【摘要】：隨著世界對IPv6的重視，各國加快了IPv6網(wǎng)絡(luò)在安全技術(shù)方面的研究步伐。然而，隨著網(wǎng)絡(luò)技術(shù)的進(jìn)步與發(fā)展，IPv6的安全問題并沒有得到完全的解決。IPv6的誕生建立在避免IPv4網(wǎng)絡(luò)中的安全問題的基礎(chǔ)之上。目前來看，IPv6確實在網(wǎng)絡(luò)安全性方面有了很大進(jìn)步，它解決了數(shù)據(jù)加密、身份認(rèn)證以及數(shù)據(jù)在不安全的網(wǎng)絡(luò)上進(jìn)行安全的傳輸?shù)葐栴}。然而，IPv6協(xié)議的改變僅僅是網(wǎng)絡(luò)層協(xié)議的變化，并沒有完全解決安全問題，伴隨而來的問題是復(fù)雜的、新式的、多樣的網(wǎng)絡(luò)入侵與攻擊。因此，在使用IPv6協(xié)議的新環(huán)境下，需要大力推進(jìn)對網(wǎng)絡(luò)安全技術(shù)方面的研究。 在基于IPv6入侵行為監(jiān)測系統(tǒng)的研究中，通過對入侵檢測系統(tǒng)的學(xué)習(xí)，對其涉及到很多關(guān)鍵的知識與技術(shù)進(jìn)行了概括與總結(jié)，，其中包括捕包工具、協(xié)議分析技術(shù)、模式匹配技術(shù)、特征規(guī)則庫的建立與更新、實時報警以及IP追蹤技術(shù)等。 本文通過數(shù)據(jù)報格式、地址類型與地址分配和ICMP協(xié)議三個方面，對IPv4協(xié)議與IPv6協(xié)議進(jìn)行了比較，重點分析了入侵行為在IPv4網(wǎng)絡(luò)與IPv6網(wǎng)絡(luò)中的表現(xiàn)。在此基礎(chǔ)上，設(shè)計了基于IPv6入侵行為檢測系統(tǒng)的各個模塊，提出了快速捕獲IPv6數(shù)據(jù)包的方法，擴(kuò)展了協(xié)議分析技術(shù)的協(xié)議棧。 完成了基于IPv6入侵行為檢測系統(tǒng)的需求分析、系統(tǒng)設(shè)計、特征規(guī)則庫的搭建與更新。在IPv6的環(huán)境下，配置了Snort工具的開發(fā)環(huán)境，對捕包模塊、協(xié)議分析模塊、特征規(guī)則庫模塊都進(jìn)行了實驗驗證。
[Abstract]:With the attention of the world to IPv6, many countries speed up the research of IPv6 network in security technology. However, with the progress and development of network technology, the security problem of IPv6 has not been completely solved. The birth of IPv6 is based on avoiding the security problems in IPv4 network. At present, IPv6 has made great progress in network security. It solves the problems of data encryption, identity authentication and secure transmission of data over insecure networks. However, the change of IPv6 protocol is only the change of network layer protocol, and it does not completely solve the security problem. The accompanying problems are complex, new and diverse network intrusion and attack. Therefore, in the new environment of using IPv6 protocol, it is necessary to promote the research of network security technology. In the research of intrusion behavior monitoring system based on IPv6, through the study of intrusion detection system, the paper summarizes and summarizes many key knowledge and technology involved in intrusion detection system, including packet capture tools, protocol analysis technology, pattern matching technology, etc. The establishment and update of feature rule base, real-time alarm and IP tracking technology. In this paper, we compare IPv4 protocol with IPv6 protocol through three aspects: Datagram format, address type and address assignment, and ICMP protocol, and analyze the behavior of intrusion in IPv4 network and IPv6 network. On this basis, each module of intrusion detection system based on IPv6 is designed, the method of fast capturing IPv6 packets is proposed, and the protocol stack of protocol analysis technology is extended. The requirement analysis, system design, building and updating of feature rule base based on IPv6 intrusion detection system are completed. In the environment of IPv6, the development environment of Snort tools is configured, and the module of packet capture, protocol analysis and feature rule base are verified by experiments.
【學(xué)位授予單位】：華北電力大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 盧鵬;;一種輕量級入侵檢測系統(tǒng)Snort[J];硅谷;2013年04期

2 王相林;朱晨;孫冬梅;李明月;沈清姿;;IPv6網(wǎng)絡(luò)協(xié)議中分段機(jī)制安全問題的研究[J];電信科學(xué);2013年10期

3 張昊;;計算機(jī)網(wǎng)絡(luò)數(shù)據(jù)包捕獲技術(shù)淺析[J];合肥學(xué)院學(xué)報(自然科學(xué)版);2009年02期

4 謝鯤;張大方;文吉剛;謝高崗;;基于WinPcap的實時網(wǎng)絡(luò)監(jiān)測系統(tǒng)[J];湖南大學(xué)學(xué)報(自然科學(xué)版);2006年02期

5 蔣文娟;盧朝暉;劉家寧;;基于IPv6的組播編程實例剖析[J];海南師范學(xué)院學(xué)報(自然科學(xué)版);2007年04期

6 楊海松,李津生,洪佩琳;分布開放式的入侵檢測與響應(yīng)架構(gòu)——IDRA[J];計算機(jī)學(xué)報;2003年09期

7 李振強;趙曉宇;馬嚴(yán);;IPv6安全脆弱性研究[J];計算機(jī)應(yīng)用研究;2006年11期

8 邱桔;陳若珊;;一個基于原始套接字的Sniffer的設(shè)計與實現(xiàn)[J];計算機(jī)應(yīng)用與軟件;2006年04期

9 任穎;李華偉;王麗娜;;基于Snort的入侵檢測系統(tǒng)的研究與改進(jìn)[J];計算技術(shù)與自動化;2012年03期

10 陳淑儀;IPv6對IPv4的新特征[J];數(shù)據(jù)通信;2002年03期

本文編號：2367755