[Bro] how can evaluate bro
Johanna Amann
johanna at icir.org
Wed May 9 08:54:20 PDT 2018
Hi,
> hello Every One can some one tel me if there is an dataset or tool
> that
> allow me for evaluation of bro ids against new attack and technic
> evastion
> and also generation of false alert and the number of droped packet
I am not aware of anything - I think you are on yourself here. Have fun
building it :)
Also note that Bro mostly does not really do attack detection; by
default the logs (mostly) only describe what happened on the networks
without attaching any opinion to it. So - you probably also have to
write the attack detection code yourself.
Johanna
More information about the Bro
mailing list