The purpose of the paper is to analyze the effectiveness of Bro IDS in detecting web application attacks. In order to detect known web-based attacks, intrusion detection systems are usually equipped with a large number of signatures. They can however be fooled by obfuscated input techniques and...