Heads up! These docs are for STIX 1.1.1, which is not the latest version (1.2). View the latest!

AttackPatternTypeTTP Schema

Captures prose information about an individual attack pattern as well as a CAPEC reference.

In addition to capturing basic information, this type is intended to be extended to enable the structured description of an attack pattern instance using the XML Schema extension feature. The STIX default extension uses the Common Attack Pattern Enumeration and Classification (CAPEC) schema to do so. The extension that defines this is captured in the CAPEC2.7InstanceType in the http://stix.mitre.org/extensions/AP#CAPEC2.7-1 namespace. This type is defined in the extensions/attack_pattern/capec_2.7_attack_pattern.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/attack_pattern/capec_2.7/1.0.1/capec_2.7_attack_pattern.xsd.


Fields

Field Name Type Description
@idoptional QName

Specifies a unique ID for this Attack Pattern.

@idrefoptional QName

Specifies a reference to the ID for this Attack Pattern specified elsewhere.

@capec_idoptional @capec_idInlineType

This field specifies a reference to a particular entry within the Common Attack Pattern Enumeration and Classification (CAPEC)

Title0..1 string

The Title field provides a simple title for an individual Attack Pattern.

Description0..1 StructuredTextType

The Description field is optional and provides an unstructured, text description of an individual Attack Pattern.

Short_Description0..1 StructuredTextType

The Short_Description field is optional and provides a short, unstructured, text description of an individual Attack Pattern.