www.archive-org-2013.com » ORG » B » BRO

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

    Archived pages: 1122 . Archive date: 2013-12.

  • Title: The Bro Network Security Monitor
    Descriptive info: .. Home.. Downloads.. Documentation.. Release.. Development.. Support.. Community.. Overview.. Git.. Issue Tracker.. Research.. Contact.. Site Map.. The Bro Network Security Monitor.. Bro is a powerful network analysis framework that is much different from the typical IDS you may know.. Adaptable.. Bro's domain-specific scripting language enables site-specific monitoring policies.. Efficient.. Bro targets high-performance networks and is used operationally at a variety of large sites.. Flexible.. Bro is not restricted to any particular detection approach and does not rely on traditional signatures.. Forensics.. Bro comprehensively logs what it sees and provides a high-level archive of a network's activity.. Commercially Supported.. Broala offers consulting, training, and custom development by the creators of Bro.. More.. In-depth Analysis.. Bro comes with analyzers for many protocols, enabling high-level semantic analysis at the application layer.. Highly Stateful.. Bro keeps extensive application-layer state about the network it monitors.. Open Interfaces.. Bro interfaces with other applications for real-time exchange of information.. Open Source.. Bro comes with a BSD license, allowing for free use  ...   for securing their cyberinfrastructure.. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.. Bro has originally been developed by Vern Paxson, who continues to lead the project now jointly with a core team of researchers and developers at the.. International Computer Science Institute.. in Berkeley, CA; and the.. National Center for Supercomputing Applications.. in Urbana-Champaign, IL.. Search.. Loading.. Events.. No events scheduled currently.. See.. past events.. Job Openings.. We have.. open positions.. Videos.. See the.. Bro YouTube channel.. Blog.. Twitter.. @Bro_IDS.. Tweets by @Bro_IDS.. Sponsors.. Resources.. Blog.. Developer Mailing List.. Git Repositories.. User Mailing List.. Related Projects.. The Time Machine.. The ICSI Certificate Notary.. Related Sites.. Networking Group at ICSI.. Security Group at NCSA.. Team.. Vern Paxson.. Bernhard Amann.. Vlad Grigorescu.. Seth Hall.. Liam Randall.. Scott Runnels.. Aashish Sharma.. Jonathan Siwek.. Adam Slagell.. Robin Sommer.. Daniel Thayer.. Matthias Vallentin.. Funding.. National Science Foundation Award ACI-1032889.. National Science Foundation Award ACI-1348077.. 2013 The Bro Project.. Logo design by.. DigiP.. Internal Pages.. TOP..

    Original link path: /
    Open archive

  • Title: Downloads
    Descriptive info: We provide Bro as source code and in binary form for some selected platforms.. We are also looking for volunteers willing to maintain Bro packages for.. OS.. distributions, in particular for the various flavors of Linux.. If you re interested, please.. get in touch.. with us, and we ll be happy to help where we can.. Bro.. Download.. Bro 2.. 2.. Stable release, source code.. Released Nov 07, 2013.. The.. git repositories.. have the current development version.. archive.. for older versions.. Check the.. OpenPGP signature.. first.. NEWS.. for release notes and.. CHANGES.. for the complete list of changes compared to past versions.. BroControl has its.. own list.. Bro requires a Unix platform.. We support Linux, FreeBSD, and Mac.. , both 32-bit and 64-bit.. Other Unix platforms may work as well but are not regularly tested.. Components.. The main Bro distribution consists of a number of individual components that you can also download and use separately:.. BinPAC 0.. 41.. A protocol parser generator.. (.. ).. Changelog.. PGP.. bro-aux  ...   module for.. CIDR.. lookups.. trace-summary 0.. 82.. A script generating break-downs of network traffic.. Binary Packages.. The following table contains links to binary builds of Bro, Broccoli, and BroControl.. Bro packages labeled as minimum do not include Broccoli or BroControl components, while Bro packages labeled as full do.. Mac.. X packages are currently for Mavericks (10.. 9) only.. Both.. DEB.. and.. RPM.. package flavors are built for x86_64 architectures only and were generated on Debian 6 and CentOS 6 operating systems, respectively.. Package Name.. X Installer.. Debian Package.. Package.. 2 (full).. DMG.. 2 (minimum).. OpenPGP Signing Key.. We sign all Bro releases with the following OpenPGP key:.. pub 4096R/F8CB8019 2011-11-04 [expires: 2016-10-18] Key fingerprint = 962F D218 7ED5 A1DD 82FC 478A 33F1 5EAE F8CB 8019 uid The Bro Team info bro.. org sub 4096R/6F9AD2A2 2011-11-04 [expires: 2016-10-18] sub 4096R/F56ACC7E 2011-11-04 [expires: 2016-10-18] sub 4096R/83633A6B 2011-11-04 [expires: 2016-10-18].. To get the key, follow.. this link.. , or retrieve it from any of the standard key servers.. Page Contents..

