MISP
/
misp-decaying-models
의 미러 https://github.com/MISP/misp-decaying-models
2
0
포크 0
코드 이슈 0 릴리즈 0 위키 활동
MISP decaying models
25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 커밋
2 브랜치
30 KiB
 
브렌치: master
브랜치 태그
${ item.name }
${ searchTerm } 브랜치 생성
from 'master'
${ noResults }
misp-decaying-models/models/nids-simple-model.json

45 lines
1.1 KiB
Raw 고유링크 Blame 히스토리 

  1. {

  2.   "uuid": "073fae4a-2377-4cfa-bd34-2516830d33c3",

  3.   "name": "NIDS Simple Decaying Model",

  4.   "formula": "Polynomial",

  5.   "ref": [

  6.     "https://arxiv.org/abs/1902.03914",

  7.     "https://arxiv.org/abs/1803.11052"

  8.   ],

  9.   "authors": [

  10.     "MISP Project"

  11.   ],

  12.   "parameters": {

  13.     "lifetime": 120,

  14.     "decay_speed": 2,

  15.     "threshold": 30,

  16.     "default_base_score": 80,

  17.     "base_score_config": {

  18.       "estimative-language:confidence-in-analytic-judgment": 0.1667,

  19.       "estimative-language:likelihood-probability": 0.1667,

  20.       "false-positive:risk": 0.1667,

  21.       "priority-level": 0.1667,

  22.       "retention": 0.1667,

  23.       "targeted-threat-index:targeting-sophistication-base-value": 0.0833,

  24.       "targeted-threat-index:technical-sophistication-multiplier": 0.0833

  25.     }

  26.   },

  27.   "description": "Simple decaying model for Network Intrusion Detection System (NIDS). ",

  28.   "attribute_types": [

  29.     "domain",

  30.     "domain|ip",

  31.     "hostname",

  32.     "hostname|port",

  33.     "ip-dst",

  34.     "ip-dst|port",

  35.     "ip-src",

  36.     "ip-src|port",

  37.     "url",

  38.     "snort",

  39.     "suricata",

  40.     "zeek",

  41.     "bro"

  42.   ],

  43.   "version": 2

  44. }