期刊文献+

一种基于Python符号执行的自动化网络攻击流量获取方法 被引量:3

AN AUTOMATED NETWORK ATTACK TRAFFIC ACQUISITION METHOD BASED ON PYTHON SYMBOL EXECUTION
下载PDF
导出
摘要 网络攻击流量的采集对于分析网络攻击效果以及检验评估网络安全防护设施的性能等研究领域有着重要的意义。研究一套以Python符号执行技术为核心的自动化网络攻击流量获取方案。对当前网络上可获取的Python网络攻击脚本进行自动化的处理,使这些攻击脚本统一格式并进行以符号执行技术为主。强制执行技术为辅助的自动化流量采集工作,从而免去大量的建立漏洞环境的时间,使得网络安全研究员能够更轻易地获得攻击脚本所能产生的攻击流量。将该系统生成并提取的攻击流量与手工搭建漏洞环境并运行脚本后得到的攻击流量进行对比分析,验证该方案的可行性与适用场景。 The collection of network attack traffic is of great significance for the analysis of network attack effect and evaluation of the performance of network security protection facilities. This paper studied an automated network attack traffic acquisition method based on Python symbol execution technology. This method could automatically process Python network attack scripts available on the current network, make these attack scripts uniform and perform symbolic execution, and enforce the technology to assist the automated traffic collection work. This saved a lot of time to build vulnerability environment, and made it easier for network security researchers to get attack traffic generated by attack scripts. The attack traffic generated and extracted by the system was compared with the attack traffic obtained by manually building a vulnerability environment and running scripts, which verified the feasibility and applicable scenarios of the scheme.
作者 陈家浩 王轶骏 吕诚 Chen Jiahao;Wang Yijun;Lü Cheng(School of Cyber Security, Shanghai Jiao Tong University, Shanghai 200240, China)
出处 《计算机应用与软件》 北大核心 2019年第2期294-307,共14页 Computer Applications and Software
基金 国家重点研发计划项目"网络空间安全"重点专项(2017YFB0803203)
关键词 网络攻击 攻击流量 符号执行 Network attack Attack traffic Symbol execution
  • 相关文献

参考文献10

二级参考文献173

  • 1陈火旺,王戟,董威.高可信软件工程技术[J].电子学报,2003,31(z1):1933-1938. 被引量:115
  • 2叶永青,李晖,郑燕飞,洪璇,郑东.基于二进制代码的缓冲区溢出检测研究[J].计算机工程,2006,32(18):141-143. 被引量:5
  • 3Templeton S, Levitt K. A Requires Provides Model for Computer Attacks. In: Proceedings ACM Workshop on New Security Paradigms, 2001
  • 4Tao Wan,Xue Dong Yang. IntruDetector: A Software Platform for Testing Network Intrusion Detection Algorithms. In: Proceedings, IEEE 17th Computer Security Applications Conference.2001
  • 5Jonckheere E, Shah K, Bohacek S. Dynamic Modeling of Internet Traffic for Intrusion Detection. In: Proceedings American Control Conference, 2002
  • 6Sommers J, Barford P. Self-configuring network traffic generation. In: Proceedings of the 4th ACM SIGCOMM Conference on Interact Measurement, 2004
  • 7Sommers J, Yegneswaran V, Barford P. A framework for malicious workload generation. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, 2004
  • 8Nessus. http://www. nessus. org. 2005
  • 9Barford P, Crovella M. Generating Representative Web Workloads for Network and Server Perfromance Evaluation. In: Proceedings of ACM SIGMETRICS, 1998
  • 10Mutz D, Vigna G, Kemmerer R. An Experience Developing an IDS Simulator for the Black-Box Testing of Network Intrusion Detection Systems. In: Proceedings of ACSAC, 2003

共引文献131

同被引文献9

引证文献3

二级引证文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部