    Original link path: /download/index.html
    Open archive

  • Title: Documentation
    Descriptive info: Bro is a powerful system that on top of the functionality it provides out of the box, also offers the flexibility to customize analysis pretty much arbitrarily.. We provide a range of documentation material ranging from introductory material to get you started, to full references of Bro s  ...   common questions about Bro and the Bro Project.. Bro Manual.. Introduction.. Installation.. Quickstart Guide.. Using Bro.. Writing Bro Scripts.. Frameworks.. Setting up a Bro Cluster.. Script Reference.. Subcomponents.. Training Material.. A collection of training material we have created over time, including presentations, videos, and hands-on exercises from Bro Workshops..

    Original link path: /documentation/index.html
    Open archive

  • Title: Bro Documentation — Bro 2.2-9 documentation
    Descriptive info: Navigation.. index.. notices.. |.. next.. 2-9 documentation.. Bro Documentation.. Features.. History.. Architecture.. Installing Bro.. Upgrading Bro.. Quick Start Guide.. Managing Bro with BroControl.. Bro as a Command-Line Utility.. Working with Log Files.. Understanding Bro Scripts.. The Event Queue and Event Handlers.. The Connection Record Data Type.. Data Types and Data Structures.. Custom Logging.. Raising Notices.. File Analysis.. GeoLocation.. Input Framework.. Intelligence Framework.. Logging Framework.. Notice Framework.. Signature Framework.. Summary Statistics.. Intro.. Frontend Options.. Bro Script Packages.. Protocol Analyzers.. File Analyzers..  ...   parser generator.. Broccoli - The Bro Client Communication Library (README).. Broccoli - User Manual.. BroControl - Interactive Bro management shell.. Bro-Aux - Small auxiliary tools for Bro.. BTest - A unit testing framework.. Capstats - Command-line packet statistic tool.. PySubnetTree - Python module for CIDR lookups.. trace-summary - Script for generating break-downs of network traffic.. General Index.. Search Page.. Table of Contents.. Next Page.. Copyright 2013, The Bro Project.. Last updated on December 04, 2013.. Created using.. Sphinx.. 1.. 1.. 3..

    Original link path: /sphinx-git/index.html
    Open archive

  • Title: Support
    Descriptive info: We have a number of resources available to provide help with using Bro, including channels to reach out the broader community and a commercial option for sites that need professional support.. Community Resources.. Mailing List.. The best place ask questions is the Bro user mailing list.. Feel free to ask for help, post your thoughts on Bro, and announce related work and projects that may be of interest to other Bro users.. You can browse the mailing list s.. Our blog provides regular news and background.. Twitter.. Follow our Twitter account.. Bro_IDS.. to stay up to date with recent development.. When tweeting about Bro, make sure to include.. so that we see it.. IRC.. A number  ...   Reporting Problems.. We have collected some.. guidelines on providing context when reporting problems.. Contacting Us.. You can.. contact the Bro Project.. directly for specific questions.. However, please keep in mind that our in-house resources for support remain limited.. For general questions about Bro we may redirect you to the.. mailing list.. where others can chime in and everybody will benefit from an answer.. Commercial Support.. ICSI.. spin-off.. Broala.. provides professional Bro services to organizations looking for an alternative beyond what the resources of the non-profit grant-funded Bro team can provide.. Founded by core members of the Bro project, Broala offers strategic consulting on Bro installation, deployment, and customization, as well as individualized training and contract development..

