stix/
intrusion_set.rs

1use std::collections::BTreeSet;
2
3use chrono::{DateTime, Utc};
4use serde::Deserialize;
5
6use crate::{
7    vocab::{AttackMotivation, AttackResourceLevel},
8    CommonProperties,
9};
10
11#[derive(Deserialize, stix_derive::TypedObject)]
12#[typed_object(core)]
13pub struct IntrusionSet {
14    #[serde(flatten)]
15    common: CommonProperties,
16    name: String,
17    #[serde(default)]
18    description: Option<String>,
19    #[serde(default)]
20    aliases: BTreeSet<String>,
21    #[serde(default)]
22    pub first_seen: Option<DateTime<Utc>>,
23    #[serde(default)]
24    pub last_seen: Option<DateTime<Utc>>,
25    #[serde(default)]
26    pub goals: Vec<String>,
27    #[serde(default)]
28    pub resource_level: Option<AttackResourceLevel>,
29    #[serde(default)]
30    pub primary_motivation: Option<AttackMotivation>,
31    #[serde(default)]
32    pub secondary_motivations: BTreeSet<AttackMotivation>,
33}
34
35impl IntrusionSet {
36    pub fn name(&self) -> &str {
37        &self.name
38    }
39
40    pub fn description(&self) -> Option<&str> {
41        self.description.as_ref().map(|s| s.as_str())
42    }
43
44    pub fn aliases(&self) -> &BTreeSet<String> {
45        &self.aliases
46    }
47}
48
49impl AsRef<CommonProperties> for IntrusionSet {
50    fn as_ref(&self) -> &CommonProperties {
51        &self.common
52    }
53}