Design And Realization Of A Bidirectional Network Attack Generator

With the increasing dependence on the Internet,the Internet has penetrated all aspects of people's daily life and work.However,the security risks brought by the Internet have also been expanded,network attacks against various network facilities and services have emerged in an endless stream,and a large number of security vulnerabilities have been disclosed.As a result,various kinds of firewalls and intrusion monitoring systems and other network security protection facilities have also developed and received extensive attention.In such a trend,network attack traffic generation technology is of great significance in the field of testing and evaluating the performance of such network security protection facilities and network attack effect.The existing network attack traffic technology is far from meeting the current security facility testing requirements,often requiring users to purchase a number of products and solutions for mixed testing when testing the target network.Considering the scarcity of domestic related products and the high cost of foreign products and the inadequacy of their functions,this paper first introduces other research results in this field and finds out the problems to be solved.On this basis,it proposes a design of a bidirectional network attack traffic generation.After that this paper introduces in detail the overall design structure of the system,the internal structure of each component,the structure of storage tables in the database and the two-way network deployment structure,with emphasis on the design details of the state transition of the finite state machine that the system relies on.The system can simulate the attacker's attack traffic from the external network and the attacked object's network traffic from the internal network of the test system at the same time,so as to generate the traffic with the same characteristics as the data traffic in the real network attack.Finally,the function of each module of the prototype system is verified and an actual anti-intrusion detection device is used to test the effect of the attack traffic generated by the system.The test results show that the system designed in this paper meets the test requirements and has practicability.