The introduction of malformed or forged (spoofed) IP source addresses into a network by online criminals is increasingly a challenging task for network administrators. Every data breach or costly identity-theft case reported in the media erodes the public’s confidence in the security of online transactions, thereby jeopardizing the ability of organizations to conduct transactions online. The detection and prevention of malicious behavior that can undermine corporate security policies in a large network environment are therefore of primary concern. This paper presents an intelligent system for detecting network IP-spoofing vulnerabilities in real time. A system of cooperative multi-agents using collaborative information and mobile agent technologies is applied to a pool of real estate management business application (implemented in PHP). The agents travel through the distributed system and interpret and apply rule-learning algorithms to the web-based transaction data. The information generated serves as input to a binary file and running the binary file generates a binary output decision that can be used to provide enhanced real-time IP-spoofing vulnerability detection. This enables operators to respond to fraud by detection, service denial and prosecutions against fraudulent users. A proactive login control system is also implemented to monitor IP addresses and the files they are accessing over the Internet. The multi-agent approach is shown to be effective in detecting fraudulent transaction data from Real Estate Management network environments. The positive result obtained during the site testing in an intranet environment will produce the same result for Internet. This software has been tested for special functional features such as search indexes, user input forms and other marketing tools using common browsers such as Microsoft Internet Explorer, Opera and Mozilla Fire Fox.

In the faceless world of the Internet, a large number of generic security vulnerabilities constitute one of the greatest reasons of loss for web merchants. These software bugs can be found and exploited in server software, client applications and the operating system itself. Sometimes protocols are inherently flawed and therefore any application making use of that specific protocol will be vulnerable (Velasco, 2003).

Unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet may take the form of attacks, for example, by crackers, malware and/or disgruntled employees. These attempts include network attacks against vulnerable services, data-driven attacks on applications, hostbased attacks such as privilege escalation, unauthorized logins and access to sensitive files and malware (viruses, trojan horses and worms).

Information Technology Journal, Classification learning, Hackers, Identity fraud, Industry-specific package, Multi-agents, Vulnerability protection.