MAEC Schemas and Schema Development
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
examples Minor fixes Oct 11, 2017
.gitignore update to schemas; not stable yet Jul 25, 2017
README.md Update README.md Oct 11, 2017
analysis-metadata.json analysis-environment modification' Oct 10, 2017
api-call.json update to spec for schemas and examples Aug 25, 2017
behavior.json updates to spec and examples Aug 25, 2017
binary-obfuscation.json updates to spec and examples Aug 25, 2017
capability.json update to spec for schemas and examples Aug 25, 2017
collection.json updates to spec and examples Aug 25, 2017
dynamic-features.json updates to spec and examples Aug 25, 2017
external-reference.json update to spec for schemas and examples Aug 25, 2017
field-data.json updates to spec and examples Aug 25, 2017
malware-action.json updates to spec and examples Aug 25, 2017
malware-development-environment.json updates to spec and examples Aug 25, 2017
malware-family.json updates to spec and examples Aug 25, 2017
malware-instance.json syntax error Aug 7, 2018
name.json updates to spec and examples Aug 25, 2017
package.json updates to spec and examples Aug 25, 2017
process-tree-node.json update to spec for schemas and examples Aug 25, 2017
relationship-distance.json updates to spec and examples Aug 25, 2017
relationship.json updates to spec and examples Aug 25, 2017
signature-metadata.json update to spec for schemas and examples Aug 25, 2017
static-features.json updates to spec and examples Aug 25, 2017
vocabs.json analysis-environment modification' Oct 10, 2017
x-maec-avclass.json update to spec for schemas and examples Aug 25, 2017

README.md

MAEC Schemas

This repository is intended for storing the MAEC schemas, including those we're presently working on.

The current version stored is MAEC 5.0, with the previous MAEC 4.1 (XML) release available via the 'v4.1-release' tag.

About MAEC

Malware Attribute Enumeration and Characterization (MAEC™) is a standardized language for sharing structured information about malware based upon attributes such as behaviors, artifacts, and attack patterns.

The goal of the MAEC (pronounced "mike") effort is to provide a basis for transforming malware research and response. MAEC aims to eliminate the ambiguity and inaccuracy that currently exists in malware descriptions and to reduce reliance on signatures. In this way, MAEC seeks to improve human-to-human, human-to-tool, tool-to-tool, and tool-to-human communication about malware; reduce potential duplication of malware analysis efforts by researchers; and allow for the faster development of countermeasures by enabling the ability to leverage responses to previously observed malware instances. The MAEC Language enables correlation, integration, and automation.

Please visit the MAEC website for more information about the MAEC Language.

Getting Help

Join the public MAEC Community Email Discussion List.

Email the MAEC Developers at maec@mitre.org.