技术领域Technical field
本发明涉及网络靶场技术领域,具体涉及一种跨靶场任务协同的实现方法、系统、设备和存储介质。The invention relates to the technical field of network shooting ranges, and specifically relates to a method, system, equipment and storage medium for realizing cross-shooting range task collaboration.
背景技术Background technique
网络靶场是一种基于虚拟化技术,对真实网络空间中的网络架构、系统设备、业务流程的运行状态及运行环境进行模拟和复现的技术或产品。各行业、不同级别的企事业单位均高度重视网络靶场建设,将其作为安全能力建设的重要支撑手段,形成了覆盖不同级别、不同行业、不同技术实现线路的网络靶场共存的现状,如何实现不同技术线路的网络靶场的任务的协同是当前迫切需要解决的问题。The network range is a technology or product based on virtualization technology that simulates and reproduces the network architecture, system equipment, business process operating status and operating environment in real network space. Enterprises and institutions in various industries and at different levels attach great importance to the construction of network shooting ranges as an important means of supporting security capability building. This has resulted in the coexistence of network shooting ranges covering different levels, different industries, and different technology implementation lines. How to achieve different The coordination of tasks in the network range of technical lines is an urgent problem that needs to be solved.
发明内容Contents of the invention
鉴于上述问题,本发明实施例一种跨靶场任务协同的实现方法、系统、设备和存储介质,将协同任务分成内外两部分,并实现不同网络靶场在消息源和API接口两个层面对接,最终完成协同任务,解决现有的技术问题。In view of the above problems, the embodiment of the present invention provides a method, system, equipment and storage medium for realizing cross-range task collaboration, which divides the collaborative task into internal and external parts, and realizes the docking of different network shooting ranges at the two levels of message sources and API interfaces. Finally, Complete collaborative tasks and resolve existing technical issues.
为解决上述技术问题,本发明提供以下技术方案:In order to solve the above technical problems, the present invention provides the following technical solutions:
第一方面,本发明提供一种跨靶场任务协同的实现方法,所述方法包括如下步骤:In a first aspect, the present invention provides a method for realizing cross-shooting range task collaboration. The method includes the following steps:
发布定义完成的协同任务;Publish defined collaborative tasks;
接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务;Receive the released collaborative tasks and split the collaborative tasks into internal docking tasks and external docking tasks at the network range;
筛选与协同任务相关且与网络靶场相匹配的消息源;Screen sources relevant to collaborative missions and matched to cyber ranges;
筛选与协同任务需求相关且网络靶场能够提供的API接口;Screen API interfaces that are related to collaborative mission requirements and can be provided by the network range;
根据消息源和API接口利用虚拟化服务单元执行内部对接任务;Use the virtualization service unit to perform internal docking tasks according to the message source and API interface;
根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。Execute external docking tasks through the event bus and API gateway respectively according to the message source and API interface.
一实施例中,所述发布定义完成的协同任务包括:In one embodiment, the collaborative tasks completed by the release definition include:
通过描述协同任务的基本信息、扩展内容、任务类型、任务过程、消息接收方式和API接收方式,完成协同任务的定义;Complete the definition of collaborative tasks by describing the basic information, extended content, task types, task processes, message receiving methods and API receiving methods of collaborative tasks;
采用订阅发布方式将定义完成的协同任务发送至指定网络靶场或其他网络靶场,发布的内容包括协同任务、消息源和API接口。Use the subscription publishing method to send the defined collaborative tasks to the designated network range or other network ranges. The published content includes collaborative tasks, message sources and API interfaces.
一实施例中,所述根据消息源和API接口利用虚拟化服务单元执行内部对接任务包括:In one embodiment, using the virtualization service unit to perform internal docking tasks according to the message source and API interface includes:
构建虚拟化服务单元;Build virtualized service units;
利用虚拟化服务单元执行网络靶场的数据采集、资源访问和资源管理,将网络靶场在协同任务过程中不同维度的数据连通;Use virtualized service units to perform data collection, resource access and resource management on the network range, and connect data from different dimensions in the network range during collaborative tasks;
将构建的虚拟化服务单元替换为网络靶场适用的虚拟化服务单元来适配网络靶场环境并等待被API网关调用;Replace the built virtualization service unit with a virtualization service unit suitable for the network range to adapt to the network range environment and wait to be called by the API gateway;
所述虚拟化服务单元为虚拟机或容器。The virtualization service unit is a virtual machine or container.
一实施例中,所述根据消息源和API接口分别通过事件总线和API网关执行外部对接任务包括:In one embodiment, performing external docking tasks through the event bus and API gateway respectively according to the message source and API interface includes:
消息源和API接口分别通过事件总线和API网关向系统任务发起方共享,提供协同任务过程中的消息同步、远程观摩和文件共享;The message source and API interface are shared with the system task initiator through the event bus and API gateway respectively, providing message synchronization, remote observation and file sharing during the collaborative task process;
调用API网关的对端开发服务开展网络靶场的协同任务。Call the API gateway's peer development service to carry out collaborative tasks on the network range.
第二方面,本发明提供一种跨靶场任务协同的实现系统,所述系统包括:In a second aspect, the present invention provides a system for realizing cross-range task collaboration. The system includes:
协同任务发布模块:用于发布定义完成的协同任务;Collaborative task publishing module: used to publish collaborative tasks that have been defined;
协同任务拆分模块:用于接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务;Collaborative task splitting module: used to receive published collaborative tasks and split the collaborative tasks into internal docking tasks and external docking tasks at the network range;
第一筛选模块:用于筛选与协同任务相关且与网络靶场相匹配的消息源;The first screening module: used to screen information sources related to collaborative tasks and matching the network range;
第二筛选模块:用于筛选与协同任务需求相关且网络靶场能够提供的API接口;The second screening module: used to screen API interfaces that are related to collaborative mission requirements and can be provided by the network range;
第一对接模块:用于根据消息源和API接口利用虚拟化服务单元执行内部对接任务;The first docking module: used to use the virtualization service unit to perform internal docking tasks based on the message source and API interface;
第二对接模块:用于根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。The second docking module: used to perform external docking tasks through the event bus and API gateway according to the message source and API interface respectively.
一实施例中,所述协同任务发布模块具体用于:In one embodiment, the collaborative task publishing module is specifically used to:
通过描述协同任务的基本信息、扩展内容、任务类型、任务过程、消息接收方式和API接收方式,完成协同任务的定义;Complete the definition of collaborative tasks by describing the basic information, extended content, task types, task processes, message receiving methods and API receiving methods of collaborative tasks;
采用订阅发布方式将定义完成的协同任务发送至指定网络靶场或其他网络靶场,发布的内容包括协同任务、消息源和API接口。Use the subscription publishing method to send the defined collaborative tasks to the designated network range or other network ranges. The published content includes collaborative tasks, message sources and API interfaces.
一实施例中,所述第一对接模块具体用于:In one embodiment, the first docking module is specifically used for:
构建虚拟化服务单元;Build virtualized service units;
利用虚拟化服务单元执行网络靶场的数据采集、资源访问和资源管理,将网络靶场在协同任务过程中不同维度的数据连通;Use virtualized service units to perform data collection, resource access and resource management on the network range, and connect data from different dimensions in the network range during collaborative tasks;
将构建的虚拟化服务单元替换为网络靶场适用的虚拟化服务单元来适配网络靶场环境并等待被API网关调用;Replace the built virtualization service unit with a virtualization service unit suitable for the network range to adapt to the network range environment and wait to be called by the API gateway;
所述虚拟化服务单元为虚拟机或容器。The virtualization service unit is a virtual machine or container.
一实施例中,所述第二对接模块具体用于:In one embodiment, the second docking module is specifically used for:
消息源和API接口分别通过事件总线和API网关向系统任务发起方共享,提供协同任务过程中的消息同步、远程观摩和文件共享;The message source and API interface are shared with the system task initiator through the event bus and API gateway respectively, providing message synchronization, remote observation and file sharing during the collaborative task process;
调用API网关的对端开发服务开展网络靶场的协同任务。Call the API gateway's peer development service to carry out collaborative tasks on the network range.
第三方面,本发明提供一种电子设备,包括:In a third aspect, the present invention provides an electronic device, including:
处理器、存储器、与网关通信的接口;Processor, memory, and interface for communication with the gateway;
存储器用于存储程序和数据,所述处理器调用存储器存储的程序,以执行第一方面任一项提供的一种跨靶场任务协同的实现方法。The memory is used to store programs and data, and the processor calls the program stored in the memory to execute a cross-range task collaboration implementation method provided in any one of the first aspects.
第四方面,本发明提供一种计算机可读存储介质,所述计算机可读存储介质包括程序,所述程序在被处理器执行时用于执行第一方面任一项提供的一种跨靶场任务协同的实现方法。In a fourth aspect, the present invention provides a computer-readable storage medium. The computer-readable storage medium includes a program. When executed by a processor, the program is used to perform a cross-range task provided by any one of the first aspects. Collaborative implementation methods.
从上述描述可知,本发明通过发布定义完成的协同任务,接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务,筛选消息源和API接口,根据消息源和API接口利用虚拟化服务单元执行内部对接任务,根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。将协同任务分为内外两部分,使得网络靶场间在资源服务和API接口层面实现对接,进而完成协同任务。As can be seen from the above description, the present invention publishes the collaborative tasks completed by the definition, receives the published collaborative tasks, splits the collaborative tasks into internal docking tasks and external docking tasks of the network range, filters the message sources and API interfaces, and based on the message sources and APIs The interface uses the virtualization service unit to perform internal docking tasks, and performs external docking tasks through the event bus and API gateway according to the message source and API interface respectively. The collaborative task is divided into internal and external parts, so that the network ranges can be connected at the resource service and API interface levels to complete the collaborative task.
附图说明Description of the drawings
图1所示为本发明一实施例提供的跨靶场任务协同的实现方法流程示意图;Figure 1 shows a schematic flow chart of a method for realizing cross-range task collaboration provided by an embodiment of the present invention;
图2所示为本发明一实施例提供的跨靶场任务协同的实现系统的结构示意图;Figure 2 shows a schematic structural diagram of a system for realizing cross-range task collaboration provided by an embodiment of the present invention;
图3所示为本发明一实施例中的电子设备的结构示意图。FIG. 3 is a schematic structural diagram of an electronic device in an embodiment of the present invention.
具体实施方式Detailed ways
为使本发明的目的、技术方案及优点更加清楚、明白,以下结合附图及具体实施方式对本发明作进一步说明。显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the present invention clearer and clearer, the present invention will be further described below in conjunction with the accompanying drawings and specific embodiments. Obviously, the described embodiments are only some of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without making creative efforts fall within the scope of protection of the present invention.
