Introduction Anomaly-based detection usually uses statistics from a large number of packets. It should define what is normal and take into account a deviation from that normal behaviour. Zeek is a leading anomaly-based IDS (Intrusion Detection System) that reads all traffic passing through the network and generates quite a number of…