![Page 1: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/1.jpg)
1
SnIPS Implementation and GUI
3rd PresentationTsung-Hsi Wu, M.S.E.
Department of Computing and Information Science
Kansas State University
![Page 2: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/2.jpg)
2
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 3: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/3.jpg)
3
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 4: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/4.jpg)
4
Action Item Item to be inspected (Previously…) :
UML Diagrams: package, component, deploy class, sequence diagrams
Item to be inspected Formal Requirement Specification: USE/OCL
![Page 5: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/5.jpg)
5
Action Item
![Page 6: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/6.jpg)
6
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 7: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/7.jpg)
7
Final Software Production Demo What are the new features ?
Synchronous -> Asynchronous XSB Query Option
![Page 8: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/8.jpg)
8
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 9: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/9.jpg)
9
Component Design Component Diagram
![Page 10: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/10.jpg)
10
Component Design Reactor Pattern Structure
![Page 11: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/11.jpg)
11
Component Design Command Pattern Structure
![Page 12: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/12.jpg)
12
Component Design Command Pattern Structure: Set Time Button
![Page 13: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/13.jpg)
13
Component Design Command Pattern Structure: Start Snort Button
![Page 14: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/14.jpg)
14
Component Design Command Pattern Structure: RadioBox
![Page 15: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/15.jpg)
15
Component Design Parser:
![Page 16: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/16.jpg)
16
Component Design Parser: Result.txt int(probeOtherMachine('192.168.10.80',external),c,range(1904834156,0)) strengthenedPf int(probeOtherMachine('192.168.10.80',external),l,range(1904834156,0)) summarizedFact skolem(0)
obsMap.P obsList(obsFacts(0),[oid_1299,oid_1405,oid_1442,oid_1476,oid_1488,oid_1520,oid_1790,oid_6851]).
obs.P obs(oid_1299, snort('1:1201', '192.168.10.80', '128.111.43.65', 1039206341)). obs(oid_1405, snort('1:1201', '192.168.10.80', '128.111.43.65', 1039206357)). obs(oid_1442, snort('1:1201', '192.168.10.80', '128.111.43.65', 1039206358)).
![Page 17: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/17.jpg)
17
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 18: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/18.jpg)
18
Assessment Evaluation Test Suite 1: Operating Snort
Test # SR # Description Expected Outcome Actual Outcome
TS1.1 SR2.1SR2.5
The user will click the Start Snort button to start Snort.
Snort status table will display “Snort Started”. The Start Snort button will change to Stop Snort button.
Same as Expected
TS1.2 SR2.2SR2.5
The user will click the Stop Snort button to stop Snort.
Snort status table will display “Snort Stopped”. The Stop Snort button will change to Start Snort button.
Same as Expected
![Page 19: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/19.jpg)
19
Assessment Evaluation Test Suite 2: Operating SnIPS
Test # SR # Description Expected Outcome Actual Outcome
TS2.1 SR3.4SR3.7SR3.10SR4.2
The user will click the Set Time Frame button to set the start and end time for SnIPS and click Ok button after the start and end time is selected.
SnIPS status table will display the start and end time. Pre-processing and DoAll button is now enabled.
Same as Expected
TS2.2 SR3.4SR3.10SR4.2
The user can cancel setting the start and end time by clicking the Cancel button in the pop-up frame from Set Time Frame button
No Change Same as Expected
TS2.3 SR3.1 The user will click the Pre-processing button based on the time frame in TS2.1 for running SnIPS pre-processing.
A pop-up message box will show up displaying the “obs_xxx.P” file name is created. Summarization button is enabled at this time.
Same as Expected
![Page 20: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/20.jpg)
20
Assessment Evaluation Test Suite 2: Operating SnIPS
Test # SR # Description Expected Outcome Actual Outcome
TS2.4 SR3.2 The user will click the Summarization button based on the time frame in TS2.1 for running SnIPS summarization.
A pop-up message box will show up displaying the “summ_xxx.P” file name is created. Trace button is enabled at this time.
