The State of Standardization Efforts to Support Data Exchange in the Security Domain

Abstract

Overview: Flow and Packet Formats, Alert and Event Formats, Context-relevant Formats. Dimensions in Representation: Usage of representation, Transport vs. analysis vs. storage vs. archive. Volume of data informs representation choice, Raw vs. Summaries, Choice often dictates a binary vs. text implementation. Policy Scope, Intra-Organizational, Little consensus from outsiders necessary, Interoperation focus, Inter-Organizational, Privacy issues more acute (sanitization, filtering), Common semantics are more relevant, Efficiency of representation is more significant.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2004
Accession Number
ADA621887

Entities

People

  • Roman Danyliw

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Detection
  • Engineering
  • Filtration
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Language
  • Sampling
  • Security
  • Situational Awareness
  • Software Development
  • Standardization
  • Statistical Sampling
  • Template Patterns
  • Transport Protocols
  • Transport Ships

Readers

  • Database Systems and Applications
  • Emergency Management and Homeland Security.
  • Systems Analysis and Design