MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [taxonomies] updated to the latest version

pull/6/head
Alexandre Dulaunoy 2018-11-06 11:30:18 +01:00
parent db2f86d30f
commit b25032e453
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 103483 additions and 99490 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

555
taxonomies.html
View File

@ -479,11 +479,15 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_europol_event">europol-event</a></li>
<li><a href="#_europol_incident">europol-incident</a></li>
<li><a href="#_event_assessment">event-assessment</a></li>
<li><a href="#_event_classification">event-classification</a></li>
<li><a href="#_false_positive">false-positive</a></li>
<li><a href="#_file_type">file-type</a></li>
<li><a href="#_fpf">fpf</a></li>
<li><a href="#_fr_classif">fr-classif</a></li>
<li><a href="#_gdpr">gdpr</a></li>
<li><a href="#_gsma_attack_category">gsma-attack-category</a></li>
<li><a href="#_gsma_fraud">gsma-fraud</a></li>
<li><a href="#_gsma_network_technology">gsma-network-technology</a></li>
<li><a href="#_honeypot_basic">honeypot-basic</a></li>
<li><a href="#_iep">iep</a></li>
<li><a href="#_ifx_vetting">ifx-vetting</a></li>
@ -9260,6 +9264,65 @@ event-assessment namespace available in JSON format at <a href="https://github.c
</div>
</div>
<div class="sect1">
<h2 id="_event_classification">event-classification</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
event-classification namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/event-classification/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Classification of events as seen in tools such as RT/IR, MISP and other</p>
</div>
<div class="sect2">
<h3 id="_event_class">event-class</h3>
<div class="sect3">
<h4 id="_event_classificationevent_classincident_report">event-classification:event-class="incident_report"</h4>
<div class="paragraph">
<p>Incident Report</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_classificationevent_classincident">event-classification:event-class="incident"</h4>
<div class="paragraph">
<p>Incident</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_classificationevent_classinvestigation">event-classification:event-class="investigation"</h4>
<div class="paragraph">
<p>Investigation</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_classificationevent_classcountermeasure">event-classification:event-class="countermeasure"</h4>
<div class="paragraph">
<p>Countermeasure</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_classificationevent_classgeneral">event-classification:event-class="general"</h4>
<div class="paragraph">
<p>General</p>
</div>
</div>
<div class="sect3">
<h4 id="_event_classificationevent_classexercise">event-classification:event-class="exercise"</h4>
<div class="paragraph">
<p>Exercise</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_false_positive">false-positive</h2>
<div class="sectionbody">
<div class="admonitionblock note">
@ -10454,6 +10517,494 @@ gdpr namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Data concerning a natural person&#8217;s sex life or sexual orientation</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_gsma_attack_category">gsma-attack-category</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
gsma-attack-category namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/gsma-attack-category/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Taxonomy used by GSMA for their information sharing program with telco describing the attack categories</p>
</div>
<div class="sect2">
<h3 id="_denial_of_service">denial-of-service</h3>
<div class="sect3">
<h4 id="_gsma_attack_categorydenial_of_service">gsma-attack-category:denial-of-service</h4>
<div class="paragraph">
<p>(Distributed) Denial of Service</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_exploit_attack">exploit-attack</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryexploit_attack">gsma-attack-category:exploit-attack</h4>
<div class="paragraph">
<p>Exploit attack</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_information_gathering_4">information-gathering</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryinformation_gathering">gsma-attack-category:information-gathering</h4>
<div class="paragraph">
<p>Information gathering</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_insider_attack">insider-attack</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryinsider_attack">gsma-attack-category:insider-attack</h4>
<div class="paragraph">
<p>Insider attack</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_interception_attack">interception-attack</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryinterception_attack">gsma-attack-category:interception-attack</h4>
<div class="paragraph">
<p>Interception attack</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_manipulation_attack">manipulation-attack</h3>
<div class="sect3">
<h4 id="_gsma_attack_categorymanipulation_attack">gsma-attack-category:manipulation-attack</h4>
<div class="paragraph">
<p>Manipulation attack</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_physical_attack_2">physical-attack</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryphysical_attack">gsma-attack-category:physical-attack</h4>
<div class="paragraph">
<p>Physical attack</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_spoofing">spoofing</h3>
<div class="sect3">
<h4 id="_gsma_attack_categoryspoofing">gsma-attack-category:spoofing</h4>
<div class="paragraph">
<p>Spoofing</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_gsma_fraud">gsma-fraud</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
gsma-fraud namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/gsma-fraud/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Taxonomy used by GSMA for their information sharing program with telco describing the various aspects of fraud</p>