基于现有技术的缺点,本发明实施例提供了一种控制方法的具体实施方式,如图1所示,该方法包括如下步骤:Based on the shortcomings of the existing technology, the embodiment of the present invention provides a specific implementation of a control method. As shown in Figure 1, the method includes the following steps:
S110:发布定义完成的协同任务。S110: Publish the collaborative task that the definition is completed.
具体地,此步骤主要是完成不同网络靶场间协同任务的定义和发布,将定义完成的协同任务发布至互联互通的网络靶场或者供其他需要进行协同任务对接的网络靶场进行接收。Specifically, this step is mainly to complete the definition and release of collaborative tasks between different network shooting ranges, and release the defined collaborative tasks to interconnected network shooting ranges or other network shooting ranges that need to connect collaborative tasks for reception.
协同任务定义的方式为:通过描述协同任务的基本信息、扩展内容、任务类型、任务过程、消息接收方式和API接收方式,完成协同任务的定义。基本信息包括协同任务的名称、目标和任务详情说明等。扩展内容包括协同任务所需的外部资源获取、协同任务过程中的通讯、协同任务执行过程中反馈信息的方式、协同任务数据最终交付和任务过程中网络靶场的远程验证调用方式等,并且扩展内容可根据实际需求在协同任务定义过程中进行扩展完善。通过对任务过程的描述,使得网络靶场可以充分了解协同任务的主要执行过程。通过对消息接收方式和API接收方式的描述,为不同网络靶场分别在消息层和行为层提供对应对接基础。The way to define a collaborative task is to complete the definition of the collaborative task by describing the basic information, extended content, task type, task process, message receiving method and API receiving method of the collaborative task. Basic information includes the name, goal, and task details of the collaborative task. The expanded content includes the acquisition of external resources required for collaborative missions, communication during collaborative missions, the method of feedback information during collaborative mission execution, the final delivery of collaborative mission data, and the remote verification and calling method of the network range during the mission, etc., and expanded content. It can be expanded and improved during the collaborative task definition process according to actual needs. By describing the task process, the network range can fully understand the main execution process of the collaborative task. Through the description of the message receiving method and API receiving method, it provides a corresponding connection basis for different network shooting ranges at the message layer and behavior layer respectively.
协同任务发布的方式为:采用订阅发布方式将定义完成的协同任务发送至指定网络靶场或其他网络靶场,发布的内容包括协同任务、消息源和API接口。也就是说,定义完成的协同任务可以对接多个网络靶场,发布的协同任务储存至消息对列,通过消息队列发送至指定网络靶场或其他网络靶场。协同任务的发布方则无需对协同任务发布后进行任何改变,网络靶场是否执行协同任务发布方也无需触发任何动作,并且当其中一个网络靶场出现故障时,其他网络靶场可以继续执行自己的协同任务而不受影响。在协同任务发布过程中,发布方网络靶场无需等待对接网络靶场的处理结果就可以继续执行自身的任务,进而降低延迟。当需协同任务量增大时,协同任务定义过程可按照自身的最大处理能力进行处理,定义完成的协同任务全部存储在消息队列中,将某一段时间的超高流量分摊到更长的一段时间内消化,避免发生系统性崩溃。The method of publishing collaborative tasks is to use the subscription publishing method to send the defined collaborative tasks to the designated network shooting range or other network shooting ranges. The published content includes collaborative tasks, message sources and API interfaces. In other words, the defined collaborative tasks can be connected to multiple network shooting ranges, and the published collaborative tasks are stored in message queues and sent to designated network shooting ranges or other network shooting ranges through message queues. The issuer of the collaborative task does not need to make any changes after the collaborative task is released. The issuer does not need to trigger any action whether the network range executes the collaborative task. And when one of the network ranges fails, the other network ranges can continue to perform their own collaborative tasks. without being affected. During the collaborative task release process, the issuing network range can continue to perform its own tasks without waiting for the processing results of the docking network range, thus reducing delays. When the amount of collaborative tasks required increases, the collaborative task definition process can be processed according to its own maximum processing capacity. All defined collaborative tasks are stored in the message queue, and the ultra-high traffic in a certain period of time is spread over a longer period of time. Internal digestion to avoid systemic collapse.
S120:接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务。S120: Receive the released collaborative task and split the collaborative task into internal docking tasks and external docking tasks at the network range.
具体地,此步骤主要是接收定义完成的协同任务,并将协同任务拆分为对内和对外两部分。在接收协同任务后需要了解协同任务的内容并查阅其详细信息,将协同任务拆分为内部对接任务和外部对接任务,例如网络靶场本身的进展情况、数据同步、结果同步以及对外业务访问等。Specifically, this step mainly receives the defined collaborative tasks and splits the collaborative tasks into internal and external parts. After receiving the collaborative task, you need to understand the content of the collaborative task and check its detailed information, and split the collaborative task into internal docking tasks and external docking tasks, such as the progress of the network range itself, data synchronization, result synchronization, and external business access, etc.
S130:筛选与协同任务相关且与网络靶场相匹配的消息源。S130: Screen sources that are relevant to the collaborative mission and match the cyber range.
具体地,此步骤是为了定义消息源。要求消息源与协同任务的诉求相关,并且与网络靶场相匹配,进而便于在消息层实现网络靶场的对接。消息源包括但不限于网络靶场中的消息队列、http网关、数据库、日志服务、应用引擎等以及对接方式。对接的主体包括但不限于网络靶场内的集中管理系统、核心组件、虚拟化管理平台、任务关键实体设备、数据存储设备或数据库。并且将筛选出的消息源,在协同任务持续过程中同步各项信息。Specifically, this step is to define the message source. The message source is required to be related to the requirements of the collaborative task and match the network shooting range, so as to facilitate the connection of the network shooting range at the message layer. Message sources include but are not limited to message queues, http gateways, databases, log services, application engines, etc. in the network range, as well as docking methods. The docking subjects include but are not limited to the centralized management system, core components, virtualization management platform, mission-critical physical equipment, data storage equipment or database in the network range. And the selected message sources will be synchronized during the collaborative task.
S140:筛选与协同任务需求相关且网络靶场能够提供的API接口。S140: Screen the API interfaces that are related to collaborative mission requirements and can be provided by the network range.
具体地,此步骤是为了定义API接口。要求API接口与协同任务的诉求相关,并且网络靶场能够提供,进而便于在行为层实现网络靶场的对接。API接口包括但不限于网络靶场中的通用网络协议(如FTP服务、http服务等)以及其他专用协议访问时需要代理实现的(如工业控制协议、需要专用客户端软件访问的、非基于TCP/IP协议栈的、可提供集成访问环境和模拟协议的终端/代理)。Specifically, this step is to define the API interface. The API interface is required to be related to the requirements of collaborative tasks and be provided by the network range, thus facilitating the connection of the network range at the behavioral layer. API interfaces include but are not limited to common network protocols in network ranges (such as FTP services, http services, etc.) and other special protocols that require proxy implementation when accessed (such as industrial control protocols, those that require special client software to access, and are not based on TCP/ Terminal/agent for the IP protocol stack that provides an integrated access environment and simulated protocols).
S150:根据消息源和API接口利用虚拟化服务单元执行内部对接任务。S150: Use the virtualization service unit to perform internal docking tasks according to the message source and API interface.
具体地,此步骤是通过资源管理提供网络靶场可管控或能支持的消息层(消息源)、行为层(API接口)的资源接入形态及模式,以当前网络靶场的基础资源定义或基础组成单元方式,实现消息层、行为层的对接。Specifically, this step is to provide resource access forms and modes of the message layer (message source) and behavior layer (API interface) that can be controlled or supported by the network range through resource management, based on the basic resource definition or basic composition of the current network range. Unit mode realizes the connection between message layer and behavior layer.
为了实现上述的目的,需要构建虚拟化服务单元,虚拟化服务单元为虚拟机或容器等。通过虚拟化服务单元统一与网络靶场进行对接,虚拟化服务单元可被网络靶场现有的基础元素构成,进而与网络靶场进行整合和构建,最终融入其中或者实现配置管理。In order to achieve the above purpose, it is necessary to build a virtualization service unit, which is a virtual machine or container. Through the unified docking of the virtualization service unit with the network shooting range, the virtualization service unit can be composed of the existing basic elements of the network shooting range, and then integrated and constructed with the network shooting range, and finally integrated into it or implemented configuration management.
利用虚拟化服务单元执行网络靶场的数据采集、资源访问和资源管理,将网络靶场在协同任务过程中不同维度的数据连通,实现网络靶场内部在消息层的互联互通。上述的资源管理包括镜像资源、容器资源、数据资源的管理。其中镜像资源是指各类虚拟机资源,该类资源可作为虚拟化的资源,可灵活的同时接入网络靶场和对外被API网关所调用,提供包括访问终端以及使用特定的程序访问网络靶场;可提供非tcp/ip协议,非通用协议客户端的访问方式等。容器资源是指各类服务类应用,包括但不限于ftp服务,web服务,telnet服务等网络靶场可被直接访问的tcp/ip协议或通用的协议;也可运行消息队列的环境,用于采集网络靶场的消息数据。数据资源是指任务过程所需的需要提供给外部的数据,或者获取到的外部提供的数据存放,或者存储任务中的过程或结果数据,可通过API网关发布出去。The virtualization service unit is used to perform data collection, resource access and resource management of the network range, connect the data of different dimensions in the network range during the collaborative task process, and realize the interconnection and interoperability within the network range at the message layer. The above resource management includes the management of image resources, container resources, and data resources. Mirror resources refer to various types of virtual machine resources, which can be used as virtualized resources and can be flexibly accessed to the network range and externally called by the API gateway, including accessing terminals and using specific programs to access the network range; Can provide non-tcp/ip protocols, non-universal protocol client access methods, etc. Container resources refer to various service applications, including but not limited to ftp services, web services, telnet services and other network ranges that can be directly accessed by TCP/IP protocols or general protocols; they can also run message queue environments for collection Message data from the cyber range. Data resources refer to the data required for the task process that need to be provided to the outside, or the obtained externally provided data storage, or the process or result data in the stored task, which can be published through the API gateway.
将构建的虚拟化服务单元替换为网络靶场适用的虚拟化服务单元来适配网络靶场环境并等待被API网关调用,实现网络靶场内部在行为层的互联互通。也就是说,虚拟化服务单元可以被不同的网络靶场下载后进行更新,更新后进行再度上传,保障可适配当前的网络靶场环境,并适配通用的技术组件为后续供API网关进行调用打下基础。更为确切的说,构建的虚拟化服务单元是为了与网络靶场进行整合和构建并融入其中,通过这种方式与不同的网络靶场进行整合对接,对接后不同的网络靶场可在消息层和行为层进行互动,执行内部对接任务。Replace the built virtualization service unit with a virtualization service unit suitable for the network range to adapt to the network range environment and wait to be called by the API gateway to achieve interconnection and interoperability within the network range at the behavioral layer. In other words, the virtualized service unit can be downloaded and updated by different network ranges, and then uploaded again after the update, ensuring that it can adapt to the current network range environment and adapt common technical components to lay the foundation for subsequent calls by the API gateway. Base. To be more precise, the virtualized service unit is built to integrate and build with the network range. In this way, it can be integrated and docked with different network ranges. After docking, different network ranges can use the message layer and behavior layers to interact and perform internal docking tasks.
