An Approach for Independent Intrusion Detection Management Systems

Bösch, Björn-C.

doi:10.1007/978-3-642-33161-9_45

Björn-C. Bösch⁴

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 318))

Included in the following conference series:

Future Security Research Conference

2896 Accesses

Abstract

Efficiency of Intrusion Detection Systems depends on their configuration and coverage of services. The coverage depends on used Intrusion Detection Systems with currently vendor-specific configurations. In case of usage of multiple systems the operations could become complex. This work provides an approach for a multi-vendor IDS implementation under one central administration and notification entity based on standardized communication between analyzer and manager.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Debar, H., Curry, D., Feinstein, B.: The Intrusion Detection Message Exchange Format (IDMEF), RfC 4765 (2007), http://www.ietf.org/rfc/rfc4765.txt (last visit September 01, 2007)
Feinstein, B., Matthews, G.: The Intrusion Detection Exchange Protocol (IDXP), RfC 4767 (2007), http://www.ietf.org/rfc/rfc4767.txt (last visit September 01, 2007)
Rose, M.: The Blocks Extensible Exchange Protocol Core, RfC 3080 (March 2001), http://www.ietf.org/rfc/rfc3080.txt (last visit September 01, 2007)
Wood, M., Erlinger, M.: Intrusion Detection Message Exchange Requirements, RfC 4766 (March 2007), http://www.ietf.org/rfc/rfc4766.txt (last visit September 01, 2007)
Bösch, B.-C.: Standardized Parameterization of Intrusion Detection Systems. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET), 1–5 (May 2012)
Google Scholar
Bösch, B.-C.: Intrusion Detection Parameterization Exchange Format, work in progress (2012)
Google Scholar
SNORT, http://www.sort.org (last visit: December 03, 2011)
Samhain: http://www.la-samhna.de/ (last visit: December 03, 2011)
OSSec: http://www.ossec.net (last visit: December 03, 2011)
Bro: http://www.bro-ids.org (last visit: December 03, 2011)

Download references

Author information

Authors and Affiliations

Faculty II - Department of Computing Science, System Software and Distributed Systems Group, Carl-von-Ossietzky-University Oldenburg, Oldenburg, Germany
Björn-C. Bösch

Authors

Björn-C. Bösch
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute of Computer Science, Osnabrück University, Albrechtstr. 28, 49076, Osnabrück, Germany
Nils Aschenbruck
Fraunhofer FKIE, Neuenahrer Straße 20, 53343, Wachtberg, Germany
Peter Martini & Jens Tölle &
Institute of Computer Science, University of Bonn, 4, Friedrich-Ebert-Allee 144, 53113, Bonn, Germany
Michael Meier

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bösch, BC. (2012). An Approach for Independent Intrusion Detection Management Systems. In: Aschenbruck, N., Martini, P., Meier, M., Tölle, J. (eds) Future Security. Future Security 2012. Communications in Computer and Information Science, vol 318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33161-9_45

Download citation

DOI: https://doi.org/10.1007/978-3-642-33161-9_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33160-2
Online ISBN: 978-3-642-33161-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics