ABSTRACT A computer network intrusion detection and prevention system consists of collecting network traffic data, discovering user behavior patterns as intrusion detection rules, and applying these rules to prevent malicious and misuse. Many commercial off-the-shelf (COTS) products have been developed to perform each of these tasks. In this paper, the component-based software engineering approach is exploited to integrate these COTS products as components into a computerized system to automatically detect intrusion rules from network traffic data and setup IPTables to prevent future potential attacks. The component- based software architecture of this kind of system is designed, COTS components are analyzed and selected, adaptor components to connect COTS products are developed, the system implementation is illustrated, and the preliminary system experiment is presented.
Component-based Software Design and Implementation for Network Security System
1 file(s) 522.04 KB
Authors
Jianchao Han
- Organization : Department of Computer Science, California State University Dominguez Hills (USA)
- Email : jhan@csudh.edu
Joel Ortiz
- Organization : Department of Computer Science, California State University Dominguez Hills (USA)
- Email :
Johnly Tomelden
- Organization : Department of Computer Science, California State University Dominguez Hills (USA)
- Email :
Kazimierz Kowalski
- Organization : Department of Computer Science, California State University Dominguez Hills (USA)
- Email : kkowalski@csudh.edu
Mohsen Beheshti
- Organization : Department of Computer Science, California State University Dominguez Hills (USA)
- Email : mbeheshti@csudh.edu