Copy AMITT repository, clean up and rebrand

Took a copy of the current AMITT github repository - we'll be updating this and merging the SPICE branch back in
Rebranded to DISARM
Moved generated pages to their own folder, to make looking at the repository less confusing
This commit is contained in:
Sara-Jayne Terp 2022-01-29 11:34:46 -05:00
commit 22abaf93d8
448 changed files with 58066 additions and 0 deletions

BIN
.DS_Store vendored Normal file

Binary file not shown.

BIN
CODE/.DS_Store vendored Normal file

Binary file not shown.

View File

@ -0,0 +1,459 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Create counters summaries\n",
"Create summaries of disinfo countermeasures for use in dataset cleaning etc."
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Writing ../counter_tactics/ALcounters.md\n",
"Writing ../counter_tactics/TA01counters.md\n",
"Writing ../counter_tactics/TA02counters.md\n",
"Writing ../counter_tactics/TA03counters.md\n",
"Writing ../counter_tactics/TA04counters.md\n",
"Writing ../counter_tactics/TA05counters.md\n",
"Writing ../counter_tactics/TA06counters.md\n",
"Writing ../counter_tactics/TA07counters.md\n",
"Writing ../counter_tactics/TA08counters.md\n",
"Writing ../counter_tactics/TA09counters.md\n",
"Writing ../counter_tactics/TA10counters.md\n",
"Writing ../counter_tactics/TA11counters.md\n",
"Writing ../counter_tactics/TA12counters.md\n",
"updated ../counter_tactic_counts.md\n",
"Writing ../counters_metatag/cleaningcounters.md\n",
"Writing ../counters_metatag/countermessagingcounters.md\n",
"Writing ../counters_metatag/data pollutioncounters.md\n",
"Writing ../counters_metatag/daylightcounters.md\n",
"Writing ../counters_metatag/dilutioncounters.md\n",
"Writing ../counters_metatag/diversioncounters.md\n",
"Writing ../counters_metatag/frictioncounters.md\n",
"Writing ../counters_metatag/metatechniquecounters.md\n",
"Writing ../counters_metatag/reduce resourcescounters.md\n",
"Writing ../counters_metatag/removalcounters.md\n",
"Writing ../counters_metatag/resiliencecounters.md\n",
"Writing ../counters_metatag/scoringcounters.md\n",
"Writing ../counters_metatag/targetingcounters.md\n",
"Writing ../counters_metatag/verificationcounters.md\n",
"updated ../counter_metatag_counts.md\n",
"Writing ../counter_resource/DHScounters.md\n",
"Writing ../counter_resource/NGOcounters.md\n",
"Writing ../counter_resource/activistscounters.md\n",
"Writing ../counter_resource/adtechcounters.md\n",
"Writing ../counter_resource/civil_societycounters.md\n",
"Writing ../counter_resource/community_groupscounters.md\n",
"Writing ../counter_resource/companiescounters.md\n",
"Writing ../counter_resource/content_creatorscounters.md\n",
"Writing ../counter_resource/data_scientistcounters.md\n",
"Writing ../counter_resource/datastreamscounters.md\n",
"Writing ../counter_resource/developerscounters.md\n",
"Writing ../counter_resource/educatorscounters.md\n",
"Writing ../counter_resource/elvescounters.md\n",
"Writing ../counter_resource/factcheckerscounters.md\n",
"Writing ../counter_resource/fundingcounters.md\n",
"Writing ../counter_resource/gamesdesignerscounters.md\n",
"Writing ../counter_resource/governmentcounters.md\n",
"Writing ../counter_resource/government:policymakerscounters.md\n",
"Writing ../counter_resource/influencerscounters.md\n",
"Writing ../counter_resource/influencers:trusted_authoritycounters.md\n",
"Writing ../counter_resource/infoseccounters.md\n",
"Writing ../counter_resource/librariescounters.md\n",
"Writing ../counter_resource/mediacounters.md\n",
"Writing ../counter_resource/militarycounters.md\n",
"Writing ../counter_resource/moneycounters.md\n",
"Writing ../counter_resource/platform_admincounters.md\n",
"Writing ../counter_resource/platform_admin:adtechcounters.md\n",
"Writing ../counter_resource/platform_admin:fundingsitescounters.md\n",
"Writing ../counter_resource/platform_admin:socialmediacounters.md\n",
"Writing ../counter_resource/platform_algorithmscounters.md\n",
"Writing ../counter_resource/platform_outreachcounters.md\n",
"Writing ../counter_resource/platformscounters.md\n",
"Writing ../counter_resource/publiccounters.md\n",
"Writing ../counter_resource/public:account_ownerscounters.md\n",
"Writing ../counter_resource/religious_organisationscounters.md\n",
"Writing ../counter_resource/schoolscounters.md\n",
"Writing ../counter_resource/server_admincounters.md\n",
"updated ../counter_resource_counts.md\n"
]
},
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>ID</th>\n",
" <th>metatechnique</th>\n",
" <th>Title</th>\n",
" <th>Details</th>\n",
" <th>Playbook(s)</th>\n",
" <th>Resources needed</th>\n",
" <th>How found</th>\n",
" <th>References</th>\n",
" <th>Incidents</th>\n",
" <th>Tactic</th>\n",
" <th>Response</th>\n",
" <th>Techniques</th>\n",
" <th>NOTES</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00043</td>\n",
" <td>cleaning</td>\n",
" <td>Detect hijacked accounts and reallocate them</td>\n",
" <td>NaN</td>\n",
" <td>In all playbooks the platform must force user ...</td>\n",
" <td>platform_admin,activists,civil_society,money</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA03 Develop People</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>T0011 - Hijack accounts</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00053</td>\n",
" <td>cleaning</td>\n",
" <td>Delete old accounts / Remove unused social med...</td>\n",
" <td>NaN</td>\n",
" <td>Social media companies remove inactive account...</td>\n",
" <td>platform_admin,platform_admin:socialmedia,publ...</td>\n",
" <td>2019-11-workshop,2019-11-search</td>\n",
" <td>NaN</td>\n",
" <td>I00004</td>\n",
" <td>TA04 Develop Networks</td>\n",
" <td>D4 Degrade</td>\n",
" <td>T0011 - Hijack accounts\\nTA06 - Develop Conten...</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00074</td>\n",
" <td>cleaning</td>\n",
