Harvey Mudd College
Internet Security Systems
The Aerospace Corporation
Intrusion detection is an area of increasing concern in the Internet community. In response to this, many automated intrusion detection systems (IDS) have been developed, e.g., commercial (Real Secure) and public domain (SNORT). However, there is no standardized way for IDS to communicate with each other or to a common manager. To remedy this, the Intrusion Detection Working Group (IDWG) was chartered under the auspices of the Internet Engineering Task Force.
IDWG has published its specifications for a standard alert format (IDMEF) and a standard transport protocol (IDXP).Such specifications remain an academic exercise until the community adopts them. This forum will discuss issues related to community adoption of the IDWG specifications and, in particular, issues related to their implementation and use.