臺灣博碩士論文加值系統

現今世界各地經常舉辦許多的駭客競賽，俗稱為“奪旗賽”（Capture the Flag , CTF）活動。參與者需要解決一系列資安技術挑戰以獲得積分，或者通過在攻擊其他隊伍系統漏洞的同時修補己方漏洞來捍衛自己的系統。目前CTF競賽模式大致可分為三類：解謎型、現場攻防型和搶灘型。
CTF已經非常成熟的作為一種評估資安技能的方式。在一個專門用於在各種CTF比賽中統計團隊成員積分的追踪網站CTFtime.org [1] 中列出了許多個這樣的比賽且每年持續在增加。由於現實的生活中的網路攻擊數量和複雜性方面都急劇增加，為了讓CTF解謎型競賽的參與者除了檢驗技術能力外，還能獲得更好的實踐經驗，本研究透過實驗室兩年舉辦四次競賽之經驗，發展出結合虛擬機技術與實務情境導入的CTF解謎型競賽模式，獲得受訓人員一致良好的訓練評價。
情境式CTF解謎型競賽在題目架構日益龐大下，所須完成之模擬網路架構亦同步增長，故改變傳統虛擬機架構，發展輕量化作業及保存方式勢在所趨，本研究發展透過腳本語言進行自動化部署，比較傳統虛擬系統架構下，新方法可在系統資源保存及部署還原時間上有較佳的效益。

Now Capture The Flag (CTF) is one of the most popular type of information security competitions around the world. The attendee needs to solve a series of challenges, or patch some vulnerabilities for defending owning system to earn points. The CTF can be categorized into three types: Jeopardy, Attack-Defense and King of the Hill..
CTF is a very matured method for evaluating information security technical skills. CTFtimes.org is a CTF portal for collecting all the competitions in the world. Hacker can track their performance and write-ups in the portal. Many new CTF games are showing up now. In order to train cyber security experts with the complicated and difficult security problems which similar to the issues in real world, in this research, we brought out a Jeopardy-type CTF based on virtual machine technology and practical scenario guidance. We used it for Cyber Defense Exercises in the past two years and obtained good training results.
Jeopardy-type CTF is a good way for training skills, however, the virtual Infrastructure of it is becoming more and more complex and huge as the scenario grows. It is not an easy task for preserve and deploy. In this research, we propose a lightweight method with scripting language to generate a new virtual Infrastructure with fast speed and store it with only necessary spaces.

1. 前言 1
1.1 研究背景與動機 1
1.2 研究目的 3
2. 文獻探討 4
2.1 虛擬機選擇 4
2.2 透過腳本語言快速部署 7
2.3 物聯網設備漏洞利用 8
3. 研究方法 10
3.1 實體環境架構 10
3.2 題目設計 11
3.3 網路環境架構 12
3.4 傳統模式部署 12
3.5 腳本式自動化部署架構 13
4. 實驗結果 14
4.1 情境式CTF競賽故事設計-以106年國軍盃網路安全競賽為例 14
4.1.1 題目1：封包分析 14
4.1.2 題目2-1：逆向工程 15
4.1.3 題目2-2：記憶體鑑識/密碼學 15
4.1.4 題目3-1：主機入侵 16
4.1.5 題目3-2：檔案破譯 16
4.1.6 題目3-3：電腦鑑識 16
4.1.7 題目4-1：網路情蒐 17
4.1.8 題目5-1：反向鏈結 17
4.1.9 題目5-2：監視器破密 17
4.1.10 題目5-3：影像解析 18
4.2 環境設定 19
4.2.1 實體網路介面 19
4.2.2 作業系統 20
4.2.3 硬體清單 21
4.3 使用腳本語言完成自動化部署 22
4.3.1 建立虛擬機範本 22
4.3.1.1 CentOS範本條件 22
4.3.1.2 Windows 10範本條件 22
4.3.2 建立網路節點 22
4.3.3 建立用戶端 23
4.3.4 建立連線 24
4.3.5 部署檔案並啟用 25
4.4 使用腳本語言完成自動化部署 25
5. 結論與未來研究工作 27
參考文獻 28

[1] CTFTIME.ORG. CTFtime.org/CTFs. https://ctftime.org/ ctfs.(2018.01.18)
[2] Sudharsan Sundararajan, Hari N N, Vipin Pavithran, KaladharVorungati, Krishnashree Achuthan, "Preventing Insider Attacks in the Cloud," Advances in Computing and Communications, pp. 488-500, 2011.
[3] Jayaraj Poroor, Bharat Jayaraman, "DoS Attacks on Real-Time Media Through Indirect Contention-in-Hosts," IEEE Internet Computing, Vol.13, No. 6, pp. 22-30, November/December, 2009.
[4] Gregory Conti, Thomas Babbitt, and John Nelson, “HackingCompetitions and Their Untapped Potential for Security Education,” IEEE Security Privacy, Vol. 9, pp. 56-59, 2011.
[5] 吳嘉龍，“美軍資訊戰與資安技術發展之研究”，陸軍學術雙月刊，第93-107頁，2009。
[6] H. Fayyad-Kazan, L. Perneel and M. Timerman, “Benchmarking the Performance of Microsoft Hyper-V Server, VMware ESXi, and Xen Hypervisors”, Journal of Emerging Trends in Computing and Information Sciences, Vol. 4, No. 12, pp. 922-933, 2013.
[7] R. Morabito, J. Kjallman, M. Komu. , "Hypervisors vs. Lightweight Virtualization: A Performance Comparison," In Proceedings of IEEE International Conference on Cloud Engineering (IC2E), pp.386-393, 2015.
[8] Anup Patel, Mai Daftedar, Mohmad Shalan and M. Watheq El-Kharashi, “Embedded hypervisor Xvisor: A Comparative Analysis”, In Proceedings of 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, pp. 682-691, 2015.
[9] https://technet.microsoft.com/zh-tw/library/dd125460.aspx(2018.01.20)
[10] Brenton J.W. Blawat, Mastering Windows PowerShell Scripting, Packt Publishing Ltd, pp.1-3, 2015.