[Bro] Bro IDS anomaly detection
masoom.alam at gmail.com
Tue Oct 20 10:02:48 PDT 2015
Actually there is a lot of work in the literature on anomaly detection
using snort but in bro there is no or less work.....whether the existing
bro scripts are enough for network intrusion detection.....where u think
enhancements can be made? A sans document on finding web application attack
using bro scripting.....what do u think if bro logs are used for anomaly
detection.... Any work already done in this direction?
On Oct 20, 2015 12:19 PM, "ali abbas" <ali_cancerian786 at hotmail.com> wrote:
> Dear All.
> I am working in the area of Anomaly detection. I am interested in
> understanding the existing mechanism implemented in BRO.
> Please refer me some useful material and/or research papers, especialy how
> it is different than SNORT.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro