Heuristic¶
Model of Service Heuristics
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| attack_id | List [Keyword] | List of all associated ATT&CK IDs | Yes |
[] |
| classification | Classification | Classification of the heuristic | Yes |
TLP:C |
| description | Text | Description of the heuristic | Yes |
None |
| filetype | Keyword | What type of files does this heuristic target? | Yes |
None |
| heur_id | Keyword | ID of the Heuristic | Yes |
None |
| name | Keyword | Name of the heuristic | Yes |
None |
| score | Integer | Default score of the heuristic | Yes |
None |
| signature_score_map | Mapping [String, Integer] | Score of signatures for this heuristic | Yes |
{} |
| stats | Statistics | Statistics related to the Heuristic | Yes |
See Statistics for more details. |
| max_score | Integer | Maximum score for heuristic | Optional |
None |