IETF approves e-crime reporting format

The format will allow organizations to report cybercrime in a uniform format for analysis

An Internet standards group has approved an electronic crimes reporting format, which may eventually give security researchers a cohesive, broad set of data to gauge online crime.

The Internet Engineering Task Force (IETF) approved a customized version of the XML-based Instant Object Description Exchange Format (IODEF). Extensions have been added to it that are appropriate for creating standard e-crime reports.

The format allows for unambiguous time stamps, support for different languages and a feature to attach samples of malicious code. It solves the problem facing the security industry now of inconsistent reports, which make it harder to spot trends and react faster.

It is hoped that organizations hit by Internet crime such as banks will be able to mine a centralized database that holds the reports. If a bank is experiencing an attack, it could query the database to find out ranges of IP (Internet Protocol) addresses that have been used for offenses such as phishing attacks.

Further queries could determine if other banks have been hit by attacks and analyze spam messages to see if there are common patterns in the grammar or if the attacks originate from a certain area. All of the information could then be used to contact ISPs to take steps to stop the abuse.

The Anti-Phishing Working Group, which has been instrumental in developing the reporting format, plans to run a trial to see how organizations can share the data in the format. One of the goals is to see if one organization can use reports from another without further communication, according to a paper on APWG's website. Two parties have typically had to communicate several times to sort out issues such as the actual time of an event, because of time zone differences.

"Actually, data exchanges will help to refine the operational, policy and procedural issues that appear whenever a data exchange question arises," according to the APWG document.

The data would be transferred between two parties via e-mail. Another goal is to see if the reporting format can support different languages. Many e-crime reports have been written by non-native speakers of English, which has been difficult given the highly technical nature of e-crime, the APWG said.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimelegalInternet Engineering Task ForceAnti-Phishing Working Group

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?