chg: [misp-taxonomy] list of taxonomies updated

pull/27/head
Alexandre Dulaunoy 2019-04-08 10:01:39 +02:00
parent f9c2b665c2
commit 38a5644c34
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 30 additions and 3 deletions

View File

@ -426,7 +426,6 @@ A taxonomies array describes the taxonomy available with the description, name a
The public directory of MISP taxonomies [@?MISP-T] contains a variety of taxonomy in various fields such as: The public directory of MISP taxonomies [@?MISP-T] contains a variety of taxonomy in various fields such as:
CERT-XLM: CERT-XLM:
: CERT-XLM Security Incident Classification. : CERT-XLM Security Incident Classification.
@ -472,9 +471,15 @@ circl:
collaborative-intelligence: collaborative-intelligence:
: Collaborative intelligence support language is a common language to support analysts to perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP. : Collaborative intelligence support language is a common language to support analysts to perform their analysis to get crowdsourced support when using threat intelligence sharing platform like MISP.
common-taxonomy:
: The Common Taxonomy for Law Enforcement and The National Network of CSIRTs bridges the gap between the CSIRTs and international Law Enforcement communities by adding a legislative framework to facilitate the harmonisation of incident reporting to competent authorities, the development of useful statistics and sharing information within the entire cybercrime ecosystem.
copine-scale: copine-scale:
: The COPINE Scale is a rating system created in Ireland and used in the United Kingdom to categorise the severity of images of child sex abuse. : The COPINE Scale is a rating system created in Ireland and used in the United Kingdom to categorise the severity of images of child sex abuse.
cryptocurrency-threat:
: Threats targetting cryptocurrency, based on CipherTrace report.
csirt_case_classification: csirt_case_classification:
: FIRST CSIRT Case Classification. : FIRST CSIRT Case Classification.
@ -484,6 +489,12 @@ cssa:
cyber-threat-framework: cyber-threat-framework:
: Cyber Threat Framework was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of cyber adversaries. https://www.dni.gov/index.php/cyber-threat-framework : Cyber Threat Framework was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of cyber adversaries. https://www.dni.gov/index.php/cyber-threat-framework
data-classification:
: Data classification for data potentially at risk of exfiltration based on table 2.1 of Solving Cyber Risk book.
dcso-sharing:
: DCSO Sharing Taxonomy to classify certain types of MISP events using the DCSO Event Guide
ddos: ddos:
: Distributed Denial of Service - or short: DDoS - taxonomy supports the description of Denial of Service attacks and especially the types they belong too. : Distributed Denial of Service - or short: DDoS - taxonomy supports the description of Denial of Service attacks and especially the types they belong too.
@ -502,6 +513,9 @@ dni-ism:
domain-abuse: domain-abuse:
: Taxonomy to tag domain names used for cybercrime. : Taxonomy to tag domain names used for cybercrime.
drugs:
: A taxonomy based on the superclass and class of drugs, based on https://www.drugbank.ca/releases/latest
economical-impact: economical-impact:
: Economical impact is a taxonomy to describe the financial impact as positive or negative gain to the tagged information. : Economical impact is a taxonomy to describe the financial impact as positive or negative gain to the tagged information.
@ -521,7 +535,7 @@ eu-nis-sector-and-subsectors:
: Sectors and sub sectors as identified by the NIS Directive. : Sectors and sub sectors as identified by the NIS Directive.
euci: euci:
: EU classified information (EUCI) means any information or material designated by a EU security classification, the unauthorised disclosure of which could cause varying degrees of prejudice to the interests of the European Union or of one or more of the Member States as described in CELEX 32013D0488 : EU classified information (EUCI) means any information or material designated by a EU security classification, the unauthorised disclosure of which could cause varying degrees of prejudice to the interests of the European Union or of one or more of the Member States as described in http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32013D0488&from=EN
europol-event: europol-event:
: EUROPOL type of events taxonomy. : EUROPOL type of events taxonomy.
@ -536,7 +550,7 @@ event-classification:
: Event Classification. : Event Classification.
exercise: exercise:
: Exercise is a taxonomy to describe if the information is part of one or more cyber or crisis exercise : Exercise is a taxonomy to describe if the information is part of one or more cyber or crisis exercise.
false-positive: false-positive:
: This taxonomy aims to ballpark the expected amount of false positives. : This taxonomy aims to ballpark the expected amount of false positives.
@ -544,6 +558,9 @@ false-positive:
file-type: file-type:
: List of known file types. : List of known file types.
flesch-reading-ease:
: Flesch Reading Ease is a revised system for determining the comprehension difficulty of written material. The scoring of the flesh score can have a maximum of 121.22 and there is no limit on how low a score can be (negative score are valid).
fpf: fpf:
: The Future of Privacy Forum (FPF) [visual guide to practical de-identification](https://fpf.org/2016/04/25/a-visual-guide-to-practical-data-de-identification/) taxonomy is used to evaluate the degree of identifiability of personal data and the types of pseudonymous data, de-identified data and anonymous data. The work of FPF is licensed under a creative commons attribution 4.0 international license. : The Future of Privacy Forum (FPF) [visual guide to practical de-identification](https://fpf.org/2016/04/25/a-visual-guide-to-practical-data-de-identification/) taxonomy is used to evaluate the degree of identifiability of personal data and the types of pseudonymous data, de-identified data and anonymous data. The work of FPF is licensed under a creative commons attribution 4.0 international license.
@ -577,6 +594,9 @@ incident-disposition:
infoleak: infoleak:
: A taxonomy describing information leaks and especially information classified as being potentially leaked. : A taxonomy describing information leaks and especially information classified as being potentially leaked.
information-security-data-source:
: Taxonomy to classify the information security data sources
information-security-indicators: information-security-indicators:
: Information security indicators have been standardized by the ETSI Industrial Specification Group (ISG) ISI. These indicators provide the basis to switch from a qualitative to a quantitative culture in IT Security Scope of measurements: External and internal threats (attempt and success), user's deviant behaviours, nonconformities and/or vulnerabilities (software, configuration, behavioural, general security framework). ETSI GS ISI 001-1 (V1.1.2): ISI Indicators : Information security indicators have been standardized by the ETSI Industrial Specification Group (ISG) ISI. These indicators provide the basis to switch from a qualitative to a quantitative culture in IT Security Scope of measurements: External and internal threats (attempt and success), user's deviant behaviours, nonconformities and/or vulnerabilities (software, configuration, behavioural, general security framework). ETSI GS ISI 001-1 (V1.1.2): ISI Indicators
@ -661,6 +681,12 @@ tlp:
tor: tor:
: Taxonomy to describe Tor network infrastructure : Taxonomy to describe Tor network infrastructure
type:
: Taxonomy to describe different types of intelligence gathering discipline which can be described the origin of intelligence.
use-case-applicability:
: The Use Case Applicability categories reflect standard resolution categories, to clearly display alerting rule configuration problems.
veris: veris:
: Vocabulary for Event Recording and Incident Sharing (VERIS). : Vocabulary for Event Recording and Incident Sharing (VERIS).
@ -670,6 +696,7 @@ vocabulaire-des-probabilites-estimatives:
workflow: workflow:
: Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. : Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information.
# JSON Schema # JSON Schema
The JSON Schema [@?JSON-SCHEMA] below defines the structure of the MISP taxonomy document The JSON Schema [@?JSON-SCHEMA] below defines the structure of the MISP taxonomy document