CN-115220736-B - OPENSTACK-based target automation deployment method

Abstract

The invention discloses a target automation deployment method based on OPENSTACK, which comprises the following steps of constructing a target machine classification model, training the model, inputting required target machine characteristic values into the classification model trained in the step 1 to obtain a target machine, acquiring the required target machine according to the target machine, creating a target configuration file according to the target machine key file obtained in the step 2, analyzing the target configuration file, and calling OPENSTACK API to complete target deployment.

Inventors

• LAN XIAOLONG
• HE JUNJIANG
• LI TAO
• WANG YUNPENG
• Tong Ruiyuan
• LI YIHONG

Assignees

• 四川大学

Dates

Publication Date

20260508

Application Date

20220718

Claims (4)

1. 1. A OPENSTACK-based target automated deployment method, comprising the steps of: Step 1, constructing a target machine classification model, training the model, dividing the target machine into nine features of WEB, extraction, CTF, code execution, brute force cracking, vulnerability utilization, database, other and unknown by using a custom keyword, abstracting the features, wherein the original dataset also comprises 14 features of difficulty in vulnerability utilization of the target machine, whether the target machine is started or not, a target machine operating system, the size of the target machine and the storage type of the target machine, converting the collected target machine dataset into a dataset only comprising specific values, reducing the dimension of the target machine dataset in a 2-dimensional space by using a TSNE dimension reduction method, clustering the dataset to obtain N subclasses, and balancing the dataset to obtain a dataset required by training a decision tree model; Step 2, inputting the required target drone characteristic value into the classification model trained in the step 1 to obtain a target drone, and obtaining the required target drone according to the target drone; Step 3, creating a target configuration file according to the target aircraft key file obtained in the step 2, wherein the target configuration file comprises a network module, a routing module and a target aircraft module, a script creates a corresponding number of networks according to a network number field, creates a corresponding route according to a network link, deploys the target aircraft under a corresponding network segment according to vms, and automatically binds a floating IP for the target aircraft according to vms floatingIP; And 4, analyzing the target configuration file, and calling OPENSTACK API to complete target deployment.
2. 2. The method of claim 1, wherein the target configuration file in step 3 comprises a network module, a routing module, and a targeting module; The network module generates network configuration information according to the key information; The routing module generates routing information according to the key information; and the target drone module acquires target drone specification information according to the key information.
3. 3. The method of claim 2, wherein the network configuration information includes a network name, a subnet, an IP start field, and a gateway, the routing information includes a route name, each network number, a subnet including a name and a network to be connected, and the target designation information includes a target name, a network, an IP address, a template, and a mirror image.
4. 4. A deployment system based on OPENSTACK's target automation deployment method as claimed in any one of claims 1 to 3, comprising a resource module, an automation deployment module and a target machine dataset preprocessing module; the resource module is used for acquiring a required target drone according to the target drone; the target drone data set preprocessing module is used for acquiring a data set required by training a target drone classification model; The automatic deployment module is used for analyzing the network and the characteristic value field of the targeting machine in the key file of the targeting machine, acquiring the target targeting machine through the classification model of the targeting machine, creating a target configuration file, and completing target deployment according to the call OPENSTACK API of the target configuration file.

Description

OPENSTACK-based target automation deployment method Technical Field The invention relates to the technical field of network security, in particular to a target automation deployment method based on OPENSTACK. Background The complexity of the network security threat is continuously increased nowadays, and the development is increasingly advanced to the direction of large-scale and organization grouping. In general, an attacker has a strong attack weapon and sufficient resources. To quickly detect the signs of cyber attacks and quickly take appropriate response countermeasures, security personnel need to train and practice in a virtual environment that can provide a highly restored real work scene, and cyber ranges are all the more developed. The network target range is a key research object in the current network security field and is one of important network space security infrastructures which are mainly explored and developed in various countries, and the real network environment can be restored highly by means of a virtualization technology. Currently, there are NCR, MCR, EDURange, KYPO for a relatively well known range. Typically, a network target is built from a number of critical infrastructure, such as a good network environment, powerful storage resources, and excellent computing power. Currently, a network target range is an important supporting means for performing tasks such as technical verification, network weapon testing, network attack and defense exercise, network risk assessment, network security skill teaching and training in the network security field. In an actual application scenario, a target object used as an attack and defense exercise runs in a virtual environment. The Virtual environment of the network target is mainly supported in three modes, namely 1, based on a Virtual environment management program running on the operating system level, the mode relies on a Virtual machine running on the existing operating system to create and manage programs, such as Virtual Box, VMware and the like. 2. Based on the hypervisor running at the hardware level, this approach uses a hypervisor that can directly control the physical hardware, such as VMware ESXi, citrix XenServer, microsoft Hyper-V, and the like. 3. Based on cloud computing technology, cloud computing technology is one of the most powerful technologies currently used for providing and managing virtualized resources, and currently popular cloud platforms include OpenStack, ali cloud and the like. Establishing network computing resources is only the first step of target range construction, and scene design, deployment and verification of virtual targets are often expensive and error-prone links. In principle, a network target should allow defining a scenario for use for a period of time. Ideally, these scenes should not be reused, as repeated use of the same scenes may lose learning interest to the learner and greatly reduce the effectiveness of the training activity. For example, the North-about-a-year lock shield program relies on only one virtual scene that is updated each year, but is used for two days. In addition to the design of the scenario, security personnel also need to make certain plans and implementations for network, route deployment. The literature indicates that by 2022, 15% of large enterprises will rely on network targets to improve the capacity of the security team within the enterprise, and this proportion is currently less than 1%. This is mainly due to the great effort, effort and effort required to design, deploy a suitable training target, and also to avoid the target being highly reused. Disclosure of Invention The invention provides a target automatic deployment method based on OPENSTACK aiming at the problems existing in the prior art. The technical scheme adopted by the invention is that the target automation deployment method based on OPENSTACK comprises the following steps: Step 1, constructing a target drone classification model, and training the model; step 2, inputting the required target drone characteristic value into the classification model trained in the step 1 to obtain a target drone, and obtaining the required target drone according to the target drone; step 3, creating a target configuration file according to the target aircraft key file obtained in the step 2; And 4, analyzing the target configuration file, and calling OPENSTACK API to complete target deployment. Furthermore, the target machine classification model in the step 1 adopts a decision tree model, and the data set construction process required by training the model is as follows: acquiring a target drone dataset, and reducing the dimension of the target drone dataset in a 2-dimensional space; clustering the data set to obtain N subclasses; And (5) balancing the data set to obtain the data set required by training the decision tree model. Further, the target configuration file in the step 3 includes a network module, a routing mod