MISP
/
misp-rfc
mirror of https://github.com/MISP/misp-rfc
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [misp-galaxy] updated

pull/23/head
Alexandre Dulaunoy 2019-03-11 19:41:14 +01:00
parent 0e5591d198
commit 7327d0deab
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 108 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
misp-galaxy-format/raw.md.txt
View File

@ -75,11 +75,11 @@ Table of Contents
3. JSON Schema . . . . . . . . . . . . . . . . . . . . . . . . . 8 3. JSON Schema . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1. MISP galaxy format - galaxy . . . . . . . . . . . . . . . 8 3.1. MISP galaxy format - galaxy . . . . . . . . . . . . . . . 8
3.2. MISP galaxy format - clusters . . . . . . . . . . . . . . 9 3.2. MISP galaxy format - clusters . . . . . . . . . . . . . . 9
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.1. Normative References . . . . . . . . . . . . . . . . . . 12 5.1. Normative References . . . . . . . . . . . . . . . . . . 13
5.2. Informative References . . . . . . . . . . . . . . . . . 13 5.2. Informative References . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
@ -377,23 +377,30 @@ Internet-Draft MISP galaxy format September 2018
"uuid": "1f73e14f-b882-4032-a565-26dc653b0daf" "uuid": "1f73e14f-b882-4032-a565-26dc653b0daf"
}, },
attribution-confidence MAY be used to indicte the confidence about an attribution-confidence MAY be used to indicate the confidence about
attribution given by country or cfr-suspected-state-sponsor. an attribution given by country or cfr-suspected-state-sponsor.
attribution-confidence is represented on a scale from 0 to 100, where attribution-confidence is represented on a scale from 0 to 100, where
50 means "no information", the values under 50 mean "not certain", 50 means "no information", the values under 50 mean "probably not,
the values above 50 means "pretty certain" and SHALL be present if almost certainly not to impossibility", the values above 50 means
"from probable, almost certain to certainty" and SHALL be present if
country or cfr-suspected-state-sponsor are present. country or cfr-suspected-state-sponsor are present.
Dulaunoy, et al. Expires March 24, 2019 [Page 7] Dulaunoy, et al. Expires March 24, 2019 [Page 7]
Internet-Draft MISP galaxy format September 2018 Internet-Draft MISP galaxy format September 2018
Impossibility no information Certainty
+
|
+-------------------+------------------>
0 50 100
3. JSON Schema 3. JSON Schema
The JSON Schema [JSON-SCHEMA] below defines the overall MISP galaxy The JSON Schema [JSON-SCHEMA] below defines the overall MISP galaxy
@ -402,6 +409,47 @@ Internet-Draft MISP galaxy format September 2018
3.1. MISP galaxy format - galaxy 3.1. MISP galaxy format - galaxy
Dulaunoy, et al. Expires March 24, 2019 [Page 8]
Internet-Draft MISP galaxy format September 2018
{ {
"$schema": "http://json-schema.org/schema#", "$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies - Galaxies", "title": "Validator for misp-galaxies - Galaxies",
@ -443,13 +491,6 @@ Internet-Draft MISP galaxy format September 2018
] ]
} }
Dulaunoy, et al. Expires March 24, 2019 [Page 8]
Internet-Draft MISP galaxy format September 2018
3.2. MISP galaxy format - clusters 3.2. MISP galaxy format - clusters
{ {
@ -457,6 +498,14 @@ Internet-Draft MISP galaxy format September 2018
"title": "Validator for misp-galaxies - Clusters", "title": "Validator for misp-galaxies - Clusters",
"id": "https://www.github.com/MISP/misp-galaxies/schema_clusters.json", "id": "https://www.github.com/MISP/misp-galaxies/schema_clusters.json",
"type": "object", "type": "object",
Dulaunoy, et al. Expires March 24, 2019 [Page 9]
Internet-Draft MISP galaxy format September 2018
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"description": { "description": {
@ -498,14 +547,6 @@ Internet-Draft MISP galaxy format September 2018
}, },
"related": { "related": {
"type": "array", "type": "array",
Dulaunoy, et al. Expires March 24, 2019 [Page 9]
Internet-Draft MISP galaxy format September 2018
"additionalProperties": false, "additionalProperties": false,
"items": { "items": {
"type": "object" "type": "object"
@ -513,6 +554,14 @@ Internet-Draft MISP galaxy format September 2018
"properties": { "properties": {
"dest-uuid": { "dest-uuid": {
"type": "string" "type": "string"
Dulaunoy, et al. Expires March 24, 2019 [Page 10]
Internet-Draft MISP galaxy format September 2018
}, },
"type": { "type": {
"type": "string" "type": "string"
@ -554,14 +603,6 @@ Internet-Draft MISP galaxy format September 2018
}, },
"motive": { "motive": {
"type": "string" "type": "string"
Dulaunoy, et al. Expires March 24, 2019 [Page 10]
Internet-Draft MISP galaxy format September 2018
}, },
"impact": { "impact": {
"type": "string" "type": "string"
@ -569,6 +610,14 @@ Internet-Draft MISP galaxy format September 2018
"refs": { "refs": {
"type": "array", "type": "array",
"uniqueItems": true, "uniqueItems": true,
Dulaunoy, et al. Expires March 24, 2019 [Page 11]
Internet-Draft MISP galaxy format September 2018
"items": { "items": {
"type": "string" "type": "string"
} }
@ -610,14 +659,6 @@ Internet-Draft MISP galaxy format September 2018
"value" "value"
] ]
} }
Dulaunoy, et al. Expires March 24, 2019 [Page 11]
Internet-Draft MISP galaxy format September 2018
}, },
"authors": { "authors": {
"type": "array", "type": "array",
@ -625,6 +666,14 @@ Internet-Draft MISP galaxy format September 2018
"items": { "items": {
"type": "string" "type": "string"
} }
Dulaunoy, et al. Expires March 24, 2019 [Page 12]
Internet-Draft MISP galaxy format September 2018
} }
}, },
"required": [ "required": [
@ -664,22 +713,23 @@ Internet-Draft MISP galaxy format September 2018
DOI 10.17487/RFC4627, July 2006, DOI 10.17487/RFC4627, July 2006,
<https://www.rfc-editor.org/info/rfc4627>. <https://www.rfc-editor.org/info/rfc4627>.
Dulaunoy, et al. Expires March 24, 2019 [Page 12]
Internet-Draft MISP galaxy format September 2018
5.2. Informative References 5.2. Informative References
[CFR] CFR, "Cyber Operations Tracker - Council on Foreign [CFR] CFR, "Cyber Operations Tracker - Council on Foreign
Relations", 2018, Relations", 2018,
<https://www.cfr.org/interactive/cyber-operations>. <https://www.cfr.org/interactive/cyber-operations>.
Dulaunoy, et al. Expires March 24, 2019 [Page 13]
Internet-Draft MISP galaxy format September 2018
[JSON-SCHEMA] [JSON-SCHEMA]
"JSON Schema: A Media Type for Describing JSON Documents", "JSON Schema: A Media Type for Describing JSON Documents",
2016, 2016,
@ -725,7 +775,13 @@ Authors' Addresses
Dulaunoy, et al. Expires March 24, 2019 [Page 13]
Dulaunoy, et al. Expires March 24, 2019 [Page 14]
Internet-Draft MISP galaxy format September 2018 Internet-Draft MISP galaxy format September 2018
@ -781,4 +837,4 @@ Internet-Draft MISP galaxy format September 2018
Dulaunoy, et al. Expires March 24, 2019 [Page 14] Dulaunoy, et al. Expires March 24, 2019 [Page 15]