Logo des Repositoriums
 

Bro: An open source network intrusion detection system

dc.contributor.authorSommer, Robin
dc.contributor.editorKnop, Jan Von
dc.contributor.editorHaverkamp, Wilhelm
dc.contributor.editorJessen, Eike
dc.date.accessioned2019-10-16T09:34:29Z
dc.date.available2019-10-16T09:34:29Z
dc.date.issued2003
dc.description.abstractBro is a powerful, but largely unknown open source network intrusion detection system. Based on a sound design, Bro achieves its main goals – separating policy from mechanisms, efficient operation in high-volume networks, and withstanding attacks against itself – by using an event-driven approach. Bro contains several analyzers (e.g. protocol decoders for a variety of network protocols and a signature matching engine), which are by themselves policy-neutral but raise events as an abstraction of the underlying network activity. Based on scripts written in Bro's own powerful scripting language, the user defines event handlers to specify his environment-specific policy. We give an overview about the design and implementation of Bro, describe our experiences with deploying it in a large-scale research environment, and present some of our extensions.en
dc.identifier.isbn3-88579-373-3
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/29277
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSecurity, E-learning, E-Services, 17. DFN-Arbeitstagung über Kommunikationsnetze
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-44
dc.titleBro: An open source network intrusion detection systemen
dc.typeText/Conference Paper
gi.citation.endPage288
gi.citation.publisherPlaceBonn
gi.citation.startPage273
gi.conference.date2003
gi.conference.locationDüsseldorf
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
GI-Proceedings.44.innen-15.pdf
Größe:
240.24 KB
Format:
Adobe Portable Document Format