Same as Expected
TS2.5 SR3.3 The user will click the Trace button based on the time frame in TS2.1 and select optional query for XSB engine for running SnIPS trace.
A pop-up message box will show up displaying the “result.txt” file name is created. Backtrack Output button is enabled at this time.
Pop-up message didn’t show up. Error Message: unexpected input.
Solved !
TS2.6 SR3.8SR4.1SR4.2
The user will click the Back Track button to show the SnIPS proof strengthening results.
The proof strengthening results are shown in web-based by the browser.
Same as Expected
TS2.7 SR3.5 The user will click the DoAll button to show the resunt SnIPS operation for SR3.1 ~ 3.3 and SR 3.8
The proof strengthening results are shown in web-based by the browser.
Same as Expected
![Page 21: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/21.jpg)
21
Assessment Evaluation Test Suite 3: Trace Output Webpage
Test # SR # Description Expected Outcome Actual Outcome
TS3.1 SR5.1 The user will click the links provided in web-based proof strengthening result to show primitively summarized alerts.
Primitively summarized alerts for each proof strengthened result will be shown.
Same as Expected
TS3.2 SR6.1 The user will click the links next to the primitively summarized alerts provided in web-based proof strengthening result to show alert payload.
Payload for each alert will be shown.
Same as Expected
TS3.3 SR7.1 The user will click the links named with SID provided in web-based proof strengthening result to show triggered Snort rule.
The Snort rule triggered by the SID alert will be shown.
Same as Expected
TS3.4 SR7.2 The user will click the Snort rule description link provided in Snort rule webpage.
The Snort rule description will be shown with the same SID as in TS7.1
Same as Expected
![Page 22: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/22.jpg)
22
Outline
Action Item Final Software Production Demo Component Design Assessment Evaluation Project Evaluation
![Page 23: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/23.jpg)
23
Project Evaluation: SLOC
Actual SLOC: cloc-1.09
Program Language
File Blank Comment Code
Java 3 429 333 1765
PHP 5 177 54 455
JavaScript + Ajax 2 39 0 175
Total 10 645 387 2395 LOC
Project Plan 2.0 : Phase I : 1200 Phase II : 2020 (+ ~800 ) Phase III : 2700 (+ ~700 )
![Page 24: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/24.jpg)
24
Project Evaluation: SLOC
![Page 25: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/25.jpg)
25
Project Evaluation: Time Duration
Actual Duration
Programming Documentation Subtotal
Phase I 40 80 120
Phase II 80 107 187
Phase III 135 110 245
Total (hr): 550 255 hrs 295 hrs 550 hrs
Project Plan 2.0 :
Programming Document Meeting Reading Web Presentation Subtotal
Phase I (min) 2005 2240 480 295 405 120 92.42 hrs
Phase II (min) 3395 4925 375 0 70 195 149.33 hrs
Phase III (min) 2110 2455 180 0 50 120 81.92 hrs
Total (hr)323.66 hrs
7510 / 60 = 125.17
9620 / 60 = 160. 33
1035 / 60 = 17 .25
295 / 60 = 4.91
525 / 60 = 8.75
435 / 60 = 7.25323.66 hrs
![Page 26: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/26.jpg)
26
Project Evaluation: Time Duration
![Page 27: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/27.jpg)
27
Project Evaluation: Summarization Replace Linux Command to Simple Buttons
Convert Plain Text File to Webpage with Links Snort Rules & Description Payload
Current Users: System Administrators Researchers
![Page 28: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/28.jpg)
28
Project Evaluation: Lesson Learnt Software Management and Software Engineering
Design
Flexibility of Architecture Design
Software Prototypes
![Page 29: SnIPS Implementation and GUI 3 rd Presentation](https://reader036.vdocuments.site/reader036/viewer/2022062408/56813c96550346895da64733/html5/thumbnails/29.jpg)
29
Questions & Answers
SnIPS Implementation and GUI