Research And Implementation Of Intrusion Detection System During The Period Of IPv4/IPv6 Transition

When network technology grows quickly, network security is more and more important. The network security is a systemic concept, which needs effective security tactics and scheme. The technology of the network security mainly includes authentication, data encryption, access control, security audit etc. Firewall and intrusion detection technology are the most popular. Intrusion detection technology, which is an active network security technology, detects the network with little cost and provides protection from the attacks inside and outside. Intrusion detection technology improves the integrality of the infrastructure of network information security.The key protocol of Next Generation Network, IPv6 protocol, can not only perfectly solves the problems faced by current IPv4 protocol, but also is stronger and more-efficient than IPv4 on the management, controls, and network security, etc. Therefore it is very meaningful to develop the intrusion detection system under IPv6 environment now. When IPv6 replaces IPv4, it exists a transitional phase of IPv4/IPv6 coexisting. The theme of this is the intrusion detection technique under IPv6 environment, which puts the achievement of intrusion detection technology under the environment that IPv4/IPv6 coexists on the core.Based on the above technical background, according to CIDF(Common Intrusion Detection Framework), the NIDS based on the pattern match is designed, which takes the plan of modules. The system mainly includes 6 moulds: the module of IPv4/IPv6 packets' capture, the module of protocol analysis engine supporting both IPv4 and IPv6, the module of packets' pre-processor, the module of rules analysis engine, the module of detection engine, and the module of the storage of alerts and logs. Then, the thesis mainly elucidates the coding implementation of IPv4/IPv6 IDS, and describes the implementation process with important data structures, then primarily tests the system. Finally, this thesis makes the summary and puts forward the development of intrusion detection system.