In recent years,due to the rapid development of network information technology,people are increasingly inseparable from the network environment.According to the China Cyber Security Report 2020,in January 2020,information of more than 200 million users of China Telecom was leaked and sold online,seriously infringing people’s personal privacy and property security.At the same time,global cyber security incidents occur frequently,and the economic losses caused by extortion viruses in 2020 have reached USD 40 billion.Today,cyber security threats have become an urgent problem to be solved all over the world.Training cyber security talents is the best way to solve cyber security threats.The training of cyber security talents is inseparable from the cyber security test,among which the most widely used is the network attack and defense confrontation drill.However,the traditional network attack and defense scenarios,especially the network target part,are usually implemented in a static pre-configured manner.Personnel training can only be performed in accordance with the designed script specifications,which cannot meet the needs of diversification,actual combat and repeated training of the training environment in reality.In view of the above problems,we design a standardized description of cyber security test scenarios for editing,verification and testing of network test scenarios.Combined with the research on dynamic generation and evolution mechanism of scenarios,a dynamic generation and evolution system of cyber security test scenarios based on virtualization and cloud computing is designed,which can quickly edit and generate cyber security test scenarios.At the same time,it can realize dynamic evolution of new scenarios equivalent to training,which provides ideas for solving the problem of repeated training of network attack and defense scenarios.The main work of this paper is as follows :(1)A unified standardized description method of network security test scenarios is proposed.We study the scene configuration requirements and the characteristics,advantages and development methods of domain specific languages.then we design a set of Cybersecurity Training Scenario Language(CTSL),which covers the scene elements and their declarative definitions.At the same time,it makes real-time verification when the user edits the scene,which can well guide the design and verification process of the network security test scene.Finally,the network security test scene language is further verified by a simple case.(2)A random scene generation mechanism supporting fuzzy description is designed and implemented.The random scene generation mechanism first parses the fuzzy description of the scene,checks the integrity of the elements and randomly generates the missing scene elements,and completes the two important preparations of offline vulnerability database and creating a custom system mirror.Then,the scene elements are instantiated in the Open Stack cloud infrastructure.Finally,according to the needs of users,the scene elements are visualized in reverse sequence.(3)The dynamic scene evolution mechanism for multiple experiments is designed and implemented.According to the initial description template of the scene and the complete version of the elements,we design the scene evaluation model,and evaluate the coefficient of the latter version.Combined with genetic algorithm,the new scene is generated by genetic operator evolution methods such as crossover and mutation.Through the evaluation model,we finally select the new scene which is equivalent to the evaluation and is different from the initial template.(4)Combining the first three points of research,design a safe,reliable,and scalable system(Dynamic Generation and Evolution System of Scenarios,DGESS).The system realizes the functions of standardized description of scenes,random generation of scenes and dynamic evolution of scenes,and integrates resource management modules to realize unified management of scene resources.Finally,an experimental scene with relatively complete elements is set to verify the main functions of the scene. |