S160:根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。S160: Execute external docking tasks through the event bus and API gateway respectively according to the message source and API interface.
具体地,消息源和API接口分别通过事件总线和API网关向系统任务发起方共享,提供协同任务过程中的消息同步、远程观摩和文件共享;Specifically, the message source and API interface are shared with the system task initiator through the event bus and API gateway respectively, providing message synchronization, remote observation and file sharing during the collaborative task process;
调用API网关的对端开发服务开展网络靶场的协同任务。Call the API gateway's peer development service to carry out collaborative tasks on the network range.
也就是说,构建完成的网络靶场内部对接的消息源和API接口资源,分别通过事件总线、API网关对协同任务发起方共享,提供协同任务过程中的消息同步、远程观摩(VNC/RPD)、文件共享(SFTP/FTP)、其他其他服务,直至协同任务结束。That is to say, the message source and API interface resources of the completed network range are shared with the collaborative task initiator through the event bus and API gateway respectively, providing message synchronization, remote observation (VNC/RPD), File sharing (SFTP/FTP), other other services, until the collaborative task ends.
本领域技术人员可理解的是:事件总线允许不同的网络靶场之间进行彼此通信而又不需要相互依赖,达到解耦的目的。事件是由事件源和事件处理组成的,定义对象间一种一对多的依赖关系,使得每当一个对象改变状态,则所有依赖于他的对象都会得到通知并被自动更新。发布订阅模式中有两个关键字——通知和更新。被观察者状态改变通知观察者做出相应更新。解决的是当对象改变时需要通知其他对象做出相应改变的问题。Those skilled in the art can understand that the event bus allows different network ranges to communicate with each other without relying on each other, achieving the purpose of decoupling. Events are composed of event sources and event processing, defining a one-to-many dependency relationship between objects, so that whenever an object changes state, all objects that depend on it will be notified and automatically updated. There are two keywords in the publish-subscribe model - notification and update. The observed state changes notify the observer to make corresponding updates. What is solved is the problem that when an object changes, other objects need to be notified to make corresponding changes.
API网关:可以放在两个网络靶场之间,API网关作为系统的唯一入口,进入系统的所有请求都需要经过API网关。当系统外部的应用或者客户端访问系统的时候,需要判断他们的权限。如果传输协议不一致,需要对协议进行转换;如果调用水平扩展的服务,需要做负载均衡;一旦请求流量超出系统承受的范围,需要做限流操作。针对每个请求以及回复,系统会记录响应的日志只要是涉及到对系统的请求,并且能够从业务中抽离出来的功能,都有可能在API网关上实现。API gateway: It can be placed between two network shooting ranges. The API gateway serves as the only entrance to the system. All requests entering the system need to go through the API gateway. When applications or clients outside the system access the system, their permissions need to be determined. If the transmission protocol is inconsistent, the protocol needs to be converted; if a horizontally expanded service is called, load balancing needs to be done; once the request traffic exceeds the range that the system can bear, current limiting operation needs to be done. For each request and reply, the system will record the response log. As long as it involves a request to the system and can be extracted from the business, it is possible to implement it on the API gateway.
本发明通过发布定义完成的协同任务,接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务。筛选消息源和API接口,根据消息源和API接口利用虚拟化服务单元执行内部对接任务,根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。将协同任务分为内外两部分,使得网络靶场间在资源服务和API接口层面实现对接,进而完成协同任务。The present invention publishes and defines completed collaborative tasks, receives the published collaborative tasks, and splits the collaborative tasks into internal docking tasks and external docking tasks of the network range. Filter the message sources and API interfaces, use the virtualization service unit to perform internal docking tasks based on the message sources and API interfaces, and perform external docking tasks through the event bus and API gateway based on the message sources and API interfaces. The collaborative task is divided into internal and external parts, so that the network ranges can be connected at the resource service and API interface levels to complete the collaborative task.
基于同一发明构思,本申请实施例还提供了跨靶场任务协同的实现系统,可以用于实现上述实施例所描述的跨靶场任务协同的实现方法,如下面的实施例所述。由于系统解决问题的原理与方法相似,因此系统的实施可以参见方法实施,重复之处不再赘述。以下所使用的,术语“单元”或者“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的系统较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。Based on the same inventive concept, embodiments of the present application also provide a system for realizing cross-range task collaboration, which can be used to implement the method for realizing cross-range task collaboration described in the above embodiments, as described in the following embodiments. Since the system's principles and methods for solving problems are similar, the implementation of the system can be found in the method implementation, and the repeated points will not be repeated. As used below, the term "unit" or "module" may be a combination of software and/or hardware that implements predetermined functions. Although the systems described in the following embodiments are preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.
