BRO - an Intrusion Detection System

Network Intrusion Detection Systems (NIDS) have existed for several decades. The last 10 years they have also been a common security equipment in many companies/organisations. With the ongoing challenging cyberwar we need these kind of ”smart” software to win the battle – a battle we can not loose! Bro is a very flexible, powerful and scaling Intrusion Detection System that have a different approach than ”traditional”. In addition to this it is open source. I have in this article described IDS in general and Bro NIDS more in details.

[1]  Syed Haque,et al.  Towards Cyber Defense: Research in Intrusion Detection and Intrusion Prevention Systems , 2010 .

[2]  Fulvio Risso,et al.  An architecture for high performance network analysis , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[3]  Jian Zhang,et al.  Traffic Trace Artifacts due to Monitoring Via Port Mirroring , 2007, 2007 Workshop on End-to-End Monitoring Techniques and Services.

[4]  Anja Feldmann,et al.  Enriching network security analysis with time travel , 2008, SIGCOMM '08.

[5]  J.D. Day,et al.  The OSI reference model , 1983 .

[6]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[7]  David W. Barron Scripting languages , 2003 .