CN115277440B - Method and system for generating mixed flow in network target range - Google Patents

Method and system for generating mixed flow in network target range Download PDF

Info

Publication number
CN115277440B
CN115277440B CN202210497104.2A CN202210497104A CN115277440B CN 115277440 B CN115277440 B CN 115277440B CN 202210497104 A CN202210497104 A CN 202210497104A CN 115277440 B CN115277440 B CN 115277440B
Authority
CN
China
Prior art keywords
flow
tcp message
mixed
packet
queue
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210497104.2A
Other languages
Chinese (zh)
Other versions
CN115277440A (en
Inventor
高庆官
谢峥
殷庆荣
王国伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Cyber Peace Technology Co Ltd
Original Assignee
Nanjing Cyber Peace Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Cyber Peace Technology Co Ltd filed Critical Nanjing Cyber Peace Technology Co Ltd
Priority to CN202210497104.2A priority Critical patent/CN115277440B/en
Publication of CN115277440A publication Critical patent/CN115277440A/en
Application granted granted Critical
Publication of CN115277440B publication Critical patent/CN115277440B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/90Buffering arrangements
    • H04L49/9057Arrangements for supporting packet reassembly or resequencing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/163In-band adaptation of TCP data exchange; In-band control procedures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method and a system for generating mixed flow in a network target range, which comprises the steps of firstly, acquiring a flow packet set to be mixed, loading single flow packets in the flow packet set one by one, and analyzing according to a TCP message Wen Weidu to obtain a TCP message queue of the single flow packet; then, according to the actual service requirement, modifying the five-tuple of the TCP message; mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue, and generating a new flow packet by the mixed flow queue to serve as a mixed flow packet to be finally transmitted; and finally, loading the mixed flow packet to be transmitted, and transmitting the flow packet according to a set rate. The invention can simulate complex service scenes of various traffic mixing, can control the mixing proportion of various messages, and simulate key service in actual use scenes, thereby achieving better traffic generation effect.