如图2所示,本发明提供了一种跨靶场任务协同的实现系统,在图2中该系统包括:As shown in Figure 2, the present invention provides a system for realizing cross-range task collaboration. In Figure 2, the system includes:
协同任务发布模块210:用于发布定义完成的协同任务;Collaborative task publishing module 210: used to publish collaborative tasks that have been defined;
协同任务拆分模块220:用于接收发布的协同任务,将协同任务拆分为网络靶场的内部对接任务和外部对接任务;Collaborative task splitting module 220: used to receive published collaborative tasks and split the collaborative tasks into internal docking tasks and external docking tasks of the network range;
第一筛选模块230:用于筛选与协同任务相关且与网络靶场相匹配的消息源;The first screening module 230 is used to screen message sources related to collaborative tasks and matching the network range;
第二筛选模块240:用于筛选与协同任务需求相关且网络靶场能够提供的API接口;The second screening module 240 is used to screen API interfaces that are related to collaborative mission requirements and can be provided by the network range;
第一对接模块250:用于根据消息源和API接口利用虚拟化服务单元执行内部对接任务;The first docking module 250: used to use the virtualization service unit to perform internal docking tasks according to the message source and API interface;
第二对接模块260:用于根据消息源和API接口分别通过事件总线和API网关执行外部对接任务。The second docking module 260 is used to perform external docking tasks through the event bus and API gateway respectively according to the message source and API interface.
本发明一实施例跨靶场任务协同的实现系统,协同任务发布模块210具体用于:In an implementation system for cross-range task collaboration according to an embodiment of the present invention, the collaborative task release module 210 is specifically used for:
通过描述协同任务的基本信息、扩展内容、任务类型、任务过程、消息接收方式和API接收方式,完成协同任务的定义;Complete the definition of collaborative tasks by describing the basic information, extended content, task types, task processes, message receiving methods and API receiving methods of collaborative tasks;
采用订阅发布方式将定义完成的协同任务发送至指定网络靶场或其他网络靶场,发布的内容包括协同任务、消息源和API接口。Use the subscription publishing method to send the defined collaborative tasks to the designated network range or other network ranges. The published content includes collaborative tasks, message sources and API interfaces.
本发明一实施例跨靶场任务协同的实现系统,第一对接模块250具体用于:In an implementation system for cross-range task collaboration according to an embodiment of the present invention, the first docking module 250 is specifically used for:
构建虚拟化服务单元;Build virtualized service units;
利用虚拟化服务单元执行网络靶场的数据采集、资源访问和资源管理,将网络靶场在协同任务过程中不同维度的数据连通;Use virtualized service units to perform data collection, resource access and resource management on the network range, and connect data from different dimensions in the network range during collaborative tasks;
将构建的虚拟化服务单元替换为网络靶场适用的虚拟化服务单元来适配网络靶场环境并等待被API网关调用;Replace the built virtualization service unit with a virtualization service unit suitable for the network range to adapt to the network range environment and wait to be called by the API gateway;
虚拟化服务单元为虚拟机或容器。The virtualization service unit is a virtual machine or container.
本发明一实施例跨靶场任务协同的实现系统,第二对接模块260具体用于:In an implementation system for cross-range task collaboration according to an embodiment of the present invention, the second docking module 260 is specifically used for:
消息源和API接口分别通过事件总线和API网关向系统任务发起方共享,提供协同任务过程中的消息同步、远程观摩和文件共享;The message source and API interface are shared with the system task initiator through the event bus and API gateway respectively, providing message synchronization, remote observation and file sharing during the collaborative task process;
调用API网关的对端开发服务开展网络靶场的协同任务。Call the API gateway's peer development service to carry out collaborative tasks on the network range.
本申请的实施例还提供能够实现上述实施例中的方法中全部步骤的一种电子设备的具体实施方式,参见图3,电子设备300具体包括如下内容:The embodiment of the present application also provides a specific implementation of an electronic device that can implement all the steps in the method in the above embodiment. Referring to Figure 3, the electronic device 300 specifically includes the following content:
处理器310、存储器320、通信单元330和总线340;Processor 310, memory 320, communication unit 330 and bus 340;
其中,处理器310、存储器320、通信单元330通过总线340完成相互间的通信;通信单元330用于实现服务器端设备以及终端设备等相关设备之间的信息传输。Among them, the processor 310, the memory 320, and the communication unit 330 complete communication with each other through the bus 340; the communication unit 330 is used to realize information transmission between server-side devices, terminal devices and other related devices.
处理器310用于调用存储器320中的计算机程序,处理器执行计算机程序时实现上述实施例中的跨靶场任务协同的实现方法中的全部步骤。The processor 310 is used to call the computer program in the memory 320. When the processor executes the computer program, all the steps in the method for realizing cross-shooting range task collaboration in the above embodiment are implemented.
本领域普通技术人员应理解:存储器可以是,但不限于,随机存取存储器(RandomAccess Memory,简称:RAM),只读存储器(Read Only Memory,简称:ROM),可编程只读存储器(Programmable Read-OnlyMemory,简称:PROM),可擦除只读存储器(ErasableProgrammable Read-Only Memory,简称:EPROM),电可擦除只读存储器(ElectricErasable Programmable Read-Only Memory,简称:EEPROM)等。其中,存储器用于存储程序,处理器在接收到执行指令后,执行程序。进一步地,上述存储器内的软件程序以及模块还可包括操作系统,其可包括各种用于管理系统任务(例如内存管理、存储设备控制、电源管理等)的软件组件和/或驱动,并可与各种硬件或软件组件相互通信,从而提供其他软件组件的运行环境。Those of ordinary skill in the art should understand that the memory may be, but is not limited to, random access memory (Random Access Memory, referred to as RAM), read only memory (Read Only Memory, referred to as: ROM), programmable read only memory (Programmable Read -OnlyMemory (PROM for short), Erasable Programmable Read-Only Memory (EPROM for short), Electrically Erasable Programmable Read-Only Memory (EEPROM for short), etc. Among them, the memory is used to store the program, and the processor executes the program after receiving the execution instruction. Furthermore, the software programs and modules in the above-mentioned memory may also include an operating system, which may include various software components and/or drivers for managing system tasks (such as memory management, storage device control, power management, etc.), and may Communicates with various hardware or software components to provide a running environment for other software components.
