Hi,
I am Kanthi Myneni, working as Research Assistant in West Virginia University. As a Part of my research I need to know more about bro. I tried to learn it from the materials you provided. But still I am not cleared. Can you help me to fix these problems.
-
How bro detects unkown detects. What are the Policy rules you used, on what based they are considered.
-
Does bro do clustering.
-
Are there any techical researches that are connected with bro.
Sorry for taking your valuable time.
Thanks & Regards,
Kanthi Myneni.
Hello,
Hi,
I am Kanthi Myneni, working as Research Assistant in West Virginia
University. As a Part of my research I need to know more about bro. I
tried to learn it from the materials you provided. But still I am not
cleared. Can you help me to fix these problems.
1. How bro detects unkown detects. What are the Policy rules you
used, on what based they are considered.
What do you mean ?
Do you speak about anomaly detection ?
2. Does bro do clustering.
Please see : http://www.bro-ids.org/wiki/index.php/Bro_Cluster
3. Are there any techical researches that are connected with bro.
I think so, at least, there's a friend of mine (hello
Julien... 
) who's working hard with Bro and IPv6.
Sorry for taking your valuable time.
Don't worry.
Best regards,
Jean-philippe.