" <td>Identify identical content and mass deplatform</td>\n",
" <td>\\n</td>\n",
" <td>In all cases some checks need to prevent depla...</td>\n",
" <td>platform_admin,platform_admin:socialmedia</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D2 Deny</td>\n",
" <td>T0022 - Conspiracy narratives\\nT0026 - Create ...</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00026</td>\n",
" <td>countermessaging</td>\n",
" <td>Shore up democracy based messages (peace, free...</td>\n",
" <td>Unsure</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA01 Strategic Planning</td>\n",
" <td>D4 Degrade</td>\n",
" <td>T0002 - Facilitate State Propaganda</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>C00082</td>\n",
" <td>countermessaging</td>\n",
" <td>Ground truthing as automated response to pollu...</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>181</th>\n",
" <td>C00214</td>\n",
" <td>metatechnique</td>\n",
" <td>Create policy that makes social media police d...</td>\n",
" <td>German model: facebook forced to police conten...</td>\n",
" <td>NaN</td>\n",
" <td>government:policymakers</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>182</th>\n",
" <td>C00215</td>\n",
" <td>metatechnique</td>\n",
" <td>Use fraud legislation to clean up social media</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>government:policymakers</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>183</th>\n",
" <td>C00217</td>\n",
" <td>daylight</td>\n",
" <td>Registries alert when large batches of newsy U...</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>platform_admin</td>\n",
" <td>grugq</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D2 Deny</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>184</th>\n",
" <td>C00218</td>\n",
" <td>removal</td>\n",
" <td>Censorship</td>\n",
" <td>Alter and/or block the publication/disseminati...</td>\n",
" <td>NaN</td>\n",
" <td>platform_admin</td>\n",
" <td>grugq</td>\n",
" <td>Taylor81</td>\n",
" <td>NaN</td>\n",
" <td>TA09 Exposure</td>\n",
" <td>D2 Deny</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>185</th>\n",
" <td>C00219</td>\n",
" <td>daylight</td>\n",
" <td>Add metadata to content - out of the control o...</td>\n",
" <td>NaN</td>\n",
" <td>Add date and source to images</td>\n",
" <td>NaN</td>\n",
" <td>grugq</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>186 rows × 13 columns</p>\n",
"</div>"
],
"text/plain": [
" ID metatechnique \\\n",
"0 C00043 cleaning \n",
"1 C00053 cleaning \n",
"2 C00074 cleaning \n",
"3 C00026 countermessaging \n",
"4 C00082 countermessaging \n",
".. ... ... \n",
"181 C00214 metatechnique \n",
"182 C00215 metatechnique \n",
"183 C00217 daylight \n",
"184 C00218 removal \n",
"185 C00219 daylight \n",
"\n",
" Title \\\n",
"0 Detect hijacked accounts and reallocate them \n",
"1 Delete old accounts / Remove unused social med... \n",
"2 Identify identical content and mass deplatform \n",
"3 Shore up democracy based messages (peace, free... \n",
"4 Ground truthing as automated response to pollu... \n",
".. ... \n",
"181 Create policy that makes social media police d... \n",
"182 Use fraud legislation to clean up social media \n",
"183 Registries alert when large batches of newsy U... \n",
"184 Censorship \n",
"185 Add metadata to content - out of the control o... \n",
"\n",
" Details \\\n",
"0 NaN \n",
"1 NaN \n",
"2 \\n \n",
"3 Unsure \n",
"4 NaN \n",
".. ... \n",
"181 German model: facebook forced to police conten... \n",
"182 NaN \n",
"183 NaN \n",
"184 Alter and/or block the publication/disseminati... \n",
"185 NaN \n",
"\n",
" Playbook(s) \\\n",
"0 In all playbooks the platform must force user ... \n",
"1 Social media companies remove inactive account... \n",
"2 In all cases some checks need to prevent depla... \n",
"3 NaN \n",
"4 NaN \n",
".. ... \n",
"181 NaN \n",
"182 NaN \n",
"183 NaN \n",
"184 NaN \n",
"185 Add date and source to images \n",
"\n",
" Resources needed \\\n",
"0 platform_admin,activists,civil_society,money \n",
"1 platform_admin,platform_admin:socialmedia,publ... \n",
"2 platform_admin,platform_admin:socialmedia \n",
"3 NaN \n",
"4 NaN \n",
".. ... \n",
"181 government:policymakers \n",
"182 government:policymakers \n",
"183 platform_admin \n",
"184 platform_admin \n",
"185 NaN \n",
"\n",
" How found References Incidents \\\n",
"0 2019-11-workshop NaN NaN \n",
"1 2019-11-workshop,2019-11-search NaN I00004 \n",
"2 2019-11-workshop NaN NaN \n",
"3 2019-11-workshop NaN NaN \n",
"4 2019-11-workshop NaN NaN \n",
".. ... ... ... \n",
"181 2019-11-workshop NaN NaN \n",
"182 2019-11-workshop NaN NaN \n",
"183 grugq NaN NaN \n",
"184 grugq Taylor81 NaN \n",
"185 grugq NaN NaN \n",
"\n",
" Tactic Response \\\n",
"0 TA03 Develop People D3 Disrupt \n",
"1 TA04 Develop Networks D4 Degrade \n",
"2 TA06 Develop Content D2 Deny \n",
"3 TA01 Strategic Planning D4 Degrade \n",
"4 TA06 Develop Content D3 Disrupt \n",
".. ... ... \n",
"181 TA07 Channel Selection D3 Disrupt \n",
"182 TA07 Channel Selection D3 Disrupt \n",
"183 TA07 Channel Selection D2 Deny \n",
"184 TA09 Exposure D2 Deny \n",
"185 TA06 Develop Content D3 Disrupt \n",
"\n",
" Techniques NOTES \n",
"0 T0011 - Hijack accounts NaN \n",
"1 T0011 - Hijack accounts\\nTA06 - Develop Conten... NaN \n",
"2 T0022 - Conspiracy narratives\\nT0026 - Create ... NaN \n",
"3 T0002 - Facilitate State Propaganda NaN \n",
"4 NaN NaN \n",
".. ... ... \n",
"181 NaN NaN \n",
"182 NaN NaN \n",
"183 NaN NaN \n",
"184 NaN NaN \n",
"185 NaN NaN \n",
"\n",
"[186 rows x 13 columns]"
]
},
"execution_count": 1,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"import generate_amitt_counters\n",
"\n",
"counter = generate_amitt_counters.Counter()\n",
"counter.write_tactics_markdown()\n",
"counter.write_metacounts_markdown()\n",
"counter.write_resource_markdown()\n",
"counter.dfcounters"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 2
}

