mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2025-01-07 13:38:20 -05:00
269 lines
7.3 KiB
Plaintext
269 lines
7.3 KiB
Plaintext
|
{
|
||
|
"cells": [
|
||
|
{
|
||
|
"cell_type": "markdown",
|
||
|
"metadata": {},
|
||
|
"source": [
|
||
|
"# Create AMITT incident visualisations\n",
|
||
|
"\n",
|
||
|
"Many thanks to https://python-graph-gallery.com/91-customize-seaborn-heatmap/"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"import seaborn as sns\n",
|
||
|
"import pandas as pd\n",
|
||
|
"import numpy as np\n",
|
||
|
"import generate_amitt_ttps\n",
|
||
|
"\n",
|
||
|
"# Check that heatmap works\n",
|
||
|
"df = pd.DataFrame(np.random.random((10,12)), columns=[\"a\",\"b\",\"c\",\"d\",\"e\",\"f\",\"g\",\"h\",\"i\",\"j\",\"k\",\"l\"])\n",
|
||
|
"sns.heatmap(df, annot=True, annot_kws={\"size\": 7})"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"amitt = generate_amitt_ttps.Amitt()\n",
|
||
|
"redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
|
||
|
"\n",
|
||
|
"techcounts = amitt.it[['id_incident','id_technique']].drop_duplicates().groupby('id_technique').count().to_dict()['id_incident']\n",
|
||
|
"techlabels = redgrid[2:][:]\n",
|
||
|
"nrows = len(techlabels)\n",
|
||
|
"ncols = len(techlabels[0])\n",
|
||
|
"techgrid = np.zeros([nrows, ncols], dtype = int)\n",
|
||
|
"\n",
|
||
|
"for row in range(nrows):\n",
|
||
|
" for col in range(ncols):\n",
|
||
|
" if techlabels[row][col] in techcounts:\n",
|
||
|
" techgrid[row][col] = techcounts[techlabels[row][col]]\n",
|
||
|
"\n",
|
||
|
"sns.heatmap(techgrid, annot=True, annot_kws={\"size\": 7})\n",
|
||
|
"techgrid"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"amitt.df_tactics"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"amitt.it"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"ct = amitt.cross_counterid_techniqueid\n",
|
||
|
"ct[ct['technique_id'] != '']"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"ct[(ct['id'] == 'C00197') & (ct['technique_id'].isin(['T0002', 'T0007']))]"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"ct = ct[ct['technique_id'].isin(amitt.df_techniques['id'].to_list()) & ct['id'].isin(amitt.df_counters['id'].to_list())]\n",
|
||
|
"ct"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"technique_id_list = ['T0007', 'T0008', 'T0022', 'T0023', 'T0043', 'T0052', 'T0036', 'T0037', 'T0038']\n",
|
||
|
"counter_id_list = ['C00009', 'C00008', 'C00042', 'C00030', 'C00093', 'C00193', 'C00073', 'C000197', 'C00174', 'C00205']\n",
|
||
|
"possible_counters_for_techniques = ct[ct['technique_id'].isin(technique_id_list)] \n",
|
||
|
"possible_techniques_for_counters = ct[ct['id'].isin(counter_id_list)] \n",
|
||
|
"coverage = ct[(ct['id'].isin(counter_id_list)) & (ct['technique_id'].isin(technique_id_list))]\n",
|
||
|
"coverage"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {
|
||
|
"scrolled": true
|
||
|
},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"possible_techniques_for_counters"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {
|
||
|
"scrolled": true
|
||
|
},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"possible_counters_for_techniques"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": 6,
|
||
|
"metadata": {},
|
||
|
"outputs": [
|
||
|
{
|
||
|
"name": "stdout",
|
||
|
"output_type": "stream",
|
||
|
"text": [
|
||
|
"clicked button T0045 8 7\n",
|
||
|
"clicked button T0046 9 7\n",
|
||
|
"clicked button T0049 4 8\n",
