Share Email Print

Proceedings Paper

Design and implementation of an intrusion detection system based on IPv6 protocol
Author(s): Bin Liu; Zhitang Li; Yao Li; Zhanchun Li
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Network intrusion detection systems (NIDS) are important parts of network security architecture. Although many NIDS have been proposed, there is little effort to expand the current set of NIDS to support IPv6 protocol. This paper presents the design and implementation of a Network-based Intrusion Detection System that supports both IPv6 protocol and IPv4 protocol. It characters rules based logging to perform content pattern matching and detect a variety of attacks and probes from IPv4 and IPv6.There are four primary subsystems to make it up: packet capture, packet decoder, detection engine, and logging and alerting subsystem. A new approach to packet capture that combined NAPI with MMAP is proposed in this paper. The test results show that the efficiency of packet capture can be improved significantly by this method. Several new attack tools for IPv6 have been developed for intrusion detection evaluation. Test shows that more than 20 kinds of IPv6 attacks can be detected by this system and it also has a good performance under heavy traffic load.

Paper Details

Date Published: 30 November 2005
PDF: 5 pages
Proc. SPIE 5985, International Conference on Space Information Technology, 59851X (30 November 2005); doi: 10.1117/12.657361
Show Author Affiliations
Bin Liu, Huazhong Univ. of Science and Technology (China)
Zhitang Li, Huazhong Univ. of Science and Technology (China)
Yao Li, Huazhong Univ. of Science and Technology (China)
Zhanchun Li, Huazong Univ. of Science and Technology (China)

Published in SPIE Proceedings Vol. 5985:
International Conference on Space Information Technology
Cheng Wang; Shan Zhong; Xiulin Hu, Editor(s)

© SPIE. Terms of Use
Back to Top