[Bro] Packet anonymization using Bro
Pratik Narang
pratik.cse.bits at gmail.com
Fri Oct 12 04:22:56 PDT 2012
I read a research article about packet trace anonymization co-authored by a
researcher from ICIR using Bro in its approach.
The paper:
A High-level Programming Environment for Packet Trace Anonymization and
Transformation
Authors:
Ruoming Pang, Department of Computer Science, Princeton University
Vern Paxson, International Computer Science Institute
To quote the authors, "We implemented the anonymizer as an extension to Bro
[16], a network intrusion detection system, to take advantage of its
application
parsers and its built-in language support for policy scripts."
I am quite new to IDSs and have hardly touched Bro. But this work of packet
anonymization concerns my research area and if Bro provides such
functionality (or extensiblity) then I would love to explore it.
Can some Bro users point out to me if such an anonymizer is officially a
part of Bro, or maybe as a third-party plug in? My research concerns Deep
Packet Anonymization at IP layer and beyond for the headers and the
payloads for P2P networks.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20121012/9a944220/attachment.html
More information about the Bro
mailing list