Implementation of multi-thread based intrusion prevention system for IPv6

Abstract

The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature as the IPv4 network and it becomes an obstacle in the IPv6 network deployment. Up to date, in the main network equipment provider including CISCO, and etc, the IPv6-based firewall is released. However, it nearly does not have the IPv6-based intrusion detection system(IDS) and/or intrusion prevention system(IPS) equipment. Moreover, in the open source, the snort which is the de facto standard of the IDS system yet does not support IPv6. This paper introduces the implementation of intrusion prevention system (IPS) that can be applicable to the IPv6 network and has the multi-thread architecture for the performance improvement. The prototype introduced in this paper is implemented as SW base in order to be applied to the IPv6 network preferentially. Although it has a limit to a performance, the prototype can give the basic concepts toward the IPv6-based IPS equipment of the afterward HW base.