IPv6环境下无线网络入侵行为动态取证系统设计  

作　　者：王庆刚 顾峰 陈华春[2] 张林[2] WANG Qinggang;GU Feng;CHEN Huachun;ZHANG Lin(Network and Information Center,Southwest Petroleum University,Chengdu 610500,China;School of Computer Science and Software Engineering,Southwest Petroleum University,Chengdu 610500,China)

机构地区：[1]西南石油大学网络与信息化中心,四川成都610500 [2]西南石油大学计算机与软件学院,四川成都610500

出　　处：《现代电子技术》2025年第5期115-119,共5页Modern Electronics Technique

摘　　要：为在IPv6网络协议环境下对无线网络中的入侵行为进行准确监控和记录,以收集、保存无线网络入侵相关的证据,设计IPv6环境下无线网络入侵行为动态取证系统。该系统通过无线网卡连接IPv6环境下以太网,使用数据包捕获模块获取无线网络数据包后,将其输入到IPv6协议解析模块内,通过该模块对无线网络数据包实施解析处理,得到无线网络数据属性值参数。再将无线网络数据属性值参数输入到入侵行为取证模块内,该模块对无线网络数据属性值参数进行量化后,运用Clameleon聚类算法对量化后的无线网络数据属性值参数进行聚类处理,得到无线网络数据属性值参数中的入侵行为参数,实现无线网络入侵行为动态取证。实验结果表明,该系统具备较强的无线网络数据包捕获能力和无线网卡驱动能力,并可有效对不同类型的网络入侵行为进行动态取证,应用效果较佳。A dynamic forensics system for wireless network intrusion behavior in the IPv6 environment is designed to accurately monitor and record intrusion behavior in wireless networks in the IPv6 network protocol environment,and collect and store evidence related to wireless network intrusion.The system is connected to the Ethernet in an IPv6 environment through a wireless network card.A data packet capture module is used to obtain wireless network data packets.And then,the obtained data packets are input into the IPv6 protocol parsing module,where the wireless network data packets are parsed and processed to obtain the wireless network data attribute values and parameters.Then the wireless network data attribute value parameters are input into the intrusion behavior forensics module.In this module,the wireless network data attribute value parameters are quantified.The Clameleon clustering algorithm is used to cluster the quantified wireless network data attribute value parameters,obtaining the intrusion behavior parameters in the wireless network data attribute value parameters and achieving dynamic forensics of wireless network intrusion behavior.The experimental results show that the system has strong wireless network data packet capture ability and wireless network card driving ability,and can effectively perform dynamic forensics of different types of network intrusion behavior,with good application effects.

关 键 词：IPV6环境 无线网络 入侵行为 动态取证 Clameleon聚类 网卡驱动 数据解析 数据量化 

分 类 号：TN711-34[电子电信—电路与系统] TP391[自动化与计算机技术—计算机应用技术]