基于软件定义网络的安全攻防虚拟仿真实战平台  被引量：15

作　　者：叶福玲[1,2] 张栋[1,2] 林为伟 Ye Fuling;Zhang Dong;Lin Weiwei(College of Mathematics and Computer Science,Fuzhou University,Fuzhou 350116,China;National Experimental Teaching Demonstration Center of Network Information Security and Computer Technology,Fuzhou University,Fuzhou 350116,China)

机构地区：[1]福州大学数学与计算机科学学院,福建福州350116 [2]福州大学网络信息安全与计算机技术国家级实验教学示范中心,福建福州350116

出　　处：《实验技术与管理》2018年第11期125-129,共5页Experimental Technology and Management

基　　金：教育部产学合作协同育人基金项目(201602012018);福建省高等学校服务产业特色专业建设项目(50009437);福州大学学科特色创新创业课程建设项目

摘　　要：为解决传统网络安全攻防虚拟仿真实验教学产品网络拓扑不够灵活、攻防模式切换困难、较难与其他开源产品融合的问题,提出建设基于软件定义网络的安全攻防虚拟仿真实战平台。介绍了平台的设计思路、关键技术和网络拓扑。平台设计基于SDN和虚拟化,利用OpenStack开源云平台构建虚拟网络部件和SDN网络拓扑,并有效实施网络隔离。攻防实战环境的设置过程展现出支持网络拓扑和攻防模式的多样化和灵活性,提高了平台的可扩展性,降低了建设成本,促进了网络攻防虚拟仿真实战教学水平的提高。To solve the problems that the virtual simulation experimental teaching products for the traditional network security attack and defense are not flexible in the network topology,and it is difficult for them to switch between offensive and defensive modes and integrate with other open source products,a virtual simulation platform for the network security attack and defense based on software definition network is proposed,and the design idea,key technology and network topology of the platform are introduced.The platform design is based on SDN and virtualization.By using the OpenStack open source cloud platform,the virtual network components and SDN network topology are constructed,and network isolation is effectively implemented.The process of setting up the offensive and defensive environment shows that this platform supports the diversification and flexibility of the network topology and attack and defense mode,improves the scalability of the platform,reduces the construction cost,and promotes the improvement of the virtual simulation actual-combat teaching level of the network attack and defense.

关 键 词：软件定义网络 网络攻防 虚拟仿真 OPENSTACK 

分 类 号：TP393[自动化与计算机技术—计算机应用技术] G434[自动化与计算机技术—计算机科学与技术]