[Bro] Bro behavioral analysis

Savakh S sovakah at gmail.com
Wed Jul 29 05:08:33 PDT 2015

Can someone explain why Bro is said "behavioral" IDS  and give an
example ? I understand Bro can perform protocol analysis, DPI, by its
analyzers, but what about "behavioral" ?

Thanks in advance.

More information about the Bro mailing list