Answered You can hire a professional tutor to get the answer.
Create a 2 page essay paper that discusses Bro: A System for Dectecting Network Intruders in Real-Time.The growing internet connectivity has created growing opportunities for attackers to unlawfully g
Create a 2 page essay paper that discusses Bro: A System for Dectecting Network Intruders in Real-Time.
The growing internet connectivity has created growing opportunities for attackers to unlawfully get their way in computers over the networks. The setback of detecting such attacks is referred to as network intrusion detection, which is a relatively new area of security research. These systems can be divided into two types. those that operate alone by observing network traffic directly and passively using a packet filter, and those that depend on audit information that is gathered by the host in the network that they are trying to protect (Paxson, 1998).
There is an increasing interest on building hybrid systems that will combine these two approaches. Bro is abstractly divided into an event engine that enables the reduction of stream of filtered packets to the stream of high level network events, and an interpreter specialized for language used in expressing site security policy (Paxson, 1998). Structurally, it is set in layers, with the lower layer processing the greatest volume of data. As one goes high through the layers, the data system diminishes giving room for processing of data per item.
This system has various advantages that makes anyone who uses it recognize its reliability. It has high speed and large mechanisms for monitoring the environment. It enables us view the supreme source of threats as external hosts when connecting to the host over the internet. It also offers real time notifications, as well as enables full recording of every attacker’s network activity (Paxson, 1998). It has also separated mechanism from policy. this buys flexibility and simplicity. This is advantageous since it helps handle the high volume of traffic.
Lastly, I loved this system because it can access the monitor code. thus, enabling the detection of the attacker’s break-in activity. Additionally, this system has the most impressive record in the way it is able to avoid simple mistakes. that
