Distributed Intrusion Detection Of Fragment Attack Based-on IPv6

The development of computer network has affected much to economy, culture,education and technology. There is much information and resource related tonetwork, but network security is the base. In the domain of information security,it will affect particularly the security of economy and country directly. Then,how to prevent it from doing harm to the economy and protect the security is animportant mission for us.IP fragment is one of the technologies of the transmission of the IP packageson the network, but it is not secure enough. The attacker can disorder thesequence or insert some aggressive information to do harm to the network. Thispaper analyzes and researches on the principle of the IP fragment's attack andfinished a project to detect the attack of it on the IPv6 network. With the helpof Open Source develop kit ACE(Adaptive Communication Environment) and the TAO(TheACE ORB) that based on the international standard CORBA, a simple distributedintrusion detect system(it's short name is: IDS) of IP fragment attack isaccomplished.First, this paper analyzed and researched the method of fragment attack inthe IPv6 network and the intrusion detection techniques, then, pay more attentionto the fragment reassemble arithmetic. At last, based on the distributed networkenvironment, synthesize the virtue of the fragment reassemble arithmetic of RFC850and the fragment reassemble arithmetic of Snort, finished a fragment reassemblearithmetic that is applicable to IPv6 to improve the veracity of the intrusiondetection devices!Second, this paper analyzed and researched the middle-ware thatare very popular in software developing, their names are ACE and ICE, and choosethe ACE to develop the intrusion detection system of this paper at last. At thesame time, proposed a model of distributed intrusion detection system that isdelaminated, it can reduce the sum of network packages and improve the performanceas well as the practicability. At the same time, with the help of distributedintrusion detection system model and based on the development kit of ACE and ICE, make use of the sustain of the ACE to the high performance distributednetwork, finished a light weighted distributed intrusion detection system.This paper deeply researched the principle and the detection of the fragmentin IPv6 network, finished a highly unstableness distributed intrusion detectionsystem that can be used on many operation system. All the above can help much toa applied and expansible intrusion detection system.