Bro: A System for Dectecting Network Intruders in Real-Time - Essay Example

Comments (0) Cite this document
The system has system designs that are meant to emphasize high speed monitoring, clear separation between the policy and mechanism, and real time…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER96.2% of users find it useful
Bro: A System for Dectecting Network Intruders in Real-Time
Read TextPreview

Extract of sample "Bro: A System for Dectecting Network Intruders in Real-Time"

Bro: A System for Detecting Network Intruders in Real-Time Overview Bro, a standalone system detector is described by passively monitoring a network that links over the intruder’s traffic transit. The system has system designs that are meant to emphasize high speed monitoring, clear separation between the policy and mechanism, and real time notifications (Paxson, 1998). The policy has various advantages that enable event handlers to synthesize new events, update state information, record the information to disks, as well as generate real time notifications through the syslog. Most importantly, it enables the reduction of kernel-filtered network traffic stream into series of high level events.
The growing internet connectivity has created growing opportunities for attackers to unlawfully get their way in computers over the networks. The setback of detecting such attacks is referred to as network intrusion detection, which is a relatively new area of security research. These systems can be divided into two types; those that operate alone by observing network traffic directly and passively using a packet filter, and those that depend on audit information that is gathered by the host in the network that they are trying to protect (Paxson, 1998).
There is an increasing interest on building hybrid systems that will combine these two approaches. Bro is abstractly divided into an event engine that enables the reduction of stream of filtered packets to the stream of high level network events, and an interpreter specialized for language used in expressing site security policy (Paxson, 1998). Structurally, it is set in layers, with the lower layer processing the greatest volume of data. As one goes high through the layers, the data system diminishes giving room for processing of data per item.
This system has various advantages that makes anyone who uses it recognize its reliability. It has high speed and large mechanisms for monitoring the environment. It enables us view the supreme source of threats as external hosts when connecting to the host over the internet. It also offers real time notifications, as well as enables full recording of every attacker’s network activity (Paxson, 1998). It has also separated mechanism from policy; this buys flexibility and simplicity. This is advantageous since it helps handle the high volume of traffic.
Lastly, I loved this system because it can access the monitor code; thus, enabling the detection of the attacker’s break-in activity. Additionally, this system has the most impressive record in the way it is able to avoid simple mistakes; that is to say it is reliable. It is free, simple and capable of avoiding defiance of the security policy by being both clear and error free.
This system enables us understand the security and management by having a clear overview of its structures and the language used in expressing security policy. The system is implemented with specialized analysis; thus, it uses regular expression matching records, rather than reusing existing ones (Paxson, 1998). There are hopes that the system is going to benefit the community in the ongoing operations without incurring any packet drops. Security management might be a hard task due to problems such as overload attacks, crash attacks, and subterfuge attacks. Unless we are careful keeping track on these contiguous data, the obvious attack will keep reoccurring.
Paxson, V. (1998). Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks, 1-22. Read More
Cite this document
  • APA
  • MLA
(“Bro: A System for Dectecting Network Intruders in Real-Time Essay”, n.d.)
Bro: A System for Dectecting Network Intruders in Real-Time Essay. Retrieved from
(Bro: A System for Dectecting Network Intruders in Real-Time Essay)
Bro: A System for Dectecting Network Intruders in Real-Time Essay.
“Bro: A System for Dectecting Network Intruders in Real-Time Essay”, n.d.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Bro: A System for Dectecting Network Intruders in Real-Time

System Software and Network Security

...? System Software and Network Security XXXXX XXXXX XXXXX XXXXX XXXXX Table of contents Definition 3 Security Factors to Consider When Choosing a Good Cloud Provider 5 Types of Cloud Computing 7 Public Cloud 7 Benefits of Public Cloud Computing 7 Drawbacks of Public Cloud Computing 8 Applications suitable for Public Cloud Computing 8 Private cloud 9 Benefits of Private Cloud 9 Challenges of Private Cloud computing 10 Hybrid Cloud 11 Benefits of Hybrid Cloud 11 Final Thoughts 12 System Software and Network Security Definition Cloud computing which is becoming one of the next industry buzz worlds, is defined as the use of a collection of various distributed services,...
10 Pages(2500 words)Essay

Cost eficiency of Opaque Network System, Transient Network System and Translucent network system of Mesh Optical Network System

...?Cost efficiency of Opaque Network System, Transparent Network System and Translucent network system of Mesh Optical Network System inserts name] Course: [student inserts course] Tutor: [student inserts tutor name] Date: 09. 12. 2011 Cost efficiency of Opaque Network System, Transparent Network System and Translucent network system of Mesh Optical Network System Introduction With strategic evolution in telecommunication networks and ever increasing...
12 Pages(3000 words)Research Paper