    Original link path: /support/index.html
    Open archive

  • Title: Community
    Descriptive info: As with any open-source project, we welcome feedback and contributions, and we encourage users to share their experiences.. Community Links.. Related Software.. A collection of external software provided by the larger Bro community.. Packet Traces.. A collection of publically available packet traces for experimentation and training.. Bro Workshops and Exchanges.. We regularly hold.. Bro Workshops.. Bro Exchanges.. as events to bring together the Bro community.. Contributing to Bro.. Custom Scripts.. We encourage Bro  ...   for this, and we plan to integrate git support into BroControl for directly downloading from such external repositories.. In the meantime, feel free to announce your scripts on the.. Bro mailing list.. or via Twitter to.. Patches and New Functionality.. For working on the Bro codebase itself, work from our official.. GitHub mirrors.. or clone the master.. bro.. org.. repositories directly from.. git://git.. bro.. org/ repo.. See our.. contribution guidelines.. for more information..

    Original link path: /community/index.html
    Open archive

  • Title: Development
    Descriptive info: Bro is an open-source system and we welcome and encourage contributions from the community, from small patches to new functionality.. If you d like to help with Bro development, browse the information on this page.. If you re running into problems, or are unsure where to start, send a mail to the development mailing list and we ll be happy to assist.. Development Codebase.. To get the source code for Bro s current development version, clone our master git repository:.. git clone --recursive git://git.. org/bro.. To browse the code online, go to our mirror on GitHub at.. https://github.. com/bro/bro.. Roadmap.. Lists our near- and medium-term goals for upcoming releases.. Development Mailing  ...   to Bro s git repositories.. These mails include full diffs of the corresponding edits and are a good way of keeping track of changes.. However, volume on this list is quite high.. Lists the Bro-related git repositories.. Tracks open problems as well as external contributions submitted for inclusion.. There are also some.. guidelines.. on using the tracker.. Notes and How-Tos.. A collection of more specific notes helpful when working on Bro.. Projects and Ideas.. A list of development projects either already in progress, or waiting for somebody to take them on.. Contributions.. Guidelines.. Guidelines for contributing functionality and fixes.. Documentation for.. master.. The documentation.. on this page.. follows the current development versions..

