Merge branch 'master' of github.com:MISP/misp-taxonomies
commit
5bcaa781b0
|
@ -256,7 +256,7 @@
|
|||
"description": "Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries."
|
||||
},
|
||||
{
|
||||
"version": 2,
|
||||
"version": 4,
|
||||
"name": "honeypot-basic",
|
||||
"description": "Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf"
|
||||
},
|
||||
|
@ -360,5 +360,5 @@
|
|||
"url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/",
|
||||
"description": "Manifest file of MISP taxonomies available.",
|
||||
"license": "CC-0",
|
||||
"version": "20180912"
|
||||
"version": "20180924"
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"namespace": "honeypot-basic",
|
||||
"description": "Updated from Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf",
|
||||
"version": 2,
|
||||
"description": "Updated (CIRCL, Seamus Dowling and EURECOM) from Christian Seifert, Ian Welch, Peter Komisarczuk, ‘Taxonomy of Honeypots’, Technical Report CS-TR-06/12, VICTORIA UNIVERSITY OF WELLINGTON, School of Mathematical and Computing Sciences, June 2006, http://www.mcs.vuw.ac.nz/comp/Publications/archive/CS-TR-06/CS-TR-06-12.pdf",
|
||||
"version": 4,
|
||||
"predicates": [
|
||||
{
|
||||
"value": "interaction-level",
|
||||
|
@ -43,15 +43,25 @@
|
|||
"expanded": "High Interaction Level",
|
||||
"description": "Exposed functionality of the honeypot is not limited."
|
||||
},
|
||||
{
|
||||
"value": "medium",
|
||||
"expanded": "Medium Interaction Level",
|
||||
"description": "Exposed functionality of the honeypot is limited to the service without exposing the full operating system."
|
||||
},
|
||||
{
|
||||
"value": "low",
|
||||
"expanded": "low Interaction Level",
|
||||
"description": "Exposed functionality being limited. For example, a simulated SSH server of a honeypot is not able to authenticate against a valid login/password combination"
|
||||
"description": "Exposed functionality being limited. For example, a simulated SSH server of a honeypot is not able to authenticate against a valid login/password combination."
|
||||
},
|
||||
{
|
||||
"value": "none",
|
||||
"expanded": "No interaction capabilities",
|
||||
"description": "No exposed functionality in the honeypot."
|
||||
},
|
||||
{
|
||||
"value": "adaptive",
|
||||
"expanded": "Learns from attack interaction",
|
||||
"description": "Learns from attack interaction"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"namespace": "workflow",
|
||||
"expanded": "workflow to support analysis",
|
||||
"description": "Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. ",
|
||||
"version": 4,
|
||||
"version": 5,
|
||||
"predicates": [
|
||||
{
|
||||
"value": "todo",
|
||||
|
@ -25,7 +25,7 @@
|
|||
},
|
||||
{
|
||||
"value": "review",
|
||||
"expanded": "Additional review is required to reach a certain level of validation of the information tagged"
|
||||
"expanded": "Additional review is required to reach a cert ain level of validation of the information tagged"
|
||||
},
|
||||
{
|
||||
"value": "review-before-publication",
|
||||
|
@ -69,7 +69,15 @@
|
|||
},
|
||||
{
|
||||
"value": "review-the-grammar",
|
||||
"expanded": "Review the grammar of the information tagged to improve the overall quality "
|
||||
"expanded": "Review the grammar of the information tagged to improve the overall quality"
|
||||
},
|
||||
{
|
||||
"value": "do-not-delete",
|
||||
"expanded": "Element that should not be deleted (without asking)"
|
||||
},
|
||||
{
|
||||
"value": "add-mitre-attack-cluster",
|
||||
"expanded": "Describe cyber adversary behavior using MITRE ATT&CK"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue