Project background ：

The network security engineering experimental class of Software College of Shandong University lacks a special experimental platform for teaching and daily learning to test the results . We aim to build a penetration test range 、 Password encryption and decryption 、 A platform for the recurrence of vulnerabilities , Provide a place for students and future students to practice network security technology , At the same time, it can also be used as the experimental platform of the college to provide a platform for the teaching of relevant courses to test the learning results and even improve the teaching mode .
Some members of the project team have the experience of off campus Cyberspace Security Enterprise internship , And the guidance of teachers inside the school . We plan to communicate with enterprises and teachers during the project 、 Communicate on difficult points to improve and improve the content of the platform .

Project introduction ：

At present, some open source attack and defense experimental platforms , Considering the setting of common vulnerabilities , In order to prevent malicious hackers on the network from really attacking the vulnerable platform, resulting in server paralysis and other consequences , So it can only be built locally . This project requires real users to register and use , The project team decides to use DOCKER Containers , Deploy the test platform into the container , Separate from the real server , Ensure the security of the platform and the server .
Rely on the purchased Alibaba cloud servers , Build a system based on web Interface and deploy it to the server . On this platform , Build two modules , That is, the attack and defense experimental platform and the file encryption and decryption tool . Provided by the attack and defense experimental platform SQL Inject 、XSS attack …… And so on , File encryption and decryption tools use common encryption algorithms , Such as RSA、DES、AES etc. , Provide encryption and decryption tools for text files or strings .

Implementation plan ：

• The preliminary project team needs to master DOCKER Containers and SVN And so on , And learning the unfamiliar content of related programming , So as to facilitate the later work . Build the basic framework of the platform on the purchased Alibaba cloud server , Used to test whether the server is smooth , At the same time, be familiar with the process of the project . Each member of the project team is scheduled to SVN Update your own code on , So as to synchronize the project progress among the team members .
• Complete the construction of the experimental environment
• The recurrence of each vulnerability of the attack and defense experimental platform is completed
• File encryption and decryption tools complete
• Web Adjustment and beautification of front-end pages
• project bug Repair and final adjustment
• In the course of the project , Everyone maintains their own and project blogs , Project progress or understanding of the project is reflected in the blog . According to the division of labor and the contents of the implementation plan , Everyone fills in the project , Organize regular discussions , Communicate problems encountered in time and find corresponding solutions .
• Finally, a complete information security network laboratory will be built , It can run smoothly , The interface is more beautiful , There is no obvious bug, It is free for teachers and students of the software college . It provides a practical platform for the users of the network laboratory to learn about network vulnerabilities , At the same time, it provides encryption and decryption tools for students who need file encryption .

Team members ：

Chen Ge
Stranger _
island•
Scrambled eggs with tomatoes without eggs ！
Qiao Wei

Project start time

2022 year 2 month 25 Japan