Intrusion detection system and method based on IPv6 network environment

An intrusion detection system and intrusion detection technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve problems such as network security control capability limitations, illegal access to LAN network resources, and immature network management technology

Inactive Publication Date: 2010-02-24
JINAN UNIVERSITY
View PDF1 Cites 51 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] First of all, there are loopholes in the implementation of the IPv6 protocol stack, which needs to be perfected in practice. For example, the OpenBSD and Cisco IOS system IPv6 protocol Type 0 routing header denial of service vulnerability, although the security factors have been considered in the design of the IPv6 protocol and aimed at these security factors. Some schemes have been designed, such as third-layer encryption and authentication, but the IPv6 network is not indestructible, at least it is still powerless against application-layer attacks;
[0008] Second, the loopholes caused by the transition mechanism from IPv4 to IPv6, etc. At present, security personnel have discovered some security loopholes that appear during the transition from IPv4 to IPv6. For example, hackers can illegally access LAN network resources using both IPv4 an

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection system and method based on IPv6 network environment
  • Intrusion detection system and method based on IPv6 network environment
  • Intrusion detection system and method based on IPv6 network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0064] Such as figure 1As shown, the intrusion detection system based on the IPv6 network environment includes:

[0065] Protocol collection and rule library modules that can be set in detail;

[0066] The data packet capture module is used to capture the data packets and process them, discard the non-IPv6 data packets in the captured data packets, and generate corresponding records according to the discarded packets to send and store them in the alarm and log module, and then process the obtained The complete IPv6 packet is sent to the IPV6 protocol analysis module;

[0067] The IPV6 protocol parsing module is used to perform protocol decoding on the complete IPv6 data packet sent by the data packet capture module according to the protocol set set by the system and according to the data structure of the protocols of each layer of the network, to obtain the application data actually carried by the data packet and Sent to the protocol analysis and state tracking module;

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intrusion detection system (IDS) and a method based on IPv6 network environment. The system comprises a protocol set and rule base module, a data packet capture module, an IPV6 protocol analysis module, a protocol analysis and state tracking module, a rule analysis and packet detection module and a warning and logging module. The invention well solves the new problem of transplant of the IDS, brought about by the new IPv6 standards and characteristics, and improves the capture ability of the data packet, the detection means of the IDS and the safety detection abilityof the IDS.

Description

technical field [0001] The invention relates to the field of computer network information security, in particular to an intrusion detection system (IDS) and method based on the IPv6 network environment. Background technique [0002] With the rapid development of the Internet, network information has become an indispensable part of people's lives, and people pay more and more attention to network information security. Various intrusion events and attack methods against networks and hosts are emerging in an endless stream. It causes more people to invest in the research and development of Intrusion Detection System (IDS), which is mainly aimed at the shortcomings and deficiencies exposed by the most commonly used network intrusion prevention technology——firewall. [0003] Traditional network security technologies mainly include firewall technology, intrusion detection technology, encryption technology, authentication technology, virus protection technology, security audit tech...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06H04L29/08
Inventor 姚国祥罗伟其官全龙张焕明林良超张慧平高志朱国程魏林锋叶赛枝莫乐群
Owner JINAN UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap