[Bro] Packet anonymization using Bro
pratik.cse.bits at gmail.com
Fri Oct 12 04:22:56 PDT 2012
I read a research article about packet trace anonymization co-authored by a
researcher from ICIR using Bro in its approach.
A High-level Programming Environment for Packet Trace Anonymization and
Ruoming Pang, Department of Computer Science, Princeton University
Vern Paxson, International Computer Science Institute
To quote the authors, "We implemented the anonymizer as an extension to Bro
, a network intrusion detection system, to take advantage of its
parsers and its built-in language support for policy scripts."
I am quite new to IDSs and have hardly touched Bro. But this work of packet
anonymization concerns my research area and if Bro provides such
functionality (or extensiblity) then I would love to explore it.
Can some Bro users point out to me if such an anonymizer is officially a
part of Bro, or maybe as a third-party plug in? My research concerns Deep
Packet Anonymization at IP layer and beyond for the headers and the
payloads for P2P networks.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro