中文摘要：

网络安全技术的快速发展对相应的网络安全测评技术提出了新的需求。用于安全技术测试的网络安全测试床,可快速构建各类网络安全实验环境,以缩短网络安全研究周期、提高安全风险响应速度。而现有的网络测试床往往采用实物模拟和进程级虚拟方式构建测试网络,在逼真度、密闭性、可控性等方面难以满足高危险网络安全实验需求。因此,文章借助近年来出现的硬件辅助虚拟化技术,解决了实验环境中节点和连接的密闭构建问题,设计并实现了一种基于Xen的密闭可重构网络安全测试床,实现了密闭网络安全实验环境的灵活构建,并通过实验验证了技术方案的可行性。

英文摘要：

The rapid development of network security technologies has raised a new requirement for the network security measuring technology. With the fast establishment of a variety of network security experimental environments,network security testbeds for measuring the network security is capable of shortening the period of network security research and increasing the efficiency of responding to security threats. The existing network testbeds largely structuring test network with physical emulation and process-level virtualization are unable to meet the needs of high-risk network security experiments in fidelity,sealing,and controllability. This paper solves the problem of sealed establishing nodes and links within the experimental environment with a novel technology of Hardware-Assisted Virtualization. It also designs and implements a Xen-based network security testbed which is sealed and reconfigurable. This testbed reaches the goal of flexibly establishing sealed network security experimental environments. Finally,the technological scheme is proved feasible by experiments.