基于交互式流量回放的用户行为仿真技术

doi:10.19678/j.issn.1000-3428.0059355

摘要/Abstract

摘要： 流量回放可为网络靶场提供逼真的流量数据并支持网络新技术验证与安全评测。面向复杂虚拟网络的交互式用户行为仿真需求，设计一种交互式流量链路的用户行为仿真架构。采用基于云平台的分布式流量仿真策略，以实现面向复杂虚拟网络用户的行为仿真多样化和可扩展加载。对交互式流量回放过程中延时修复与补偿策略进行研究，提升交互式用户行为仿真的时序逼真性。仿真实验结果表明，该仿真架构能够在保证流量时序准确性的前提下，实现交互式的大规模用户行为仿真，与传统的ITRM、Tcpreplay等方法相比，在仿真行为的多样性、规模性、逼真性上具有一定优势，可为安全评测提供有效支撑。

关键词: 网络靶场, 交互式流量回放, 流量仿真, 虚拟目标网络, 大规模用户行为仿真

Abstract: Traffic replay can provide realistic traffic data for the cyber range, and support new technology verification and network security evaluation.To meet the needs of interactive user behavior simulation for complex virtual networks, an architecture for user behavior emulation is designed based on interactive traffic links.The architecture adopts a distributed traffic emulation strategy based on cloud platform to achieve diversified and scalable loading of user behavior emulation for complex target networks.The delay repair and compensation strategy in the process of traffic replay is further studied to improve the timing fidelity of interactive user behavior emulation.Results of emulation experiments show that this method can realize interactive large-scale user behavior emulation with the accuracy of traffic timing ensured.It has certain advantages in the diversity, scale and fidelity of behavior emulation over traditional methods such as ITRM and Tcpreplay, providing effective support for security evaluation.

Key words: cyber range, interactive traffic replay, traffic emulation, virtual target network, large-scale user behavior emulation

中图分类号:

TP309

黄宁, 刘渊, 王晓锋. 基于交互式流量回放的用户行为仿真技术[J]. 计算机工程, 2021, 47(10): 103-110.

HUANG Ning, LIU Yuan, WANG Xiaofeng. User Behavior Emulation Technology Based on Interactive Traffic Replay[J]. Computer Engineering, 2021, 47(10): 103-110.

