Research And Design Of Misuse Of Combining With Abnormal IDS Based On IPv6

With the rapid development of computer network technology, computer network sharing openness and interconnection degree can be further expanded, the scope and importance of the Internet also will be increasing, people are increasingly dependent on the network. Network has become an indispensable section to most people in the life and work. With the rise of various services on the network and a variety of private networks have been constructed, information security issues become more important on the Internet. Network security has had a major impact on the development of network economy, national security and defense security, has attracted public attention. In the past year, half of Internet users encountered network security event in China, deal with security incidents accumulated service charges incurred up to 15.3 billion in the year. As the next version of Internet Protocol—IPv6 Protocol, it has an unparalleled advantage, especially in terms of security. Although the IPv6 protocol in terms of security has a very prominent advantage, but as hacking tools, means of attack, the level of attack increase and improve, network security still faces enormous challenges under the IPv6 agreement. Usually we are using firewall technology to improve network security, but, with the increasingly complex network environment, a simple firewall technology has exposed the obvious deficiencies and weaknesses. To further enhance network security, many powerful strategies and solutions have been proposed initiative, in which intrusion detection is an effective solution. Intrusion detection system to extract information from the network, According to information obtained to check for signs of intrusion in computer networks. Intrusion detection system can provide internal and external real-time protection to attacks, early interception and prevent network intrusions, to make up for lack of a firewall for network security to provide real-time intrusion detection and take necessary protective measures. Therefore, further study of intrusion detection system under IPv6 has far-reaching significance.Firstly, in-depth study and analysis of intrusion detection systems, on this basis, proposed to misuse and anomaly combination of IDS design. The entire system consists of three modules:neural network training module, neural network access module, IPv6-based intrusion detection module. In the neural network training module, for less than the traditional BP algorithm, the traditional BP algorithm is improved, and DARPA1999 data set as training data for the improved BP neural network was trained. In the neural network access module, by neural networks for anomaly detection designed to be pretreatment plug of Snort system to implement neural network access work, neural network system access to snort used to detecting abnormal data. IPv6-based intrusion detection module, analysis and comparison of the IPv6 protocol and IPv4 protocol, in order to IPv4-based intrusion detection system Snort can work in IPv6 environment, respectively, for each functional module of snort was transplanted to IPv6, and design of function modules of whole Intrusion system. Finally, the improved BP neural network final error, false alarm rate, detection rate and detection capabilities of the system to do the analysis and evaluation.