Corpus ID: 15636834

A brief study and comparison of Snort and Bro Open Source Network Intrusion Detection Systems

  title={A brief study and comparison of Snort and Bro Open Source Network Intrusion Detection Systems},
  author={Pritika Mehra},
Security administration plays a vital role in network management tasks. The intrusion detection systems are primarily designed to protect the availability, confidentiality and integrity of critical network information systems. There are plenty of IDSes to choose from, both commercial and open source. Since most of the commercial intrusion detection systems are at typically thousands of dollars and they tend to represent a significant resource requirement in themselves, for small networks, use… Expand

Figures and Tables from this paper

Comparative study and analysis of network intrusion detection tools
  • Dhanashri Ashok Bhosale, V. Mane
  • Computer Science
  • 2015 International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)
  • 2015
Study of three popular NIDS tools : Snort, Suricata, Bro.suricata are found, which aims to preserve the availability, confidentiality and Integrity of network and computer. Expand
Managing Network Security with Snort Open Source Intrusion Detection Tools
Snort IDS was analysed on how it manages the network from installation to deployment with additional tools that helps to analyse the security data. Expand
Pi-IDS: evaluation of open-source intrusion detection systems on Raspberry Pi 2
An experiment is presented comparing two open source IDS - Snort IDS and Bro IDS on a multi-purpose and low-cost computer called Raspberry Pi 2 (Model B), with a specific objective of determining their performance, efficiency and efficacy for use in computer network environments, where cost is a determining factor. Expand
Comparison of Intrusion Detection Systems/Intrusion Prevention Systems – A Selection Criterion
The main objective of the paper is to create awareness about the availability of IDS/IPS and information on which one to choose for their requirements, and their uniqueness which makes them stand out for various reasons. Expand
An Intrusion Detection System for Network Security Based on an Advanced Honeypots Server
To improve the security performance to protect the network from intruders, an advanced honeypot based Intrusion Detection technique is used to detect and analyze threats to ensure security. Expand
A Comparative study of Open Source IDSs according to their Ability to Detect Attacks
This paper gives a study of the open source Next-Generation of IDS (SNORT, SURICATA, BRO) and tests their ability to detect attacks and performance by implementing the three IDSs individually. Expand
Intrusion Detection System Techniques and Tools : A Survey
An Intrusion Detection System (IDS) is a system that tries to perform intrusion detection by comparing observable behaviour against suspicious patterns. The objective of intrusion detection is toExpand
Implementation Hybrid (NIDS) System using Anomaly Holtwinter Algorithm and Signature based Scheme
An intrusion detection system is a security attack detection/prevention mechanism, it can be implemented into the software module or hardware module for the purpose of monitoring the systems orExpand
An Analytical Study of Various Types of Intrusion Detection System for Securing MANET
Due to the vulnerable nature of MANET (Mobile Ad hoc Network) there will be the necessity of protecting the data,information from the attackers whom evil eyes on MANET as it is infrastructure lessExpand
Application of intrusion detection system in automatic evidence collection using digital forensics
In network security, Intrusion Detection System (IDS) is one of the popular and effective mechanism to secure the network. The aim of IDS is to offer a layer of protection against unauthorized (orExpand


Comparison of open source network intrusion detection systems
Snort, Bro and Suricata have been tested in a network, and against a Metasploit framework with known exploits, and huge differences regarding the number of alarms produced, and also differences in the logs produced are shown. Expand
Snort: Lightweight Intrusion Detection for Networks
Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Expand
BRO - an Intrusion Detection System
Network Intrusion Detection Systems (NIDS) have existed for several decades. The last 10 years they have also been a common security equipment in many companies/organisations. With the ongoingExpand
Intrusion Detection with SNORT (Bruce Perens' Open Source Series): Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID
Rafeeq Ur Rehman explains and simplifies every aspect of deploying and managing Snort in your network, so you can build and optimize a complete IDS solution more quickly than ever before. Expand
A Case Study of Three Open Source Security Management Tools
Three open source security management tools - Snort, Pakemon, and Argus $are benchmarked against the DARPA 1999 Intrusion Detection Evaluation Data Set and show that different tools perform well under different attack categories. Expand
Bro: a system for detecting network intruders in real-time
  • V. Paxson
  • Computer Science
  • Comput. Networks
  • 1998
An overview of the Bro system's design, which emphasizes high-speed (FDDI-rate) monitoring, real-time notification, clear separation between mechanism and policy, and extensibility, is given. Expand
BRO - An intrusion detection system, Gjovik University College
  • 2007
Lightweight Intrusion Detection for Networks, 13th USENIX Systems Administration Conference – LISA
  • 1999
A Survey of Intrusion Detection Systems
    Alexandre Bartel, Comparison of Open Source Network Intrusion Detection System