TU Berlin

Internet Network ArchitecturesMarco Canini's Publications


zur Navigation

Es gibt keine deutsche Übersetzung dieser Webseite.

Marco Caninis's Publications

Bro: An Open Source Network Intrusion Detection System.
Zitatschlüssel S-BOSNIDS-03
Autor Sommer, Robin
Buchtitel Security, E-Learning, E-Services, 17. DFN-Arbeitstagung über Kommunikationsnetze
Seiten 273–288
Jahr 2004
ISBN 3-88579-373-3
Ort Düsseldorf, Germany
Jahrgang 44
Herausgeber von Knop, Jan and Haverkamp, Wilhelm and Jessen, Eike
Verlag Gesellschaft für Informatik (GI)
Serie Lecture Notes in Informatics (LNI)
Zusammenfassung Bro is a powerful, but largely unknown open source network intrusion detection system. Based on a sound design, Bro achieves its main goals–-separating policy from mechanisms, efficient operation in high-volumne networks, and withstanding attacks against itself–-by using an event-driven approach. Bro contains several analyzers (e.g. protocol decoders for a variety of network protocols and a signature matching engine), which are by themselves policy-neutral but raise events as an abstraction of the underlying network activity. Based on scripts written in Bro's own powerful scripting language, the user defines event handlers to specify his environment-specific policy.\\ We give an overview about the design and implementation of Bro, describe our experiences with deploying it in large-scale environment, and present some of our extensions.
Link zur Publikation Download Bibtex Eintrag



Schnellnavigation zur Seite über Nummerneingabe