View File

@ -0,0 +1,268 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Create AMITT incident visualisations\n",
"\n",
"Many thanks to https://python-graph-gallery.com/91-customize-seaborn-heatmap/"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"import seaborn as sns\n",
"import pandas as pd\n",
"import numpy as np\n",
"import generate_amitt_ttps\n",
"\n",
"# Check that heatmap works\n",
"df = pd.DataFrame(np.random.random((10,12)), columns=[\"a\",\"b\",\"c\",\"d\",\"e\",\"f\",\"g\",\"h\",\"i\",\"j\",\"k\",\"l\"])\n",
"sns.heatmap(df, annot=True, annot_kws={\"size\": 7})"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt = generate_amitt_ttps.Amitt()\n",
"redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
"\n",
"techcounts = amitt.it[['id_incident','id_technique']].drop_duplicates().groupby('id_technique').count().to_dict()['id_incident']\n",
"techlabels = redgrid[2:][:]\n",
"nrows = len(techlabels)\n",
"ncols = len(techlabels[0])\n",
"techgrid = np.zeros([nrows, ncols], dtype = int)\n",
"\n",
"for row in range(nrows):\n",
" for col in range(ncols):\n",
" if techlabels[row][col] in techcounts:\n",
" techgrid[row][col] = techcounts[techlabels[row][col]]\n",
"\n",
"sns.heatmap(techgrid, annot=True, annot_kws={\"size\": 7})\n",
"techgrid"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt.df_tactics"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt.it"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct = amitt.cross_counterid_techniqueid\n",
"ct[ct['technique_id'] != '']"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct[(ct['id'] == 'C00197') & (ct['technique_id'].isin(['T0002', 'T0007']))]"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct = ct[ct['technique_id'].isin(amitt.df_techniques['id'].to_list()) & ct['id'].isin(amitt.df_counters['id'].to_list())]\n",
"ct"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"technique_id_list = ['T0007', 'T0008', 'T0022', 'T0023', 'T0043', 'T0052', 'T0036', 'T0037', 'T0038']\n",
"counter_id_list = ['C00009', 'C00008', 'C00042', 'C00030', 'C00093', 'C00193', 'C00073', 'C000197', 'C00174', 'C00205']\n",
"possible_counters_for_techniques = ct[ct['technique_id'].isin(technique_id_list)] \n",
"possible_techniques_for_counters = ct[ct['id'].isin(counter_id_list)] \n",
"coverage = ct[(ct['id'].isin(counter_id_list)) & (ct['technique_id'].isin(technique_id_list))]\n",
"coverage"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"possible_techniques_for_counters"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"possible_counters_for_techniques"
]
},
{
"cell_type": "code",
"execution_count": 6,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"clicked button T0045 8 7\n",
"clicked button T0046 9 7\n",
"clicked button T0049 4 8\n",
"clicked button T0057 2 9\n",
"clicked button T0060 4 10\n",
"clicked button T0029 2 6\n",
"clicked button T0016 2 4\n"
]
}
],
"source": [
"import tkinter as Tk\n",
"import numpy as np\n",
"import generate_amitt_ttps\n",
"\n",
"class Begueradj(Tk.Frame):\n",
" def __init__(self,parent):\n",
" amitt = generate_amitt_ttps.Amitt()\n",
" self.redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
" self.bluegrid = amitt.create_padded_framework_table('AMITT Blue', 'counter_ids', False)\n",
"\n",
" Tk.Frame.__init__(self, parent)\n",
" self.parent = parent\n",
" self.button= ''\n",
" self.initialize()\n",
" \n",
" def initialize(self):\n",
" '''\n",
" Draw the GUI\n",
" '''\n",
" self.parent.title(\"AMITT FRAMEWORK COVERAGE\") \n",
" self.parent.grid_rowconfigure(1,weight=1)\n",
" self.parent.grid_columnconfigure(1,weight=1)\n",
"\n",
" self.frame = Tk.Frame(self.parent) \n",
" self.frame.pack(fill=Tk.X, padx=5, pady=5)\n",
"\n",
" # Create a 6x7 array of zeros as the one you used\n",
" numrows = len(self.redgrid) - 1\n",
" numcols = len(self.redgrid[0])\n",
" self.buttons = {}\n",
" for row in range(1,numrows):\n",
" for col in range(0,numcols):\n",
" button_id = self.redgrid[row][col]\n",
" self.button = Tk.Button(self.frame, text = button_id, bg='blue', \n",
" command= lambda bid=button_id, row=row, col=col: self.clicked(bid, row, col))\n",
" self.button.grid(row=row, column=col)\n",
" \n",
" def clicked(self, bid, row, col):\n",
" print('clicked button {} {} {}'.format(bid, row, col))\n",
" self.find_in_grid(self.frame, row, col)\n",
"\n",
" def find_in_grid(self, frame, row, column):\n",
" for children in frame.children.values():\n",
" info = children.grid_info()\n",
" #note that rows and column numbers are stored as string\n",
" if info['row'] == str(row) and info['column'] == str(column):\n",
" print('{}'.format(children.get()))\n",
" return None\n",
"\n",
"root=Tk.Tk()\n",
"app = Begueradj(root) \n",
"root.mainloop()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"redgrid"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"for row in range(2,len(redgrid)):\n",
" print(len(redgrid[row]))"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"redgrid[1][2]"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 2
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,608 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Generate AMITT github files\n",
"\n",
"Generate all the AMITT github files from the AMITT master spreadsheet, being careful to reatin any comments people have made below the \"don't write above this\" line in them. "
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {
"scrolled": true
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"updated ../amitt_red_framework.md\n",
"updated ../amitt_red_framework_clickable.html\n",
"updated ../amitt_blue_framework.md\n",
"updated ../amitt_blue_framework_clickable.html\n",
"Temp: objecttype phase\n",
"updated ../phases_index.md\n",
"Temp: objecttype tactic\n",
"updated ../tactics_index.md\n",
"Temp: objecttype technique\n",
"updated ../techniques_index.md\n",
"Temp: objecttype task\n",
"updated ../tasks_index.md\n",
"Temp: objecttype incident\n",
"updated ../incidents_index.md\n",
"Temp: objecttype counter\n",
"updated ../counters_index.md\n",
"Temp: objecttype metatechnique\n",
"updated ../metatechniques_index.md\n",
"Temp: objecttype actortype\n",
"updated ../actortypes_index.md\n",
"Updating ../actortypes/A001.md\n",
"Updating ../actortypes/A002.md\n",
"Updating ../actortypes/A003.md\n",
"Updating ../actortypes/A004.md\n",
"Updating ../actortypes/A005.md\n",
"Updating ../actortypes/A006.md\n",
"Updating ../actortypes/A007.md\n",
"Updating ../actortypes/A008.md\n",
"Updating ../actortypes/A009.md\n",
"Updating ../actortypes/A010.md\n",
"Updating ../actortypes/A011.md\n",
"Updating ../actortypes/A012.md\n",
"Updating ../actortypes/A013.md\n",
"Updating ../actortypes/A014.md\n",
"Updating ../actortypes/A015.md\n",
"Updating ../actortypes/A016.md\n",
"Updating ../actortypes/A017.md\n",
"Updating ../actortypes/A018.md\n",
"Updating ../actortypes/A019.md\n",
"Updating ../actortypes/A020.md\n",
"Updating ../actortypes/A021.md\n",
"Updating ../actortypes/A022.md\n",
"Updating ../actortypes/A023.md\n",
"Updating ../actortypes/A024.md\n",
"Updating ../actortypes/A025.md\n",
"Updating ../actortypes/A026.md\n",
"Updating ../actortypes/A027.md\n",
"Updating ../actortypes/A028.md\n",
"Updating ../actortypes/A029.md\n",
"Updating ../actortypes/A030.md\n",
"Updating ../actortypes/A031.md\n",
"Updating ../actortypes/A032.md\n",
"Updating ../actortypes/A033.md\n",
"updated ../responsetype_index.md\n",
"updated ../detections_index.md\n",
"updated ../tactics_by_responsetype_table.md\n",
"updated ../metatechniques_by_responsetype_table.md\n"
]
}
],
"source": [
"import pandas as pd\n",
"from generate_amitt_ttps import Amitt\n",
"amitt = Amitt()\n",
"amitt.generate_and_write_datafiles()"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"scrolled": true
},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>amitt_id</th>\n",
" <th>name</th>\n",
" <th>summary</th>\n",
" <th>sector_ids</th>\n",
" <th>framework_ids</th>\n",
" <th>longname</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>A001</td>\n",
" <td>data scientist</td>\n",
" <td>Person who can wrangle data, implement machine...</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A001 - data scientist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>A002</td>\n",
" <td>target</td>\n",
" <td>Person being targeted by disinformation campaign</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW02</td>\n",
" <td>A002 - target</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>A003</td>\n",
" <td>trusted authority</td>\n",
" <td>Influencer</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A003 - trusted authority</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>A004</td>\n",
" <td>activist</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A004 - activist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>A005</td>\n",
" <td>community group</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A005 - community group</td>\n",
" </tr>\n",
" <tr>\n",
" <th>5</th>\n",
" <td>A006</td>\n",
" <td>educator</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A006 - educator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>6</th>\n",
" <td>A007</td>\n",
" <td>factchecker</td>\n",
" <td>Someone with the skills to verify whether info...</td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A007 - factchecker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>7</th>\n",
" <td>A008</td>\n",
" <td>library</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A008 - library</td>\n",
" </tr>\n",
" <tr>\n",
" <th>8</th>\n",
" <td>A009</td>\n",
" <td>NGO</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A009 - NGO</td>\n",
" </tr>\n",
" <tr>\n",
" <th>9</th>\n",
" <td>A010</td>\n",
" <td>religious organisation</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A010 - religious organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>10</th>\n",
" <td>A011</td>\n",
" <td>school</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A011 - school</td>\n",
" </tr>\n",
" <tr>\n",
" <th>11</th>\n",
" <td>A012</td>\n",
" <td>account owner</td>\n",
" <td>Anyone who owns an account online</td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A012 - account owner</td>\n",
" </tr>\n",
" <tr>\n",
" <th>12</th>\n",
" <td>A013</td>\n",
" <td>content creator</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A013 - content creator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>13</th>\n",
" <td>A014</td>\n",
" <td>elves</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A014 - elves</td>\n",
" </tr>\n",
" <tr>\n",
" <th>14</th>\n",
" <td>A015</td>\n",
" <td>general public</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A015 - general public</td>\n",
" </tr>\n",
" <tr>\n",
" <th>15</th>\n",
" <td>A016</td>\n",
" <td>influencer</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A016 - influencer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>16</th>\n",
" <td>A017</td>\n",
" <td>coordinating body</td>\n",
" <td>For example the DHS</td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A017 - coordinating body</td>\n",
" </tr>\n",
" <tr>\n",
" <th>17</th>\n",
" <td>A018</td>\n",
" <td>government</td>\n",
" <td>Government agencies</td>\n",
" <td>S003</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A018 - government</td>\n",
" </tr>\n",
" <tr>\n",
" <th>18</th>\n",
" <td>A019</td>\n",
" <td>military</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A019 - military</td>\n",
" </tr>\n",
" <tr>\n",
" <th>19</th>\n",
" <td>A020</td>\n",
" <td>policy maker</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A020 - policy maker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>20</th>\n",
" <td>A021</td>\n",
" <td>media organisation</td>\n",
" <td></td>\n",
" <td>S010</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A021 - media organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>21</th>\n",
" <td>A022</td>\n",
" <td>company</td>\n",
" <td></td>\n",
" <td>S009</td>\n",
" <td>FW02</td>\n",
" <td>A022 - company</td>\n",
" </tr>\n",
" <tr>\n",
" <th>22</th>\n",
" <td>A023</td>\n",
" <td>adtech provider</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A023 - adtech provider</td>\n",
" </tr>\n",
" <tr>\n",
" <th>23</th>\n",
" <td>A024</td>\n",
" <td>developer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A024 - developer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>24</th>\n",
" <td>A025</td>\n",
" <td>funding_site_admin</td>\n",
" <td>Funding site admin</td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A025 - funding_site_admin</td>\n",
" </tr>\n",
" <tr>\n",
" <th>25</th>\n",
" <td>A026</td>\n",
" <td>games designer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A026 - games designer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>26</th>\n",
" <td>A027</td>\n",
" <td>information security</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A027 - information security</td>\n",
" </tr>\n",
" <tr>\n",
" <th>27</th>\n",
" <td>A028</td>\n",
" <td>platform administrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A028 - platform administrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>28</th>\n",
" <td>A029</td>\n",
" <td>server admininistrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A029 - server admininistrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>29</th>\n",
" <td>A030</td>\n",
" <td>platforms</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A030 - platforms</td>\n",
" </tr>\n",
" <tr>\n",
" <th>30</th>\n",
" <td>A031</td>\n",
" <td>social media platform adminstrator</td>\n",
" <td>Person with the authority to make changes to a...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A031 - social media platform adminstrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>31</th>\n",
" <td>A032</td>\n",
" <td>social media platform outreach</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A032 - social media platform outreach</td>\n",
" </tr>\n",
" <tr>\n",
" <th>32</th>\n",
" <td>A033</td>\n",
" <td>social media platform owner</td>\n",
" <td>Person with authority to make changes to a soc...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A033 - social media platform owner</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"</div>"
],
"text/plain": [
" amitt_id name \\\n",
"0 A001 data scientist \n",
"1 A002 target \n",
"2 A003 trusted authority \n",
"3 A004 activist \n",
"4 A005 community group \n",
"5 A006 educator \n",
"6 A007 factchecker \n",
"7 A008 library \n",
"8 A009 NGO \n",
"9 A010 religious organisation \n",
"10 A011 school \n",
"11 A012 account owner \n",
"12 A013 content creator \n",
"13 A014 elves \n",
"14 A015 general public \n",
"15 A016 influencer \n",
"16 A017 coordinating body \n",
"17 A018 government \n",
"18 A019 military \n",
"19 A020 policy maker \n",
"20 A021 media organisation \n",
"21 A022 company \n",
"22 A023 adtech provider \n",
"23 A024 developer \n",
"24 A025 funding_site_admin \n",
"25 A026 games designer \n",
"26 A027 information security \n",
"27 A028 platform administrator \n",
"28 A029 server admininistrator \n",
"29 A030 platforms \n",
"30 A031 social media platform adminstrator \n",
"31 A032 social media platform outreach \n",
"32 A033 social media platform owner \n",
"\n",
" summary \\\n",
"0 Person who can wrangle data, implement machine... \n",
"1 Person being targeted by disinformation campaign \n",
"2 Influencer \n",
"3 \n",
"4 \n",
"5 \n",
"6 Someone with the skills to verify whether info... \n",
"7 \n",
"8 \n",
"9 \n",
"10 \n",
"11 Anyone who owns an account online \n",
"12 \n",
"13 \n",
"14 \n",
"15 \n",
"16 For example the DHS \n",
"17 Government agencies \n",
"18 \n",
"19 \n",
"20 \n",
"21 \n",
"22 \n",
"23 \n",
"24 Funding site admin \n",
"25 \n",
"26 \n",
"27 \n",
"28 \n",
"29 \n",
"30 Person with the authority to make changes to a... \n",
"31 \n",
"32 Person with authority to make changes to a soc... \n",
"\n",
" sector_ids framework_ids \\\n",
"0 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"1 S001, S002, S003, S004, S005, S006, S007, S008... FW02 \n",
"2 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"3 S002 FW02 \n",
"4 S002 FW02 \n",
"5 S002 FW02 \n",
"6 S002 FW02 \n",
"7 S002 FW02 \n",
"8 S002 FW02 \n",
"9 S002 FW02 \n",
"10 S002 FW02 \n",
"11 S006 FW01\\nFW02 \n",
"12 S006 FW01\\nFW02 \n",
"13 S006 FW02 \n",
"14 S006 FW02 \n",
"15 S006 FW01\\nFW02 \n",
"16 S003 FW02 \n",
"17 S003 FW01\\nFW02 \n",
"18 S003 FW02 \n",
"19 S003 FW02 \n",
"20 S010 FW01\\nFW02 \n",
"21 S009 FW02 \n",
"22 S008 FW02 \n",
"23 S008 FW02 \n",
"24 S008 FW02 \n",
"25 S008 FW01, FW02 \n",
"26 S008 FW02 \n",
"27 S008 FW02 \n",
"28 S008 FW02 \n",
"29 S007 FW02 \n",
"30 S007 FW02 \n",
"31 S007 FW02 \n",
"32 S007 FW02 \n",
"\n",
" longname \n",
"0 A001 - data scientist \n",
"1 A002 - target \n",
"2 A003 - trusted authority \n",
"3 A004 - activist \n",
"4 A005 - community group \n",
"5 A006 - educator \n",
"6 A007 - factchecker \n",
"7 A008 - library \n",
"8 A009 - NGO \n",
"9 A010 - religious organisation \n",
"10 A011 - school \n",
"11 A012 - account owner \n",
"12 A013 - content creator \n",
"13 A014 - elves \n",
"14 A015 - general public \n",
"15 A016 - influencer \n",
"16 A017 - coordinating body \n",
"17 A018 - government \n",
"18 A019 - military \n",
"19 A020 - policy maker \n",
"20 A021 - media organisation \n",
"21 A022 - company \n",
"22 A023 - adtech provider \n",
"23 A024 - developer \n",
"24 A025 - funding_site_admin \n",
"25 A026 - games designer \n",
"26 A027 - information security \n",
"27 A028 - platform administrator \n",
"28 A029 - server admininistrator \n",
"29 A030 - platforms \n",
"30 A031 - social media platform adminstrator \n",
"31 A032 - social media platform outreach \n",
"32 A033 - social media platform owner "
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"amitt.df_actortypes"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

View File

@ -0,0 +1,425 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Test area for DISARM code"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"dict_keys(['df_phases', 'df_frameworks', 'df_techniques', 'df_tasks', 'df_incidents', 'df_counters', 'df_detections', 'df_actortypes', 'df_resources', 'df_responsetypes', 'df_metatechniques', 'it', 'df_tactics', 'df_techniques_per_tactic', 'df_counters_per_tactic', 'phases', 'tactics', 'techniques', 'counters', 'metatechniques', 'actortypes', 'resources', 'num_tactics', 'cross_counterid_techniqueid', 'cross_counterid_resourceid', 'cross_counterid_actortypeid'])\n"
]
},
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>amitt_id</th>\n",
" <th>technique_id</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0007</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0015</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0018</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0043</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0053</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0025</td>\n",
" </tr>\n",
" <tr>\n",
" <th>136</th>\n",
" <td>C00220</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>137</th>\n",
" <td>C00221</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>138</th>\n",
" <td>C00222</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>139</th>\n",
" <td>C00223</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>898 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" amitt_id technique_id\n",
"0 C00006 T0007\n",
"0 C00006 T0015\n",
"0 C00006 T0018\n",
"0 C00006 T0043\n",
"0 C00006 T0053\n",
".. ... ...\n",
"135 C00219 T0025\n",
"136 C00220 \n",
"137 C00221 \n",
"138 C00222 \n",
"139 C00223 \n",
"\n",
"[898 rows x 2 columns]"
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"import pandas as pd\n",
"import sqlite3 as sql\n",
"from generate_DISARM_pages import Disarm\n",
"\n",
"\n",
"# Generate AMITT datasets\n",
"disarm = Disarm()\n",
"\n",
"# Check which amitt variables we can see from here\n",
"print('{}'.format(vars(disarm).keys()))\n",
"vars(disarm)['cross_counterid_techniqueid']"
]
},
{
"cell_type": "code",
"execution_count": 41,
"metadata": {
"scrolled": true
},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>actor_id</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>A033</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>A007</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00009</td>\n",
" <td>A016</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00009</td>\n",
" <td>A006</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00010</td>\n",
" <td>A020</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>136</th>\n",
" <td>C00220</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>137</th>\n",
" <td>C00221</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>138</th>\n",
" <td>C00222</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>139</th>\n",
" <td>C00223</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>166 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" id actor_id\n",
"0 C00006 A033\n",
"1 C00008 A007\n",
"2 C00009 A016\n",
"2 C00009 A006\n",
"3 C00010 A020\n",
".. ... ...\n",
"135 C00219 \n",
"136 C00220 \n",
"137 C00221 \n",
"138 C00222 \n",
"139 C00223 \n",
"\n",
"[166 rows x 2 columns]"
]
},
"execution_count": 41,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"disarm.cross_counterid_actorid"
]
},
{
"cell_type": "code",
"execution_count": 3,
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>technique_id</th>\n",
" <th>Weight</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA01</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA06</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA08</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>T0006</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>T0009</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>134</th>\n",
" <td>C00216</td>\n",
" <td>T0018</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>134</th>\n",
" <td>C00216</td>\n",
" <td>T0057</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0024</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0026</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0025</td>\n",
" <td>1</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>717 rows × 3 columns</p>\n",
"</div>"
],
"text/plain": [
" id technique_id Weight\n",
"1 C00008 TA01 1\n",
"1 C00008 TA06 1\n",
"1 C00008 TA08 1\n",
"1 C00008 T0006 1\n",
"1 C00008 T0009 1\n",
".. ... ... ...\n",
"134 C00216 T0018 1\n",
"134 C00216 T0057 1\n",
"135 C00219 T0024 1\n",
"135 C00219 T0026 1\n",
"135 C00219 T0025 1\n",
"\n",
"[717 rows x 3 columns]"
]
},
"execution_count": 3,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"ct = disarm.cross_counterid_techniqueid\n",
"ct['Weight'] = 1\n",
"ct = ct[ct['technique_id'].str.len() > 0]\n",
"ct.to_csv('../visualisations/cross_counterid_techniqueid.csv', index=False, header=['Source','Target', 'Weight'])\n",
"ct"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

