|
|
计算机应用研究 2012
Intrusion detection mechanism for IPv6 routing extension header
|
Abstract:
Aiming at the security issues caused by holes of IPv6 routing extension header, this paper designed and implemented an intrusion detection mechanism applicable to IPv6 routing extension header. Basing on the open source intrusion detection system Snort, instead of changing the structure of the existing Snort detection rules, using the technology of IPv6 protocol analysis, improved the packet analysis module of Snort. It designed and implemented the module supporting for parsing IPv6 routing extension header and the internal protected system module. It also gave the process of the proving experiment and the analysis of result. The experiment proves that the design scheme in this paper can exactly detect the attack behaviors which use holes of IPv6 routing extension header.