Description

Method and system for generating mixed flow in network target range
Technical Field
The invention relates to a method and a system for generating mixed flow in a network target range, belonging to the field of network safety and computer software.
Background
The network target range is a test platform which simulates a real network space attack and defense combat environment through a virtualization technology and can support combat capability research and weapon equipment verification. In order to achieve the above objective, in the actual training or verification process, background traffic needs to be applied to the target node (i.e., target drone) under study to simulate various interference signals in real environment when network countermeasure is performed.
A typical flow generation process is shown in fig. 1, comprising the steps of: 1. starting a test scene by a user, namely starting each virtual machine in scene topology; 2. after the scene is started, loading a traffic generating device in the scene; 3. according to the configuration of the scene, the flow generating device loads a flow packet (PCAP flow packet) appointed to be sent; 4. according to the actual service scene, modifying the five-tuple of the TCP message in the flow packet to be transmitted, wherein the modified message is the flow packet to be transmitted finally; 5. the flow generating device loads the flow packet generated in the step 4 and transmits the flow packet according to a specified flow generating strategy.
The flow rate generation process has the following defects: 1. the content in the flow packet is single, for example, only the flow of WeChat, the single flow generating device can not simulate the mixed transmission of multiple flows, and the actual service scene is not consistent; 2. in an actual scene, the proportion of various service messages is unbalanced, and the prior art cannot control the hybrid proportion of various messages at the same time, for example, the QQ and the WeChat flow are simulated in a 1:2 mode.
Disclosure of Invention
The invention aims to: aiming at the problems existing in the prior art, the invention aims to provide a method and a system for generating mixed flow in a network target range, which support free combination of flow packets and simulate mixed transmission of multiple flows; meanwhile, the configuration of the mixed proportion is supported, and the flow occurrence effect is improved.
The technical scheme is as follows: in order to achieve the aim of the invention, the invention adopts the following technical scheme:
a method for generating mixed flow in a network target range, comprising the following steps:
acquiring a flow packet set to be mixed;
loading single flow packets in the flow packet set one by one, and analyzing according to the TCP message Wen Weidu to obtain a TCP message queue; each flow packet corresponds to a TCP message queue;
modifying the source IP, the source port, the destination IP and the destination port of each TCP message in the TCP message queue according to the actual service requirement;
mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue;
generating a new flow packet by using the mixed flow queue as a mixed flow packet to be finally transmitted;
and loading the mixed flow packets to be sent, and sending the flow packets according to a set rate.
Preferably, the method for mixing the TCP messages of different TCP message queues according to a preset mixing proportion includes:
set flow packet P 1 、P 2 、……、P N Is H in the mixed proportion of 1 、H 2 、……、H N The method comprises the steps of carrying out a first treatment on the surface of the Wherein H is 1 、H 2 、……、H N N is the number of flow packets in the flow packet set to be mixed;
each time separately from the traffic packet P 1 、P 2 、……、P N Corresponding TCP message queue L 1 、L 2 、……、L N Take out H 1 、H 2 、……、H N Adding TCP messages into a mixed flow queue; when the TCP message queue of the single flow packet reaches the tail part, the TCP message is circularly read continuously from the head part; repeating the steps from L 1 、L 2 、……、L N And (5) taking out the TCP message until the TCP message in all the queues is added into the mixed flow queue.
Preferably, after the TCP message is mixed, the last one from L in the mixed flow queue is checked 1 、L 2 、……、L N If the service packet of the TCP message is complete, discarding the corresponding TCP message if the service packet of the TCP message is incomplete.
Preferably, the source IP and the source port of the TCP message are modified into preset IP and ports, and the destination IP and the destination port modify the IP of the target virtual machine and the random ports in the available port pool.
A system for generating confounding traffic in a network target range, comprising:
the flow mixing device is used for acquiring a flow packet set to be mixed; loading single flow packets in the flow packet set one by one, and analyzing according to the TCP message Wen Weidu to obtain a TCP message queue; each flow packet corresponds to a TCP message queue; modifying the source IP, the source port, the destination IP and the destination port of each TCP message in the TCP message queue according to the actual service requirement; mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue; generating a new flow packet by using the mixed flow queue as a mixed flow packet to be finally transmitted;
and the flow generating device is used for loading the mixed flow packets to be sent and sending the flow packets according to a set rate.
A computer system comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the computer program when loaded into the processor implementing the steps of the method of promiscuous traffic generation in a network target.
A computer readable storage medium storing a computer program which when executed by a processor performs the steps of the method of generating a hybrid flow in a network target.
