%0 Journal Article %1 mjs:Schuette:SnortIPv6 %A Schütte, Martin %D 2013 %K IPv6 ds15 ids intrusion_detection mjsarticle snort %N 2 %P 409-452 %T Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection System %U http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS-028-Schuette-SnortIPv6.pdf %V 6 %X This work describes the implementation and use of a preprocessor module for the popular open source Intrusion Detection System Snort that detects attacks against the IPv6 Neighbor Discovery Protocol. The implementation utilizes the existing preprocessor APIs for the extension of Snort and provides several new IPv6-specific rule options that can be used to define IPv6 related attack signatures. The developed module is aimed at the detection of suspicious activity in local IPv6 networks and can detect misconfigured network elements, as well as malicious activities from attackers on the network. The pluginś source code is available at https://github.com/mschuett/spp_ipv6

@article{mjs:Schuette:SnortIPv6, abstract = {This work describes the implementation and use of a preprocessor module for the popular open source Intrusion Detection System Snort that detects attacks against the IPv6 Neighbor Discovery Protocol. The implementation utilizes the existing preprocessor APIs for the extension of Snort and provides several new IPv6-specific rule options that can be used to define IPv6 related attack signatures. The developed module is aimed at the detection of suspicious activity in local IPv6 networks and can detect misconfigured network elements, as well as malicious activities from attackers on the network. The plugin\'s source code is available at https://github.com/mschuett/spp_ipv6}, added-at = {2021-09-19T18:42:17.000+0200}, author = {Schütte, Martin}, biburl = {https://www.bibsonomy.org/bibtex/2e8a5fe45159b006e56bed3ef8326964c/steschum}, interhash = {ad99b92c1ce1f1164d8a04d661d8e56a}, intrahash = {e8a5fe45159b006e56bed3ef8326964c}, issn = {2192-4260}, journaltitle = {Magdeburger Journal zur Sicherheitsforschung}, keywords = {IPv6 ds15 ids intrusion_detection mjsarticle snort}, number = 2, pages = {409-452}, timestamp = {2021-10-22T17:15:30.000+0200}, title = {Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection System}, url = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS-028-Schuette-SnortIPv6.pdf}, urldate = {2013-12-26}, volume = 6, year = 2013 }