ACIR: An Aspect-Connector for Intrusion Response

  • Authors:

  • Mohammad Gias Uddin;Hossain Shahriar;Mohammad Zulkernine

  • Affiliations:

  • Queen's University, Kingston, Ontario, Canada;Queen's University, Kingston, Ontario, Canada;Queen's University, Kingston, Ontario, Canada

  • Venue:
  • COMPSAC '07 Proceedings of the 31st Annual International Computer Software and Applications Conference - Volume 02
  • Year:
  • 2007

Quantified Score

Hi-index 0.00

Visualization

Abstract

The modularization concept behind component-based software (CBS) cannot be applied effectively for cross-cutting concerns such as security. Aspect-oriented programming (AOP) helps in better modularization by identifying crosscutting concerns and providing a suitable way to separate those concerns. In this paper, we provide an aspectconnector based intrusion response (detection and prevention) architecture for CBS by bringing the concepts of aspects into components. The aspect-connector is named as ACIR (Aspect Connector for Intrusion Response). Component interfaces act as join points, and aspects containing pointcuts and advices are defined in ACIR configuration file. Advices applicable to particular pointcuts are two types. Signature advices are used to detect intrusions, and action advices are executed to prevent intrusions. A prototype of this architecture is implemented and evaluated using some intrusions included in the Web Application Security Consortium (WASC) intrusion list. This approach detects and prevents intrusions in CBS while maintaining encapsulation, reusability, and modularity.