【摘要】：以Internet為基礎(chǔ)的全球互聯(lián)網(wǎng)對(duì)人們的生活產(chǎn)生了巨大的影響，隨著互聯(lián)網(wǎng)的發(fā)展，，其開放性、共享性和互聯(lián)程度不斷擴(kuò)大，網(wǎng)絡(luò)的重要性和對(duì)社會(huì)的影響也越來越大。網(wǎng)絡(luò)安全問題顯得越來越重要。入侵檢測(cè)是檢測(cè)和識(shí)別計(jì)算機(jī)系統(tǒng)和網(wǎng)絡(luò)系統(tǒng)，或者更廣意義上的信息系統(tǒng)非法攻擊，或者違反安全策略事件的過程，它從網(wǎng)絡(luò)環(huán)境中采集數(shù)據(jù)，分析數(shù)據(jù)，發(fā)現(xiàn)可疑攻擊行為或者異常事件，并采取一定的響應(yīng)措施攔截攻擊行為，降低可能的損失。目前，基于IPv4的入侵檢測(cè)系統(tǒng)（IDS，intrusion detection system）已有較為廣泛的應(yīng)用，但由于IPv6網(wǎng)絡(luò)還未開始大范圍部署，因而基于IPv6的入侵檢測(cè)系統(tǒng)多處于研究階段。 該課題在深入分析IPv4網(wǎng)絡(luò)中的入侵檢測(cè)系統(tǒng)的基礎(chǔ)上，通過對(duì)IPv6網(wǎng)絡(luò)攻擊，以及IPv6仍需面臨的網(wǎng)絡(luò)威脅的研究，并結(jié)合IPv6協(xié)議分析、以及基于規(guī)則的特征匹配等入侵檢測(cè)技術(shù)，提出了IPv6網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)的總體設(shè)計(jì)方案。 該課題重點(diǎn)研究、設(shè)計(jì)并實(shí)現(xiàn)了總體方案中的終端級(jí)IPv6網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)。該系統(tǒng)是以分析開源的輕量級(jí)網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)——Snort為基礎(chǔ)，并在Snort系統(tǒng)中加入基于IPv6協(xié)議分析技術(shù)和基于IPv6規(guī)則的特征匹配技術(shù)的原理上設(shè)計(jì)實(shí)現(xiàn)的。隨后根據(jù)終端級(jí)IPv6入侵檢測(cè)系統(tǒng)的設(shè)計(jì)框圖，詳細(xì)研究、設(shè)計(jì)并實(shí)現(xiàn)了IPv6數(shù)據(jù)包的捕獲模塊、IPv6協(xié)議解析模塊、IPv6預(yù)處理模塊、IPv6規(guī)則解析與IPv6特征檢測(cè)匹配模塊等六大模塊。該課題的研究，對(duì)于IPv6的入侵檢測(cè)技術(shù)有一定的參考價(jià)值。
[Abstract]:The global Internet based on Internet has a great impact on people's life. With the development of Internet, its openness, sharing and interconnection are expanding, and the importance of the network and its impact on the society are becoming more and more great. The problem of network security is becoming more and more important. Intrusion detection is the process of detecting and identifying computer system and network system, or, in a wider sense, information system illegal attack, or violation of security policy event. It collects data from network environment and analyzes data. The suspicious attack behavior or abnormal event is found, and some response measures are taken to intercept the attack behavior to reduce the possible loss. At present, the intrusion detection system (IDS,intrusion detection system) based on IPv4 has been widely used, but because the IPv6 network has not been deployed on a large scale, most of the intrusion detection systems based on IPv6 are in the research stage. On the basis of deeply analyzing the intrusion detection system in IPv4 network, this paper studies the network attack of IPv6 and the network threat that IPv6 still faces, and combines with the analysis of IPv6 protocol, and the intrusion detection technology such as rule-based feature matching, etc. The overall design scheme of IPv6 network intrusion detection system is put forward. This paper focuses on the research, design and implementation of the terminal level IPv6 network intrusion detection system. The system is based on the analysis of open source lightweight network intrusion detection system (Snort) and the principle of adding IPv6 protocol analysis technology and IPv6 rule-based feature matching technology to Snort system. Then according to the design block diagram of terminal level IPv6 intrusion detection system, six modules, such as IPv6 packet capture module, IPv6 protocol parsing module, IPv6 preprocessing module, IPv6 rule parsing module and IPv6 feature detection matching module, are designed and implemented in detail. The research of this topic has certain reference value for IPv6 intrusion detection technology.
【學(xué)位授予單位】：河北聯(lián)合大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 吳澤民,鄭少仁;IPv6的新特性及其過渡策略[J];電信科學(xué);2000年06期

2 李建敏;魏明軍;劉玉芳;;即時(shí)通信軟件檢測(cè)技術(shù)的研究[J];福建電腦;2009年12期

3 杜建國(guó),郭巧;協(xié)議分析和命令解析在入侵檢測(cè)中的應(yīng)用[J];計(jì)算機(jī)工程與應(yīng)用;2004年18期

4 賀文華;陳志剛;胡玉平;;基于IPv6的網(wǎng)絡(luò)安全與性能分析[J];微電子學(xué)與計(jì)算機(jī);2007年10期

5 莊緒春;孟相如;韓仲祥;;高速網(wǎng)絡(luò)環(huán)境中入侵檢測(cè)技術(shù)探討[J];信息與電子工程;2006年04期

相關(guān)博士學(xué)位論文 前1條

1 黎耀;IPv6環(huán)境下異常檢測(cè)系統(tǒng)的關(guān)鍵技術(shù)研究[D];華中科技大學(xué);2006年

本文編號(hào)：2342206