Despite their significant contribution to information security research, both CVE and ICAT projects are oriented only towards supporting and maintaining a unified vulnerability database. Such databases are hardly suitable for attack descriptions. To eliminate this drawback, the Stanford Research Institute (http://www.sri.com/) has developed the IDLE database (Intrusion Data Library Enterprise). The IDLE database has an XML-based format, and is intended for aiding developers, researches, testers, and operators of various intrusion detection systems. This database can store various information on an attack, including:
Records of OS log files
Fragments of the network traffic
Records from the log files created by application software
File changes
The first trial version of the IDLE database is currently available. The same version is used in the SRI project. This project is coordinated by the UC Davis Computer Security Lab. Unfortunately, no information concerning the support of this product by developers of commercial products is available yet. Notice that the XML language is also used by the IDWG group.