Merge pull request #61 from FloatingGhost/master

Basic binary taxonomy

README.md

@@ -41,6 +41,7 @@ The following taxonomies are described:
 - [TLP - Traffic Light Protocol](./tlp)
 - [Vocabulaire des probabilités estimatives](./vocabulaire-des-probabilites-estimatives)
 - Vocabulary for Event Recording and Incident Sharing [VERIS](./veris)
+- [Binary Classification](./binary-class) safe/malicious binary tagging
 
 ### [Admiralty Scale](./admiralty-scale)
 

binary-class/README.md

@@ -0,0 +1,25 @@
+# Binary Classification
+
+Custom taxonomy for tagging of known binary files
+
+## type
+
+<dl>
+<dt>good</dt>
+<dd>Known good/safe</dd>
+<dt>bad</dt>
+<dd>Known bad/malicious<dd>
+<dt>unknown</dt>
+<dd>Not yet known</dd>
+</dl>
+
+# Machine-parsable Binary Taxonomy
+
+The repository contains a [JSON file including the machine-parsable tags](machinetag.json)
+along with their human-readable description. The software can use both
+representation on the user-interface and store the tag as machine-parsable.
+
+~~~~
+binary-class:type="good"
+~~~~
+

binary-class/machinetag.json

@@ -0,0 +1,30 @@
+{
+  "namespace": "binary-class",
+  "description": "Custom taxonomy for types of binary file.",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "type",
+      "expanded": "Binary Type"
+    }
+  ],
+  "values": [
+    {
+      "predicate": "type",
+      "entry": [
+        {
+          "value": "good",
+          "expanded": "Known Good/Safe"
+        },
+        {
+          "value": "malicious",
+          "expanded": "Known Bad/Malicious"
+        },
+        {
+          "value": "unknown",
+          "expanded": "Not yet known"
+        }
+      ]
+    }
+  ]
+}