Organization of monitoring of network intrusions on the basis of freely distributable software

Abstract: This paper presents the results of preparing a virtual bench for modeling and detecting network attacks using a freely distributed intrusion detection system (IDS). The relevance of the work is related to the growing demand for IDS as sources of information security events for security information and event management (SIEM) systems. A comparative analysis of the most popular freely distributed open-source network IDSs was carried out and the choice of the Zeek system for its use in the project was substantiat… Show more