Heads up! These docs are for STIX 1.1, which is not the latest version (1.2). View the latest!

AttackerInfrastructureTypeVocab-1.0STIX Vocabularies Schema

The AttackerInfrastructureTypeVocab is the default STIX vocabulary for expressing the type of infrastructure an attacker uses.


Vocabulary Items

Item Description
Anonymization
Anonymization - Proxy
Anonymization - TOR Network
Anonymization - VPN
Communications
Communications - Blogs
Communications - Forums
Communications - Internet Relay Chat
Communications - Micro-Blogs
Communications - Mobile Communications
Communications - Social Networks
Communications - User-Generated Content Websites
Domain Registration
Domain Registration - Dynamic DNS Services
Domain Registration - Legitimate Domain Registration Services
Domain Registration - Malicious Domain Registrars
Domain Registration - Top-Level Domain Registrars
Hosting
Hosting - Bulletproof / Rogue Hosting
Hosting - Cloud Hosting
Hosting - Compromised Server
Hosting - Fast Flux Botnet Hosting
Hosting - Legitimate Hosting
Electronic Payment Methods

Fields

Field Name Type Description
@vocab_nameoptional string

The vocab_name field specifies the name of the controlled vocabulary.

@vocab_referenceoptional anyURI

The vocab_reference field specifies the URI to the location of where the controlled vocabulary is defined, e.g., in an externally located XML schema file.