상세정보
학술대회
Implementation of Multi-thread based Intrusion Prevention System for IPv6
- 발행일
- 200710
- 출처
- International Conference on Control, Automation and Systems (ICCAS) 2007, pp.404-407
- 협약과제
- 07MH2700, 저비용 대규모 글로벌 인터넷 서비스 솔루션 개발, 김명준
- 초록
- The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature as the IPv4 network and it becomes an obstacle in the IPv6 network deployment. Up to date, in the main network equipment provider including CISCO, and etc, the IPv6-based firewall is released. However, it nearly does not have the IPv6-based Intrusion Detection System(IDS) and/or Intrusion Prevention System(IPS) equipment. Moreover, in the open source, the snort which is the de facto standard of the IDS system yet does not support IPv6. This paper introduces the implementation of Intrusion Prevention System(IPS) that can be applicable to the IPv6 network and has the multi-thread architecture for the performance improvement. The prototype introduced in this paper is implemented as SW base in order to be applied to the IPv6 network preferentially. Although it has a limit to a performance, the prototype can give the basic concepts toward the IPv6-based IPS equipment of the afterward HW base. © ICROS.
- KSP 제안 키워드
- De facto standard, IPv6 network, Intrusion detection system(IDS), Intrusion prevention system, Main network, Multi-thread, Open source, Security Policy, network deployment, network equipment, performance improvement