chg: [misp-core] standard updated regarding first_seen/last_seen added at attribute and object level
parent
55f6d63494
commit
bcac386ce1
|
@ -813,10 +813,10 @@
|
|||
<br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd>
|
||||
<dt>Payload delivery</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, whois-registrant-email, anonymised</dd>
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, chrome-extension-id, whois-registrant-email, anonymised</dd>
|
||||
<dt>Payload installation</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, other, mime-type, anonymised</dd>
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, chrome-extension-id, other, mime-type, anonymised</dd>
|
||||
<dt>Payload type</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>comment, text, other, anonymised</dd>
|
||||
|
@ -1011,10 +1011,10 @@
|
|||
<br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd>
|
||||
<dt>Payload delivery</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, whois-registrant-email, anonymised</dd>
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, chrome-extension-id, whois-registrant-email, anonymised</dd>
|
||||
<dt>Payload installation</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, other, mime-type, anonymised</dd>
|
||||
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, chrome-extension-id, other, mime-type, anonymised</dd>
|
||||
<dt>Payload type</dt>
|
||||
<dd style="margin-left: 8">
|
||||
<br>comment, text, other, anonymised</dd>
|
||||
|
@ -1701,6 +1701,12 @@
|
|||
"timestamp": {
|
||||
"type": "string"
|
||||
},
|
||||
"first_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"last_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"distribution": {
|
||||
"type": "string"
|
||||
},
|
||||
|
@ -1868,6 +1874,12 @@
|
|||
"timestamp": {
|
||||
"type": "string"
|
||||
},
|
||||
"first_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"last_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"comment": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
|
@ -100,7 +100,7 @@ Table of Contents
|
|||
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 51
|
||||
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 51
|
||||
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 51
|
||||
9.1. Normative References . . . . . . . . . . . . . . . . . . 51
|
||||
9.1. Normative References . . . . . . . . . . . . . . . . . . 52
|
||||
9.2. Informative References . . . . . . . . . . . . . . . . . 52
|
||||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 52
|
||||
|
||||
|
@ -588,7 +588,7 @@ Internet-Draft MISP core format August 2018
|
|||
hostname|port, email-dst-display-name, email-src-display-name,
|
||||
email-header, email-reply-to, email-x-mailer, email-mime-boundary,
|
||||
email-thread-index, email-message-id, mobile-application-id,
|
||||
whois-registrant-email, anonymised
|
||||
chrome-extension-id, whois-registrant-email, anonymised
|
||||
|
||||
Payload installation
|
||||
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
|
||||
|
@ -601,8 +601,8 @@ Internet-Draft MISP core format August 2018
|
|||
traffic, pattern-in-memory, stix2-pattern, yara, sigma,
|
||||
vulnerability, weakness, attachment, malware-sample, malware-type,
|
||||
comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5,
|
||||
x509-fingerprint-sha256, mobile-application-id, other, mime-type,
|
||||
anonymised
|
||||
x509-fingerprint-sha256, mobile-application-id, chrome-extension-
|
||||
id, other, mime-type, anonymised
|
||||
|
||||
Payload type
|
||||
comment, text, other, anonymised
|
||||
|
@ -985,7 +985,7 @@ Internet-Draft MISP core format August 2018
|
|||
hostname|port, email-dst-display-name, email-src-display-name,
|
||||
email-header, email-reply-to, email-x-mailer, email-mime-boundary,
|
||||
email-thread-index, email-message-id, mobile-application-id,
|
||||
whois-registrant-email, anonymised
|
||||
chrome-extension-id, whois-registrant-email, anonymised
|
||||
|
||||
Payload installation
|
||||
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
|
||||
|
@ -998,8 +998,8 @@ Internet-Draft MISP core format August 2018
|
|||
traffic, pattern-in-memory, stix2-pattern, yara, sigma,
|
||||
vulnerability, weakness, attachment, malware-sample, malware-type,
|
||||
comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5,
|
||||
x509-fingerprint-sha256, mobile-application-id, other, mime-type,
|
||||
anonymised
|
||||
x509-fingerprint-sha256, mobile-application-id, chrome-extension-
|
||||
id, other, mime-type, anonymised
|
||||
|
||||
Payload type
|
||||
|
||||
|
@ -2144,6 +2144,12 @@ Internet-Draft MISP core format August 2018
|
|||
"timestamp": {
|
||||
"type": "string"
|
||||
},
|
||||
"first_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"last_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"distribution": {
|
||||
"type": "string"
|
||||
},
|
||||
|
@ -2172,12 +2178,6 @@ Internet-Draft MISP core format August 2018
|
|||
"sighthing": {
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"attribute_id": {
|
||||
"type": "string"
|
||||
|
||||
|
||||
|
||||
|
@ -2186,6 +2186,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 39]
|
|||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"attribute_id": {
|
||||
"type": "string"
|
||||
},
|
||||
"event_id": {
|
||||
"type": "string"
|
||||
|
@ -2228,12 +2234,6 @@ Internet-Draft MISP core format August 2018
|
|||
"objectreference": {
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"deleted": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"object_id": {
|
||||
"type": "string"
|
||||
|
||||
|
||||
|
||||
|
@ -2242,6 +2242,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 40]
|
|||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"properties": {
|
||||
"deleted": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"object_id": {
|
||||
"type": "string"
|
||||
},
|
||||
"event_id": {
|
||||
"type": "string"
|
||||
|
@ -2284,12 +2290,6 @@ Internet-Draft MISP core format August 2018
|
|||
"attribute": {
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"old_id": {
|
||||
"type": "string"
|
||||
|
||||
|
||||
|
||||
|
@ -2298,6 +2298,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 41]
|
|||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"old_id": {
|
||||
"type": "string"
|
||||
},
|
||||
"type": {
|
||||
"type": "string"
|
||||
|
@ -2334,6 +2340,20 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"timestamp": {
|
||||
"type": "string"
|
||||
},
|
||||
"first_seen": {
|
||||
"type": "string"
|
||||
},
|
||||
"last_seen": {
|
||||
"type": "string"
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 42]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
},
|
||||
"comment": {
|
||||
"type": "string"
|
||||
|
@ -2346,14 +2366,6 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"disable_correlation": {
|
||||
"type": "boolean"
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 42]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
},
|
||||
"value": {
|
||||
"type": "string"
|
||||
|
@ -2390,6 +2402,14 @@ Internet-Draft MISP core format August 2018
|
|||
"items": {
|
||||
"$ref": "#/defs/galaxy"
|
||||
}
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 43]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
},
|
||||
"Tag": {
|
||||
"uniqueItems": true,
|
||||
|
@ -2402,14 +2422,6 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"event": {
|
||||
"type": "object",
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 43]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"id": {
|
||||
|
@ -2446,6 +2458,14 @@ Internet-Draft MISP core format August 2018
|
|||
"type": "string"
|
||||
},
|
||||
"timestamp": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 44]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"type": "string"
|
||||
},
|
||||
"distribution": {
|
||||
|
@ -2458,14 +2478,6 @@ Internet-Draft MISP core format August 2018
|
|||
"type": "boolean"
|
||||
},
|
||||
"publish_timestamp": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 44]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"type": "string"
|
||||
},
|
||||
"sharing_group_id": {
|
||||
|
@ -2502,6 +2514,14 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"RelatedEvent": {
|
||||
"type": "array",
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 45]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
"type": "object",
|
||||
|
@ -2514,14 +2534,6 @@ Internet-Draft MISP core format August 2018
|
|||
}
|
||||
},
|
||||
"Galaxy": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 45]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"type": "array",
|
||||
"uniqueItems": true,
|
||||
"items": {
|
||||
|
@ -2558,6 +2570,14 @@ Internet-Draft MISP core format August 2018
|
|||
"type": "string"
|
||||
},
|
||||
"exportable": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 46]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"type": "boolean"
|
||||
},
|
||||
"hide_tag": {
|
||||
|
@ -2570,14 +2590,6 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"galaxy": {
|
||||
"type": "object",
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 46]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"id": {
|
||||
|
@ -2614,6 +2626,14 @@ Internet-Draft MISP core format August 2018
|
|||
}
|
||||
},
|
||||
"galaxy_cluster": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 47]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
|
@ -2626,14 +2646,6 @@ Internet-Draft MISP core format August 2018
|
|||
"type": {
|
||||
"type": "string"
|
||||
},
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 47]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"value": {
|
||||
"type": "string"
|
||||
},
|
||||
|
@ -2670,6 +2682,14 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
"type": "object",
|
||||
"properties": {
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 48]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"Event": {
|
||||
"$ref": "#/defs/event"
|
||||
}
|
||||
|
@ -2679,17 +2699,6 @@ Internet-Draft MISP core format August 2018
|
|||
]
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 48]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
4. Manifest
|
||||
|
||||
MISP events can be shared over an HTTP repository, a file package or
|
||||
|
@ -2729,6 +2738,14 @@ Internet-Draft MISP core format August 2018
|
|||
representation of the associated MISP event file to ensure
|
||||
integrity of the file. (SHOULD)
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 49]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
o integrity:pgp represents a detached PGP signature [RFC4880] of the
|
||||
associated MISP event file to ensure integrity of the file.
|
||||
(SHOULD)
|
||||
|
@ -2738,14 +2755,6 @@ Internet-Draft MISP core format August 2018
|
|||
detached PGP signature for a manifest file is a manifest.json.asc
|
||||
file containing the PGP signature.
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 49]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
4.1.1. Sample Manifest
|
||||
|
||||
{
|
||||
|
@ -2785,6 +2794,14 @@ Internet-Draft MISP core format August 2018
|
|||
},
|
||||
{
|
||||
"colour": "#3d7a00",
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 50]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"name": "circl:incident-classification=\"malware\""
|
||||
},
|
||||
{
|
||||
|
@ -2794,14 +2811,6 @@ Internet-Draft MISP core format August 2018
|
|||
],
|
||||
"timestamp": "1461764231",
|
||||
"date": "2016-04-27",
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 50]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
"threat_level_id": "3"
|
||||
}
|
||||
}
|
||||
|
@ -2837,6 +2846,18 @@ Internet-Draft MISP core format August 2018
|
|||
|
||||
9. References
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 51]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
9.1. Normative References
|
||||
|
||||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
|
||||
|
@ -2849,15 +2870,6 @@ Internet-Draft MISP core format August 2018
|
|||
DOI 10.17487/RFC4122, July 2005,
|
||||
<https://www.rfc-editor.org/info/rfc4122>.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 51]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
[RFC4880] Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R.
|
||||
Thayer, "OpenPGP Message Format", RFC 4880,
|
||||
DOI 10.17487/RFC4880, November 2007,
|
||||
|
@ -2888,6 +2900,20 @@ Internet-Draft MISP core format August 2018
|
|||
|
||||
Authors' Addresses
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 52]
|
||||
|
||||
Internet-Draft MISP core format August 2018
|
||||
|
||||
|
||||
Alexandre Dulaunoy
|
||||
Computer Incident Response Center Luxembourg
|
||||
16, bd d'Avranches
|
||||
|
@ -2909,4 +2935,34 @@ Authors' Addresses
|
|||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 52]
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Dulaunoy & Iklody Expires February 9, 2019 [Page 53]
|
||||
|
|
Loading…
Reference in New Issue