Intrusion Detection Exchange Format Data Model
draft-ietf-idwg-data-model-03
| Document | Type |
Expired Internet-Draft
(idwg WG)
Expired & archived
|
|
|---|---|---|---|
| Authors | Ming-Yuh Huang , David J. Donahoo , Hervé C. Debar | ||
| Last updated | 2000-06-15 | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The purpose of the Intrusion Detection Exchange Format is to define data formats and exchange procedures for sharing information of interest with intrusion detection and response systems, and with the management sys- tems that may need to interact with them. This Internet-Draft describes a proposed data model to represent the information exported by the intrusion-detection systems, including the rationale for this model. This information is herein refered to as 'Alert', in accordance with the definition given in the IDWG requirements draft [1]. Examples are given to illustrate the use of the model.
Authors
Ming-Yuh Huang
David J. Donahoo
Hervé C. Debar
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)