| Now intrusion detection system (IDS) is becoming the research focus in the field of information security, and playing an important role in protecting information security. Because of its expansibility, structure, platform independence and self-description, XML is now a proposed standard for web information publishing and information exchanging. In view of the issues such as the current IDS can't collaborate or share information with each other, a solution using XML as the key implemental technology and adopting IDMEF message to exchange information is proposed. This solution provides a standard data format that automated intrusion detection systems can use to report alerts about events that they deem suspicious. The development of this standard format will enable interoperability among commercial, open source, and research systems.This paper mainly discusses the application of XML in intrusion detection information exchange. Through some researches on intrusion detection system, XML and the IDMEF data model, a way is proposed to create an IDMEF message, and then XML is used to standardize an intrusion alert message into IDMEF message, at last this is carried out in network intrusion detection system Snort. |
PDF Full Text Request