    Original link path: /development/index.html
    Open archive

  • Title: Research
    Descriptive info: For more than a decade now, Bro has successfully bridged the traditional gap between academic research and large-scale production deployment.. Much of the functionality now part of the core system originates in experimental research projects, often published at top-tier academic conferences.. In the same spirit, we summarize a number of related ongoing research efforts below that we currently pursue at the.. Results from these projects may eventually be integrated into the production system.. We also collect Bro-related publications on this page.. Over the years, Bro has not only been used as a platform for novel detection approaches, but also facilitated numerous more general traffic analysis studies.. Research Projects.. Understanding and Exploiting Parallelism in Deep Packet Inspection:.. Deep packet inspection (.. DPI.. ) is a crucial tool for protecting networks from emerging and sophisticated attacks.. However, it is becoming increasingly difficult to implement.. effectively due to the rising need for more complex analysis, combined with the relentless growth in the volume of network traffic that these systems must inspect.. To address this challenge, future.. technologies must exploit the power of emerging highly concurrent multi- and many-core platforms.. Unfortunately, however, current.. systems severely limit their use of parallelism by either resorting to coarse-grained load-balancing or restricting their analysis to very simple, hard-coded detectors.. In order to fully exploit parallel hardware platforms, in this project we develop a comprehensive approach that introduces parallelism across all stages of the complex.. pipeline.. We investigate application-independent scheduling strategies that take existing.. analyses and automatically parallelize their processing.. We do so by mapping them into a domain-specific intermediary representation that abstracts from specifics of the underlying hardware architecture while providing low-level consistency guarantees.. Conceptually, the project s goal is to virtualize and abstract parallelism as a fundamental primitive, just like how virtual memory abstracts away physical memory size limitations from programmers.. This project is currently funded by the National Science Foundation as a part of Award.. CNS.. -1228792.. The project is a collobaration with the.. University of Wisconsin Madison.. HILTI.. : A High-level Intermediary Language for Traffic Analysis.. Network intrusion detection systems need to balance between a set of challenges difficult to simultaneously address to their full extent: the complexity of network communication; the need to operate extremely efficiently to achieve line-rate performance; and dealing securely with untrusted input.. Our project aims to build an efficient and secure bridge between dealing effectively with these challenges, and offering the high-level abstractions required for describing a security policy.. Observing that.. NIDS.. implementations share a large degree of functionality, we introduce a new middle-layer into.. processing, consisting of two main pieces: first, an abstract machine model that is specifically tailored to the network traffic analysis domain and directly supports the field s common abstractions and idioms in its instruction set; and second, a compilation strategy for turning programs written for the abstract machine into highly optimized, natively executable code for a given target platform, with performance comparable to manually written C code.. As a broader goal, our undertaking provides the security community with a novel architecture that facilitates development and reuse of building blocks commonly required for network traffic analysis.. This project is currently funded by the National Science Foundation under Award.. -0915667.. , and by a grant from the.. Cisco Research Center.. BinPAC++: A Next-Generation Parser Generator for Network Protocols.. In.. earlier work.. , we developed.. BinPAC.. , a A yacc for generating application protocol parsers.. BinPAC is now part of the Bro distribution.. In a current effort, we are developing a significantly extended version, nick-named BinPAC++, that integrates semantic constructs into its protocol grammar language, rather than just syntax.. Doing so will allow us to move much of the high-level state-tracking that application-layer analysis requires into BinPAC++ protocol specifications, making them it suitable for reuse across different host applications.. Furthermore, the new BinPAC++ compiler now compiles into the instruction of the.. abstract machine (see above), and no longer into C++.. -0831535.. TWC.. : Option: Medium: Collaborative: Semantic Security Monitoring for Industrial Control Systems.. Industrial control systems differ significantly from standard, general-purpose computing environments, and they face quite different security challenges.. With physical air gaps now the exception, our critical infrastructure has become vulnerable to a broad range of potential attackers.. In this project we develop novel network monitoring approaches that can detect sophisticated semantic attacks: malicious actions that drive a process into an unsafe state without however exhibiting any obvious protocol-level red flags.. In one thrust, we conduct a measurement-centric study of.. ICS.. network activity, aimed at developing a deep understanding of operational semantics in terms of actors, workloads, dependencies, and state changes over time.. In a second thrust, we develop domain-specific behavior models that abstract from low-level protocol activity to their semantic meaning according to the current state of the processes under control.. Our goal is to integrate these models into operationally viable, real-time network monitoring that reports unexpected deviations as indicators of attacks or malfunction.. A separate Transition to Practice phase advances our research results into deployment-ready technology by integrating it into the open-source Bro network monitor.. Overall, our work will improve security and safety of today s critical infrastructure by providing effective, unobtrusive security monitoring tailored to their specific semantics.. In addition, we tie a number of educational activities to the research and involve students at all levels.. This project is currently funded by the National Science Foundation as a part of Awards.. -1314973.. -1314891.. Past Projects.. Exploiting Multi-Core Processors for High-Performance Traffic Monitoring.. The performance pressures on implementing effective network security monitoring are growing fiercely in multiple dimensions, outpacing improvements in.. CPU.. performance.. The situation has now become dire with the end of Moore s Law for single CPUs.. In general, hardware vendors now turn to parallel execution many cores and many threads to sustain performance growth.. But adapting network security monitoring to such parallelism raises a host of challenging issues.. This project seeks to develop methodologies for effectively parallelizing in-depth security analysis of network activity.. Doing so requires structuring the processing into separate, low-level threads suitable for concurrent execution, for which several key issues must be addressed: forwarding packets only when all relevant threads have finished their vetting; minimizing inter-thread communication in the presence of global analysis algorithms; optimizing memory access patterns for locality; and providing effective performance debugging tools.. As a proof-of-concept, we have implemented a multi-threaded Bro version that demonstrates the key concepts developed.. This project was funded by the National Science Foundation as part of Award.. -0716636.. We are now integrating its results into the.. abstract machine (see above), which will provide a concurrency model that directly supports the developed approach.. Establishing a  ...   Of The X.. 509 Pki Using Active And Passive Measurements.. Internet Measurement Conference, 2011.. Neugschwandtner, P.. Comparetti, G.. Jacob, C.. Forecast Skimming Off The Malware Cream.. ACSAC.. , 2011.. E.. Wustrow, S.. Wolchok, I.. Goldberg, J.. Halderman.. Telex: Anticensorship In The Network Infrastructure.. Security Symposium, 2011.. Mikians, P.. Barlet-Ros, J.. Sanjuàs-Cuxart, J.. Solé-Pareta.. A Practical Approach To Portscan Detection In Very High-Speed Links.. Passive and Active Measurement Conference, 2011.. G.. Crescenzo, A.. Ghosh, A.. Kampasi, R.. Talpade, Y.. Zhang.. Detecting Anomalies In Active Insider Stepping Stone Attacks.. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, 2(1), pp.. 103-120, 2011.. Ouyang, S.. Ray, M.. Rabinovich, M.. Allman.. Can Network Characteristics Detect Spam Effectively In A Stand-Alone Enterprise?.. Anand, A.. A Comparative Study Of Handheld And Non-Handheld Traffic In Campus Wi-Fi Networks.. Passive and Active Measurement Workshop, 2011.. Caballero, C.. Grier, C.. Kreibich, V.. Measuring Pay-Per-Install: The Commoditization Of Malware Distribution.. Analysis Of Credentials Stealing Attacks In An Open Networked Environment.. Conference on Network and Systems Security, 2011.. International Conference on Dependable Systems and Networks, 2011.. Gill, M.. Arlitt, N.. Carlsson, A.. Mahanti, C.. Williamson.. Characterizing Organizational Use Of Web-Based Services: Methodology, Challenges, Observations And Insights.. Transactions on the Web, 2011.. Carlsson, P.. Gill, A.. Characterizing Intelligence Gathering And Control On An Edge Network.. Transactions on Internet Technology, 2011.. Hashemian, D.. Krishnamurthy, M.. Arlitt.. Web Workload Generation Challenges: An Empirical Investigation.. Wiley Software: Practice and Experience, 2011.. Blagodurov, M.. Improving The Efficiency Of Information Collection And Analysis In Widely-Used It Applications.. SPEC.. International Conference on Performance Engineering Industrial Track, 2011.. Maier, F.. Schneider, A.. Feldmann.. Nat Usage In Residential Broadband Networks.. Conference on Passive and Active Network Measurement, 2011.. Feldmann, V.. Paxson, R.. Sommer, M.. Vallentin.. An Assessment Of Malicious Activity Manifest In Residential Networks.. Conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2011.. Y.. Xu, M.. Bailey, E.. Weele, F.. Jahanian.. Canvus: Context-Aware Network Vulnerability Scanning.. Recent Advances in Intrusion Detection, 2010.. Sekar, R.. Krishnaswamy, A.. Gupta, M.. Reiter.. Network-Wide Deployment Of Intrusion Detection And Prevention Systems.. CoNEXT, 2010.. Frank, B.. Improving Content Delivery Using Provider-Aided Distance Information.. Internet Measurement Conference, 2010.. Kim, F.. Ager, A.. Today S Usenet Usage: Characterizing Nntp Traffic.. Global Internet Symposium, 2010.. Ager, F.. Schneider, J.. Kim, A.. Revisiting Cacheability In Times Of User Generated Content.. Carlsson, M.. Leveraging Organizational Etiquette To Improve Internet Security.. ICCCN.. , 2010.. Maier.. Residential Broadband Internet Traffic: Characterization And Security Analysis.. Ph.. D.. Thesis, Technische Universität Berlin, Berlin, Germany, 2010.. A First Look At Mobile Hand-Held Device Traffic.. Conference on Passive and Active Network Measurement, 2010.. Allman, V.. A Longitudinal View Of Http Traffic.. Passive and Active Measurement Workshop, 2010.. Krishnamurthy, W.. Willinger.. Understanding Online Social Network Usage From A Network Perspective.. 