HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GA/T 699-2007 English PDF

Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GA/T 699-2007EnglishRFQ ASK 5 days [Need to translate] Information security technology- Communication exchange criterion for alert of computer network intrusion Obsolete GA/T 699-2007

PDF similar to GA/T 699-2007


Standard similar to GA/T 699-2007

GB/T 37230   GB 13954   GA/T 671   GA/T 704.16   GA/T 704.14   GA/T 698   

Basic data

Standard ID GA/T 699-2007 (GA/T699-2007)
Description (Translated English) Information security technology- Communication exchange criterion for alert of computer network intrusion
Sector / Industry Public Security (Police) Industry Standard (Recommended)
Classification of Chinese Standard A90
Classification of International Standard 35.240
Word Count Estimation 29,213
Date of Issue 2007-05-14
Date of Implementation 2007-07-01
Quoted Standard GB/T 2260; GB 2312-1980; GB 18030-2000; GA/Z 02-2005; GA/T 700-2007
Issuing agency(ies) Ministry of Public Security
Summary This standard specifies the relevant interface element definition, preservation format, naming standard and alarm flow of the network intrusion detection system in the alarm disposal system. This standard is applicable to the development and construction of the alarm disposal system. The relevant developers or integrators shall refer to this standard.

GA/T 699-2007: Information security technology- Communication exchange criterion for alert of computer network intrusion


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology- Communication exchange criterion for alert of computer network intrusion ICS 35.240 A90 People's Republic of China Public Security Industry Standards Information security technology computer network intrusion Alarm communication switching technology requirements Posted 2007-05-14 2007-07-01 implementation People's Republic of China Ministry of Public Security

Table of Contents

Introduction Ⅲ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Operating Environment 1 4.1 System Structure 1 4.2 Network intrusion detection system operating requirements 2 4.2.1 information processing function 2 4.2.2 Information reporting function 2 4.2.3 Data storage function 2 5 Data Exchange Interface element definitions 2 5.1 Basic Data Types 2 5.2 Basic Property Description 3 5.3 alarm interface element definitions 3 5.3.1 Alarm element definitions 3 5.3.2 Alert element definitions 4 5.3.3 HeartBeat element definitions 5 5.3.4 Analyzer element definitions 5 5.3.5 Unit element definitions 6 5.3.6 Node element definitions 7 5.3.7 Address element definitions 8 5.3.8 Source element definitions 9 5.3.9 Target element defines 9 5.3.10 MatchRecord element definitions 10 5.3.11 AlertLevel element definitions 11 5.3.12 Impact element definitions 12 5.3.13 Classification element definitions 13 5.3.14 CImpact element definitions 14 5.3.15 AdditionalData element definitions 15 5.3.16 StatRecord element definitions 16 5.3.17 Status element definitions 17 6 Data Interchange Format to save 18 6.1 Format Description Table 18 21 6.2 Description 7 reported file naming conventions 22 22 7.1 naming format 7.2 Example 22 8 alarm Process 22 Online 22 8.1 Process Alarm Process 22 8.2 Offline alarm 9 Data Interface Description Document 22

Foreword

This standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. Ministry of Public Security of Computer Information System Security Product Quality Supervision and Inspection Center, the Shanghai Jinnuo network security technology development Co., Ltd., Beijing in the dot com Wei Information Technology Co., Ltd., Beijing Venus Information Technology Co., Ltd. Beijing Yung-based Network Security Technology Limited. Drafters of this standard. Shen Liang, Gu Jian, Ding Ding, Xiao Jiang, Xuqiu Fen Zhu Xiang generations. Information security technology computer network intrusion Alarm communication switching technology requirements

1 Scope

This standard specifies the elements of the network interfaces based intrusion detection system-defined alarm disposal systems, saving format, naming conventions and newspaper Police processes. This standard applies to the development and construction of the disposal system alarm, related to developers or integrators can refer to these standards.

2 Normative references

The following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this section. GB/T 2260 People's Republic of China administrative division code GB 2312-1980 exchange of information with Chinese characters coded character set basic set GB 18030-2000 Technical information exchange with a basic set of Chinese character set encoding expansion GA /Z02-2005 POLICE business base code set of data elements GA/T 700-2007 Information security technology computer network intrusion grading requirements

3 Terms and Definitions

3.1 By monitoring network packets and found that if a malicious user or misuse of the user tries to enter the system of non-product suite. network Network intrusion detection systems can monitor their communications run on the target machine, on a separate machine to monitor all be in promiscuous mode Network communications. This standard covers network-based intrusion detection system (English abbreviated as NIDS), does not involve a host-based intrusion detection system (English Abbreviated to HIDS). 3.2 Alarms from various business systems for unified disposal platform, which includes intrusion detection equipment for front-end data transmission interface. This standard deals with the front-end receiving portion alarm information disposal system. 3.3 Network-based intrusion detection system to alarm treatment system remote interface information reported. Reported data should be consistent with this standard data format Requirements.

4 Operating Environment

4.1 System Architecture System structure consists of network-based intrusion detection systems, remote alarm disposal system interface. Network intrusion detection systems to achieve the network Identify and deal with network behavior, matching rules and alarm functions; alarm reporting data received treatment system defined remote interface, a letter Information collected and aggregated. Shown in Figure 1.