• Home
• com.daedafusion.mitre
• cybox-jaxb
• 2.1
• source code
• Memory_Object.xsd

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

objects.Memory_Object.xsd Maven / Gradle / Ivy

	
		This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
		
			Memory_Object
			2.1
			01/22/2014			
			The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. 
			Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
		
	
	
	
		
			The Memory_Region object is intended to characterize generic memory objects.
		
	
	
		
			The MemoryObjectType type is intended to characterize generic memory objects.
		
		
			
				
					
						
							The Hashes field specifies any hashes of the particular memory object.
						
					
					
						
							The Name field specifies the name of the particular memory object, if applicable.
						
					
					
						
							The name of the source file or segment that produced the bytes that make the particular memory object.
						
					
					
						
							The Region_Size field specifies the size of the particular memory region, in bytes.
						
					
					
						
							The Block_Type field specifies the block type of a particular memory object.
						
					
					
						
							The Region_Start_Address field specifies the starting address of the particular memory region.
						
					
					
						
							The Region_End_Address field specifies the ending address of the particular memory region.
						
					
					
						
							A description of features extracted from this memory region.
						
					
				
				
					
						The is_injected field specifies whether or not the particular memory object has had data/code injected into it by another process.
					
				
				
					
						The is_mapped field specifies whether or not the particular memory object has been assigned a byte-for-byte correlation with some portion of a file or file-like resource.
					
				
				
					
						The is_protected field specifies whether or not the particular memory object is protected (read/write only from the process that allocated it).
					
				
				
					
						The is_volatile field specifies whether or not the particular memory object is volatile.
					
				
			
		
	
	
	
		
			BlockType specifies memory block types, via a union of the BlockTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.
		
		
			
				
					
				
				
					
						This attribute is optional and specifies the expected type for the value of the specified property.
					
				
			
		
	
	
	
		
			The BlockTypeEnum is a non-exhaustive enumeration of memory block types.
		
		
			
				
					Indicates that the memory block is initialized.
				
			
			
				
					Indicates that the memory block is uninitialized.
				
			
			
				
					Indicates that the memory block is an overlay.
				
			
			
				
					Indicates that the memory block is bit-mapped.
				
			
			
				
					Indicates that the memory block is byte-mapped.