处理器可以是一种集成电路芯片,具有信号的处理能力。上述的处理器可以是通用处理器,包括中央处理器(Central Processing Unit,简称:CPU)、网络处理器(NetworkProcessor,简称:NP)等。可以实现或者执行本申请实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor can be an integrated circuit chip with signal processing capabilities. The above-mentioned processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc. Each method, step and logical block diagram disclosed in the embodiment of this application can be implemented or executed. A general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc.
本申请还提供一种计算机可读存储介质,所述计算机可读存储介质包括程序,所述程序在被处理器执行时用于执行前述任一方法实施例提供的跨靶场任务协同的实现方法。The present application also provides a computer-readable storage medium, which includes a program. The program, when executed by a processor, is used to implement the cross-range task collaboration implementation method provided by any of the foregoing method embodiments.
本领域普通技术人员应理解:实现上述各方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成。前述的程序可以存储于一计算机可读取存储介质中。该程序在执行时,执行包括上述各方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质,具体的介质类型本申请不做限制。Persons of ordinary skill in the art should understand that all or part of the steps to implement the above method embodiments can be completed by hardware related to program instructions. The aforementioned program can be stored in a computer-readable storage medium. When the program is executed, the steps including the above method embodiments are executed; and the aforementioned storage media include: ROM, RAM, magnetic disks or optical disks and other media that can store program codes. The specific media type is not limited in this application. .
以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求书的保护范围为准。The above are only preferred specific embodiments of the present invention, but the protection scope of the present invention is not limited thereto. Any person familiar with the technical field can easily think of changes or modifications within the technical scope disclosed in the present invention. All substitutions are within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310761070.8ACN116684301B (en) | 2023-06-26 | 2023-06-26 | A method, system, equipment and storage medium for realizing cross-range task collaboration |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310761070.8ACN116684301B (en) | 2023-06-26 | 2023-06-26 | A method, system, equipment and storage medium for realizing cross-range task collaboration |
| Publication Number | Publication Date |
|---|---|
| CN116684301A CN116684301A (en) | 2023-09-01 |
| CN116684301Btrue CN116684301B (en) | 2024-01-30 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310761070.8AActiveCN116684301B (en) | 2023-06-26 | 2023-06-26 | A method, system, equipment and storage medium for realizing cross-range task collaboration |
| Country | Link |
|---|---|
| CN (1) | CN116684301B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN120197175A (en)* | 2024-12-09 | 2025-06-24 | 三六零数字安全科技集团有限公司 | Security operation method, device, terminal and computer-readable storage medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5968115A (en)* | 1997-02-03 | 1999-10-19 | Complementary Systems, Inc. | Complementary concurrent cooperative multi-processing multi-tasking processing system (C3M2) |
| CN108021428A (en)* | 2017-12-05 | 2018-05-11 | 华迪计算机集团有限公司 | A kind of method and system that network target range is realized based on Docker |
| WO2019040613A1 (en)* | 2017-08-24 | 2019-02-28 | Circadence Corporation | System for dynamically provisioning cyber training environments |
| CN111224963A (en)* | 2019-12-30 | 2020-06-02 | 北京安码科技有限公司 | Network shooting range task duplication method, system, electronic equipment and storage medium |
| US10757132B1 (en)* | 2017-09-08 | 2020-08-25 | Architecture Technology Corporation | System and method for evaluating and optimizing training effectiveness |
| CN111753443A (en)* | 2020-07-29 | 2020-10-09 | 哈尔滨工业大学 | A combined test design method for weapons and equipment based on capability accumulation |
| CN112751704A (en)* | 2020-12-17 | 2021-05-04 | 杭州安恒信息技术股份有限公司 | Method, device and equipment for checking connectivity of heterogeneous network in network target range |
| CN114285680A (en)* | 2021-12-21 | 2022-04-05 | 北京永信至诚科技股份有限公司 | Team cooperative communication method and system applied to network target range |
| CN114500623A (en)* | 2022-01-17 | 2022-05-13 | 北京永信至诚科技股份有限公司 | Network target range interconnection and intercommunication method, device, equipment and readable storage medium |
| CN114896108A (en)* | 2022-05-17 | 2022-08-12 | 中电太极(集团)有限公司 | Test verification system |
| CN115567398A (en)* | 2022-06-07 | 2023-01-03 | 杭州溪塔科技有限公司 | Data center network construction system and implementation method thereof |
| CN115914369A (en)* | 2022-10-17 | 2023-04-04 | 南京赛宁信息技术有限公司 | Network shooting range log file collection agent gateway, collection system and method |
| CN116055566A (en)* | 2023-04-03 | 2023-05-02 | 鹏城实验室 | Communication method, device, equipment and storage medium of network shooting range |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150082300A1 (en)* | 2013-09-13 | 2015-03-19 | Netapp. Inc. | Method and system for enabling an application in a virtualized environment to communicate with multiple types of virtual servers |
