期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于协议分析的IPv6入侵检测系统设计 被引量:1

DESIGN OF INTRUSION DETECTION SYSTEM BASED ON IPV6 PROTOCOL ANALYSIS
下载PDF
导出
摘要 目前的网络是基于IPv4的,但是IPv4的种种局限性限制了网络的持续高速发展。IPv6较IPv4有很多优势,例如:巨大的地址空间,自动配置机制,简化的报头结构,内置IPSec,扩展报头,以及对流标签的支持等等。目前对IPv6的安全问题研究主要集中在协议本身的安全,对上层的安全问题无法保障。就IPv6提出了一种基于协议分析方法的入侵检测模型。设计出的系统可以很好的应用于IPv6环境中,还可以适用于IPv4到IPv6过渡时期。 Current internet is based on IPv4 protocol, but the limitation of IPv4 put obstacle to the development of internet. IPv6 is carried out as an alternative of IPv4, IPv6 has many features such as:128 bit address, auto-configuration mechanism, simple header format,using IPsec, extend header, support of flow label. Presently, researches of IPv6 security focus on security of the protocol itself, but, the protocol can just produce the security on network layer,and can do nothing to the higher layers. This make it very important to build the positive protection system. The article introduces a new intrusion detection system base on IPv6 protocol analysis, the system can operates on IPv4 and IPv6 environments well.
作者 徐静静 王相林
机构地区 杭州电子科技大学计算机学院
出处 《计算机应用与软件》 CSCD 2009年第2期280-282,共3页 Computer Applications and Software
关键词 入侵检测 网络安全 协议分析 Intrusion detection Network security Protocol analysis
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TN915.04 [电子电信—通信与信息系统]
  • 相关文献

参考文献6

二级参考文献24

  • 1Protocol Analysis and Command Parsing vs.Pattern Matching in In-trusion Detection System.http://www.networkice.com
  • 2[1]Allen J et al.State of the Practice of Intrusion Detection Technologies[R].TECHNICAL REPORT,CMU/SEI-99-TR-028,Carnegie Mellon University, Software Engineering Institute, 2000
  • 3[2]Ptacek T H,Newsham T N.Insertion,Evasion,and Denial of Service:EludingNetwork Intrusion Detection.http:∥www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html , 1998
  • 4[3]Brian Caswell.snort.http:∥www.snort.org/
  • 5[4]ISS Company. RealSecure Network Protection.http:∥www.iss.net/products_services/enterprise_protection/rsnetwork/index.php
  • 6[5]Ilgun K,Kemmerer R A,Porras P A.State transition a.nalysis:A rulebased intrusion detection approach[J].Software Engineering,IEEE Transactions on, 1995; 21 (3): 181 ~ 199
  • 7[6]Vigna G,Kemmerer R A.NetSTAT:A Network-based Intrusion Detection Approach[C].In:Proceedings of the 14th Annual Computer Security Applications Conference(ACSAC), 1998
  • 8[7]Alec Yasinsac. An Environment for Security Protocol Intrusion Detection[J].Journal of Computer Security,2002; (10): 177~188
  • 9[8]Shan Zheng,Chen Peng,Xu Ying et al.A network state based intrusion detection model. Computer Networks and Mobile[C].In:Computing,2001.Proceedings.2001 International Conference on,2001:481~486
  • 10[9]Karen Kent Frederick. Network Intrusion Detection Signatures,Part 5.http:∥online.securityfocus.com/infocus/1569,2002

共引文献39

同被引文献8

引证文献1

二级引证文献2

计算机应用与软件
2009年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部