计算机工程 ›› 2009, Vol. 35 ›› Issue (14): 160-162.doi: 10.3969/j.issn.1000-3428.2009.14.055

• 安全技术 • 上一篇    下一篇

基于IPv6 报头的隐蔽通道分析与防范

郭浩然1,王振兴1,余 冲1,王 倩2   

  1. (1. 国家数字交换系统工程技术研究中心,郑州 450002;2. 解放军信息工程大学测绘学院,郑州 450052)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-07-20 发布日期:2009-07-20

Analysis and Preservation of Covert Channel Based on IPv6 Header

GUO Hao-ran1, WANG Zhen-xing1, YU Chong1, WANG Qian2   

  1. 1. National Digital Switching System Engineering & Technological R&D Center, Zhengzhou 450002;2. Institute of Surveying and Mapping, PLA Information Engineering University, Zhengzhou 450052)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-07-20 Published:2009-07-20

摘要: 研究IPv6基本报头,从网络安全的角度出发,对其中可被用于隐蔽通道载体的字段及其隐蔽通道构建方法进行分析和探讨,在此基础上提出2类构建方法。探讨基于Hop-Limit字段的比特变换隐蔽通道构建方法,分别给出每种方法的通信容量等关键性能指标。对基于IPv6报头的隐蔽通道的防范措施进行讨论。

关键词: 网络安全, 隐蔽通道, IPv6协议, 报头

Abstract: This paper researches IPv6 basic header, and from the angle of network security, analyzes and discusses the fields which can be used to explore covert channel, presents two kinds covert channel creating methods. It focuses on the Bit-Convert methods based on Hop-Limit and separately gives out the key performance indictors such as communication capacity to each method. The preserving measures of covert channel based on IPv6 header are discussed.

Key words: network security, covert channel, IPv6, header

中图分类号: