Skip to content

Maturity: API Object

Jump to bottom Edit New page
Ivan Kirillov edited this page Oct 20, 2015 · 5 revisions

Maturity Spectrum Rationale

Semantic Consensus: Medium

There are two main issues relating to the semantics of the API Object:

  1. An API is more commonly thought of as a set of functions, protocols, etc. However, the API Object as it currently stands is really characterizing a single function and also its particular location in a binary. Therefore, we need to clarify if the intent is to really characterize an entire API or just a single function.
  2. Compared to many of the other Objects in CybOX, an API/API call is much more abstract, and is really more of a "meta" object. This is because it is unclear whether an API/API Object will ever be used by itself; instead, the primary use seems to be in conjunction with another object, such as the Windows Executable File Object, for stating that a particular API call was found at some location inside the code that makes up the executable file.

Semantic Completeness: Medium

Depending on the intended scope of the API Object, there is the potential for it having additional fields.

Existing Use: Low

There is no documented use of the API Object.

Add a custom footer
Add a custom sidebar
Clone this wiki locally