CFP last date
20 August 2024
Call for Paper
September Edition
IJCA solicits high quality original research papers for the upcoming September edition of the journal. The last date of research paper submission is 20 August 2024

Submit your paper
Know more
Reseach Article

A Graphical User Interface Framework for detecting Intrusions using Bro IDS

by Shaffali Gupta, Rachit Goel
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 55 - Number 13
Year of Publication: 2012
Authors: Shaffali Gupta, Rachit Goel
10.5120/8813-2409

Shaffali Gupta, Rachit Goel . A Graphical User Interface Framework for detecting Intrusions using Bro IDS. International Journal of Computer Applications. 55, 13 ( October 2012), 7-12. DOI=10.5120/8813-2409

@article{ 10.5120/8813-2409,
author = { Shaffali Gupta, Rachit Goel },
title = { A Graphical User Interface Framework for detecting Intrusions using Bro IDS },
journal = { International Journal of Computer Applications },
issue_date = { October 2012 },
volume = { 55 },
number = { 13 },
month = { October },
year = { 2012 },
issn = { 0975-8887 },
pages = { 7-12 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume55/number13/8813-2409/ },
doi = { 10.5120/8813-2409 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:57:06.696314+05:30
%A Shaffali Gupta
%A Rachit Goel
%T A Graphical User Interface Framework for detecting Intrusions using Bro IDS
%J International Journal of Computer Applications
%@ 0975-8887
%V 55
%N 13
%P 7-12
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Internet has transformed and greatly improved the way we do business, the network and its associated technologies have opened the door to an increasing number of threats from which corporations must protect them. To protect the network, Network Security is needed. To make network secure, an Intrusion Detection System is needed. An intrusion is used to monitor network traffic, check for suspicious activities and notifies the system or network administrator. Many open source tools are available for detecting intrusions in a network. Most common of these are Snort and Bro . In this paper, the main emphasis will be to explore Bro. However, based upon CPU utilization and memory constraints, performance analysis of Bro and Snort is done. Taking a closer look at open source Network Intrusion Detection System, there is a very powerful open source system that is termed as Bro. It passively monitors network traffic and looks for suspicious activity by comparing network traffic against scripts. In this paper, various policy scripts written in Bro language to filter out the network traffic will be discussed. Also, a Graphical Interface called Bro GUI Framework is designed to automate the creation and run of the policy scripts.

References
  1. Forrest S. , Homeyr S. and Sommayaji A. , "Computer Immunology", Communications of the ACM, vol. 40, no. 10, pp. 88- 96, October 1997.
  2. Paxson V. , "Bro: A System for Detecting Network Intruders in Real-Time", in Proceedings of 7th USENIX Security Symposium, pp. 2435-2463, December 1999.
  3. Sommer R. , "BRO: An Open Source Network Intrusion Detection System", in Security, E-Learning, E-Services, 17 DFN- Arbeitstagung uber Kommunikationsnetze, vol. 44, Dusseldorf, Germany: Gesellschaft fur Informatik (GI), 2004, pp. 273-288
  4. Sommer R. , Slides on the Bro Network Intrusion Detection System, Lawrence Berkeley National Laboratory, Berkeley, CA, 2009.
  5. Allman E. , Shapiro G. N. and Assmann C. , "Sendmail Installation and Operation guide", US Patent 6865671, 6986037, October 2001.
  6. Hypertext Transfer Protocol, Available at: http://en. wikipedia. org/wiki/ Hypertext_Transfer_Protocol.
  7. Transmission Control Protocol, Available at: http:en. wikipedia. org/wiki/Transmission_Control_Protocol
  8. Natarajan R. (2010). 7 Steps for Linux vsftpd Install, Configuration, Users Setup [Online]. Available at: http://www. thegeekstuff. com/2010/11/vsftpd- setup. .
Index Terms

Computer Science
Information Sciences

Keywords

Analyzer Event Handler Policy scripts sendmail client