期刊文献+

IPv6安全风险与防范方案 被引量:3

IPv6 Security Threats and Prevention Scheme
下载PDF
导出
摘要 随着逐步展开IPv6网络规模部署,IPv6网络攻击数量不断增加,在系统、应用、硬件和协议等层面均存在安全漏洞。为此,从IPv6与IPv4相同的安全风险、IPv6新特性引发的特有安全风险及IPv4/IPv6过渡期安全风险3个方面综述IPv6的安全风险,总结防范方案。首先,针对与IPv4相同的网络攻击,研究IPv6网络攻击防护技术。然后,相较于IPv4,IPv6报头新增流标签字段、扩展报头、地址空间变大,有状态地址配置DHCP升级为DHCPv6,新增无状态地址配置,ICMP升级为ICMPv6,新增邻居发现协议等新特性,讨论其新特性引发的特有安全风险与防范方案。最后,针对IPv6部署过程中使用的双栈、隧道、翻译等过渡机制的安全风险,研究安全防护方案,为发现未知攻击、有力抵御网络攻击提供理论与技术支持。 With the gradual deployment of IPv6 network scale,the number of IPv6 network attacks continues to increase,and there are secu⁃rity vulnerabilities at the system,application,hardware and protocol levels.To this end,the security risks of IPv6 are summarized from three aspects:the same security risks of IPv6 and IPv4,the unique security risks caused by the new features of IPv6,and the security risks in the transition period of IPv4/IPv6,and the prevention schemes are summarized.First,aiming at the same network attack as IPv4,the IPv6 net⁃work attack protection technology is studied.Then,compared to IPv4,IPv6 headers add flow label fields,extended headers,have larger ad⁃dress space,stateful address configuration DHCP upgraded to DHCPv6,stateless address configuration ICMP upgraded to ICMPv6,add Neighbor Discovery Protocol,etc.,and the unique security risks and prevention schemes caused by the new features are discussed.Finally,aiming at the security risks of transition mechanisms such as dual-stack,tunnel and translation used in IPv6 deployment,the security protec⁃tion scheme is studied to provide theoretical and technical support for discovering unknown attacks and effectively resisting network attacks.
作者 胡南 周宇 伍传丽 邯子皓 向剑文 张家琦 邢燕祯 HU Nan;ZHOU Yu;WU Chuan-li;HAN Zi-hao;XIANG Jian-wen;ZHANG Jia-qi;XING Yan-zhen(China Media Group,Beijing 100020,China;School of Computer Science and Artificial Intelligence,Wuhan University of Technology,Wuhan 430070,China;National Internet Emergency Center,Beijing 100029,China)
出处 《软件导刊》 2023年第4期118-127,共10页 Software Guide
关键词 IPV6 IPV4 过渡机制 安全风险 防范方案 网络安全 IPv6 IPv4 transition mechanisms security threat prevention scheme network security
  • 相关文献

参考文献14

二级参考文献95

共引文献121

同被引文献29

引证文献3

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部