Research And Application Of Intrusion Detection System With Protocol Analysis Technology Based On IPv6

The network has been indispensable for people in such an information-based society. Using the Internet, people may fast and conveniently gain all kinds of information; people may conveniently communicate with others in every place in the world; and people may easily promote the progress and the development of science and technology. However, the openness, universality and the convenience of network make the security problems become the key point to which people pay attention. At present, the Internet employs the IPv4 protocol technology while each kind of hacker technology also changes along with rapid development of network technology. Therefore, the deficiency of IPv4 is increasingly obvious. In order to meet the requirements of the network future development and security demand, the IETF group proposed the IPv6 protocol, which will replace IPv4 ultimately. Comparing with IPv4, IPv6 will have a higher security degree because IPSec protocol is forced to use in IPv6, but the network intrusion will still exist. In order to protect the security of the Internet more successfully, the intrusion detection system under the protocol IPv6 must be established.Intrusion detection system (IDS) is an active security-defensive mechanism. It can search intrusive signal and offer secure protection against external-attack, internal-attack and inaccurate operation. This thesis analyzed and researched the intrusion detection system under IPv4, and carried on the preliminary exploration to the intrusion detection system under IPv6. Firstly, analysis and research focus on data packets under protocol IPv6, especially the head, expand head and protocol ICMPv6 etc. Secondly, adopting the analysis techniques as detected techniques of IDS, which is the newest detected techniques and it can detect the known and unknown holes and attacks quickly by using network protocol high regularity, and consequently enhanced the IDS accuracy and the performance to a large degree. Generally, there are four modules in intrusion detection system, data packets catching module, protocol...