</div>
<div class="sect2">
<h3 id="_technical">technical</h3>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalmailbox_hacking">gsma-fraud:technical="mailbox-hacking"</h4>
<div class="paragraph">
<p>Mailbox Hacking (CLI Spoofing)</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalimei_reprogramming">gsma-fraud:technical="imei-reprogramming"</h4>
<div class="paragraph">
<p>IMEI Reprogramming</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalcall_forwarding_fraud">gsma-fraud:technical="call-forwarding-fraud"</h4>
<div class="paragraph">
<p>Call Forwarding Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalcall_conference">gsma-fraud:technical="call-conference"</h4>
<div class="paragraph">
<p>Call Conference / Multi-Party Calls</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalhlr_tampering">gsma-fraud:technical="hlr-tampering"</h4>
<div class="paragraph">
<p>HLR Tampering / Switch Manipulation</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalsim_card_cloning">gsma-fraud:technical="sim-card-cloning"</h4>
<div class="paragraph">
<p>SIM Card Cloning</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalfalse_base_station_attack">gsma-fraud:technical="false-base-station-attack"</h4>
<div class="paragraph">
<p>False Base Station Attack</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalspamming">gsma-fraud:technical="spamming"</h4>
<div class="paragraph">
<p>Spamming (SMS &amp; IP services)</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalphishing_pharming">gsma-fraud:technical="phishing-pharming"</h4>
<div class="paragraph">
<p>Phishing and Pharming</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalmobile_malware">gsma-fraud:technical="mobile-malware"</h4>
<div class="paragraph">
<p>Mobile Malware</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalfraud_risks_associated_with_voice_over_ip_services">gsma-fraud:technical="fraud-risks-associated-with-voice-over-ip-services"</h4>
<div class="paragraph">
<p>Fraud Risks associated with Voice over IP Services</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalpbx_hacking">gsma-fraud:technical="pbx-hacking"</h4>
<div class="paragraph">
<p>PBX Hacking</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicalfraud_risks_associated_with_m2m_services">gsma-fraud:technical="fraud-risks-associated-with-m2m-services"</h4>
<div class="paragraph">
<p>Fraud Risks Associated with M2M Services</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudtechnicaldata_charing_bypass">gsma-fraud:technical="data-charing-bypass"</h4>
<div class="paragraph">
<p>Data Charing Bypass</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_subscription">subscription</h3>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptionsubscription_fraud">gsma-fraud:subscription="subscription-fraud"</h4>
<div class="paragraph">
<p>Subscription Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptionproxy_fraud">gsma-fraud:subscription="proxy-fraud"</h4>
<div class="paragraph">
<p>Proxy Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptionaccount_takeover">gsma-fraud:subscription="account-takeover"</h4>
<div class="paragraph">
<p>Account Takeover</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptioncall_selling">gsma-fraud:subscription="call-selling"</h4>
<div class="paragraph">
<p>Call Selling</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptiondirect_debit_fraud">gsma-fraud:subscription="direct-debit-fraud"</h4>
<div class="paragraph">
<p>Direct Debug Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptioncredit_card_fraud">gsma-fraud:subscription="credit-card-fraud"</h4>
<div class="paragraph">
<p>Credit Card Fraud (Card Present)</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptioncredit_card_not_present_transactions">gsma-fraud:subscription="credit-card-not-present-transactions"</h4>
<div class="paragraph">
<p>Credit Card Not Present Transactions</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudsubscriptioncheque_fraud">gsma-fraud:subscription="cheque-fraud"</h4>
<div class="paragraph">
<p>Cheque Fraud</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_distribution">distribution</h3>
<div class="sect3">
<h4 id="_gsma_frauddistributiondealer_fraud">gsma-fraud:distribution="dealer-fraud"</h4>
<div class="paragraph">
<p>Dealer Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_frauddistributionfalse_agent">gsma-fraud:distribution="false-agent"</h4>
<div class="paragraph">
<p>False Agent / Remote Activation Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_frauddistributiontheft_and_handling_stolen_goods">gsma-fraud:distribution="theft-and-handling-stolen-goods"</h4>
<div class="paragraph">
<p>Theft and Handling Stolen Goods</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_frauddistributionhandset_subsidy_loss">gsma-fraud:distribution="handset-subsidy-loss"</h4>
<div class="paragraph">
<p>Handset Subsidy Loss</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_frauddistributionremote_order_fraud">gsma-fraud:distribution="remote-order-fraud"</h4>
<div class="paragraph">
<p>Remote Order Fraud</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_business">business</h3>
<div class="sect3">
<h4 id="_gsma_fraudbusinesspremium_rate">gsma-fraud:business="premium-rate"</h4>
<div class="paragraph">
<p>Premium Rate / Audiotext Services Fraud (PRS)</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessroaming_fraud">gsma-fraud:business="roaming-fraud"</h4>
<div class="paragraph">
<p>Roaming Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessinternational_revenue_share_fraud">gsma-fraud:business="international-revenue-share-fraud"</h4>
<div class="paragraph">