View File

@ -0,0 +1,110 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# fix the problem with excelfile changes\n",
"\n",
"Background: DISARM's master dataset is in an excelfile. Changes in this dont' show up in github, so it's difficult to tell what's changed between versions. Code below checks for those differences - use this repeatedly until versions align. "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"import pandas as pd\n",
"import sqlite3 as sql\n",
"from generate_DISARM_pages import Disarm\n",
"import pandas as pd\n",
"import numpy as np\n",
"import os\n",
"from sklearn.feature_extraction.text import CountVectorizer\n",
"pd.set_option('display.max_rows', 1000)\n",
"pd.set_option('display.max_colwidth', -1)\n",
"\n",
"newfile = '../DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER.xlsx'\n",
"oldfile = '../DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER_previous_version.xlsx'\n",
"\n",
"# Load dfs from file\n",
"newdfs = {}\n",
"newxlsx = pd.ExcelFile(newfile)\n",
"for sheetname in newxlsx.sheet_names:\n",
" newdfs[sheetname] = newxlsx.parse(sheetname)\n",
" newdfs[sheetname].fillna('', inplace=True)\n",
"\n",
"olddfs = {}\n",
"oldxlsx = pd.ExcelFile(oldfile)\n",
"for sheetname in oldxlsx.sheet_names:\n",
" olddfs[sheetname] = oldxlsx.parse(sheetname)\n",
" olddfs[sheetname].fillna('', inplace=True)\n",
"\n",
"addedtables = newdfs.keys() - olddfs.keys()\n",
"losttables = olddfs.keys() - newdfs.keys()\n",
"if len(addedtables) + len(losttables) > 0:\n",
" print('Table changes: new tables are {}, lost tables are {}'.format(addedtables, losttables))\n",
"\n",
"def investigate_table(table):\n",
" print('\\n\\nTable {} is changed'.format(table))\n",
" # Column headings\n",
" coldiffs = set(newdfs[table].columns).symmetric_difference(set(olddfs[table].columns))\n",
" if len(coldiffs) > 0:\n",
" print('column differences: {}'.format(coldiffs))\n",
" # length\n",
" if len(newdfs[table]) != len(olddfs[table]):\n",
" print('length differences: new {} old {}'.format(len(newdfs[table]), len(olddfs[table])))\n",
"\n",
" # column by column\n",
" for column in newdfs[table].columns:\n",
" coldiffs = newdfs[table][column] != olddfs[table][column]\n",
" if len(newdfs[table][coldiffs]) > 0:\n",
" print('Differences in column {}'.format(column))\n",
" return\n",
"\n",
"for table in newdfs.keys():\n",
" if newdfs[table].equals(olddfs[table]) == False:\n",
" investigate_table(table)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# Look at individual table differences\n",
"table = 'countermeasures'\n",
"column = 'summary'\n",
"coldiffs = newdfs[table][column] != olddfs[table][column]\n",
"diffcols = pd.DataFrame()\n",
"diffcols['amitt_id'] = newdfs[table][coldiffs]['amitt_id']\n",
"diffcols['new'] = newdfs[table][coldiffs][column]\n",
"diffcols['old'] = olddfs[table][coldiffs][column]\n",
"diffcols[diffcols['old'] != '']"
]
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

