MISP
/
misp-taxonomies
mirror of https://github.com/MISP/misp-taxonomies
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [social-engineering-attack-vectors] new taxonomy describing 

technical and non-technical social engineering techniques

Ref: A Taxonomy of Social Engineering Defense Mechanisms
     February 2020
     DOI:10.1007/978-3-030-39442-4_3
     In book: Advances in Information and Communication (pp.27-41)
pull/227/head
Alexandre Dulaunoy 2022-02-10 11:41:47 +01:00
parent 19a73ef99b
commit 6da2a75fc4
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
3 changed files with 121 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
MANIFEST.json
View File

@ -573,6 +573,11 @@
"name": "smart-airports-threats", "name": "smart-airports-threats",
"version": 1 "version": 1
}, },
{
"description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.",
"name": "social-engineering-attack-vectors",
"version": 1
},
{ {
"description": "A spectrum of state responsibility to more directly tie the goals of attribution to the needs of policymakers.", "description": "A spectrum of state responsibility to more directly tie the goals of attribution to the needs of policymakers.",
"name": "state-responsibility", "name": "state-responsibility",
@ -660,5 +665,5 @@
} }
], ],
"url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/", "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/",
"version": "20220129" "version": "20220210"
} }

12
README.md
View File

@ -560,7 +560,7 @@ Status of events used in Request Tracker. [Overview](https://www.misp-project.or
### runtime-packer ### runtime-packer
[runtime-packer](https://github.com/MISP/misp-taxonomies/tree/main/runtime-packer) : [runtime-packer](https://github.com/MISP/misp-taxonomies/tree/main/runtime-packer) :
Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer) Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer)
### scrippsco2-fgc ### scrippsco2-fgc
@ -582,6 +582,11 @@ Sampling stations of the Scripps CO2 Program [Overview](https://www.misp-project
[smart-airports-threats](https://github.com/MISP/misp-taxonomies/tree/main/smart-airports-threats) : [smart-airports-threats](https://github.com/MISP/misp-taxonomies/tree/main/smart-airports-threats) :
Threat taxonomy in the scope of securing smart airports by ENISA. https://www.enisa.europa.eu/publications/securing-smart-airports [Overview](https://www.misp-project.org/taxonomies.html#_smart_airports_threats) Threat taxonomy in the scope of securing smart airports by ENISA. https://www.enisa.europa.eu/publications/securing-smart-airports [Overview](https://www.misp-project.org/taxonomies.html#_smart_airports_threats)
### social-engineering-attack-vectors
[social-engineering-attack-vectors](https://github.com/MISP/misp-taxonomies/tree/main/social-engineering-attack-vectors) :
Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others. [Overview](https://www.misp-project.org/taxonomies.html#_social_engineering_attack_vectors)
### state-responsibility ### state-responsibility
[state-responsibility](https://github.com/MISP/misp-taxonomies/tree/main/state-responsibility) : [state-responsibility](https://github.com/MISP/misp-taxonomies/tree/main/state-responsibility) :
@ -667,6 +672,11 @@ Ce vocabulaire attribue des valeurs en pourcentage à certains énoncés de prob
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) : [workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow) Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
### workflow
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
# Reserved Taxonomy # Reserved Taxonomy
The following taxonomy namespaces are reserved and used internally to MISP. The following taxonomy namespaces are reserved and used internally to MISP.

104
social-engineering-attack-vectors/machinetag.json Normal file
View File

@ -0,0 +1,104 @@
{
"version": 1,
"description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.",
"expanded": "Social Engineering Attack Vectors",
"namespace": "social-engineering-attack-vectors",
"exclusive": false,
"predicates": [
{
"value": "technical",
"expanded": "Technical"
},
{
"value": "non-technical",
"expanded": "Non-technical"
}
],
"values": [
{
"predicate": "technical",
"entry": [
{
"value": "vishing",
"expanded": "Vishing"
},
{
"value": "spear-phishing",
"expanded": "Spear phishing"
},
{
"value": "interesting-software",
"expanded": "Interesting software"
},
{
"value": "baiting",
"expanded": "Baiting"
},
{
"value": "waterholing",
"expanded": "Waterholing"
},
{
"value": "phishing-and-trojan-email",
"expanded": "Phishing and Trojan email"
},
{
"value": "spam-email",
"expanded": "Spam Email"
},
{
"value": "popup-window",
"expanded": "Popup Window"
},
{
"value": "tailgating",
"expanded": "Tailgating"
}
]
},
{
"predicate": "non-technical",
"entry": [
{
"value": "pretexting-impersonation",
"expanded": "Pretexting/Impersonation"
},
{
"value": "hoaxing",
"expanded": "Hoaxing"
},
{
"value": "authoritative-voice",
"expanded": "Authoritative voice"
},
{
"value": "technical-expert",
"expanded": "Technical expert"
},
{
"value": "smudge-attack",
"expanded": "Smudge Attack"
},
{
"value": "dumpser-diving",
"expanded": "Dumpster Diving"
},
{
"value": "shoulder-surfing",
"expanded": "Shoulder surfing"
},
{
"value": "spying",
"expanded": "Spying"
},
{
"value": "support-staff",
"expanded": "Support staff"
}
]
}
],
"refs": [
"https://www.researchgate.net/publication/339224082_A_Taxonomy_of_Social_Engineering_Defense_Mechanisms"
]
}