<p>International Revenue Share Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessinbound_roaming_fraud_risk_to_vpmn">gsma-fraud:business="inbound-roaming-fraud-risk-to-vpmn"</h4>
<div class="paragraph">
<p>Inbound Roaming Fraud Risk to VPMN</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessinterconnect_abuse">gsma-fraud:business="interconnect-abuse"</h4>
<div class="paragraph">
<p>Interconnect Abuse (GSM Gateways)</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessrefiling">gsma-fraud:business="refiling"</h4>
<div class="paragraph">
<p>Refiling</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessmobile_to_fixed_network_gateway_abuse">gsma-fraud:business="mobile-to-fixed-network-gateway-abuse"</h4>
<div class="paragraph">
<p>Mobile to Fixed Network Gateways Abuse</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessfalse_answer_false_ring">gsma-fraud:business="false-answer-false-ring"</h4>
<div class="paragraph">
<p>False Answer / False Ring</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinesssocial_engineering">gsma-fraud:business="social-engineering"</h4>
<div class="paragraph">
<p>Social Engineering</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessinternal_fraud">gsma-fraud:business="internal-fraud"</h4>
<div class="paragraph">
<p>Internal Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessnormal_business_fraud_crime">gsma-fraud:business="normal-business-fraud-crime"</h4>
<div class="paragraph">
<p>Normal Business Fraud and Crime</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessbrand_name_logo_abuse">gsma-fraud:business="brand-name-logo-abuse"</h4>
<div class="paragraph">
<p>Brand Name / Logo Abuse</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessm_commerce_provider_content_fraud">gsma-fraud:business="m-commerce-provider-content-fraud"</h4>
<div class="paragraph">
<p>M-Commerce Provider Content Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessm_commerce_provider_prs_fraud">gsma-fraud:business="m-commerce-provider-prs-fraud"</h4>
<div class="paragraph">
<p>M-Commerce Provider PRS Fraud</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinesscontent_theft">gsma-fraud:business="content-theft"</h4>
<div class="paragraph">
<p>Content Theft</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinesswangiri">gsma-fraud:business="wangiri"</h4>
<div class="paragraph">
<p>Wangiri</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudbusinessairtime_reseller_fraud">gsma-fraud:business="airtime-reseller-fraud"</h4>
<div class="paragraph">
<p>Airtime Reseller Fraud</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_prepaid">prepaid</h3>
<div class="sect3">
<h4 id="_gsma_fraudprepaidservices_fraud">gsma-fraud:prepaid="services-fraud"</h4>
<div class="paragraph">
<p>Prepaid Services Fraud - General</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudprepaidhlr_profile_manipulation">gsma-fraud:prepaid="hlr-profile-manipulation"</h4>
<div class="paragraph">
<p>HLR Profile Manipulation</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudprepaidmanual_recharging">gsma-fraud:prepaid="manual-recharging"</h4>
<div class="paragraph">
<p>Manual Recharging</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudprepaidgeneration_of_abusive_credits">gsma-fraud:prepaid="generation-of-abusive-credits"</h4>
<div class="paragraph">
<p>Generation of Abusive Calls</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_fraudprepaidscartch_card_abuse">gsma-fraud:prepaid="scartch-card-abuse"</h4>
<div class="paragraph">
<p>Scratch Card Abuse</p>
</div>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_gsma_network_technology">gsma-network-technology</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
gsma-network-technology namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/gsma-network-technology/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
</div>
<div class="paragraph">
<p>Taxonomy used by GSMA for their information sharing program with telco describing the types of infrastructure. WiP</p>
</div>
<div class="sect2">
<h3 id="_user">user</h3>
</div>
<div class="sect2">
<h3 id="_applications">applications</h3>
</div>
<div class="sect2">
<h3 id="_end_devices_and_components">end-devices-and-components</h3>
<div class="sect3">
<h4 id="_gsma_network_technologyend_devices_and_componentsms">gsma-network-technology:end-devices-and-components="ms"</h4>
<div class="paragraph">
<p>Mobile Station</p>
</div>
</div>
<div class="sect3">
<h4 id="_gsma_network_technologyend_devices_and_componentsmobile_equipment_radio">gsma-network-technology:end-devices-and-components="mobile-equipment-radio"</h4>
<div class="paragraph">
<p>Mobile Equipment Radio</p>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_services">services</h3>
</div>
<div class="sect2">
<h3 id="_radio_access_network">radio-access-network</h3>
</div>
<div class="sect2">
<h3 id="_support_and_provisioning_systems">support-and-provisioning-systems</h3>
</div>
<div class="sect2">
<h3 id="_interconnects">interconnects</h3>
</div>
<div class="sect2">
<h3 id="_core">core</h3>
</div>
<div class="sect2">
<h3 id="_sim_secure_element_modules">sim-secure-element-modules</h3>
</div>
</div>
</div>
@ -21876,7 +22427,7 @@ rsit namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect2">
<h3 id="_information_gathering_4">information-gathering</h3>
<h3 id="_information_gathering_5">information-gathering</h3>
<div class="paragraph">
<p>Information Gathering.</p>
</div>
@ -36226,7 +36777,7 @@ workflow namespace available in JSON format at <a href="https://github.com/MISP/
</div>
<div id="footer">
<div id="footer-text">
Last updated 2018-10-25 07:00:00 CEST
Last updated 2018-11-06 11:26:00 CET
</div>
</div>
</body>

202418
taxonomies.pdf
View File

File diff suppressed because it is too large Load Diff