论文信息 - A brief study and comparison of Snort and Bro Open Source Network Intrusion Detection Systems

A brief study and comparison of Snort and Bro Open Source Network Intrusion Detection Systems

Security administration plays a vital role in network management tasks. The intrusion detection systems are primarily designed to protect the availability, confidentiality and integrity of critical network information systems. There are plenty of IDSes to choose from, both commercial and open source. Since most of the commercial intrusion detection systems are at typically thousands of dollars and they tend to represent a significant resource requirement in themselves, for small networks, use of such IDS is not feasible. Therefore mostly open source IDS are being used. This paper provides a general working behaviour, features and comparison of two most popular open source network IDS - SNORT & BRO. Keywords-alerts, intrusion, logging, network traffic, open source, packets

Pritika Mehra | P. Mehra

[1] Roger Larsen,et al. BRO - an Intrusion Detection System , 2011 .

[2] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[3] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .

[4] Rafeeq Ur Rehman,et al. Intrusion Detection with SNORT (Bruce Perens' Open Source Series): Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID , 2003 .

[5] Jonas Taftø Rødfoss. Comparison of open source network intrusion detection systems , 2011 .

[6] A. Nur Zincir-Heywood,et al. A Case Study of Three Open Source Security Management Tools , 2003, Integrated Network Management.