Distributed Intrusion Detection and Research of Fragment Attack Based-on IPv6
IPv6, the address has to aggregation, thus greatly reducing the length of the routing equipment routing table to improve the efficiency of routing and security, but then there is any possibility of network intrusion attack. This paper used to implement IPv6 Snort intrusion detection software, intrusion detection system is proposed as long as the server itself TCP / IP stack on the handling of data packets are different, the packet will bypass the intrusion detection system from the ground to produce a TCP fragment attack.
Y. Ke and Y. Li, "Distributed Intrusion Detection and Research of Fragment Attack Based-on IPv6", Advanced Materials Research, Vols. 268-270, pp. 1797-1801, 2011