View File

@ -0,0 +1,556 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Generate AMITT github files\n",
"\n",
"Generate all the AMITT github files from the AMITT master spreadsheet, being careful to reatin any comments people have made below the \"don't write above this\" line in them. "
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"scrolled": true
},
"outputs": [
{
"ename": "ImportError",
"evalue": "cannot import name 'Disarm' from 'generate_DISARM_pages' (/Users/sara/Dropbox/SJT_Projects_current/DISARM_foundation/code_repositories/DISARM-Frameworks/CODE/generate_DISARM_pages.py)",
"output_type": "error",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m",
"\u001b[0;31mImportError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m<ipython-input-2-25052c215084>\u001b[0m in \u001b[0;36m<module>\u001b[0;34m\u001b[0m\n\u001b[1;32m 1\u001b[0m \u001b[0;32mimport\u001b[0m \u001b[0mpandas\u001b[0m \u001b[0;32mas\u001b[0m \u001b[0mpd\u001b[0m\u001b[0;34m\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0;32m----> 2\u001b[0;31m \u001b[0;32mfrom\u001b[0m \u001b[0mgenerate_DISARM_pages\u001b[0m \u001b[0;32mimport\u001b[0m \u001b[0mDisarm\u001b[0m\u001b[0;34m\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m\u001b[1;32m 3\u001b[0m \u001b[0mdisarm\u001b[0m \u001b[0;34m=\u001b[0m \u001b[0mDisarm\u001b[0m\u001b[0;34m(\u001b[0m\u001b[0;34m)\u001b[0m\u001b[0;34m\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[1;32m 4\u001b[0m \u001b[0mdisarm\u001b[0m\u001b[0;34m.\u001b[0m\u001b[0mgenerate_and_write_datafiles\u001b[0m\u001b[0;34m(\u001b[0m\u001b[0;34m)\u001b[0m\u001b[0;34m\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n",
"\u001b[0;31mImportError\u001b[0m: cannot import name 'Disarm' from 'generate_DISARM_pages' (/Users/sara/Dropbox/SJT_Projects_current/DISARM_foundation/code_repositories/DISARM-Frameworks/CODE/generate_DISARM_pages.py)"
]
}
],
"source": [
"import pandas as pd\n",
"from generate_DISARM_pages import Disarm\n",
"disarm = Disarm()\n",
"disarm.generate_and_write_datafiles()"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"scrolled": true
},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>amitt_id</th>\n",
" <th>name</th>\n",
" <th>summary</th>\n",
" <th>sector_ids</th>\n",
" <th>framework_ids</th>\n",
" <th>longname</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>A001</td>\n",
" <td>data scientist</td>\n",
" <td>Person who can wrangle data, implement machine...</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A001 - data scientist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>A002</td>\n",
" <td>target</td>\n",
" <td>Person being targeted by disinformation campaign</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW02</td>\n",
" <td>A002 - target</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>A003</td>\n",
" <td>trusted authority</td>\n",
" <td>Influencer</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A003 - trusted authority</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>A004</td>\n",
" <td>activist</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A004 - activist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>A005</td>\n",
" <td>community group</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A005 - community group</td>\n",
" </tr>\n",
" <tr>\n",
" <th>5</th>\n",
" <td>A006</td>\n",
" <td>educator</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A006 - educator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>6</th>\n",
" <td>A007</td>\n",
" <td>factchecker</td>\n",
" <td>Someone with the skills to verify whether info...</td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A007 - factchecker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>7</th>\n",
" <td>A008</td>\n",
" <td>library</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A008 - library</td>\n",
" </tr>\n",
" <tr>\n",
" <th>8</th>\n",
" <td>A009</td>\n",
" <td>NGO</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A009 - NGO</td>\n",
" </tr>\n",
" <tr>\n",
" <th>9</th>\n",
" <td>A010</td>\n",
" <td>religious organisation</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A010 - religious organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>10</th>\n",
" <td>A011</td>\n",
" <td>school</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A011 - school</td>\n",
" </tr>\n",
" <tr>\n",
" <th>11</th>\n",
" <td>A012</td>\n",
" <td>account owner</td>\n",
" <td>Anyone who owns an account online</td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A012 - account owner</td>\n",
" </tr>\n",
" <tr>\n",
" <th>12</th>\n",
" <td>A013</td>\n",
" <td>content creator</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A013 - content creator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>13</th>\n",
" <td>A014</td>\n",
" <td>elves</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A014 - elves</td>\n",
" </tr>\n",
" <tr>\n",
" <th>14</th>\n",
" <td>A015</td>\n",
" <td>general public</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A015 - general public</td>\n",
" </tr>\n",
" <tr>\n",
" <th>15</th>\n",
" <td>A016</td>\n",
" <td>influencer</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A016 - influencer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>16</th>\n",
" <td>A017</td>\n",
" <td>coordinating body</td>\n",
" <td>For example the DHS</td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A017 - coordinating body</td>\n",
" </tr>\n",
" <tr>\n",
" <th>17</th>\n",
" <td>A018</td>\n",
" <td>government</td>\n",
" <td>Government agencies</td>\n",
" <td>S003</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A018 - government</td>\n",
" </tr>\n",
" <tr>\n",
" <th>18</th>\n",
" <td>A019</td>\n",
" <td>military</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A019 - military</td>\n",
" </tr>\n",
" <tr>\n",
" <th>19</th>\n",
" <td>A020</td>\n",
" <td>policy maker</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A020 - policy maker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>20</th>\n",
" <td>A021</td>\n",
" <td>media organisation</td>\n",
" <td></td>\n",
" <td>S010</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A021 - media organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>21</th>\n",
" <td>A022</td>\n",
" <td>company</td>\n",
" <td></td>\n",
" <td>S009</td>\n",
" <td>FW02</td>\n",
" <td>A022 - company</td>\n",
" </tr>\n",
" <tr>\n",
" <th>22</th>\n",
" <td>A023</td>\n",
" <td>adtech provider</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A023 - adtech provider</td>\n",
" </tr>\n",
" <tr>\n",
" <th>23</th>\n",
" <td>A024</td>\n",
" <td>developer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A024 - developer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>24</th>\n",
" <td>A025</td>\n",
" <td>funding_site_admin</td>\n",
" <td>Funding site admin</td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A025 - funding_site_admin</td>\n",
" </tr>\n",
" <tr>\n",
" <th>25</th>\n",
" <td>A026</td>\n",
" <td>games designer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A026 - games designer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>26</th>\n",
" <td>A027</td>\n",
" <td>information security</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A027 - information security</td>\n",
" </tr>\n",
" <tr>\n",
" <th>27</th>\n",
" <td>A028</td>\n",
" <td>platform administrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A028 - platform administrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>28</th>\n",
" <td>A029</td>\n",
" <td>server admininistrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A029 - server admininistrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>29</th>\n",
" <td>A030</td>\n",
" <td>platforms</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A030 - platforms</td>\n",
" </tr>\n",
" <tr>\n",
" <th>30</th>\n",
" <td>A031</td>\n",
" <td>social media platform adminstrator</td>\n",
" <td>Person with the authority to make changes to a...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A031 - social media platform adminstrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>31</th>\n",
" <td>A032</td>\n",
" <td>social media platform outreach</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A032 - social media platform outreach</td>\n",
" </tr>\n",
" <tr>\n",
" <th>32</th>\n",
" <td>A033</td>\n",
" <td>social media platform owner</td>\n",
" <td>Person with authority to make changes to a soc...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A033 - social media platform owner</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"</div>"
],
"text/plain": [
" amitt_id name \\\n",
"0 A001 data scientist \n",
"1 A002 target \n",
"2 A003 trusted authority \n",
"3 A004 activist \n",
"4 A005 community group \n",
"5 A006 educator \n",
"6 A007 factchecker \n",
"7 A008 library \n",
"8 A009 NGO \n",
"9 A010 religious organisation \n",
"10 A011 school \n",
