摘要： 研究IPv6基本报头，从网络安全的角度出发，对其中可被用于隐蔽通道载体的字段及其隐蔽通道构建方法进行分析和探讨，在此基础上提出2类构建方法。探讨基于Hop-Limit字段的比特变换隐蔽通道构建方法，分别给出每种方法的通信容量等关键性能指标。对基于IPv6报头的隐蔽通道的防范措施进行讨论。

关键词: 网络安全, 隐蔽通道, IPv6协议, 报头

Abstract: This paper researches IPv6 basic header, and from the angle of network security, analyzes and discusses the fields which can be used to explore covert channel, presents two kinds covert channel creating methods. It focuses on the Bit-Convert methods based on Hop-Limit and separately gives out the key performance indictors such as communication capacity to each method. The preserving measures of covert channel based on IPv6 header are discussed.

Key words: network security, covert channel, IPv6, header

中图分类号: 

• TP393.03