Clarify semantics of different types of TTPs

[johnwunder]

This will involve restructuring the data model to more clearly delineate the semantics of various forms of TTP (malware, attack patterns, infrastructure, victim targeting) as separate types of TTP rather than different properties of a single TTP. Resolving this issue is likely to reduce the perceptual complexity of this issue and potentially the implementation complexity as well.

360 in STIX tracker.

[terrymacdonald]

Comments from Marko on Slack:

"Also, when looking at Vulnerability, Weakness and Impact, thay seems a bit “thin”. This topic is very complex, just look at SCAP @ http://scap.nist.gov/, maybe better overview at https://en.wikipedia.org/wiki/Security_Content_Automation_Protocol. I guess practically we need to OOB hook into CVEs and other components an become part of integral ecosystem. Any though there on how what we have now fits into real life usage patterns or is it still just skeleton and no final thoughts?(edited)"