||2 years ago|
|models||2 years ago|
|LICENSE.md||2 years ago|
|README.md||2 years ago|
|jq_all_the_things.sh||2 years ago|
MISP Decaying Models
Starting from MISP 2.4.114, a decaying feature is available to apply decaying on attributes in your MISP instance. MISP comes with a set of default decaying models which can be customised by the users. This repository contains all the default models.
For more information about decaying and expiring attributes/indicators in MISP, the training materials MISP and Decaying of Indicators is a good start.
- nids-simple-model - Simple decaying model for Network Intrusion Detection System (NIDS).
- phishing-model - Simple model to rapidly decay phishing website.
- vishing-model - Simple model to rapidly decay voice scamming, vishing relying on phone-numbers.
How to contribute your decaying model?
It's very easy. Fork the repository, create a new JSON file with your model and make a pull-request.
The MISP decaying models are dual-licensed under CC-0 and a simple 2-clause BSD license.