The beneficial effects are that: compared with the prior art, the invention has the following advantages: 1. by freely combining single content flow packets, complex business scenes with various mixed flows can be simulated; 2. the mixed proportion of various messages is controlled, and key business in an actual use scene is simulated, so that a better flow generation effect is achieved.
Drawings
FIG. 1 is a flow chart of traffic generation in a prior art network target range.
FIG. 2 is a flow chart illustrating the flow generation according to an embodiment of the present invention.
Detailed Description
The technical scheme of the invention will be clearly and completely described below with reference to the accompanying drawings and specific embodiments.
The embodiment of the invention discloses a method for generating mixed flow in a network target range, which comprises the steps of firstly obtaining a flow packet set to be mixed, loading single flow packets in the flow packet set one by one, and analyzing according to a TCP message Wen Weidu to obtain a TCP message queue of the single flow packet; then, according to the actual service requirement, modifying the source IP, source port, destination IP and destination port of each TCP message in the TCP message queue; mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue, and generating a new flow packet by the mixed flow queue to serve as a mixed flow packet to be finally transmitted; and finally, loading the mixed flow packet to be transmitted, and transmitting the flow packet according to a set rate.
The following describes in detail the implementation of the present invention in conjunction with fig. 2 and the specific scenario.
And step 1, starting a test scene by a user, namely starting each virtual machine in scene topology.
And 2, after the scene is started, loading the flow generating device and the flow mixing device in the scene.
And step 3, according to a flow mixing rule preset by a user, the mixing device acquires a flow packet set to be mixed.
And 4, loading the single flow packets in the flow set one by the flow mixing device.
And 5, analyzing the messages in the single flow packet according to the TCP dimension to form a TCP message queue, wherein each value in the queue is a TCP message.
And 6, modifying five-tuple of TCP message in the flow packet to be sent according to actual service requirement, wherein the five-tuple comprises a self-defined message source IP and a source port, the destination IP and the destination port are changed into the IP of the current target machine and an unused random port of the current target machine, and the modified message is the flow packet to be mixed finally.
Step 7, mixing the flows according to a preset mixing proportion to generate a new mixed flow queue A, wherein the specific steps of mixing are as follows:
7.1 assume three TCP message queues L 1 、L 2 、L 3 Flow mixing was performed at a ratio of 1:2:3. Each time separately from L 1 、L 2 、L 3 Taking out 1, 2 and 3 TCP messages from the three queues, and adding the TCP messages into a mixed flow queue A; when a certain queue reaches the tail part, the TCP message is circularly read from the head part continuously; repeating the steps until the messages in all the queues are added into the mixed flow queue A;
7.2 for the mixed traffic queue A of 7.1, the last L is checked separately 1 、L 2 、L 3 Whether the service packet of the TCP message is complete or not, and discarding if the message is incomplete.
And 8, generating a new flow packet by the mixed flow queue A in the step 7, wherein the flow packet is a mixed flow packet to be finally transmitted.
And 9, loading the flow packet generated in the step 8 by the flow generating device, and transmitting the flow packet according to a specified flow generating strategy.
Based on the same inventive concept, the embodiment of the invention discloses a mixed flow generating system in a network shooting range, which comprises a flow mixing device and a flow generating device; the flow mixing device is used for acquiring a flow packet set to be mixed; loading single flow packets in the flow packet set one by one, and analyzing according to the TCP message Wen Weidu to obtain a TCP message queue; modifying the source IP, the source port, the destination IP and the destination port of each TCP message in the TCP message queue according to the actual service requirement; mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue; generating a new flow packet by using the mixed flow queue as a mixed flow packet to be finally transmitted; and the flow generating device is used for loading the mixed flow packets to be sent and sending the flow packets according to a set rate.
Based on the same inventive concept, the embodiment of the invention discloses a computer system, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the computer program realizes the steps of the method for generating the mixed flow in the network target range when being loaded to the processor.
Based on the same inventive concept, an embodiment of the present invention discloses a computer readable storage medium storing a computer program, which when executed by a processor, implements the steps of the method for generating hybrid traffic in a network target range.
It will be appreciated by those skilled in the art that aspects of the present invention, in essence and/or contributing to the prior art, may be embodied in the form of a software product stored on a storage medium, comprising instructions for causing a computer system (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method described in the embodiments of the present invention. The storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, or other various media capable of storing a computer program.

