[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Adding TLSH fuzzy hash to supported Hashing Algorithm to STIX 2.1
Hi, In section 10.7 Hashing Algorithm we would like to propose to add TLSH which is a fuzzy hash like SSDeep. It is supported in MISP and in some Trend Micro products for example. Committee Specification Draft 01 / https://docs.oasis-open.org/cti/stix/v2.1/csprd01/stix-v2.1-csprd01.html#_Toc16070800 TLSH –specifies the TLSH fuzzy
hashing algorithm. The corresponding hash string for this value MUST be a valid 35 bytes long hash as defined in the [TLSH] specification. Reference / Specification [TLSH] Jonathan Oliver, Chun Cheng, and Yanggui Chen,
TLSH - A Locality Sensitive Hash. 4th Cybercrime and Trustworthy Computing Workshop, Sydney, November 2013. Available :
https://github.com/trendmicro/tlsh/blob/master/TLSH_CTC_final.pdf Source : https://github.com/trendmicro/tlsh TLSH is Open Source and got an Apache 2.0 license. If you need background on TLSH versus SSDEEP or versus Sdhash, here is a paper :
https://github.com/trendmicro/tlsh/blob/master/Attacking_LSH_and_Sim_Dig.pdf Regards David Girard Trend Micro
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]