Creating a Policy Based Network Intrusion Detection System using Java Platform

Computer network attacks are rapidly increasing on a global scale. Security mechanisms are established and used extensively to counter these security threats knowing their ubiquitous nature and severity. Like in most Financial institions and big Organizations world wide, in most Nigeria Universities network security threats have become a major chanlenge and of great concern to the University authorities. Most Nigeria Universities rely solely on their established networks for revenue generation. The Universities have adopted some policies that are peculiar to its needs. Several reported breaches in these Universities network by intruders and sometimes insiders threat have become a major challenge to the authorities. Hence, this paper addressed the security policy based apparatus to stop the havoc caused by these threats. Among the deployable security arsenals is Intrusion Detection System (IDS). There was a need to customized IDS to suit the security policies of specific University network and these security policies vary from network to network. In order to meet this need, a signature-based Network Intrusion Detection System was design to suit the policies of each university network and to accommodate policy changes. This was achieved through Java platform, that is, Jnetpcap Library and Java Expert System Shell (JESS). The results obtained shows that Java’s Jnetpcap Library and Expert System Shell provided a way to accommodate dynamic network demands as well as stop specific intrusion. The created Network Intrusion Detection System (NIDS) improved the overall robustness and security of the Network