Claims (8)

1. A method for generating mixed flow in a network target range, comprising the steps of:
acquiring a flow packet set to be mixed;
loading single flow packets in the flow packet set one by one, and analyzing according to the TCP message Wen Weidu to obtain a TCP message queue; each flow packet corresponds to a TCP message queue;
modifying the source IP, the source port, the destination IP and the destination port of each TCP message in the TCP message queue according to the actual service requirement;
mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue; the method comprises the following steps: set flow packet P 1 、P 2 、……、P N Is H in the mixed proportion of 1 、H 2 、……、H N The method comprises the steps of carrying out a first treatment on the surface of the Wherein H is 1 、H 2 、……、H N N is the number of flow packets in the flow packet set to be mixed; each time separately from the traffic packet P 1 、P 2 、……、P N Corresponding TCP message queue L 1 、L 2 、……、L N Take out H 1 、H 2 、……、H N Adding TCP messages into a mixed flow queue; when the TCP message queue of the single flow packet reaches the tail part, the TCP message is circularly read continuously from the head part; repeating the steps from L 1 、L 2 、……、L N TCP messages are taken out until the TCP messages in all queues are added into a mixed flow queue;
generating a new flow packet by using the mixed flow queue as a mixed flow packet to be finally transmitted;
and loading the mixed flow packets to be sent, and sending the flow packets according to a set rate.
2. The network of mixed flow in a target range of claim 1The volume generating method is characterized in that after the TCP message is mixed, the last one from L in the mixed flow queue is checked respectively 1 、L 2 、……、L N If the service packet of the TCP message is complete, discarding the corresponding TCP message if the service packet of the TCP message is incomplete.
3. The method of claim 1, wherein the source IP and source port of the TCP message are modified to a preset IP and port, and the destination IP and destination port modify the IP of the destination virtual machine and a random port in the pool of available ports.
4. A system for generating confounding traffic in a network target range, comprising:
the flow mixing device is used for acquiring a flow packet set to be mixed; loading single flow packets in the flow packet set one by one, and analyzing according to the TCP message Wen Weidu to obtain a TCP message queue; each flow packet corresponds to a TCP message queue; modifying the source IP, the source port, the destination IP and the destination port of each TCP message in the TCP message queue according to the actual service requirement; mixing TCP messages of different TCP message queues according to a preset mixing proportion to obtain a mixed flow queue; generating a new flow packet by using the mixed flow queue as a mixed flow packet to be finally transmitted;
the flow generating device is used for loading the mixed flow packet to be sent and sending the flow packet according to a set rate;
in the flow mixing device, the method for mixing the TCP messages of different TCP message queues according to the preset mixing proportion comprises the following steps:
set flow packet P 1 、P 2 、……、P N Is H in the mixed proportion of 1 、H 2 、……、H N The method comprises the steps of carrying out a first treatment on the surface of the Wherein H is 1 、H 2 、……、H N N is the number of flow packets in the flow packet set to be mixed;
each time separately from the traffic packet P 1 、P 2 、……、P N Corresponding TCP message queueColumn L 1 、L 2 、……、L N Take out H 1 、H 2 、……、H N Adding TCP messages into a mixed flow queue; when the TCP message queue of the single flow packet reaches the tail part, the TCP message is circularly read continuously from the head part; repeating the steps from L 1 、L 2 、……、L N And (5) taking out the TCP message until the TCP message in all the queues is added into the mixed flow queue.
5. The system of claim 4, wherein the traffic congestion device checks the last one of the mixed traffic queues from L after TCP message congestion is completed 1 、L 2 、……、L N If the service packet of the TCP message is complete, discarding the corresponding TCP message if the service packet of the TCP message is incomplete.
6. The system of claim 4, wherein the source IP and source port of the TCP message are modified to a predetermined IP and port in the traffic hybridization device, and the destination IP and destination port modify the IP of the destination virtual machine and the random port in the pool of available ports.
7. A computer system comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the computer program when loaded onto the processor implements the steps of the method of promiscuous traffic generation in a network target according to any of claims 1-3.
8. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method of generating a hybrid flow in a network range according to any of claims 1-3.
CN202210497104.2A 2022-05-09 2022-05-09 Method and system for generating mixed flow in network target range Active CN115277440B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210497104.2A CN115277440B (en) 2022-05-09 2022-05-09 Method and system for generating mixed flow in network target range

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210497104.2A CN115277440B (en) 2022-05-09 2022-05-09 Method and system for generating mixed flow in network target range

Publications (2)

Publication Number Publication Date
CN115277440A CN115277440A (en) 2022-11-01
CN115277440B true CN115277440B (en) 2023-08-22

Family

ID=83759468

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210497104.2A Active CN115277440B (en) 2022-05-09 2022-05-09 Method and system for generating mixed flow in network target range

Country Status (1)

Country Link
CN (1) CN115277440B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006197103A (en) * 2005-01-12 2006-07-27 Mitsubishi Electric Corp Detection packet generating device, packet passing time evaluating device, and packet loss evaluating device
CN102130797A (en) * 2011-03-17 2011-07-20 国家广播电影电视总局广播科学研究院 Network testing method and device
CN105024927A (en) * 2014-04-30 2015-11-04 中国电信股份有限公司 Method and system for calculating routing convergence ability
CN106375118A (en) * 2016-08-31 2017-02-01 哈尔滨工业大学(威海) Multi-view-angle traffic mixed playback method and device
CN111917765A (en) * 2020-07-29 2020-11-10 北京计算机技术及应用研究所 Network attack flow generation system based on generation type countermeasure network
CN113489603A (en) * 2021-06-21 2021-10-08 南京赛宁信息技术有限公司 Interactive background traffic generation method and system in network shooting range
WO2022062758A1 (en) * 2020-09-25 2022-03-31 中兴通讯股份有限公司 Incentive message sending method and apparatus, electronic device, and storage medium
CN114422446A (en) * 2022-03-29 2022-04-29 南京赛宁信息技术有限公司 Application layer background traffic scheduling method and system in target range

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6950405B2 (en) * 2001-07-16 2005-09-27 Agilent Technologies, Inc. Traffic stream generator having a non-consecutive addressing mechanism
US10621075B2 (en) * 2014-12-30 2020-04-14 Spirent Communications, Inc. Performance testing of a network segment between test appliances

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006197103A (en) * 2005-01-12 2006-07-27 Mitsubishi Electric Corp Detection packet generating device, packet passing time evaluating device, and packet loss evaluating device
CN102130797A (en) * 2011-03-17 2011-07-20 国家广播电影电视总局广播科学研究院 Network testing method and device
CN105024927A (en) * 2014-04-30 2015-11-04 中国电信股份有限公司 Method and system for calculating routing convergence ability
CN106375118A (en) * 2016-08-31 2017-02-01 哈尔滨工业大学(威海) Multi-view-angle traffic mixed playback method and device
CN111917765A (en) * 2020-07-29 2020-11-10 北京计算机技术及应用研究所 Network attack flow generation system based on generation type countermeasure network
WO2022062758A1 (en) * 2020-09-25 2022-03-31 中兴通讯股份有限公司 Incentive message sending method and apparatus, electronic device, and storage medium
CN113489603A (en) * 2021-06-21 2021-10-08 南京赛宁信息技术有限公司 Interactive background traffic generation method and system in network shooting range
CN114422446A (en) * 2022-03-29 2022-04-29 南京赛宁信息技术有限公司 Application layer background traffic scheduling method and system in target range

Also Published As

Publication number Publication date
CN115277440A (en) 2022-11-01

Similar Documents

Publication Publication Date Title
Liljenstam et al. Rinse: The real-time immersive network simulation environment for network security exercises (extended version)
CN109347881B (en) Network protection method, device, equipment and storage medium based on network spoofing
EP4095693A1 (en) Data packet synchronization method and apparatus, device, and storage medium
US20110130205A1 (en) Game grammar-based packet capture and analysis apparatus and method for conducting game test
CN105704166B (en) Robot system, realization method thereof, client, server and game system
CN107613020A (en) A kind of device management method and device
CN110677829B (en) LTE-V2X test system and test method for long term evolution vehicle to everything
JP6780917B2 (en) Voice communication for simulated wireless networks
CN114422446B (en) Application layer background traffic scheduling method and system in target range
CN105991963B (en) More people's audio/video communication method and apparatus based on group
CN107241453A (en) A kind of network address translation mapping keepalive method and device
CN110289984A (en) A kind of network scenario emulation background traffic generates and management method and device
Wette et al. DCT2Gen: A traffic generator for data centers
CN115277440B (en) Method and system for generating mixed flow in network target range
CN106390450A (en) A game state update method, device and system
CN113114666B (en) Moving target defense method for scanning attack in SDN network
CN107438201A (en) Message handling system, method and device
US20160035182A1 (en) Peer-to-peer (p2p) code exchange facilitation in centrally managed online service
Hadi et al. Developing Realistic Distributed Denial of Service (DDoS) Dataset for Machine Learning-based Intrusion Detection System
CN111786967B (en) Defense method, system, node and storage medium for DDoS attack
Jackson et al. SLINGbot: A system for live investigation of next generation botnets
AU2019327101B2 (en) Server and method for providing game service on basis of control using application excluding game application
CN115865817A (en) Network target range mixed flow generation method and system
Zimmermann et al. Spatialized audio streaming for networked virtual environments
US11388078B1 (en) Methods, systems, and computer readable media for generating and using statistically varying network traffic mixes to test network devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant