From 15337038948153987823e3f5980f697215de0424 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Mon, 28 Jan 2019 15:26:49 +0100 Subject: [PATCH 1/2] add interpol notice object --- README.md | 1 + objects/interpol-notice/definition.json | 144 ++++++++++++++++++++++++ 2 files changed, 145 insertions(+) create mode 100644 objects/interpol-notice/definition.json diff --git a/README.md b/README.md index 48aab48..1c06b0b 100644 --- a/README.md +++ b/README.md @@ -96,6 +96,7 @@ for a specific attribute. * [objects/geolocation](objects/geolocation/definition.json) - A geolocation object to describe a location. * [objects/gtp-attack](objects/gtp-attack/definition.json) - GTP attack object as seen on a GSM, UMTS or LTE network. * [objects/http-request](objects/http-request/definition.json) - A single HTTP request header object. +* [objects/interpol-notice](objects/interpol-notice/definition.json) - Object used to represent an Interpol notice * [objects/ip-api-address](objects/ip-api-address/definition.json) - Object describing IP Address information, as defined in [ip-api.com](http://ip-api.com). * [objects/ip-port](objects/ip-port/definition.json) - An IP address and a port seen as a tuple (or as a triple) in a specific time frame. * [objects/ja3](objects/ja3/definition.json) - A ja3 object which describes an SSL client fingerprint in an easy to produce and shareable way. diff --git a/objects/interpol-notice/definition.json b/objects/interpol-notice/definition.json new file mode 100644 index 0000000..1bc0729 --- /dev/null +++ b/objects/interpol-notice/definition.json @@ -0,0 +1,144 @@ +{ + "requiredOneOf": [ + "first-name", + "last-name", + ], + "attributes": { + "notice-color": { + "description": "The color/type of the notice", + "misp-attribute": "text", + "ui-priority": 1, + "sane_default": [ + "Red", + "Yellow", + "Blue", + "Black", + "Green", + "Orange", + "Purple" + ] + }, + "present-family-name": { + "description": "Last name of a natural person.", + "ui-priority": 0, + "misp-attribute": "last-name" + }, + "Forename": { + "description": "First name of a natural person.", + "ui-priority": 0, + "misp-attribute": "first-name", + "disable_correlation": true + }, + "alias": { + "description": "Alias name or known as.", + "ui-priority": 0, + "misp-attribute": "text", + "multiple": true + }, + "father-s-family-name-&-forename": { + "description": "Father's family name & forename.", + "ui-priority": 0, + "misp-attribute": "text", + }, + "mother-s-family-name-&-forename": { + "description": "Mother's family name & forename.", + "ui-priority": 0, + "misp-attribute": "text", + }, + "date-of-birth": { + "description": "Date of birth of a natural person (in YYYY-MM-DD format).", + "ui-priority": 0, + "misp-attribute": "date-of-birth" + }, + "place-of-birth": { + "description": "Place of birth of a natural person.", + "ui-priority": 0, + "misp-attribute": "place-of-birth", + "disable_correlation": true + }, + "sex": { + "description": "The gender of a natural person.", + "ui-priority": 0, + "misp-attribute": "gender", + "values_list": [ + "Male", + "Female", + "Other", + "Prefer not to say" + ], + "disable_correlation": true + }, + "nationality": { + "description": "The nationality of a natural person.", + "ui-priority": 0, + "misp-attribute": "nationality", + "multiple": true, + "disable_correlation": true + }, + "language-spoken": { + "description": "Languages spoken by a person.", + "ui-priority": 0, + "misp-attribute": "text", + "multiple": true, + "disable_correlation": true + }, + "charges": { + "description": "Charges published as provided by requesting entity", + "ui-priority": 0, + "misp-attribute": "text", + "multiple": true, + "disable_correlation": true + }, + "date-of-disappearance": { + "description": "Date of disappearance of a missing person.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "place-of-disappearance": { + "description": "Place of birth of a natural person.", + "ui-priority": 0, + "misp-attribute": "text", + }, + "height": { + "description": "Height of a person.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "weight": { + "description": "weight of a person.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "colour-of-hair": { + "description": "Description of a person's colour of hair.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "colour-of-eyes": { + "description": "Description of a person's colour of eyes.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "distinguishing-marks-and-characteristics": { + "description": "Distinguishing marks and characteristics of a person.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "portrait": { + "description": "Portrait of the person.", + "ui-priority": 10, + "misp-attribute": "attachment", + "multiple": true + } + }, + "version": 1, + "description": "An object which describes a Interpol notice.", + "meta-category": "misc", + "uuid": "24927972-1e4a-11e9-857e-3b2306b99911", + "name": "interpol-notice" +} From 0f6f7de3845e4100a89a41f840bbff4f186358dd Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Mon, 28 Jan 2019 15:40:07 +0100 Subject: [PATCH 2/2] fix required field for interpol notice --- objects/interpol-notice/definition.json | 49 ++++++++++++------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/objects/interpol-notice/definition.json b/objects/interpol-notice/definition.json index 1bc0729..95aacaa 100644 --- a/objects/interpol-notice/definition.json +++ b/objects/interpol-notice/definition.json @@ -1,7 +1,6 @@ { - "requiredOneOf": [ - "first-name", - "last-name", + "required": [ + "notice-color" ], "attributes": { "notice-color": { @@ -23,7 +22,7 @@ "ui-priority": 0, "misp-attribute": "last-name" }, - "Forename": { + "forename": { "description": "First name of a natural person.", "ui-priority": 0, "misp-attribute": "first-name", @@ -38,12 +37,12 @@ "father-s-family-name-&-forename": { "description": "Father's family name & forename.", "ui-priority": 0, - "misp-attribute": "text", + "misp-attribute": "text" }, "mother-s-family-name-&-forename": { "description": "Mother's family name & forename.", "ui-priority": 0, - "misp-attribute": "text", + "misp-attribute": "text" }, "date-of-birth": { "description": "Date of birth of a natural person (in YYYY-MM-DD format).", @@ -97,38 +96,38 @@ "place-of-disappearance": { "description": "Place of birth of a natural person.", "ui-priority": 0, - "misp-attribute": "text", + "misp-attribute": "text" }, - "height": { + "height": { "description": "Height of a person.", "ui-priority": 0, "misp-attribute": "text", "disable_correlation": true }, - "weight": { - "description": "weight of a person.", - "ui-priority": 0, - "misp-attribute": "text", - "disable_correlation": true + "weight": { + "description": "weight of a person.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true }, - "colour-of-hair": { - "description": "Description of a person's colour of hair.", - "ui-priority": 0, - "misp-attribute": "text", - "disable_correlation": true + "colour-of-hair": { + "description": "Description of a person's colour of hair.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true }, - "colour-of-eyes": { - "description": "Description of a person's colour of eyes.", - "ui-priority": 0, - "misp-attribute": "text", - "disable_correlation": true + "colour-of-eyes": { + "description": "Description of a person's colour of eyes.", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true }, - "distinguishing-marks-and-characteristics": { + "distinguishing-marks-and-characteristics": { "description": "Distinguishing marks and characteristics of a person.", "ui-priority": 0, "misp-attribute": "text", "disable_correlation": true - }, + }, "portrait": { "description": "Portrait of the person.", "ui-priority": 10,