Research and Implementation of Next Generation Network Intrusion Detection System Based on Protocol Analysis

Author

Yao, Guo-xiang ; Guan, Quan-Long ; Lin, Liang-chao ; Huang, Shu-qiang ; Zhu, Guo-cheng ; Zhang, Hui-ping ; Gao, Zhi

Author_Institution

Jinan Univ., Guangzhou

Volume

2

fYear

2008

fDate

3-4 Aug. 2008

Firstpage

353

Lastpage

357

Abstract

An intrusion detection system which can work in IPv6 network environment is designed and implemented based on protocol analysis and pattern match technology in this paper. The system not only can fast detect system vulnerabilities and network intrusion events, but also possesses high accuracy and good performance. Furthermore, the system is tested using IDSwakeup. The test shows that the system can detect 90% of the attacking packets and lost hardly any packet when enormous and different types of vicious data packets generated by data packet generator are sent. So the system is efficient and quick-reacting IDS working in IPv6 environment.

Keywords

IP networks; protocols; security of data; telecommunication security; IDSwakeup; IPv6 network; data packet generator; next generation network intrusion detection; pattern match technology; protocol analysis; quick-reacting IDS; system vulnerabilities; vicious data packets; Communication system security; Data analysis; Event detection; Intrusion detection; Next generation networking; Pattern analysis; Pattern matching; Protocols; Routing; System testing; IPv6; Intrusion detection; pattern match; protocol analysis; system vulnerability;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing, Communication, Control, and Management, 2008. CCCM '08. ISECS International Colloquium on

Conference_Location

Guangzhou

Print_ISBN

978-0-7695-3290-5

Type

conf

DOI

10.1109/CCCM.2008.30

Filename

4609705