International Journal of Scientific & Technology Research

IJSTR@Facebook IJSTR@Twitter IJSTR@Linkedin
Home About Us Scope Editorial Board Blog/Latest News Contact Us

IJSTR >> Volume 1 - Issue 3, April 2012 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Misuse detection system based- snortrules-JESS using multiagents

[Full Text]



Asmaa Shaker Ashoor,Sharad Gore



Misuses detection, JESS, Snort rules, Multi-agent



In this work, we propose a novel Network Intrusion Detection Systems (NIDSs) architecture utilizing the misuse detection approach. This Network Intrusion Detection System architecture utilizes misuse detection agent. The proposed misuse detection agent adopts the novel framework by using Java Expert System Shell (JESS) and Snort rules along with the integration of multi agents. This approach achieves efficient misuse detection by detecting various types of network attacks and improves system performance. This approach introduces the framework for the network database security by implementation of a real time monitoring system using multi-agents. The NIDS uses the set of rules which defines the misuse behavior of user. This rule generation system is used based on JESS and Snort rules in order to use the rules for well known attacks and then taking the further decisions depended on multi-agents before intrusion occurs.



[1] \\\"Snort Rule \\\" http://www.snort.org/snort-rules/
[2] Allam Appa Rao, P.Srinivas, B. Chakravarthy, K.Marx, and P. Kiran \\\"A Java Based Network Intrusion Detection System (IDS)\\\", Andhra university college of engineering , India, proceeding of the 2006 IJME-INTERTECH Conference.
[3] Guy Helmer, Johnny S.K. Wong , Vasant Honavar, Les Miller, Yanxin Wang \\\" Lightweight agents for intrusion detection\\\", The Journal of Systems and Software 67 (2003) , http://www.cs.iastate.edu/~honavar/Papers/jss-lightweight.pdf
[4] M. Benattou, and K. Tamine \\\" Intelligent Agents for Distributed Intrusion Detection System \\\", World Academy of Science, Engineering and Technology 6 2005 http://www.waset.org/journals/waset/v6/v6-45.pdf
[5] JESS Rules, http://www.jessrules.com/
[6] RATE Algorithm, http://herzberg.ca.sandia.gov/docs/52/rete.html
[7] Fabio Bellifemine1, Agostino Poggi, and Giovanni Rimassa \\\" Developing Multi-agent Systems with JADE\\\",2004. http://www.abdn.ac.uk/~csc232/teaching/CS4027/abdn.only/jade_book.pdf
[8] Aijaz Ahmed, signature-based network intrusion detection system using JESS(SNIDJ),master thesis,2004.
[9] E. Mosqueira-Rey, A. Alonso-Betanzos, B. Guijarro-Berdiñas, D. Alonso-Ríos and J. Lago-Piñeiro A Snort-based agent for a JADE mulit-agent intrusion detection system, Int. J. Intelligent Information and Database Systems, Vol. 3, No. 1, 2009.