BAT (Bro Analysis Tools): Analyzing Bro IDS logs in Python presented at bsidesjackson 2017

by Rajeev Agrawal, Marvin Brown,

Summary : Dr. Rajeev Agrawal and Mr. Marvin Brown are computer scientists at the Information Technology Laboratory at the U.S. Army Engineer Research and Development Center.
Dr. Agrawal’s research interests include Big Data Analytics, Deep Learning, Cyber Security, Machine Learning and Pattern Recognition. He is working on the Cyber Situational Awareness Project to analyze the cyber data feeds captured across the Defense Research and Engineering Network (DREN). He is also a member of the HPC-based Deep Learning project team.
Marvin Brown is an experienced professional with more than fifteen years of experience in Database programming, application software architecture, software development, software testing, and software maintenance along with data analysis for a broad range of businesses.
Their workshop, BAT (Bro Analysis Tools): Analyzing Bro IDS logs in Python, will show them doing just that! This workshop will cover a BAT Python package, which is designed to support processing the analysis of Bro IDS logs with Pandas, Scikit-learn and Spark. BAT offloads some of the complex tasks from Bro IDS to a local machine and provides additional data analysis functionality once Bro logs are read into Pandas dataframe. They will walk through some examples to show how BAT enables processing, analysis, and machine learning of the previously mentioned Bro IDS logs.