[Bro] Creating anomaly detection IDPS
fatema bannatwala
fatema.bannatwala at gmail.com
Wed May 24 13:21:37 PDT 2017
Hi Dan,
There are various ways one can use to detect anomaly using Bro based on the
network traffic.
Use of Intel FW and Scan scripts with Bro gives a start to detect different
types of scanning and other suspicious activity going on in the network.
Not sure what's exactly your use-case is regarding NSL-KDD training sets
with Bro.
Are you trying to use Bro generated network data as the test set for your
classifiers/learning algos?, or trying to feed Bro with the NSL-KDD
training sets? I don't think machine learning is currently being supported
by Bro.
Or I might have mis-understood the question :)
-Fatema.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170524/502e6d27/attachment.html
More information about the Bro
mailing list