mirror of https://github.com/MISP/misp-website
chg: [objects] updated to the latest version
parent
1d45fec5ad
commit
da92005b30
134
objects.html
134
objects.html
|
|
@ -454,6 +454,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
|
|||
<li><a href="#_ais_info">ais-info</a></li>
|
||||
<li><a href="#_android_permission">android-permission</a></li>
|
||||
<li><a href="#_annotation">annotation</a></li>
|
||||
<li><a href="#_anonymisation">anonymisation</a></li>
|
||||
<li><a href="#_asn">asn</a></li>
|
||||
<li><a href="#_av_signature">av-signature</a></li>
|
||||
<li><a href="#_bank_account">bank-account</a></li>
|
||||
|
|
@ -1885,6 +1886,137 @@ annotation is a MISP object available in JSON format at <a href="https://github.
|
|||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_anonymisation"><a class="anchor" href="#_anonymisation"></a><a class="link" href="#_anonymisation">anonymisation</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
<p>Anonymisation object describing an anonymisation technique used to encode MISP attribute values. Reference: <a href="https://www.caida.org/tools/taxonomy/anonymization.xml" class="bare">https://www.caida.org/tools/taxonomy/anonymization.xml</a>.</p>
|
||||
</div>
|
||||
<div class="admonitionblock note">
|
||||
<table>
|
||||
<tr>
|
||||
<td class="icon">
|
||||
<i class="fa icon-note" title="Note"></i>
|
||||
</td>
|
||||
<td class="content">
|
||||
anonymisation is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/master/objects/anonymisation/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<table class="tableblock frame-all grid-all stretch">
|
||||
<colgroup>
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
</colgroup>
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="tableblock halign-left valign-top">Object attribute</th>
|
||||
<th class="tableblock halign-left valign-top">MISP attribute type</th>
|
||||
<th class="tableblock halign-left valign-top">Description</th>
|
||||
<th class="tableblock halign-left valign-top">Disable correlation</th>
|
||||
<th class="tableblock halign-left valign-top">Multiple</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">method</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Anonymisation (or pseudo-anonymisation) method(s) used ["hiding - Attribute is replaced with a constant value (typically 0) of the same size. Sometimes called 'black marker'.", 'hash - A hash function maps each attribute to a new (not necessarily unique) attribute.', 'permutation - Maps each original value to a unique new value.', "prefix-preserving - Any two values that had the same n-bit prefix before anonymisation will still have the same n-bit prefix as each other after anonymization. (Would be more accurately called 'prefix-relationship-preserving', because the actual prefix values are not preserved.) ", 'shift - Adds a fixed offset to each value/attribute.', 'enumeration - Map each original value to a new value such that their ordering is preserved.', 'partitioning - Possible values are partitioned into meaningful sets; actual values are replaced with a fixed value from the same set. E.g., TCP port numbers 0 to 1023 are replaced with 0, and 1024 to 65535 replaced with 65535.', 'updated - Checksums are recalculated to reflect changes made to other fields.', 'truncation - Field is shortened, losing data at the end.', 'encryption - Attribute is encrypted.']</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">key</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Key (such as a PSK in a keyed-hash-function) used to anonymise the attribute</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">iv</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Initialisation vector for the encryption function used to anonymise the attribute</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">keyed-hash-function</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Keyed-hash function used to anonymise the attribute ['hmac-sha1', 'hmac-md5', 'hmac-sha256', 'hmac-sha384', 'hmac-sha512']</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">encryption-function</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Encryption function or algorithm used to anonymise the attribute ['aes128', 'aes-128-cbc', 'aes-128-cfb', 'aes-128-cfb1', 'aes-128-cfb8', 'aes-128-ctr', 'aes-128-ecb', 'aes-128-ofb', 'aes192', 'aes-192-cbc', 'aes-192-cfb', 'aes-192-cfb1', 'aes-192-cfb8', 'aes-192-ctr', 'aes-192-ecb', 'aes-192-ofb', 'aes-256-cfb', 'aes-256-cfb1', 'aes-256-cfb8', 'aes-256-ctr', 'aes-256-ecb', 'aes-256-ofb', 'bf', 'bf-cbc', 'bf-cfb', 'bf-ecb', 'bf-ofb', 'blowfish', 'camellia128', 'camellia-128-cbc', 'camellia-128-cfb', 'camellia-128-cfb1', 'camellia-128-cfb8', 'camellia-128-ctr', 'camellia-128-ecb', 'camellia-128-ofb', 'camellia192', 'camellia-192-cbc', 'camellia-192-cfb', 'camellia-192-cfb1', 'camellia-192-cfb8', 'camellia-192-ctr', 'camellia-192-ecb', 'camellia-192-ofb', 'camellia256', 'camellia-256-cbc', 'camellia-256-cfb', 'camellia-256-cfb1', 'camellia-256-cfb8', 'camellia-256-ctr', 'camellia-256-ecb', 'camellia-256-ofb', 'cast', 'cast5-cbc', 'cast5-cfb', 'cast5-ecb', 'cast5-ofb', 'cast-cbc', 'des', 'des3', 'des-cbc', 'des-cfb', 'des-ecb', 'des-ede', 'des-ede3', 'des-ede3-cbc', 'des-ede3-cfb', 'des-ede3-ofb', 'des-ede-cbc', 'des-ede-cfb', 'des-ede-ofb', 'des-ofb', 'desx', 'gost89', 'gost89-cnt', 'idea', 'idea-cbc', 'idea-cfb', 'idea-ecb', 'idea-ofb', 'rc2', 'rc2-40-cbc', 'rc2-64-cbc', 'rc2-cbc', 'rc2-cfb', 'rc2-ecb', 'rc2-ofb', 'rc4', 'rc4-40', 'rc4-64', 'rc5', 'rc5-cbc', 'rc5-cfb', 'rc5-ecb', 'rc5-ofb', 'seed', 'seed-cbc', 'seed-cfb', 'seed-ecb', 'seed-ofb', 'sm4', 'sm4-cbc', 'sm4-cfb', 'sm4-ctr', 'sm4-ecb', 'sm4-ofb']</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">regexp</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Regular expression to perfom the anonymisation (reversible or not)</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">description</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Description of the anonymisation technique or tool used</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_asn"><a class="anchor" href="#_asn"></a><a class="link" href="#_asn">asn</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
|
|
@ -19864,7 +19996,7 @@ yara is a MISP object available in JSON format at <a href="https://github.com/MI
|
|||
</div>
|
||||
<div id="footer">
|
||||
<div id="footer-text">
|
||||
Last updated 2019-01-28 16:06:19 CET
|
||||
Last updated 2019-01-31 23:04:56 CET
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
|
|
|||
25799
objects.pdf
25799
objects.pdf
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue