| As an effective means of preventing network security threats, intrusion detection technology can not only help to deal with cyber attacks but also can help network administrator to improve supervisory ability of the network and enhance network security. At present, although IPv6 network has not been widely used, but in many respects IPv6 network has advantages that unmatched by IPv4 networks. Therefore, the research on the technology of IPv6 network intrusion detection has broad application prospect.Firstly, this paper compares the IPv6 network protocol and the IPv4 network protocol, the present situation of intrusion detection technology, based on pattern matching technology to achieve protocol analysis technology, traditional pattern matching technology and other issues related are detailed analyzed. Then this paper proposed the structure model of intrusion detection system based on protocol analysis. Using the protocol analysis technology and the highly format of network protocol to quickly find aggressive behavior, so the computing speed has been improved significantly.Secondly, this paper gives the design of an intrusion detection system supporting these models. With the analysis on the requirements of the intrusion detection system and the application of Snort system's framework, based on unique features and new security features of IPv6 protocol, the original modules are modified, including IPv6 packet capture module, decoding module, packet reorganization module and rules module. An intrusion detection system complete meeting IPv6 network is achieved.Finally, in the realization of IPv6 intrusion detection system, this paper puts forward the detailed design of the core data structure, describes the function of each module and gives the design schemes. In addition, based on Snort source code, a visual configuration program in the Windows operating system is designed. |
PDF Full Text Request