| CN105096662B (en)* | 2015-07-24 | 2017-07-04 | 陶文英 | A kind of method for designing and system of cooperation button aircraft system |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5968115A (en)* | 1997-02-03 | 1999-10-19 | Complementary Systems, Inc. | Complementary concurrent cooperative multi-processing multi-tasking processing system (C3M2) |
| WO2019040613A1 (en)* | 2017-08-24 | 2019-02-28 | Circadence Corporation | System for dynamically provisioning cyber training environments |
| US10757132B1 (en)* | 2017-09-08 | 2020-08-25 | Architecture Technology Corporation | System and method for evaluating and optimizing training effectiveness |
| CN108021428A (en)* | 2017-12-05 | 2018-05-11 | 华迪计算机集团有限公司 | A kind of method and system that network target range is realized based on Docker |
| CN111224963A (en)* | 2019-12-30 | 2020-06-02 | 北京安码科技有限公司 | Network shooting range task duplication method, system, electronic equipment and storage medium |
| CN111753443A (en)* | 2020-07-29 | 2020-10-09 | 哈尔滨工业大学 | A combined test design method for weapons and equipment based on capability accumulation |
| CN112751704A (en)* | 2020-12-17 | 2021-05-04 | 杭州安恒信息技术股份有限公司 | Method, device and equipment for checking connectivity of heterogeneous network in network target range |
| CN114285680A (en)* | 2021-12-21 | 2022-04-05 | 北京永信至诚科技股份有限公司 | Team cooperative communication method and system applied to network target range |
| CN114500623A (en)* | 2022-01-17 | 2022-05-13 | 北京永信至诚科技股份有限公司 | Network target range interconnection and intercommunication method, device, equipment and readable storage medium |
| CN114896108A (en)* | 2022-05-17 | 2022-08-12 | 中电太极(集团)有限公司 | Test verification system |
| CN115567398A (en)* | 2022-06-07 | 2023-01-03 | 杭州溪塔科技有限公司 | Data center network construction system and implementation method thereof |
| CN115914369A (en)* | 2022-10-17 | 2023-04-04 | 南京赛宁信息技术有限公司 | Network shooting range log file collection agent gateway, collection system and method |
| CN116055566A (en)* | 2023-04-03 | 2023-05-02 | 鹏城实验室 | Communication method, device, equipment and storage medium of network shooting range |
| Title |
|---|
| 基于复杂网络的信息化靶场体系能力分析与评估;罗小明;朱延雷;何榕;装备学院学报;第27卷(第05期);113-118* |
| 面向网络靶场的流量回放系统设计与实现;王硕;哈尔滨工业大学;11-31* |
| Publication number | Publication date |
|---|---|
| CN116684301A (en) | 2023-09-01 |
| Publication | Publication Date | Title |
|---|---|---|
| Van Steen et al. | A brief introduction to distributed systems | |
| CN114567650B (en) | Data processing method and Internet of things platform system | |
| JP5988621B2 (en) | Scalability of high-load business processes | |
| US20120016999A1 (en) | Context for Sharing Data Objects | |
| Barkai | Technologies for Sharing and Collaborating on the Net | |
| CN104753817A (en) | Local analogy method and local analogy system for cloud computing message queue service | |
| CN109639782A (en) | Message sends platform, method | |
| CN115827223B (en) | A service grid hosting method and system based on cloud native platform | |
| CN111857733B (en) | Construction method, device and system of service environment and readable storage medium | |
| US10776081B2 (en) | Systems and methods for utilizing webhooks integrated in platform-as-a-service supported application development and deployment | |
| RU2605918C2 (en) | Method for providing functions in industrial automation system and industrial automation system | |
| CN116684301B (en) | A method, system, equipment and storage medium for realizing cross-range task collaboration | |
| CN113342547A (en) | Remote service calling method and device, electronic equipment and readable storage medium | |
| CN116962260A (en) | Cluster security inspection method, device, equipment and storage medium | |
| CN114363402B (en) | Shooting range interconnection method, shooting range interconnection system and electronic equipment | |
| CN113472638B (en) | Edge gateway control method, system, device, electronic equipment and storage medium | |
| CN113556387B (en) | Edge gateway control method and system, device, electronic device, and storage medium | |
| CN115378792B (en) | Alarm processing method, device and storage medium | |
| CN114706690A (en) | Method and system for sharing GPU (graphics processing Unit) by Kubernetes container | |
| Ali et al. | The quest for fully smart autonomous business networks in IoT platforms | |
| CN112929453A (en) | Method and device for sharing session data | |
| CN115225645B (en) | A service update method, device, system and storage medium | |
| CN115168306A (en) | Method and device for multi-party file cooperative processing | |
| CN114969199A (en) | Method, device and system for processing remote sensing data and storage medium | |
| CN116954810A (en) | Method, system, storage medium and program product for creating container application instance |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | Address after:100094 103, building 6, yard 9, FengHao East Road, Haidian District, Beijing Patentee after:Yongxin Zhicheng Technology Group Co.,Ltd. Country or region after:China Address before:100094 103, building 6, yard 9, FengHao East Road, Haidian District, Beijing Patentee before:BEIJING YONGXIN ZHICHENG TECHNOLOGY CO.,LTD. Country or region before:China | |
| CP03 | Change of name, title or address |