DISARMframeworks/CODE/DISARM-STIX2/objects/relationship.py

from stix2 import Relationship, properties, ExternalReference


def make_disarm_subtechnique_relationship(source, target):
    """Creates a relationship between the parent technique and sub-technique.

    Args:
        source (str): Subtechnique ID
        target (str): Parent technique ID

    Returns:
        A Relationship object.

    """
    relationship = Relationship(
        source_ref=source,
        target_ref=target,
        relationship_type="subtechnique-of"
    )

    return relationship


def make_disarm_subtechnique_relationships(techniques, subtechniques):
    """Creates a map of technique and sub-technique.

    Args:
        techniques (list): List of STIX2 technique objects.
        subtechniques (list): List of STIX2 subtechnique objects.

    Returns:
        A Relationship object.

    """
    technique_ids = {}
    for technique in techniques:
        technique_ids[technique["external_references"][0]["external_id"]] = technique["id"]

    relationships = []
    for subtechnique in subtechniques:
        technique_id = technique_ids[subtechnique["external_references"][0]["external_id"].split(".")[0]]
        relationship = make_disarm_subtechnique_relationship(subtechnique["id"], technique_id)
        relationships.append(relationship)

    return relationships
Added EEAS framework objects and STIX generator Added framework objects: - Added technique T0066 "Degrade adversary" to TA02 - Added technique T0067 "Plan to discredit credible sources" to TA02 - Added technique T0068 "respond to breaking news event" to TA02 - Added technique T0069 "respond to active crisis" to TA02 - Added technique T0070 "Analyze existing communities" to TA02 - Added technique T0071 "Find echo chambers" to TA13 - Added technique T0072 "Segment audiences" to TA13 Added STIX generator from repo DISARM-stix2, and added code to generate github files, databases, and STIX from the same Jupyter notebook. 2022-02-20 15:40:34 -05:00			`from stix2 import Relationship, properties, ExternalReference`


			`def make_disarm_subtechnique_relationship(source, target):`
			`"""Creates a relationship between the parent technique and sub-technique.`

			`Args:`
			`source (str): Subtechnique ID`
			`target (str): Parent technique ID`

			`Returns:`
			`A Relationship object.`

			`"""`
			`relationship = Relationship(`
			`source_ref=source,`
			`target_ref=target,`
			`relationship_type="subtechnique-of"`
			`)`

			`return relationship`
add subtechniques to stix2 generator 2022-07-02 00:06:46 -04:00

			`def make_disarm_subtechnique_relationships(techniques, subtechniques):`
			`"""Creates a map of technique and sub-technique.`

			`Args:`
			`techniques (list): List of STIX2 technique objects.`
			`subtechniques (list): List of STIX2 subtechnique objects.`

			`Returns:`
			`A Relationship object.`

			`"""`
			`technique_ids = {}`
			`for technique in techniques:`
			`technique_ids[technique["external_references"][0]["external_id"]] = technique["id"]`

			`relationships = []`
			`for subtechnique in subtechniques:`
			`technique_id = technique_ids[subtechnique["external_references"][0]["external_id"].split(".")[0]]`
			`relationship = make_disarm_subtechnique_relationship(subtechnique["id"], technique_id)`
			`relationships.append(relationship)`

			`return relationships`