Title :
GlobalGuard: creating the IETF-IDWG Intrusion Alert Protocol (IAP)
Author :
Betser, J. ; Walther, A. ; Erlinger, M. ; Buchheim, T. ; Feinstein, B. ; Matthews, G. ; Pollock, R. ; Levitt, K.
Author_Institution :
Aerosp. Corp., USA
Abstract :
This paper describes the design, specification, and implementation of the Internet Engineering Task Force (IETF) Intrusion Detection Working Group (IDWG) Intrusion Alert Protocol (IAP). IAP seeks to facilitate the ubiquitous interoperability of intrusion detection components across Internet enterprises. This capability is critical for intrusion detection for large networks. The IETF IDWG was inspired by the DARPA CIDF activity. The IETF engineering process is described in the context of GlobalGuard IAP. The IETF requirements of IAP are described, followed by the detailed operation of IAP in the context of a specific implementation that was developed and demonstrated at the December 2000 IETF meeting. Current and future challenges facing the IETF IDWG IAP are described. Some proposed directions for this activity are presented, such as the possible incorporation of the BEEP protocol in the future
Keywords :
Internet; computer network management; open systems; security of data; supervisory programs; BEEP protocol; GlobalGuard; IETF-IDWG intrusion alert protocol; Internet Engineering Task Force; Internet enterprises; Intrusion Detection Working Group; interoperability; intrusion detection components; Aerospace engineering; Contracts; Discussion forums; Educational institutions; Internet; Intrusion detection; Protocols; Research initiatives; Standardization; Subcontracting;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932189
