摘要
随着网络漏洞不断增多,高校或网络安全公司为了满足不同类型漏洞的教学与研究需求,就不得不建立新的教学赛题靶场。基于此,详细分析了夺旗赛(CaptureTheFlag,CTF)竞技仿真靶场的设计流程、Docker的下发流程及靶场的动态flag设计原理。该平台已经应用到信息安全专业人才培养中,可以满足教学与实战要求。
With the continuous growth of network vulnerabilities,in order to meet the teaching and research needs of different types of vulnerabilities,colleges and universities or network security companies have to establish new teaching test ranges.Based on this,this paper describes in detail the design of Capture The Flag(CTF)competitive simulation range,the delivery process of docker,and the design principle of dynamic flag of the range.The platform has been applied to the training of information security professionals,and the results show that it can meet the requirements of teaching and actual combat,and is convenient for the training and competition of CTF type information security events.
作者
朱晓阳
桑林俐
廖章杰
张令鑫
ZHU Xiaoyang;SANG Linli;LIAO Zhangjie;ZHANG Lingxin(Internet of Things Engineering Department,Jiangsu Vocational College of Information Technology,Wuxi Jiangsu 214153,China)
出处
《信息与电脑》
2022年第17期17-19,共3页
Information & Computer
基金
江苏省高等学校大学生创新创业训练项目(项目编号:202113108014Y)
江苏省高等学校大学生创新创业训练项目(项目编号:202113108038P)
江苏信息职业技术学院2021年科研课题(项目编号:JSITKY202111)。
