Intrusion detection is an area of increasing attention and its deployment has accelerated rapidly in enterprises and mission-critical systems over the last few years. Commercial vendors and the open source community have responded with a plethora of intrusion detection products. Now a new issue has surfaced - there is no standard way for these closed and incompatible systems to communicate. Lack of standards hampers research and deployment of intrusion detection technology. First “Common Intrusion Detection Framework” (CIDF) and then simpler to use “Intrusion Detection Message Exchange Format” (IDMEF) have been proposed as the standards to be used by such systems to interoperate and exchange messages. This paper presents the motivation for such standardization efforts and an overview of a potential standard – IDMEF along with its communication protocol IDXP.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
