Implementing the IETF IDWG Intrusion Alert Protocol

The Aerospace Corporation Computer Science, 2000-01

Liaison(s): Joseph Betser, Andrew Walther ’00
Advisor(s): Michael Erlinger
Students(s): Roy Pollock (TL), Tim Buchheim, Benjamin Feinstein, Greg Matthews

The Aerospace Corporation has sponsored a series of projects focusing on issues in intrusion detection. The Intrusion Detection Working Group (IDWG) of the Internet Engineering Task Force (IETF, a standards body) has been developing a common method of communicating intrusion detection events. This consists of two parts, a transport protocol and a message format. In this project, the Clinic team has been assisting in the development, implementation, and evaluation of two proposed transport protocols.