Skip to main content

The Common Intrusion Detection Framework - Data Formats
draft-staniford-cidf-data-formats-00

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Brian Tung , Stuart Staniford-Chen , Phil Porras , Clifford Kahn , Dan Schnackenberg , Rich Feiertag , Maureen Stillman
Last updated 1998-03-16
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

This document defines portions of the Common Intrusion Detection Framework (CIDF), specifically the data formats used. CIDF is designed to allow intrusion detection systems (IDS) to interoperate with one another. Two layered formats are defined here: Gidos, which are a high-level data structure intended to allow IDS systems to exchange messages describing the state of the world, events occurring, and recommended actions with somewhat standardized semantics. Gidos can be encoded in CIDF messages, the format for which is also defined here.

Authors

Brian Tung
Stuart Staniford-Chen
Phil Porras
Clifford Kahn
Dan Schnackenberg
Rich Feiertag
Maureen Stillman

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)