shooting range parameter sent by the client, where the shooting range parameter is selected by the user through the front-end interface.
And the checking module 120 is used for checking the legitimacy of the shooting range parameters.
And a generating module 130, configured to generate a configuration file according to the shooting range parameter if the shooting range parameter is legal.
And the constructing module 150 is used for constructing the shooting range configuration environment according to the configuration file so as to generate the network shooting range.
Optionally, the verification module 120 is specifically configured to:
and if the shooting range template belongs to the preset template library and the student group belongs to the preset student group, determining that the shooting range parameters are legal.
And if the shooting range template does not belong to the preset template library or the student group does not belong to the preset student group, determining that the shooting range parameters are illegal.
Optionally, network range building apparatus 100 further comprises:
and a returning module 170, configured to return configuration error information to the front-end interface if the shooting range parameter is illegal, so as to remind the user to reselect the shooting range parameter.
Optionally, network range building apparatus 100 further comprises:
and a writing module 160, configured to write the IP address information and the port information of the network shooting range into a database, so that a user can query through the front-end interface.
Optionally, network range building apparatus 100 further comprises:
the judging module 140 is configured to judge whether there is a hacking action, and jump to the deleting module 180 if there is a hacking action, or jump to the constructing module 150 if there is no hacking action.
And a deleting module 180, configured to delete the configuration file.
And the constructing module 150 is used for constructing the shooting range configuration environment according to the configuration file so as to generate the network shooting range.
Referring to fig. 8, fig. 8 is a schematic diagram illustrating a structure of the backend server 10 according to an embodiment of the present disclosure.
The back-end server 10 includes a processor 11, a memory 12, and a bus 13, and the processor 11 is connected to the memory 12 through the bus 13. The memory 12 is used for storing a program, such as the network range construction apparatus 100 shown in fig. 7, the network range construction apparatus 100 includes at least one software functional module which can be stored in the memory 12 in a form of software or firmware (firmware) or solidified in an Operating System (OS) of the client 20, and the processor 11 executes the program after receiving an execution instruction to implement the network range construction method disclosed in the above embodiment.
The Memory 12 may include a Random Access Memory (RAM) and may also include a non-volatile Memory (NVM).
The processor 11 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 11. The processor 11 may be a general-purpose processor, and includes a Central Processing Unit (CPU), a Micro Control Unit (MCU), a Complex Programmable Logic Device (CPLD), a Field Programmable Gate Array (FPGA), and an embedded ARM.
The embodiment of the present application further provides a readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor 11, the network shooting range constructing method disclosed in the foregoing embodiment is implemented.
To sum up, the embodiment of the present application provides a network shooting range construction method, device, back-end server and readable storage medium, after a user selects shooting range parameters through a front-end interface, a client sends the shooting range parameters to the back-end server, then the back-end server performs validity check on the shooting range parameters, a configuration file can be generated only when the shooting range parameters are valid, and finally the back-end server constructs a shooting range configuration environment according to the configuration file to generate a network shooting range. The construction of the network shooting range can be completed by manually configuring the shooting range parameters once by a user through the front-end interface, the construction process of the network shooting range is simplified, the network shooting range is automatically constructed through the rear-end server, the automation degree of the network shooting range is improved, and meanwhile the construction efficiency of the network shooting range is also improved.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A network shooting range construction method is applied to a back-end server, the back-end server is in communication connection with a client, the client comprises a front-end interface, and the method comprises the following steps:
receiving a shooting range parameter sent by the client, wherein the shooting range parameter is selected by a user through the front-end interface;
carrying out validity check on the firing range parameters;
if the shooting range parameters are legal, generating a configuration file according to the shooting range parameters;
and constructing a shooting range configuration environment according to the configuration file so as to generate a network shooting range.
2. The method of claim 1, wherein the range parameters include range templates and trainee groups, and the step of validating the range parameters comprises:
if the target range template belongs to a preset template library and the student group belongs to a preset student group, determining that the target range parameters are legal;
and if the range template does not belong to a preset template library or the student group does not belong to a preset student group, determining that the range parameters are illegal.
3. The network shooting range construction method of claim 2, wherein after the step of determining that the shooting range parameters are not legal, the method further comprises:
and if the range parameters are illegal, returning configuration error information to the front-end interface to remind the user to reselect the range parameters.
4. The method of claim 1, wherein the back-end server comprises a database, the network range comprising IP address information and port information;
after the step of building an aperture configuration environment from the configuration file to generate a network aperture, the method further comprises:
and writing the IP address information and the port information of the network target range into the database so that the user can conveniently inquire through the front-end interface.
5. The method of claim 1, wherein after the step of generating a configuration file from the range parameters if the range parameters are legitimate, the method further comprises:
judging whether a hacker attack behavior exists;
if the hacker attack behavior exists, deleting the configuration file;
and if the hacking behavior does not exist, executing the step of constructing the shooting range configuration environment according to the configuration file to generate the network shooting range.
6. A network shooting range construction device is applied to a back-end server, the back-end server is in communication connection with a client, the client comprises a front-end interface, and the device comprises:
the receiving module is used for receiving the shooting range parameters sent by the client, wherein the shooting range parameters are selected by a user through the front-end interface;
the checking module is used for checking the legitimacy of the firing range parameters;
the generating module is used for generating a configuration file according to the shooting range parameter if the shooting range parameter is legal;
and the construction module is used for constructing the shooting range configuration environment according to the configuration file so as to generate the network shooting range.
7. The network shooting range construction apparatus according to claim 6, wherein the verification module is specifically configured to:
if the target range template belongs to a preset template library and the student group belongs to a preset student group, determining that the target range parameters are legal;
and if the range template does not belong to a preset template library or the student group does not belong to a preset student group, determining that the range parameters are illegal.
8. The network range construction apparatus of claim 7, further comprising:
and the return module is used for returning configuration error information to the front-end interface if the shooting range parameters are illegal so as to remind the user to reselect the shooting range parameters.
9. A back-end server, comprising: a processor, a memory and a bus, wherein the memory stores program instructions executable by the processor, the processor and the memory communicate via the bus when the back-end server runs, and the processor executes the program instructions to execute the network range construction method according to any one of claims 1-5.
10. A readable storage medium, having stored thereon a computer program which, when being executed by a processor, is adapted to carry out the network range construction method according to any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111571964.8A CN114257506B (en) | 2021-12-21 | 2021-12-21 | Network target range construction method and device, back-end server and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111571964.8A CN114257506B (en) | 2021-12-21 | 2021-12-21 | Network target range construction method and device, back-end server and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114257506A true CN114257506A (en) | 2022-03-29 |
| CN114257506B CN114257506B (en) | 2024-04-02 |
Family
ID=80793734
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111571964.8A Active CN114257506B (en) | 2021-12-21 | 2021-12-21 | Network target range construction method and device, back-end server and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114257506B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116208519A (en) * | 2023-04-27 | 2023-06-02 | 南京赛宁信息技术有限公司 | Network target range background flow generation system and method based on behavior agent |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160011732A1 (en) * | 2014-07-11 | 2016-01-14 | Shape Security, Inc. | Disrupting automated attacks on client-server interactions using polymorphic application programming interfaces |
| CN109802852A (en) * | 2018-12-13 | 2019-05-24 | 烽台科技(北京)有限公司 | The construction method and system of network simulation topology applied to network target range |
| CN110351271A (en) * | 2019-07-09 | 2019-10-18 | 广东工业大学 | Network-combination yarn experimental system building method, system, device and storage medium |
| CN110351255A (en) * | 2019-06-25 | 2019-10-18 | 北京永信至诚科技股份有限公司 | Collecting method and data collection system in a kind of system of network target range |
| CN111478820A (en) * | 2020-06-24 | 2020-07-31 | 南京赛宁信息技术有限公司 | Network equipment configuration system and method for large-scale network environment of network target range |
| CN111555913A (en) * | 2020-04-24 | 2020-08-18 | 北京安码科技有限公司 | Simulation method, system, electronic device and storage medium for simulating real network environment based on virtualization |
| CN112055026A (en) * | 2020-09-11 | 2020-12-08 | 湖南泛联新安信息科技有限公司 | Network target range physical environment construction method and system |
| CN112448857A (en) * | 2021-02-01 | 2021-03-05 | 博智安全科技股份有限公司 | Construction method, device and equipment of target range and storage medium |
| CN113067728A (en) * | 2021-03-17 | 2021-07-02 | 中国人民解放军海军工程大学 | Network security attack and defense test platform |
-
2021
- 2021-12-21 CN CN202111571964.8A patent/CN114257506B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160011732A1 (en) * | 2014-07-11 | 2016-01-14 | Shape Security, Inc. | Disrupting automated attacks on client-server interactions using polymorphic application programming interfaces |
| CN109802852A (en) * | 2018-12-13 | 2019-05-24 | 烽台科技(北京)有限公司 | The construction method and system of network simulation topology applied to network target range |
| CN110351255A (en) * | 2019-06-25 | 2019-10-18 | 北京永信至诚科技股份有限公司 | Collecting method and data collection system in a kind of system of network target range |
| CN110351271A (en) * | 2019-07-09 | 2019-10-18 | 广东工业大学 | Network-combination yarn experimental system building method, system, device and storage medium |
| CN111555913A (en) * | 2020-04-24 | 2020-08-18 | 北京安码科技有限公司 | Simulation method, system, electronic device and storage medium for simulating real network environment based on virtualization |
| CN111478820A (en) * | 2020-06-24 | 2020-07-31 | 南京赛宁信息技术有限公司 | Network equipment configuration system and method for large-scale network environment of network target range |
| CN112055026A (en) * | 2020-09-11 | 2020-12-08 | 湖南泛联新安信息科技有限公司 | Network target range physical environment construction method and system |
| CN112448857A (en) * | 2021-02-01 | 2021-03-05 | 博智安全科技股份有限公司 | Construction method, device and equipment of target range and storage medium |
| CN113067728A (en) * | 2021-03-17 | 2021-07-02 | 中国人民解放军海军工程大学 | Network security attack and defense test platform |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116208519A (en) * | 2023-04-27 | 2023-06-02 | 南京赛宁信息技术有限公司 | Network target range background flow generation system and method based on behavior agent |
| CN116208519B (en) * | 2023-04-27 | 2023-08-22 | 南京赛宁信息技术有限公司 | Network target range background flow generation system and method based on behavior agent |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114257506B (en) | 2024-04-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12013939B2 (en) | Analysis system, analysis method, analysis device, and storage medium for analyzing operation of a program executed in an analysis environment | |
| CN109918892B (en) | Verification code generation method and device, storage medium and computer equipment | |
| US9940221B2 (en) | System and method for testing data representation for different mobile devices | |
| US10007776B1 (en) | Systems and methods for distinguishing among human users and software robots | |
| US9208235B1 (en) | Systems and methods for profiling web applications | |
| CN111159691A (en) | Dynamic credibility verification method and system for application program | |
| CN110286768B (en) | Virtual object display method, terminal device and computer-readable storage medium | |
| US9990487B1 (en) | Systems and methods for distinguishing among human users and software robots | |
| US20230035104A1 (en) | Verification method, apparatus and device, and storage medium | |
| AU2019478487A1 (en) | Virtual workspace experience visualization and optimization | |
| US9658933B2 (en) | Automatically modifying a test for a program on multiple electronic devices | |
| CN116527332A (en) | Network attack drilling method, device, equipment and storage medium | |
| CN114257506B (en) | Network target range construction method and device, back-end server and readable storage medium | |
| CN114189553B (en) | Flow playback method, system and computing device | |
| CN108830077A (en) | A kind of script detection method, device and terminal | |
| CN111866557B (en) | Configuration method and device of large-screen display equipment, storage medium and electronic equipment | |
| CN115334698B (en) | Construction method, device, terminal and medium of target 5G safety network of target range | |
| CN115499323B (en) | Method and device for constructing target virtual scene and electronic equipment | |
| WO2020199163A1 (en) | Systems and methods for protecting remotely hosted application from malicious attacks | |
| CN114629682B (en) | Industrial control network target range allocation method, device, terminal and storage medium | |
| CN116566629A (en) | Security testing method and device, computer equipment and storage medium | |
| CN113395234B (en) | Method and device for detecting flow hijacking of popularization information | |
| US10482273B2 (en) | System and method for activating a data entry mechanism for an application based on security requirements | |
| CN105207979B (en) | A kind of user authentication method and device based on user's input feature vector | |
| CN117478440B (en) | POC batch verification method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |