CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 5985 > Article
Paper
30 November 2005 Design and implementation of an intrusion detection system based on IPv6 protocol
Bin Liu, Zhitang Li, Yao Li, Zhanchun Li
Author Affiliations +
Proceedings Volume 5985, International Conference on Space Information Technology; 59851X (2005) https://doi.org/10.1117/12.657361
Event: International Conference on Space information Technology, 2005, Wuhan, China
Abstract
Network intrusion detection systems (NIDS) are important parts of network security architecture. Although many NIDS have been proposed, there is little effort to expand the current set of NIDS to support IPv6 protocol. This paper presents the design and implementation of a Network-based Intrusion Detection System that supports both IPv6 protocol and IPv4 protocol. It characters rules based logging to perform content pattern matching and detect a variety of attacks and probes from IPv4 and IPv6.There are four primary subsystems to make it up: packet capture, packet decoder, detection engine, and logging and alerting subsystem. A new approach to packet capture that combined NAPI with MMAP is proposed in this paper. The test results show that the efficiency of packet capture can be improved significantly by this method. Several new attack tools for IPv6 have been developed for intrusion detection evaluation. Test shows that more than 20 kinds of IPv6 attacks can be detected by this system and it also has a good performance under heavy traffic load.
© (2005) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Bin Liu, Zhitang Li, Yao Li, and Zhanchun Li "Design and implementation of an intrusion detection system based on IPv6 protocol", Proc. SPIE 5985, International Conference on Space Information Technology, 59851X (30 November 2005); https://doi.org/10.1117/12.657361
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 5 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Computer intrusion detection
Network security
Windows XP
Floods
Lithium
Network architectures
Computing systems
RELATED CONTENT
Proactive malware detection
Proceedings of SPIE (June 18 2014)
Honeynets
Proceedings of SPIE (February 21 2001)
A case of reliable remote functionality
Proceedings of SPIE (July 15 2008)
NSL: a network-security-oriented language
Proceedings of SPIE (February 08 2005)
Internet firewalls: questions and answers
Proceedings of SPIE (March 12 1996)
Research on multihop wireless ad hoc network and its routing...
Proceedings of SPIE (April 28 2004)
Introduction to state-of-the-art intrusion detection technologies
Proceedings of SPIE (February 21 2001)
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top