35 48, 2009.. Paxson, M.. On Dominant Characteristics Of Residential Broadband Internet Traffic.. Internet Measurement Conference, 2009.. Sommer, V.. Paxson, N.. Weaver.. An Architecture For Exploiting Multi-Core Processors To Parallelize Network Intrusion Prevention.. Concurrency and Computation: Practice and Experience, Wiley, 21(10), pp.. 1255 1279,.. 1532-0626, 2009.. Nechaev, V.. Allman, A.. Gurtov.. On Calibrating Enterprise Switch Measurements.. Weaver, R.. Detecting Forged Tcp Reset Packets.. Network.. Distributed System Security Symposium (scheduled to appear), 2009.. Basher, A.. Mahanti, A.. Williamson, M.. A Comparative Analysis Of Web And Peer-To-Peer Traffic.. World Wide Web, 2008.. Arlitt, Z.. Li, A.. Mahanti.. Characterizing User Sessions On Youtube.. Multimedia Computing and Networking, 2008.. Schneider, S.. Agarwal, T.. Alpcan, A.. The New Web: Characterizing Ajax Traffic.. Conference on Passive and Active Network Measurement, 4979, pp.. 31 40,.. 0302-8743, 2008.. Maier, R.. Sommer, H.. Dreger, A.. Paxson, F.. Enriching Network Security Analysis With Time Travel.. Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, 2008.. Vutukuru, H.. Balakrishnan, V.. Efficient And Robust Tcp Stream Normalization.. Symposium on Security and Privacy, 2008.. Sommer.. Predicting The Resource Consumption Of Network Intrusion Detection Systems.. Recent Advances in Intrusion Detection, 2008.. Youtube Traffic Characterization: A View From The Edge.. Internet Measurement Conference, 2007.. Erman, A.. Mahanti, M.. Arlitt, I.. Cohen, C.. Offline/Realtime Traffic Classification Using Semi-Supervised Learning.. Performance, 2007.. Arlitt, C.. Identifying And Dicriminating Between Web And Peer-To-Peer Traffic In The Network Core.. World Wide Web, 2007.. Vallentin, R.. Sommer, J.. Lee, C.. Leres, V.. Paxson, B.. Tierney.. The Nids Cluster: Scalable, Stateful Network Intrusion Detection On Commodity Hardware.. Symposium on Recent Advances in Intrusion Detection, 2007.. Paxson, J.. Terrell.. A Brief History Of Scanning.. Jung, R.. Milito, V.. On The Adaptive Real-Time Detection Of Fast-Propagating Network Worms.. GI.. SIG.. SIDAR.. Conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2007.. Stress Testing Cluster Bro.. DETER.. Community Workshop on Cyber Security Experimentation and Test, 2007.. Mogul, M.. Sc2D: An Alternative To Trace Anonymization.. MineNet workshop, 2006.. Pang, V.. Sommer, L.. Peterson.. Binpac: A Yacc For Writing Application Protocol Parsers.. Internet Measurement Conference, 2006.. Pang, M.. The Devil And Packet Trace Anonymization.. Computer Communication Review, 2006.. Gonzalez, V.. Enhancing Network Intrusion Detection With Integrated Sampling And Filtering.. Recent Advances in Intrusion Detection, 2006.. Shunting: A Hardware/Software Architecture For Flexible, High-Performance Network Intrusion Prevention.. , 2006.. Feldmann, M.. Mai, V.. Dynamic Application-Layer Protocol Analysis For Network Intrusion Detection.. Security Symposium, 2006.. Arlitt, B.. Krishnamurthy, J.. Mogul.. Predicting Short-Transfer Latency From Tcp Arcana: A Trace-Based Validation.. Internet Measurement Conference, 2005.. An Analysis Of Tcp Reset Behaviour On The Internet.. Computer Communications Review, 35(1), pp.. 37 44, 2005.. Bennett, J.. Lee, V.. A First Look At Modern Enterprise Traffic.. Dharmapurikar, V.. Robust Tcp Stream Reassembly In The Presence Of Adversaries.. Security Symposium, 2005.. Exploiting Independent State For Network Intrusion Detection.. , 2005.. Dreger, C.. Enhancing The Accuracy Of Network-Based Intrusion Detection With Host-Based Context.. Conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2005.. Kornexl, V.. Paxson, H.. Feldmann, R.. Building A Time Machine For Efficient Recording And Retrieval Of High-Volume Network Traffic.. Kreibich, R.. Policy-Controlled Event Management For Distributed Intrusion Detection.. International Workshop on Distributed Event-Based Systems, 2005.. Operational Experiences With High-Volume Network Intrusion Detection.. , 2004.. Jung, V.. Paxson, A.. Berger, H.. Balakrishnan.. Fast Portscan Detection Using Sequential Hypothesis Testing.. Symposium on Security and Privacy, 2004.. U.. Shankar, V.. Active Mapping: Resisting Nids Evasion Without Altering Traffic.. Symposium on Security and Privacy, 2003.. Enhancing Byte-Level Network Intrusion Detection Signatures With Context.. 10th.. Conference on Computer and Communications Security, 2003.. A High-Level Programming Environment For Packet Trace Anonymization And Transformation.. , 2003.. Netflow: Information Loss Or Win?.. Internet Measurement Workshop, 2002.. Handley, V.. Paxson, C.. Kreibich.. Network Intrusion Detection: Evasion, Traffic Normalization, And End-To-End Protocol Semantics.. Security Symposium, 2001.. Zhang, V.. Detecting Backdoors.. Security Symposium, 2000.. Detecting Stepping Stones.. Bro: A System For Detecting Network Intruders In Real-Time.. 2435 2463, 1999..

