摘要: 研究IPv6基本报头,从网络安全的角度出发,对其中可被用于隐蔽通道载体的字段及其隐蔽通道构建方法进行分析和探讨,在此基础上提出2类构建方法。探讨基于Hop-Limit字段的比特变换隐蔽通道构建方法,分别给出每种方法的通信容量等关键性能指标。对基于IPv6报头的隐蔽通道的防范措施进行讨论。
关键词:
网络安全,
隐蔽通道,
IPv6协议,
报头
Abstract: This paper researches IPv6 basic header, and from the angle of network security, analyzes and discusses the fields which can be used to explore covert channel, presents two kinds covert channel creating methods. It focuses on the Bit-Convert methods based on Hop-Limit and separately gives out the key performance indictors such as communication capacity to each method. The preserving measures of covert channel based on IPv6 header are discussed.
Key words:
network security,
covert channel,
IPv6,
header
中图分类号:
郭浩然;王振兴;余 冲;王 倩. 基于IPv6 报头的隐蔽通道分析与防范[J]. 计算机工程, 2009, 35(14): 160-162.
GUO Hao-ran; WANG Zhen-xing; YU Chong; WANG Qian. Analysis and Preservation of Covert Channel Based on IPv6 Header[J]. Computer Engineering, 2009, 35(14): 160-162.