http://www.ecice06.com/CN/Y2021/V47/I10/103

图/表 11

20211016173033

20211016173036

20211016173041

20211016173044

20211016173048

20211016173052

20211016173056

20211016173100

20211016173104

20211016173108

20211016173111

参考文献

[1] 方滨兴, 贾焰, 李爱平, 等.网络空间靶场技术研究[J].信息安全学报, 2016, 1(3):1-8. FANG B X, JIA Y, LI A P.Cyber ranges:state-of-the-art and research challenges[J].Journal of Cyber Security, 2016, l(3):1-8.(in Chinese)
[2] 单晓红, 王宁, 蔡培.网络社区用户行为仿真与分析[J].计算机系统应用, 2014, 23(7):17-23. SHAN X H, WANG N, CAI P.Simulation and analysis of virtual community users' behavior[J].Computer Systems & Applications, 2014, 23(7):17-23.(in Chinese)
[3] 茹新宇, 刘渊, 陈伟.新网络仿真器NS3的研究综述[J].微型机与应用, 2017, 36(20):14-16. RU X Y, LIU Y, CHEN W.A survey of new network simulator NS3[J].Microcomputer & Its Applications, 2017, 36(20):14-16.(in Chinese)
[4] 张磊.基于OPNET的智慧家庭异构网络的仿真研究[D].北京:北京邮电大学, 2019. ZHANG L.Opnet-based simulation research on heterogeneous network for smart-home[D].Beijing:Beijing University of Posts and Telecommunications, 2019.(in Chinese)
[5] 林秀, 基于TCPCopy的在线引流压测通用架构设计[J].电信技术, 2014(11):30-33. LIN X.General architecture design of online drainage pressure measurement based on TCPCopy[J].Telecommunications Technology, 2014(11):30-33.(in Chinese)
[6] 李春艳, 张学杰.基于高性能计算的开源云平台性能评估[J].计算机应用, 2013, 33(12):3580-3585. LI C Y, ZHANG X J.Performance evaluation on open source cloud platform for high performance computing[J].Journal of Computer Applications, 2013, 33(12):3580-3585.(in Chinese)
[7] 方熙, 曾剑平, 吴承荣.背景流量生成模型综述[J].计算机应用, 2019, 39(S1):124-131. FANG X, ZENG J P, WU C R.Journal of computer applications[J].Journal of Computer Applications, 2019, 39(S1):124-131.(in Chinese)
[8] 焦久隆.基于流量矩阵的背景流量建模与生成技术研究[D].哈尔滨:哈尔滨工业大学, 2016. JIAO J L.Research on background traffic modeling and generation method based on traffic matrix[D].Harbin:Harbin Institute of Technology, 2016.(in Chinese)
[9] 张华川, 田杰, 许静.自相似网络流量模拟的分布式系统的设计与实现[J].电子学报, 2009, 37(4):31-35. ZHANG H C, TIAN J, XU J.The design and implementation of distributed system for self-similar network traffic simulation[J].Acta Electronica Sinic, 2009, 37(4):30, 31-35.(in Chinese)
[10] 储伟, 燕亚兰.5G应用场景业务流量模型仿真平台研究[J].通信与广播电视, 2020(2):6-12. CHU W, YAN Y L.Research on simulation platform of 5G application scenario traffic model[J].Communication & Audio and Video, 2020(2):6-12.(in Chinese)
[11] HONG S S, WU S F.On interactive internet traffic replay[C]//Proceedings of the 8th International Conference on Recent Advances in Intrusion Detection.Berlin, Germany:Springer, 2005:257-264.
[12] HUANG C Y, LIN Y D, LIAO P Y, et al.Stateful traffic replay for Web application proxies[J].Security and Communication Networks, 2015, 8(6):970-981.
[13] 褚伟波, 蔡忠闽, 管晓宏, 等.基于收发平衡判定的TCP流量回放方法[J].计算机学报, 2009, 32(4):835-846. CHU W B, CAI Z M, GUAN X H, et al.A new method for interactive TCP traffic replay based on balance-checking between transmitted and received packets[J].Chinese Journal of Computers, 2009, 32(4):835-846.(in Chinese)
[14] LI Z, HAO Y, ZHANG Z, et al.Traffic replay in virtual network based on IP-mapping[C]//Proceedings of International Conference on Algorithms and Architectures for Parallel Processing.Berlin, Germany:Springer, 2015:697-713.
[15] LIU H, AN L, REN J, et al.An interactive traffic replay method in a scaled-down environment[J].IEEE Access, 2019, 7:149373-149386.
[16] 李晶晶, 刘红日, 王佰玲, 等.用户网络行为模拟技术研究[J].信息技术与网络安全, 2018, 37(1):36-39. LI J J, LIU H R, WANG B L, et al.A survey of user network behavior simulation technology[J].Information Technology and Network Security, 2018, 37(1):36-39.(in Chinese)
[17] LEUNG K Y, YEUNG K H.The design and implementation of a WWW traffic generator[C]//Proceedings of IEEE Parallel and Distributed Systems.Washington D.C., USA:IEEE Press, 2000:509-514.
[18] 张光杰, 叶海洋, 王晓锋.基于多尺度虚拟化的卫星终端用户行为仿真[J].计算机工程, 2019, 45(8):165-172. ZHANG G J, YE H Y, WANG X F.Emulation of satellite terminal user behavior based on multi-scale virtualization[J].Computer Engineering, 2019, 45(8):165-172.(in Chinese)
[19] 李凤华, 殷丽华, 吴巍, 等.天地一体化信息网络安全保障技术研究进展及发展趋势[J].通信学报, 2016, 37(11):156-168. LI F H, YIN L H, WU W, et al.Research status and development trends of security assurance for space ground integration information network[J].Journal on Communications, 2016, 37(11):156-168.(in Chinese)
[20] 张新星.基于虚拟化的网络流量模拟系统设计与实现[D].哈尔滨:哈尔滨工业大学, 2017. ZHANG X X.Design and implementation of network traffic simulation system based on virtualization[D].Harbin:Harbin Institute of Technology, 2017.(in Chinese)
[21] 吕平, 董春雷, 刘冬培, 等.基于FPGA的软件定义流量发生器[J].通信学报, 2018, 39(S2):66-71. LÜ P, DONG C L, LIU D P, et al.Implementation of software defined traffic generator based on FPGA[J].Journal on Communications, 2018, 39(S2):66-71.(in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容