Network Management System

...?Running head: NETWORK MANAGEMENT SYSTEM Network Management System Affiliation Network management is not a simple job it requires carrying out a variety of tasks where IT managers use various system applications, tools and devices to check as well as uphold computer networks. Additionally, different people have different views about network management. In addition, to run a business effectively it is necessary for the IT managers to make sure that the corporate IT arrangement (composed of locations, departments as well as services) is carrying out tasks effectively. Moreover, a network administrator is responsible for managing and organizing the essentials that comprise this high-level analysis. In other words, network management... is the...
2 Pages(500 words)Essay

Real time(virtual) translation service

.... They don’t have to struggle to get the right words to say what they exactly meant. The translation can be done on real time basis. That is, users can instantly get to get the translation of their desired messaged through the exact current location they are in. With the GRPS technology, the desired language necessary for them to relay a message to localities can be done fast and easy. The application for real time translations is not really dependent on WAP. That is, if the app has been downloaded on the unit, anytime a user can get to translate something even if he don’t have a network signal or don’t have wireless internet. The apps will just work on...
8 Pages(2000 words)Essay

Network system , Cloud Networking

...-provisioning, disruption, etc. It also does not take into account requirements of the different applications flow. For instance, real time applications require low latency, whereas data intensive applications need high throughput. To combat these issues, a QoS model can be suggested here which will link properties of QoS in each of the virtual nodes [23]. This model follows four criteria: Availability (A): It is the portion of time that is available to Cloud Networking Service (CNS) to complete the requested service without any failure. Reliability (R): It is the rate of conformity as per the offered service in comparison to demanded service. Capacity (C): It is the...
7 Pages(1750 words)Essay

Computer system Network Security

...Network Security Network security is essential component as now-a-days information is computers are connected worldwide. Information is wealth for organisations. The computer systems are linked both internally and externally. The computers receive and send unlimited information2. Information lost is regarded as financial loss. As organisations are implementing paperless media and computerizing data the need for securing data at various stages become essential. Data is stored in various modes both online and offline1. The data stored online and offline opens up a threat by falling trap to potential hackers who intrude into our systems or network The issue of computer security first arose in the 1970s as individuals began to break... required...
5 Pages(1250 words)Essay

Real Time flash flood forcasting

...up by evacuation and after the floods have passed these warnings are revoked when the meteorological and the hydrological conditions stabilize. The challenge of forecasting the occurrence and the magnitude of a flash flood is currently being curbed by combining hydrological and hydraulic emergency operations in a user friendly system and the system is graphically based11. This has been achieved through monitoring the weather conditions and collection of data with rain gauges in the weather stations and software is used to estimate a flooding occurrence from those gages and from the radar12. Hydraulic software uses the existing topographic maps to estimate the time and the region that...
3 Pages(750 words)Research Proposal

Real Time Embedded Systems

Debugging is also the function of the simulator. Deadlocks are considered to be computer bugs. They are more prevalent in ‘concurrent programming’. At the outset, it is necessary to investigate the ways to exhibit deadlocks. This is very important, especially in testing. It is to be ensured that multi-threaded programs do not get into deadlocks. While trying to solve deadlocks, it is to be taken care that no mistake occurs; otherwise fresh deadlocks will emerge. A deadlock SURFACES because more than one thread waits on each other forming a cycle. This prevents each of them from making any progress. Sometimes it is deliberately introduced by the programmer to avoid race conditions. An example is acquiring locks in an in...
10 Pages(2500 words)Assignment

Network/System Forensics

... or protocols and their vulnerabilities, (e) proxy support – the tool can express the attack(s) via multiple proxy servers, (f) active and passive service or protocol attack increase their effectiveness, (g) parsed and random requests that are based on circumvent pattern and heuristic defenses, (h) the command console permits complete manipulation of the tool, (i) a multilayered encrypted communication between the console and the instances, (j) the integrated scripting facility permits automated control, (k) integrated real-time performance permits monitoring and reporting, (l) perimeter filters, redundancy, and target network IDS do not inhibit or obstruct their effectiveness, and (m) the multiple services and sites regardless... ...
10 Pages(2500 words)Research Paper

Batch and Real-Time Processing

...bills. On the contrary, a real-time processing would process individual electricity consumption rates and produce respective electricity bills. As such, the difference is evident. The batch processing system requires inputs to be queued for a set time or quantity before they are processed whereas the real-time processing system requires a continuous cycle of input-process-output. A batch processing system is applicable in a payroll system that involves end-of-cycle processing. Similar to electricity bills, a payroll system is active at set intervals (weekly or...
2 Pages(500 words)Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Bro: A System for Dectecting Network Intruders in Real-Time for FREE!

Contact Us