Title :
Component-Based Software Architecture Design for Network Intrusion Detection and Prevention System
Author :
Han, Jianchao ; Beheshti, Mohsen ; Kowalski, Kazimierz ; Ortiz, Joel ; Tomelden, Johnly
Author_Institution :
Comput. Sci. Dept., California State Univ., Carson, CA
Abstract :
A computer network intrusion detection and prevention system consists of collecting network traffic data, discovering user behavior patterns as intrusion detection rules, and applying these rules to prevent malicious and misuse. Many commercial off-the-shelf (COTS) products have been developed to perform each of these tasks. In this paper, the component-based software engineering approach is exploited to integrate these COTS products as components into a computerized system to automatically detect intrusion rules from network traffic data and prevent future potential attacks. The component-based software architecture of this kind of system is designed, COTS components are analyzed, adaptor components to compose COTS products are developed, and the system implementation is illustrated.
Keywords :
object-oriented programming; security of data; software architecture; COTS product; commercial off-the-shelf product; component-based software architecture design; component-based software engineering; computer network intrusion detection; computer network prevention system; computerized system; intrusion detection rule; network traffic data; system design; user behavior pattern; Application software; Computer networks; Data security; Intrusion detection; Process design; Software architecture; Software design; Software engineering; Software systems; Telecommunication traffic; Component-based software engineering; intrusion detection and prevention; network security; software reuse;
Conference_Titel :
Information Technology: New Generations, 2009. ITNG '09. Sixth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-3770-2
Electronic_ISBN :
978-0-7695-3596-8
DOI :
10.1109/ITNG.2009.162
