D. Curry and H. Debar. Intrusion detection message exchange format: Extensible markup language (xml) document type definition, 2001.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....that allow response require that this action be coded directly in a programming language. Reporting languages describe a common format in which to encode IDS alerts. Examples are the Common Intrusion Specification language (CISL) 18] the Intrusion Detection Message Ex change Format (IDMEF) [11], and the Snort alert format [62, 56] Exploit languages attempt to encode the steps an attacker must take to exploit a vulnerability. These include the Custom Attack Simulation Language (CASL) 47] and Nessus Attack Specification Language (NASL) 12] Exploit languages are generally focused on ....

D. Curry. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition, 2000. http://www.ietf.org/internet-drafts/draft-ietf-idwgidmef -xml-10.txt.

.... highest level of abstraction, three kinds of reactions of a system S to an event can be identified: none S does nothing when event occurs, change state S changes its internal state when event occurs, respond S generates some externally visible response (e.g. an IDMEF Alert [Cur01]) when event occurs. In general, the signature of an event driven, reactive system S is: S : E (R) where denotes the domain of system states, E denotes the domain of events, R denotes the domain of responses, and (R) is the powerset of R. In other words, a system S takes a system ....

D. Curry. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmef-xml-03.txt, February 2001.

....language has been identified as an asset by the intrusion detection community and standard reporting language formats have been proposed. Two examples of reporting languages are the Common Intrusion Specification Language (CISL) 11] and the Intrusion Detection Message Exchange Format (IDMEF) [4]. CISL is part of the Common Intrusion Detection Framework (CIDF) 12] The language is based on the concept of Generalized Intrusion Detection Objects, called GIDOs, which, in turn, are specified as S expressions. IDMEF is a product of the Intrusion Detection Working Group (IDWG) of the Internet ....

D. Curry. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmef-xml-01.txt, July 2000.

....3. The CommSTAT communication infrastructure. STAT based sensors are connected by a communication infrastructure that allows the sensors to exchange alert messages and control directives in a secure way. CommSTAT messages follow the standard Intrusion Detection Message Exchange Format (IDMEF) [13]. The original IDMEF de nition includes the two events Heartbeat and Alert. This original set of events has been extended to include STAT related control messages that are used to control and update the con guration of STAT sensors. For example, messages to ship a scenario plugin to a remote ....

Curry, D., Debar, H.: Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Denition. draft-ietf-idwg-idmef-xml-03.txt (2001)

....A common reporting language has been identified as an asset by the ID community and standard reporting language formats have been proposed. Two examples of reporting languages are the Common Intrusion Specification Language (CISL) 10] and the Intrusion Detection Message Exchange Format (IDMEF) [3]. CISL is part of the Common Intrusion Detection Framework (CIDF) 11] The language is based on the concept Generalized Intrusion Detection Objects, called GIDOs, which, in turn, are specified as S expressions. IDMEF is a product of the Intrusion Detection Working Group (IDWG) IDMEF is based on ....

D. Curry. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmefxml -01.txt, July 2000.

....A common reporting language has been identi ed as an asset by the ID community and standard reporting language formats have been proposed. Two examples of reporting languages are the Common Intrusion Speci cation Language (CISL) 5] and the Intrusion Detection Message Exchange Format (IDMEF) [2]. CISL is part of the Common Intrusion Detection Framework (CIDF) 6] The language is based on the concept Generalized Intrusion Detection Objects, called GIDOs, which, in turn, are speci ed as S expressions. IDMEF is a product of the Intrusion Detection Working Group (IDWG) IDMEF is based on ....

D. Curry. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Denition. draft-ietf-idwg-idmef-xml-01.txt, July 2000.

No context found.

D. Curry and H. Debar. Intrusion detection message exchange format: Extensible markup language (xml) document type definition, 2001.

No context found.

D. Curry and H. Debar, "Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition," draft-ietf-idwg-idmef-xml-10.txt+, Jan. 2003.

No context found.

Curry, D.; Debar, H.: Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmef-xml-10.txt. January 2003.

No context found.

D. Curry and H. Debar. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmef-xml-06.txt, December 2001.

No context found.

D. Curry and H. Debar. Intrusion Detection Message Exchange Format: Extensible Markup Language (XML) Document Type Definition. draft-ietf-idwg-idmef-xml-07.txt, June 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC