A Graphical User Interface Framework for detecting Intrusions using Bro IDS

Shaffali Gupta; Rachit Goel

Call for Paper

June Edition

IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper

Know more

The week's pick

Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin

Random Articles

Machine Flow based Energy-Power Approximation on Elastic Cloud Services

October

2015

Application of Business Intelligence using Machine Learning Approach

May

2017

Deploying Technology-Enhanced Learning Environments in Tanzanian Secondary Schools

November

2013

Selection of Optimum Reference Frame for the Field Oriented Control of an Induction Motor

Aug

2016

Reseach Article

A Graphical User Interface Framework for detecting Intrusions using Bro IDS

by Shaffali Gupta, Rachit Goel

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 55 - Number 13

Year of Publication: 2012

Authors: Shaffali Gupta, Rachit Goel

10.5120/8813-2409

Shaffali Gupta, Rachit Goel . A Graphical User Interface Framework for detecting Intrusions using Bro IDS. International Journal of Computer Applications. 55, 13 ( October 2012), 7-12. DOI=10.5120/8813-2409

@article{ 10.5120/8813-2409,

author = { Shaffali Gupta, Rachit Goel },

title = { A Graphical User Interface Framework for detecting Intrusions using Bro IDS },

journal = { International Journal of Computer Applications },

issue_date = { October 2012 },

volume = { 55 },

number = { 13 },

month = { October },

year = { 2012 },

issn = { 0975-8887 },

pages = { 7-12 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume55/number13/8813-2409/ },

doi = { 10.5120/8813-2409 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T20:57:06.696314+05:30

%A Shaffali Gupta

%A Rachit Goel

%T A Graphical User Interface Framework for detecting Intrusions using Bro IDS

%J International Journal of Computer Applications

%@ 0975-8887

%V 55

%N 13

%P 7-12

%D 2012

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Internet has transformed and greatly improved the way we do business, the network and its associated technologies have opened the door to an increasing number of threats from which corporations must protect them. To protect the network, Network Security is needed. To make network secure, an Intrusion Detection System is needed. An intrusion is used to monitor network traffic, check for suspicious activities and notifies the system or network administrator. Many open source tools are available for detecting intrusions in a network. Most common of these are Snort and Bro . In this paper, the main emphasis will be to explore Bro. However, based upon CPU utilization and memory constraints, performance analysis of Bro and Snort is done. Taking a closer look at open source Network Intrusion Detection System, there is a very powerful open source system that is termed as Bro. It passively monitors network traffic and looks for suspicious activity by comparing network traffic against scripts. In this paper, various policy scripts written in Bro language to filter out the network traffic will be discussed. Also, a Graphical Interface called Bro GUI Framework is designed to automate the creation and run of the policy scripts.

References

Forrest S. , Homeyr S. and Sommayaji A. , "Computer Immunology", Communications of the ACM, vol. 40, no. 10, pp. 88- 96, October 1997.
Paxson V. , "Bro: A System for Detecting Network Intruders in Real-Time", in Proceedings of 7th USENIX Security Symposium, pp. 2435-2463, December 1999.
Sommer R. , "BRO: An Open Source Network Intrusion Detection System", in Security, E-Learning, E-Services, 17 DFN- Arbeitstagung uber Kommunikationsnetze, vol. 44, Dusseldorf, Germany: Gesellschaft fur Informatik (GI), 2004, pp. 273-288
Sommer R. , Slides on the Bro Network Intrusion Detection System, Lawrence Berkeley National Laboratory, Berkeley, CA, 2009.
Allman E. , Shapiro G. N. and Assmann C. , "Sendmail Installation and Operation guide", US Patent 6865671, 6986037, October 2001.
Hypertext Transfer Protocol, Available at: http://en. wikipedia. org/wiki/ Hypertext_Transfer_Protocol.
Transmission Control Protocol, Available at: http:en. wikipedia. org/wiki/Transmission_Control_Protocol
Natarajan R. (2010). 7 Steps for Linux vsftpd Install, Configuration, Users Setup [Online]. Available at: http://www. thegeekstuff. com/2010/11/vsftpd- setup. .

Index Terms

Computer Science

Information Sciences

Keywords

Analyzer Event Handler Policy scripts sendmail client