Search

CN-121984772-A - Rapid construction method, device and equipment of test targets in network target range

CN121984772ACN 121984772 ACN121984772 ACN 121984772ACN-121984772-A

Abstract

The embodiment of the invention discloses a rapid construction method, device and equipment of a test target in a network target range, wherein the method comprises the steps of responding to network safety test requirements in the network target range, obtaining a target mirror image built in advance in the network target range, calling a target agent preset in the target mirror image, obtaining first current application protocol configuration data of an application protocol built in the target mirror image, visually displaying the first current application protocol configuration data in a parameter configuration interface, responding to configuration parameter update information received in the parameter configuration interface, generating updated application protocol configuration data, carrying out parameter update on the built-in application protocol in the target mirror image according to the updated application protocol configuration data, and determining the updated target mirror image as the test target. The technical scheme of the embodiment of the invention can improve the adaptation flexibility of the targets in the network target range and improve the configuration efficiency of the target parameters.

Inventors

  • ZHAO WEIQIANG
  • Ding Dantong
  • ZHENG DIE
  • JIANG ZHIQIANG
  • YAO JIE
  • WANG HUI
  • LIU YUCHAO
  • ZHANG JIAN
  • CHEN ERYAN
  • WANG XUAN

Assignees

  • 博智安全科技股份有限公司

Dates

Publication Date
20260505
Application Date
20260228

Claims (10)

  1. 1. A method for rapid construction of a test target in a networked range, comprising: responding to network security test requirements in a network target range, and acquiring a target mirror image of a target which is pre-constructed in the network target range; Invoking a target agent preset in the target image, acquiring first current application protocol configuration data of an application protocol built in the target image, and visually displaying the first current application protocol configuration data in a parameter configuration interface; Generating updated application protocol configuration data in response to configuration parameter updating information received in a parameter configuration interface, and carrying out parameter updating on an application protocol built-in the target mirror image according to the updated application protocol configuration data; and determining the updated target mirror image as a test target, and executing network security tests meeting the network security test requirements aiming at the test target in the network shooting range.
  2. 2. The method of claim 1, further comprising, prior to said acquiring the pre-constructed target image of the target in the network range: responding to an input basic target configuration requirement, and acquiring at least one item of software and hardware element information matched with the basic target configuration requirement; constructing a target basic mirror image according to the software and hardware element information; Creating a target agent in the basic mirror image of the target, wherein the target agent comprises a plurality of service interfaces, and different service interfaces are used for realizing different types of services; and calling a registration interface in the target agent to execute registration operation of application protocol configuration data of a built-in application protocol on the target base mirror image to obtain the target mirror image.
  3. 3. The method of claim 2, wherein the invoking the registration interface in the target agent to perform a registration operation of application protocol configuration data of a built-in application protocol on the target base image to obtain the target image comprises: acquiring standardized application protocol description data; and calling a registration interface in the target agent to execute registration operation of application protocol configuration data of a built-in application protocol on the target base mirror image according to the standardized application protocol description data to obtain the target mirror image.
  4. 4. A method according to any one of claims 1 to 3, wherein the calling the target agent preset in the target image, obtaining first current application protocol configuration data of an application protocol built in the target image, and visually displaying the first current application protocol configuration data in a parameter configuration interface, includes: calling a communication access interface in the target agent to acquire original application protocol configuration data of the target image; And carrying out format conversion on the original application protocol configuration data of the target mirror image to obtain the first current application protocol configuration data, and carrying out visual display on the first current application protocol configuration data in a parameter configuration interface.
  5. 5. A method according to any one of claims 1-3, wherein generating updated application protocol configuration data in response to configuration parameter update information received in a parameter configuration interface, and performing parameter update on a built-in application protocol in the target image according to the updated application protocol configuration data, comprises: Generating original updated application protocol configuration data in response to configuration parameter update information received in a parameter configuration interface; performing format conversion on the original update application protocol configuration data to obtain the update application protocol configuration data; and calling a communication access interface in the target agent to update parameters of an application protocol built in the target mirror image according to the updated application protocol configuration data.
  6. 6. The method of claim 1, wherein the determining the updated target image of interest as the test target comprises: Calling a communication access interface in the target agent to acquire second current application protocol configuration data of the target image again; Comparing and analyzing the updated application protocol configuration data and the second current application protocol configuration data, and determining a parameter updating result of the built-in application protocol in the target mirror image; And under the condition that the parameter updating result of the built-in application protocol in the target mirror image is successful, determining the updated target mirror image as the test target.
  7. 7. A rapid construction device for a test target in a network range, comprising: The target image acquisition module is used for responding to network security test requirements in a network target range and acquiring a target image pre-constructed in the network target range; The first current application protocol configuration data visualization display module is used for calling a target agent preset in the target mirror image, acquiring first current application protocol configuration data of an application protocol built-in the target mirror image, and performing visualization display on the first current application protocol configuration data in a parameter configuration interface; the application protocol parameter updating module is used for responding to the configuration parameter updating information received in the parameter configuration interface, generating updated application protocol configuration data and carrying out parameter updating on the built-in application protocol in the target mirror image according to the updated application protocol configuration data; And the network security testing module is used for determining the updated target mirror image as a test target and executing network security testing meeting the network security testing requirement aiming at the test target in the network shooting range.
  8. 8. An electronic device, the electronic device comprising: at least one processor, and A memory communicatively coupled to the at least one processor, wherein, The memory stores a computer program for execution by the at least one processor to enable the at least one processor to perform the method of rapid build of a test target in a network range of any one of claims 1-6.
  9. 9. A computer readable storage medium storing computer instructions for causing a processor to perform the method of rapid build of a test target in a networked range according to any one of claims 1 to 6.
  10. 10. A computer program product comprising computer program/instructions, wherein the computer program/instructions, when executed by a processor, implement the method of rapid construction of a test target in a network firing range according to any one of claims 1 to 6.

