广东工业大学学报 ›› 2005, Vol. 22 ›› Issue (2): 64-68.

• 综合研究 • 上一篇    下一篇

一种实时的网络入侵检测系统——Bro的研究

  

  1. 广东工业大学计算机学院; 广东工业大学计算机学院 广东广州510090; 广东广州510090; 广东广州510090;
  • 出版日期:2005-06-01 发布日期:2005-06-01
  • 基金资助:

    广东省自然科学基金团队项目(20003051)

The Study of Bro: a System for Detecting Network Intruder in Real-time

  1. (Facultyof Computer, Guangdong University of Technology, Guangzhou 510090,China)
  • Online:2005-06-01 Published:2005-06-01

摘要: 论述了目前网络上非常流行的一种轻量级开放源码的入侵检测系统———Bro的工作原理及其系统结构,给出了几个策略脚本编写实例,并对Bro和Snort这两个开放源码的入侵检测系统进行了简单的比较. 

关键词: 入侵检测; Bro; 网络安全; NIDS;

Abstract: This paper describes the basic work principle and system structure of Bro which is a very popular, opening source codes and lightweight Network Intrusion Detection System, and provides several instances of policy script for some network intrusions. It simply compares Bro with Snort. Both of them are opening sources code NIDS.

Key words: intrusion detection; Bro; network security; NIDS;

[1] 张翔,张吉才,王韬,米东.  开放源代码入侵检测系统——Snort的研究[J]. 计算机应用. 2002(11)

[1] 唐正军等编著.网络入侵检测系统的设计与实现[M]. 电子工业出版社, 2002

[1] VernPaxson.Bro:ASystemForDetectingNetworkIntruderInReal time. . 1999

[2] MarkHandley,VernPaxson.NetworkIntrusionDetection:Evasion,TrafficNormalization,andEnd to EndProtocolSemantics. ProcUSENIXSecuritySymposium . 2001

[3] VernPaxson.TheBro0.8UserManual. . 2002
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!