Study On Intrusion Detection System In IPv6 Protocol Networks

With the development of computer network, more and more enterprises and governments do their business on Internet; network security has been a serious and inevitable problem. Traditionally, Firewall as their first line of defense. But with the development and maturity of cracker and attack means, pure firewall strategy can't satisfy the requests. In this case, intrusion detection system becomes the hotspot in security market. It gains more and more attention, and begins to exert its key function in various situations.As internet develops in recent twenty years, the IPv4 protocol is encountering more and more difficulties in solving problems, such as address exhausting, router table expanding and so on. As the next generation network protocol, IPv6 must coexist with IPv4 for a long time, and will completely replace IPv4 in the end. Now, IPv6 is still in the experimental period, and the software and hardware devices based on IPv6 are still researched and developed. Because IPv4 networks have some security problems now, IPv6 networks will inevitably meet with some security problems, so intrusion detection system is still very important. It is necessary and timely to research intrusion detection system in the environment of IPv6 networks.According to the differences between IPv4 and IPv6 protocols, this thesis designs a new network intrusion detection system framework based on protocol analysis. In the environment of IPv6 networks, protocol analysis is put into intrusion detection technology, and the process of the TCP/IP protocol analysis is implemented. Based on the research of the Snort system, a detailed design scheme and the architecture of the entire system are presented, which is made up of four modules including packet capturing, protocol analysis, pattern detection and output. The first two modules are mainly researched and designed. In the end, this thesis puts forward a concrete scheme, which applies intrusion detection system based protocol analysis into the network of the secrecy-involved computer.This thesis is divided into six chapters. Chapter 1 is an introduction. It mainly introduces background of the subject and the main work of this thesis. Chapter 2 discusses the conception of IPv6 and intrusion detection technology. Chapter 3 deeply...