Description

Rapid construction method, device and equipment of test targets in network target range Technical Field The embodiment of the invention relates to the technical fields of information technology and network security, in particular to a method, a device and equipment for quickly constructing a test target in a network target range. Background The network shooting range is a core infrastructure in the field of network security, and a security isolation virtual environment is built through a virtualization, emulation and virtual-actual combination technology, so that real network, equipment, service and attack scenes can be reproduced by Gao Bizhen, monitoring backtracking and closed-loop control are supported, scenes such as talent cultivation, attack and defense exercise, security assessment and the like are serviced, and the network security technology is assisted to develop and land for actual combat. The target is used as a network target range core component, and the construction level directly influences the actual combat value of the network target range. In the prior art, firstly, a simulation target is determined through demand analysis, then target minimization customization is carried out on hardware, systems, services, software, configuration and the like, most of the obtained targets are in a customized form, and the problems of single use and insufficient suitability exist. In actual deployment, the target is mainly a virtualized image, a function solidification image is generated by the virtualized platform, configuration is completed by starting parameters, and an instance is started and then is accessed into a virtual network to serve as a scene node. The inventor finds that the prior art has the following defects that (1) a large number of static images are required to be prepared, the memory occupation is large, the deployment operation and maintenance cost is increased, and (2) when services and parameters are adjusted in scene operation, manual login configuration is required through VNC (Virtual Network Computing ) or SSH (Secure Shell, secure Shell protocol), the requirements on operators are high, the flow is complicated, the efficiency is low, the target range adaptation flexibility and the overall operation efficiency are restricted, and the construction and use requirements of high efficiency and low cost cannot be met. Disclosure of Invention The embodiment of the invention provides a rapid construction method, device and equipment of a test target in a network target range, which can improve the adaptation flexibility of the target in the network target range and improve the configuration efficiency of target parameters. According to an aspect of the present invention, there is provided a rapid construction method of a test target in a networked range, comprising: responding to network security test requirements in a network target range, and acquiring a target mirror image of a target which is pre-constructed in the network target range; Invoking a target agent preset in the target image, acquiring first current application protocol configuration data of an application protocol built in the target image, and visually displaying the first current application protocol configuration data in a parameter configuration interface; Generating updated application protocol configuration data in response to configuration parameter updating information received in a parameter configuration interface, and carrying out parameter updating on an application protocol built-in the target mirror image according to the updated application protocol configuration data; and determining the updated target mirror image as a test target, and executing network security tests meeting the network security test requirements aiming at the test target in the network shooting range. According to another aspect of the present invention, there is provided a rapid construction apparatus for a test target in a networked range, comprising: The target image acquisition module is used for responding to network security test requirements in a network target range and acquiring a target image pre-constructed in the network target range; The first current application protocol configuration data visualization display module is used for calling a target agent preset in the target mirror image, acquiring first current application protocol configuration data of an application protocol built-in the target mirror image, and performing visualization display on the first current application protocol configuration data in a parameter configuration interface; the application protocol parameter updating module is used for responding to the configuration parameter updating information received in the parameter configuration interface, generating updated application protocol configuration data and carrying out parameter updating on the built-in application protocol in the target mirror image according to the updated application protoco