Security Situation Assessment And System Development For Network Attack-Defense Simulation Platform

With the fast development of terminal and network technologies,Network security threats have caused great difficulties for countries around the world.Faced with increasingly serious cyber security challenges and threats,people have found that security devices such as firewalls,IDS and anti-computer virus software,which are based on predefined rules,cannot provide effective protection for network systems from a macro perspective.On this basis,research and applications of network security situation assessment have appeared against this background.Its development prospects are very broad.The network security situation assessment aims to get to know the risks and security threats that the current network and information are faced with,assess network security conditions objectively and accurately,make reasonable predictions for the development of security situations,and provide network managers to design the correct defense strategies.The network attack-defense simulation platform can simulate the real network environment where the software and service runs through virtualization technology.Against the fact that the network attack-defense simulation platform lacks a description of the network-operating environment from a macro perspective,the thesis designs network security situation assessment method for attack-defense simulation platform.At the same time,the thesis also designs and implements network security situation assessment subsystem on the attack-defense platform.The main work of this thesis is as follows:(1)The thesis selects asset information,asset vulnerability information,and asset threat information as static indicators for network security situation assessment and selects different types of attacks faced by the system as dynamic indicators.Then the thesis establishes a network security situation assessment index system through the integration of dynamic and static indicators,which can cover the static configuration information and dynamic operation information of the system.(2)On the basis of in-depth study of standardized methods for index data,the thesis solves the problems of different types and dimensions among various indicators in the index system by the comparison of different types of situation assessment methods.It calculates the overall security situations of the LAN with AHP from the effect of the attack behavior on the change of the security situation of the target network.Using HoneyNet data set for scientific verification.(3)Finally,the thesis elaborates the need of adding network security situation assessment technology to the offense and defense drill platform.It designs and implements the network security situation assessment subsystem,describes the functional modules such as data collection,index system configuration,situation assessment,situation display in detail.It tests the correctness of the system operation through the offensive and defensive environment.