Trees | Indices | Help |
|
---|
|
object --+ | GeneratedsSuper --+ | malwareMetaData
This is the top level element for the xml document. Required attribute is version. Open issues: 2. Right way to express commonality in field data so that it can be combined properly 3. How to handle unicode in urls Change list 11/12/2009 1. adding documentation across the schema 2. added partner to OriginTypeEnum 3. made sha1 in fileObject optional 4. added isDamaged as a propertyType 5. changed property name isNon- replicating to isNonReplicating 6/11/2009 1. incremented version 2.Rename parents/children in relationship to source/target 3. Add generic relationship, ‘relatedTo’ 4. Make commonality element in fieldDataEntry optional 5. Add unknown element to origintypeenum 6. Remove ipv4 and ipv6 from locationenum 7. Make id on ip object startaddress-endaddress even if startaddress == endaddress. Added IPRange type 8. Add optional firstSeenDate to fieldDataEntry, for first time entity providing data saw the object 6/4/2009 1. File - id should be a xs:hexBinary 2. File - extraHash should be a xs:string 3. Uri – add optional ipProtocol field, with enumeration of values tcp/udp/icmp etc. 4. Uri – add documentation that protocol in uri needs to be either from well known list (from iana.org) or ‘unknown’ 5. Domain - need to fix documentation for domain – example is wrong 6. registry – remove valuedata – it is in a property 7. ip object – rename to ip, and give it a start address and end address. Share a single address by making start and end the same. Id will be address or startaddress-endaddress 8. service – delete – subsumed by uri with extra data elements in it 9. classification – remove modifiers (attributes) on category and put in properties 10. classification – add documentation that category is companyname:category 11. objectProperty – move timestamp to be top level instead of on each property and make it required 12. relationship – make timestamp required 13. relationship – add doc on runs. removed 'exploits' - it refers to environment object that no longer exists 14. added comment field to propertyenum 15. made timeStamp -> timestamp for consistency 16.incremented version 5/31/2009 1. incremented version 2. changed url to uri 3. removed environment object and related enumerations 4. added restriction on uri to not allow a question mark (?) 5/15/2009 1. incremented version 2. Added neutral classification type 3. Added numberOfWebsitesHosting and numberOfWebsitesRedirecting to volume units enumeration 4. added referrer, operatingSystem, userAgent and browser to properties 5. made classification type attribute required 5/8/2009 1. added new object type for asn 2. moved domain information to properties, so that domains info can be timestamped 3. added properties for geolocation of an ip address 4. added property for location url for a file 5. added VolumeUnitsEnum and volume tag in fieldData. This is to allow sharing of actual prevalence numbers, with various units. 6. Added ipProtocol (tcp/udp) to service object. Also changed names of expectedProtocol and actualProtocol to be expectedApplicationProtocol and actualApplicationProtocol 7. added 'references' surrounding tag to ref tag in fieldDataEntry and objectProperty, so that can assign multiple references if required 8. made id on file back to hexBinary. Use length to figure out what hash it is. 9. incremented version 10. added properties for httpMethod and postData 11. added relationship types 'contactedBy' and 'downloadedFrom' 4/17/2009 1. Incremented version 2. Added unwanted to ClassificationTypeEnum 3. Added text about ids for files to documentation 4. Removed filename from file object definition 5. Relaxed requirement on id of file to be an xs:hexString to be an xs:string to allow e.g. md5:aaaaabbbbccc as an id. Not enormously happy about that… 6. Made sha256 optional and sha1 required in files 7. Added “open issues” section in documentation for top level element 8. Category is now an xs:string; deleted CategoryTypeEnum 9. Added comment to doc on fieldDataEntry about using standard time periods, but kept start date and end date 10. Added objectProperties element, and example illustratingProperties.xml. Currently allowed properties are filename, filepath, registryValueData and urlParameterString. There is an optional timestamp on each property. I allowed objectProperty to have an id, so that it can be referenced elsewhere, although we might want to re-think that. 11. Added some better documentation to relationships 12. Added more documentation throughout The version of the schema. This is currently fixed to be 1.1. A required identifier for the document.
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
Inherited from Inherited from |
|
|||
|
|
|||
subclass = None hash(x) |
|||
superclass = None hash(x) |
|||
Inherited from |
|
|||
Inherited from |
|
x.__init__(...) initializes x; see help(type(x)) for signature
|
Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Mon Apr 7 13:27:49 2014 | http://epydoc.sourceforge.net |