|
||
|
"clicked button T0057 2 9\n",
|
||
|
"clicked button T0060 4 10\n",
|
||
|
"clicked button T0029 2 6\n",
|
||
|
"clicked button T0016 2 4\n"
|
||
|
]
|
||
|
}
|
||
|
],
|
||
|
"source": [
|
||
|
"import tkinter as Tk\n",
|
||
|
"import numpy as np\n",
|
||
|
"import generate_amitt_ttps\n",
|
||
|
"\n",
|
||
|
"class Begueradj(Tk.Frame):\n",
|
||
|
" def __init__(self,parent):\n",
|
||
|
" amitt = generate_amitt_ttps.Amitt()\n",
|
||
|
" self.redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
|
||
|
" self.bluegrid = amitt.create_padded_framework_table('AMITT Blue', 'counter_ids', False)\n",
|
||
|
"\n",
|
||
|
" Tk.Frame.__init__(self, parent)\n",
|
||
|
" self.parent = parent\n",
|
||
|
" self.button= ''\n",
|
||
|
" self.initialize()\n",
|
||
|
" \n",
|
||
|
" def initialize(self):\n",
|
||
|
" '''\n",
|
||
|
" Draw the GUI\n",
|
||
|
" '''\n",
|
||
|
" self.parent.title(\"AMITT FRAMEWORK COVERAGE\") \n",
|
||
|
" self.parent.grid_rowconfigure(1,weight=1)\n",
|
||
|
" self.parent.grid_columnconfigure(1,weight=1)\n",
|
||
|
"\n",
|
||
|
" self.frame = Tk.Frame(self.parent) \n",
|
||
|
" self.frame.pack(fill=Tk.X, padx=5, pady=5)\n",
|
||
|
"\n",
|
||
|
" # Create a 6x7 array of zeros as the one you used\n",
|
||
|
" numrows = len(self.redgrid) - 1\n",
|
||
|
" numcols = len(self.redgrid[0])\n",
|
||
|
" self.buttons = {}\n",
|
||
|
" for row in range(1,numrows):\n",
|
||
|
" for col in range(0,numcols):\n",
|
||
|
" button_id = self.redgrid[row][col]\n",
|
||
|
" self.button = Tk.Button(self.frame, text = button_id, bg='blue', \n",
|
||
|
" command= lambda bid=button_id, row=row, col=col: self.clicked(bid, row, col))\n",
|
||
|
" self.button.grid(row=row, column=col)\n",
|
||
|
" \n",
|
||
|
" def clicked(self, bid, row, col):\n",
|
||
|
" print('clicked button {} {} {}'.format(bid, row, col))\n",
|
||
|
" self.find_in_grid(self.frame, row, col)\n",
|
||
|
"\n",
|
||
|
" def find_in_grid(self, frame, row, column):\n",
|
||
|
" for children in frame.children.values():\n",
|
||
|
" info = children.grid_info()\n",
|
||
|
" #note that rows and column numbers are stored as string\n",
|
||
|
" if info['row'] == str(row) and info['column'] == str(column):\n",
|
||
|
" print('{}'.format(children.get()))\n",
|
||
|
" return None\n",
|
||
|
"\n",
|
||
|
"root=Tk.Tk()\n",
|
||
|
"app = Begueradj(root) \n",
|
||
|
"root.mainloop()"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {
|
||
|
"scrolled": true
|
||
|
},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"redgrid"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"for row in range(2,len(redgrid)):\n",
|
||
|
" print(len(redgrid[row]))"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": [
|
||
|
"redgrid[1][2]"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"cell_type": "code",
|
||
|
"execution_count": null,
|
||
|
"metadata": {},
|
||
|
"outputs": [],
|
||
|
"source": []
|
||
|
}
|
||
|
],
|
||
|
"metadata": {
|
||
|
"kernelspec": {
|
||
|
"display_name": "Python 3",
|
||
|
"language": "python",
|
||
|
"name": "python3"
|
||
|
},
|
||
|
"language_info": {
|
||
|
"codemirror_mode": {
|
||
|
"name": "ipython",
|
||
|
"version": 3
|
||
|
},
|
||
|
"file_extension": ".py",
|
||
|
"mimetype": "text/x-python",
|
||
|
"name": "python",
|
||
|
"nbconvert_exporter": "python",
|
||
|
"pygments_lexer": "ipython3",
|
||
|
"version": "3.8.3"
|
||
|
}
|
||
|
},
|
||
|
"nbformat": 4,
|
||
|
"nbformat_minor": 2
|
||
|
}
|