[Bro] Backdoor Analyzer for interactive traffic
Abhinay Kampasi
abhinay at cs.utexas.edu
Sat Nov 11 10:25:29 PST 2006
Hi Vern,
I was reading the "Detecting Backdoors" paper which talks about a general
algorithm for detecting interactive traffic as well as some special-purpose
algorithms. The backdoor policy script in Bro only has the implementation
for detecting special-purpose backdoors. Is there any way I can use the
general algorithm in Bro? I am writing an anomaly detector which needs to be
applied only on interactive traffic.
Thanks and Regards,
Abhinay
More information about the Bro
mailing list