面向IPv6加密通信的入侵检测设计

作者：李作亲，王相林 日期：2009-06-24/span> 浏览：5020 查看PDF文档

面向IPv6加密通信的入侵检测设计

李作亲，王相林
（杭州电子科技大学 计算机学院，浙江 杭州310018）

摘要：针对入侵检测系统在IPv6网络下检测加密通信时遇到的问题，提出了面向IPSec的入侵检测（IPSOIDS)模型，该模型应用了非对称密钥机制和LDAP Server，改进了Snort的协议分析模块，设计了客户端密钥交换模块(KEM)、服务端KEM及IDS端KEM，并阐述了相互之间的操作过程。研究结果表明，该模型具有广阔的推广应用前景。
关键词：IPv6; Snort; LDAP; 面向IPSec的入侵检测；加密通信；密钥交换模块
中图分类号：TP393文献标识码：A文章编号：1001-4551(2009)06-0090-03

Design of intrusion detection system oriented to IPv6 encrypted conversation
LI Zuoqin， WANG Xianglin
(School of Computer Science, Hangzhou Dianzi University, Hangzhou 310018, China)
Abstract: Aiming at the problem of analyzing the IPv6 encrypted conversation on intrusion detetion system, the IPSec oriented intrusion detection system(IPSOIDS) model were proposed. In the model, the asymmetrical key mechanism and LDAP Server were applied, Snort protocol analysis module was improved. Customerside key exchange module(KEM), Serverside KEM and IDSside KEM were designed. And the mutual operation between each other was explained. The research result shows that the model has the application prospect.
Key words: IPv6; Snort; LDAP; IPSec oriented intrusion detection system(IPSOIDS); encrypted conversation; key exchange module(KEM)
参考文献(References):
［1］KENT S, SEO K. Security Architecture for the Internet Protocol［S］. RFC 4301,2005.
［2］程憬睿,马严.IPSec与IPv6的网络安全［J］.现代电信科技，2006(2)：21-23.
［3］汤惟.密码学与网络安全技术基础［M］.北京：机械工业出版社，2004：63-73.
［4］WAHL M, HOWES T, KILLE S. Lightweight Directory Access Protocol (v3)［S］. RFC2251,1997.
［5］DEERING S, HINDEN R. Internet Protocol Version6 (IPv6) Specification［S］. RFC2460,1998.
［6］KENT S, ATKINSON R. IP Encapsulating Security Payload (ESP)［S］. RFC4203,2005.