Abstract
Efficiency of Intrusion Detection Systems depends on their configuration and coverage of services. The coverage depends on used Intrusion Detection Systems with currently vendor-specific configurations. In case of usage of multiple systems the operations could become complex. This work provides an approach for a multi-vendor IDS implementation under one central administration and notification entity based on standardized communication between analyzer and manager.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Debar, H., Curry, D., Feinstein, B.: The Intrusion Detection Message Exchange Format (IDMEF), RfC 4765 (2007), http://www.ietf.org/rfc/rfc4765.txt (last visit September 01, 2007)
Feinstein, B., Matthews, G.: The Intrusion Detection Exchange Protocol (IDXP), RfC 4767 (2007), http://www.ietf.org/rfc/rfc4767.txt (last visit September 01, 2007)
Rose, M.: The Blocks Extensible Exchange Protocol Core, RfC 3080 (March 2001), http://www.ietf.org/rfc/rfc3080.txt (last visit September 01, 2007)
Wood, M., Erlinger, M.: Intrusion Detection Message Exchange Requirements, RfC 4766 (March 2007), http://www.ietf.org/rfc/rfc4766.txt (last visit September 01, 2007)
Bösch, B.-C.: Standardized Parameterization of Intrusion Detection Systems. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET), 1–5 (May 2012)
Bösch, B.-C.: Intrusion Detection Parameterization Exchange Format, work in progress (2012)
SNORT, http://www.sort.org (last visit: December 03, 2011)
Samhain: http://www.la-samhna.de/ (last visit: December 03, 2011)
OSSec: http://www.ossec.net (last visit: December 03, 2011)
Bro: http://www.bro-ids.org (last visit: December 03, 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bösch, BC. (2012). An Approach for Independent Intrusion Detection Management Systems. In: Aschenbruck, N., Martini, P., Meier, M., Tölle, J. (eds) Future Security. Future Security 2012. Communications in Computer and Information Science, vol 318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33161-9_45
Download citation
DOI: https://doi.org/10.1007/978-3-642-33161-9_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33160-2
Online ISBN: 978-3-642-33161-9
eBook Packages: Computer ScienceComputer Science (R0)