High-Performance Intrusion Detection with the Open-Source Bro NIDS
High-Performance Intrusion Detection with the Open-Source Bro NIDS
High-Performance Intrusion Detection with the Open-Source Bro NIDS
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Outline<br />
1. Overview of <strong>the</strong> <strong>Bro</strong> Network <strong>Intrusion</strong> <strong>Detection</strong> System<br />
• Philosophy<br />
• Deployment<br />
• Architecture and Usage<br />
• Specific Capability: Dynamic Protocol <strong>Detection</strong><br />
2. <strong>High</strong> <strong>Performance</strong> <strong>with</strong> Concurrent Traffic Analysis<br />
• Concurrency Potential<br />
• Coarse-grained Parallelism: A cluster for load-balancing<br />
• Fine-grained Parallelism: Designing a multi-threaded <strong>NIDS</strong><br />
3. Future Directions<br />
Guest Lecture, RWTH Aachen<br />
2<br />
Thursday, December 16, 2010