    Original link path: /research/index.html
    Open archive

  • Title: Contact
    Descriptive info: The best way to report a problem is via Bro s.. issue tracker.. If you would like to get in touch with the Bro team directly, send a mail to.. info bro.. , or fill out the contact form below.. We are always interested in hearing more about Bro deployments, as well as any ideas and feedback you may have.. Feedback.. We are curious to hear what people are using Bro for.. Having a good picture of the Bro deployments out there does not only allow us to better focus our development resources, but also makes our sponsors happy.. Telling us a bit  ...   if.. You are a new user starting to use Bro, even if just experimentally.. Bro has helped detecting/solving a security incident.. Bro s capabilities have been particularly useful for a problem you had (security or not).. You are using Bro for your research.. (Any paper yet?).. You may have resources available for future Bro development and maintenance.. Naturally, we will treat all information as confidential as long as you do not explicitly indicate otherwise.. Contact Form.. Name.. Name is required.. Email.. Enter a valid email address.. Message.. Message is required.. Enter word shown above.. Security word is required.. (Not readable? Change text.. )..

    Original link path: /contact/index.html
    Open archive

  • Title: www.bro.org
    Descriptive info: www.. Home Page.. Bro Center of Expertise.. Background.. Contact Us.. Partners.. Documentation for master..

    Original link path: /sitemap/index.html
    Open archive

  • Title: Bro Workshops and Exchanges
    Descriptive info: The Bro Project organises two types of events: A.. Bro Workshop.. is a training event focused on Bro usage in a lab-style setting; a.. Bro Exchange.. is an opportunity for the Bro community to come together, exchange their experiences using Bro, and gather feedback.. We hold these events on an irregular basis, but aim to set up at least one per year.. Current Events.. Nothing scheduled.. Past Events.. Bro Exchange 2013.. (August 2013).. Bro Exchange 2012.. (August 2012).. Bro Workshop 2011.. (November 2011).. Bro Tutorial at.. 2011.. (December 2011).. YouTube Channel.. Bro Project..

    Original link path: /community/workshops.html
    Open archive


    Archived pages: 1122