摘要
论述了目前网络上非常流行的一种轻量级开放源码的入侵检测系统———Bro的工作原理及其系统结构,给出了几个策略脚本编写实例,并对Bro和Snort这两个开放源码的入侵检测系统进行了简单的比较.
This paper describes the basic work principle and system structure of Bro which is a very popular, opening source codes and lightweight Network Intrusion Detection System, and provides several instances of policy script for some network intrusions. It simply compares Bro with Snort. Both of them are opening sources code NIDS.
出处
《广东工业大学学报》
CAS
2005年第2期64-68,共5页
Journal of Guangdong University of Technology
基金
广东省自然科学基金团队项目(20003051)