IPv6環境下無線網絡入侵行為動態取證系統設計

摘" 要： 為在IPv6網絡協議環境下對無線網絡中的入侵行為進行準確監控和記錄，以收集、保存無線網絡入侵相關的證據，設計IPv6環境下無線網絡入侵行為動態取證系統。該系統通過無線網卡連接IPv6環境下以太網，使用數據包捕獲模塊獲取無線網絡數據包后，將其輸入到IPv6協議解析模塊內，通過該模塊對無線網絡數據包實施解析處理，得到無線網絡數據屬性值參數。再將無線網絡數據屬性值參數輸入到入侵行為取證模塊內，該模塊對無線網絡數據屬性值參數進行量化后，運用Clameleon聚類算法對量化后的無線網絡數據屬性值參數進行聚類處理，得到無線網絡數據屬性值參數中的入侵行為參數，實現無線網絡入侵行為動態取證。實驗結果表明，該系統具備較強的無線網絡數據包捕獲能力和無線網卡驅動能力，并可有效對不同類型的網絡入侵行為進行動態取證，應用效果較佳。

關鍵詞： IPv6環境； 無線網絡； 入侵行為； 動態取證； Clameleon聚類； 網卡驅動； 數據解析； 數據量化

中圖分類號： TN711?34； TP391" " " " " " " " " " "文獻標識碼： A" " " " " " " " " " 文章編號： 1004?373X（2025）05?0115?05

Design of dynamic forensics system for wireless network intrusion"behavior in IPv6 environment

WANG Qinggang1， GU Feng1， CHEN Huachun2， ZHANG Lin2

（1. Network and Information Center， Southwest Petroleum University， Chengdu 610500， China;

2. School of Computer Science and Software Engineering， Southwest Petroleum University， Chengdu 610500， China）

Abstract： A dynamic forensics system for wireless network intrusion behavior in the IPv6 environment is designed to accurately monitor and record intrusion behavior in wireless networks in the IPv6 network protocol environment， and collect and store evidence related to wireless network intrusion. The system is connected to the Ethernet in an IPv6 environment through a wireless network card. A data packet capture module is used to obtain wireless network data packets. And then， the obtained data packets are input into the IPv6 protocol parsing module， where the wireless network data packets are parsed and processed to obtain the wireless network data attribute values and parameters. Then the wireless network data attribute value parameters are input into the intrusion behavior forensics module. In this module， the wireless network data attribute value parameters are quantified. The Clameleon clustering algorithm is used to cluster the quantified wireless network data attribute value parameters， obtaining the intrusion behavior parameters in the wireless network data attribute value parameters and achieving dynamic forensics of wireless network intrusion behavior. The experimental results show that the system has strong wireless network data packet capture ability and wireless network card driving ability， and can effectively perform dynamic forensics of different types of network intrusion behavior， with good application effects.

Keywords： IPv6 environment; wireless network; invasion behavior; dynamic forensics; Clameleon clustering; network card driver; data parsing; data quantification

0" 引" 言

科技發展迅速，信息技術的不斷革新和發展使得網絡空間中的安全威脅和攻擊手段也不斷升級和改進。這使得信息安全形勢變得更加嚴峻，黑客和攻擊者能夠利用更先進的技術手段進行非法訪問、竊取、損壞和篡改網絡系統中的數據和信息[1]。網絡空間的安全問題日益凸顯，其中無線網絡作為現代通信的重要組成部分，其安全性更是備受關注。……