Sciweavers

RAID
1999
Springer

IDS Standards: Lessons Learned to Date

14 years 4 months ago
IDS Standards: Lessons Learned to Date
: I will discuss two efforts to get Intrusion Detection Systems to work together - the Common Intrusion Detection Framework (CIDF), and the IETF's working group to develop an Intrusion Detection Exchange Format (IDEF). CIDF is an effort started and supported by DARPA to develop a common language and means of interchange for IDS systems to share any data that they might need to share (a very ambitious scope). The focus has been on allowing systems developed by DARPA researchers to interoperate with one another. CIDF expresses events using a language which has an English-like syntax, though highly restricted and formalized. The sentences are denoted as S-expressions with explicit parse-trees. A large vocabulary of terms are defined for expressing things that IDS systems might need to talk about (files, processes, network packets, etc). The semantics of these terms is expressed in English (as opposed to using logic, for example). Additionally, CIDF defines an encoding for expressing ...
Stuart Staniford-Chen
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1999
Where RAID
Authors Stuart Staniford-Chen
Comments (0)