High-Performance Intrusion Detection with the Open-Source Bro NIDS
High-Performance Intrusion Detection with the Open-Source Bro NIDS
High-Performance Intrusion Detection with the Open-Source Bro NIDS
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Event Model<br />
Web<br />
Client<br />
1.2.3.4/4321<br />
...<br />
Stream of TCP packets<br />
Request for /index.html<br />
Status OK plus data<br />
SYN SYN ACK ACK ACK ACK FIN FIN<br />
...<br />
Web<br />
Server<br />
5.6.7.8/80<br />
Guest Lecture, RWTH Aachen<br />
14<br />
Thursday, December 16, 2010