Bro Intrusion Detection System
Software
·
OSTI ID:1245188
Bro is a Unix-based Network Intrusion Detection System (IDS). Bro monitors network traffic and detects intrusion attempts based on the traffic characteristics and content. Bro detects intrusions by comparing network traffic against rules describing events that are deemed troublesome. These rules might describe activities (e.g., certain hosts connecting to certain services), what activities are worth alerting (e.g., attempts to a given number of different hosts constitutes a "scan"), or signatures describing known attacks or access to known vulnerabilities. If Bro detects something of interest, it can be instructed to either issue a log entry or initiate the execution of an operating system command. Bro targets high-speed (Gbps), high-volume intrusion detection. By judiciously leveraging packet filtering techniques, Bro is able to achieve the performance necessary to do so while running on commercially available PC hardware, and thus can serve as a cost effective means of monitoring a site's Internet connection.
- Short Name / Acronym:
- Bro; 001905IBMPC00
- Site Accession Number:
- LBNL CR- 2241
- Version:
- 00
- Programming Language(s):
- Medium: X; OS: FreeBSD/Linux; Compatibility: PC
- Research Organization:
- Lawrence Berkeley National Laboratory (LBNL), Berkeley, CA (United States)
- Sponsoring Organization:
- DOE and NSF
- DOE Contract Number:
- AC02-05CH11231
- OSTI ID:
- 1245188
- Country of Origin:
- United States
Similar Records
Security Evaluation of Two Intrusion Detection Systems in Smart Grid SCADA Environment
Autonomous Rule Creation for Intrusion Detection
Intrusion Monitoring in Process Control Systems
Conference
·
Sat Sep 01 00:00:00 EDT 2018
· 2018 North American Power Symposium (NAPS)
·
OSTI ID:1985687
Autonomous Rule Creation for Intrusion Detection
Conference
·
Thu Mar 31 20:00:00 EDT 2011
·
OSTI ID:1023508
Intrusion Monitoring in Process Control Systems
Conference
·
Wed Jan 07 23:00:00 EST 2009
·
OSTI ID:946141