Formal Technical Inspection Using CLIPS to Detect Network Intrusions - (CLIPNIDS) Submitted in partial fulfillment of the requirements of the degree of MSE Sripriya Marry CIS 895 – MSE Project Computing and Information Sciences Kansas State University Committee Members Dr. David Gustafson (Major Professor) Dr. Rodney Howell Dr. Mitchell Neilsen 1 Change Log Version # Changed By Release Date Change Description -----------------------------------------------------------------------------------------------------------------Version 1.0 Sripriya Marry 04/03/2012 2 Initial Release Table of Contents 1. Introduction ...................................................................................................................................................... 4 2. Items to be Inspected ...................................................................................................................................... 4 3. Formal Inspectors ............................................................................................................................................ 4 4. Formal Inspection List ...................................................................................................................................... 4 3 1. Introduction This document provides a checklist to be used in the technical inspection of Clipnids project. It lays out broad guidelines for the technical inspectors to ensure that the Architectural Design Document and the USE formal specification model are complete, correct and consistent. 2. Items to be inspected Technical inspectors refer Vision Document and Clipnids paper published by the author for technical inspection. 1. System Architecture Design a) Architecture Design section 2.2 b) Interface definitions and descriptions in section 2.3, Table 1, Table 1, Table 3. c) Components Architecture in section 3.1, section 3.2, section 3.3, Table 4 and Table 5 b) Data Model Diagram section 5 c) Sequence Diagrams section 4 2. Formal Specification Section 6 3. Formal Inspectors Denise Case (dmcase@ksu.edu) Petrit Duraku (petrit.duraku@gmail.edu) 4. Formal Inspection List Inspection Item The architecture of the project explained clearly by identifying the design pattern applicable to it along with the supporting reasons. Component Architecture of DQA Library describes its interaction with other components and the interface it implements to offer its service (Section 3.1) Component Architecture of Packet Decoder describes its interaction with other components and the interface it implements to offer its service (Section 3.2) Component Architecture of Packet Preprocessor describes its interaction with other components and the interface it implements to offer its service (Section 3.3) Component Architecture of Clips detection engine describes its interaction with other components and the interface it implements to offer its service and it’s functionality in Table 4. Component Architecture of Alerting at console describes its interaction along with its functionality in Table 5. DAQ interface is explained sufficiently in Table 1. Pass/Fail 4 Comment Decoder interface is explained sufficiently in Table 2. Preprocessor interface is explained sufficiently in Table 3. Data model for the project identified correctly in Section 5. Do the symbols used in class diagram conform to UML 2.0? Does the sequence diagram for Clipnids initialization is unambiguous and understandable (it adheres to the architecture of Clipnids) in Section 4.1 Does the sequence diagram for Clipnids packet is unambiguous and understandable (it adheres to the architecture of Clipnids) in section 4.2. Do the symbols used in sequence diagram conform to UML 2.0? Formal specification of Clipnids was done in accordance with its architecture in Figure 5. All the multiplicities and associations in the OCL model have been depicted in the class diagram Figure 5. 5