| In network security field, the most effective protection methods come from the really understanding the network attacks, which can be obtained through the network attack experiment platform. Not only will this platform help change the situation of traditional theory-focused network security teaching, but also drive the training of this field so as to cultivate network security professional more effectively. At the same time, it will help promote the theory research of other network security field, especially in security evaluation, network attack mechanism, and network attack testing.At present, some network attack experiment platforms, such as IWSS16, experiment platform for information security engineer practices of Shanghai Jiao Tong University, experiment platform for network security protection of Chinese Academy of Sciences and so on, have good characteristics in integration and extension. However, they don't take much into account in building network attack knowledge database, formal expression, automatically generating typical environments, and real-time exhibiting network attack and its effect. Based on the above thinking, this paper deeply researches the network attack taxonomy - the key technology of network attack experiment platform.Firstly, the existing network attack taxonomies and depictions are introduced synthetically. Three stages were experienced. 1) differentiating technical terms simply, 2) according to different emphasis, the network attack taxonomy is developed, 3) inspecting the attack process all round and abstracting the statistics characteristics showed from the network attack. In a general way, network attack taxonomy has two kinds: one for universal significance and the other for special application. The latter is chosen as the classification basis in this paper.Secondly, from the view of generating network attack automatically, a new taxonomy is proposed after analyzing the requirement of network attack teaching and training. That's to say, five aspects including access authorization, vulnerability, objective, implement technology and result, are analyzed in detail and chosen as the classification criterions. Using the method of FSM and the process-based idea, a depict method to model attack is proposed and applied to generate network attack automatically. What's more, this paper analyzes some methods of extracting network attack characteristics and, based on the above taxonomy, builds the network attack characteristics database consistent with the teaching requirement.Lastly, our experiments have indicated that the method of extracting network attack characteristics is effective. The experiment-oriented network attack taxonomy is more special and practical than the existing taxonomies, which provides the theoretical bases of the platform and propels the network security to develop forward. |
PDF Full Text Request