"11 A012 account owner \n",
"12 A013 content creator \n",
"13 A014 elves \n",
"14 A015 general public \n",
"15 A016 influencer \n",
"16 A017 coordinating body \n",
"17 A018 government \n",
"18 A019 military \n",
"19 A020 policy maker \n",
"20 A021 media organisation \n",
"21 A022 company \n",
"22 A023 adtech provider \n",
"23 A024 developer \n",
"24 A025 funding_site_admin \n",
"25 A026 games designer \n",
"26 A027 information security \n",
"27 A028 platform administrator \n",
"28 A029 server admininistrator \n",
"29 A030 platforms \n",
"30 A031 social media platform adminstrator \n",
"31 A032 social media platform outreach \n",
"32 A033 social media platform owner \n",
"\n",
" summary \\\n",
"0 Person who can wrangle data, implement machine... \n",
"1 Person being targeted by disinformation campaign \n",
"2 Influencer \n",
"3 \n",
"4 \n",
"5 \n",
"6 Someone with the skills to verify whether info... \n",
"7 \n",
"8 \n",
"9 \n",
"10 \n",
"11 Anyone who owns an account online \n",
"12 \n",
"13 \n",
"14 \n",
"15 \n",
"16 For example the DHS \n",
"17 Government agencies \n",
"18 \n",
"19 \n",
"20 \n",
"21 \n",
"22 \n",
"23 \n",
"24 Funding site admin \n",
"25 \n",
"26 \n",
"27 \n",
"28 \n",
"29 \n",
"30 Person with the authority to make changes to a... \n",
"31 \n",
"32 Person with authority to make changes to a soc... \n",
"\n",
" sector_ids framework_ids \\\n",
"0 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"1 S001, S002, S003, S004, S005, S006, S007, S008... FW02 \n",
"2 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"3 S002 FW02 \n",
"4 S002 FW02 \n",
"5 S002 FW02 \n",
"6 S002 FW02 \n",
"7 S002 FW02 \n",
"8 S002 FW02 \n",
"9 S002 FW02 \n",
"10 S002 FW02 \n",
"11 S006 FW01\\nFW02 \n",
"12 S006 FW01\\nFW02 \n",
"13 S006 FW02 \n",
"14 S006 FW02 \n",
"15 S006 FW01\\nFW02 \n",
"16 S003 FW02 \n",
"17 S003 FW01\\nFW02 \n",
"18 S003 FW02 \n",
"19 S003 FW02 \n",
"20 S010 FW01\\nFW02 \n",
"21 S009 FW02 \n",
"22 S008 FW02 \n",
"23 S008 FW02 \n",
"24 S008 FW02 \n",
"25 S008 FW01, FW02 \n",
"26 S008 FW02 \n",
"27 S008 FW02 \n",
"28 S008 FW02 \n",
"29 S007 FW02 \n",
"30 S007 FW02 \n",
"31 S007 FW02 \n",
"32 S007 FW02 \n",
"\n",
" longname \n",
"0 A001 - data scientist \n",
"1 A002 - target \n",
"2 A003 - trusted authority \n",
"3 A004 - activist \n",
"4 A005 - community group \n",
"5 A006 - educator \n",
"6 A007 - factchecker \n",
"7 A008 - library \n",
"8 A009 - NGO \n",
"9 A010 - religious organisation \n",
"10 A011 - school \n",
"11 A012 - account owner \n",
"12 A013 - content creator \n",
"13 A014 - elves \n",
"14 A015 - general public \n",
"15 A016 - influencer \n",
"16 A017 - coordinating body \n",
"17 A018 - government \n",
"18 A019 - military \n",
"19 A020 - policy maker \n",
"20 A021 - media organisation \n",
"21 A022 - company \n",
"22 A023 - adtech provider \n",
"23 A024 - developer \n",
"24 A025 - funding_site_admin \n",
"25 A026 - games designer \n",
"26 A027 - information security \n",
"27 A028 - platform administrator \n",
"28 A029 - server admininistrator \n",
"29 A030 - platforms \n",
"30 A031 - social media platform adminstrator \n",
"31 A032 - social media platform outreach \n",
"32 A033 - social media platform owner "
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"disarm.df_actortypes"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,425 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Test area for DISARM code"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"dict_keys(['df_phases', 'df_frameworks', 'df_techniques', 'df_tasks', 'df_incidents', 'df_counters', 'df_detections', 'df_actortypes', 'df_resources', 'df_responsetypes', 'df_metatechniques', 'it', 'df_tactics', 'df_techniques_per_tactic', 'df_counters_per_tactic', 'phases', 'tactics', 'techniques', 'counters', 'metatechniques', 'actortypes', 'resources', 'num_tactics', 'cross_counterid_techniqueid', 'cross_counterid_resourceid', 'cross_counterid_actortypeid'])\n"
]
},
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>amitt_id</th>\n",
" <th>technique_id</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0007</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0015</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0018</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0043</td>\n",
" </tr>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>T0053</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0025</td>\n",
" </tr>\n",
" <tr>\n",
" <th>136</th>\n",
" <td>C00220</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>137</th>\n",
" <td>C00221</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>138</th>\n",
" <td>C00222</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>139</th>\n",
" <td>C00223</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>898 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" amitt_id technique_id\n",
"0 C00006 T0007\n",
"0 C00006 T0015\n",
"0 C00006 T0018\n",
"0 C00006 T0043\n",
"0 C00006 T0053\n",
".. ... ...\n",
"135 C00219 T0025\n",
"136 C00220 \n",
"137 C00221 \n",
"138 C00222 \n",
"139 C00223 \n",
"\n",
"[898 rows x 2 columns]"
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"import pandas as pd\n",
"import sqlite3 as sql\n",
"from generate_DISARM_pages import Disarm\n",
"\n",
"\n",
"# Generate AMITT datasets\n",
"disarm = Disarm()\n",
"\n",
"# Check which amitt variables we can see from here\n",
"print('{}'.format(vars(disarm).keys()))\n",
"vars(disarm)['cross_counterid_techniqueid']"
]
},
{
"cell_type": "code",
"execution_count": 41,
"metadata": {
"scrolled": true
},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>actor_id</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00006</td>\n",
" <td>A033</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>A007</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00009</td>\n",
" <td>A016</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00009</td>\n",
" <td>A006</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00010</td>\n",
" <td>A020</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>136</th>\n",
" <td>C00220</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>137</th>\n",
" <td>C00221</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>138</th>\n",
" <td>C00222</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>139</th>\n",
" <td>C00223</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>166 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" id actor_id\n",
"0 C00006 A033\n",
"1 C00008 A007\n",
"2 C00009 A016\n",
"2 C00009 A006\n",
"3 C00010 A020\n",
".. ... ...\n",
"135 C00219 \n",
"136 C00220 \n",
"137 C00221 \n",
"138 C00222 \n",
"139 C00223 \n",
"\n",
"[166 rows x 2 columns]"
]
},
"execution_count": 41,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"disarm.cross_counterid_actorid"
]
},
{
"cell_type": "code",
"execution_count": 3,
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>technique_id</th>\n",
" <th>Weight</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA01</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA06</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>TA08</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>T0006</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00008</td>\n",
" <td>T0009</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>134</th>\n",
" <td>C00216</td>\n",
" <td>T0018</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>134</th>\n",
" <td>C00216</td>\n",
" <td>T0057</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0024</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0026</td>\n",
" <td>1</td>\n",
" </tr>\n",
" <tr>\n",
" <th>135</th>\n",
" <td>C00219</td>\n",
" <td>T0025</td>\n",
" <td>1</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>717 rows × 3 columns</p>\n",
"</div>"
],
"text/plain": [
" id technique_id Weight\n",
"1 C00008 TA01 1\n",
"1 C00008 TA06 1\n",
"1 C00008 TA08 1\n",
"1 C00008 T0006 1\n",
"1 C00008 T0009 1\n",
".. ... ... ...\n",
"134 C00216 T0018 1\n",
"134 C00216 T0057 1\n",
"135 C00219 T0024 1\n",
"135 C00219 T0026 1\n",
"135 C00219 T0025 1\n",
"\n",
"[717 rows x 3 columns]"
]
},
"execution_count": 3,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"ct = disarm.cross_counterid_techniqueid\n",
"ct['Weight'] = 1\n",
"ct = ct[ct['technique_id'].str.len() > 0]\n",
"ct.to_csv('../visualisations/cross_counterid_techniqueid.csv', index=False, header=['Source','Target', 'Weight'])\n",
"ct"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

Binary file not shown.

View File

@ -0,0 +1,110 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# fix the problem with excelfile changes\n",
"\n",
"Background: DISARM's master dataset is in an excelfile. Changes in this dont' show up in github, so it's difficult to tell what's changed between versions. Code below checks for those differences - use this repeatedly until versions align. "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"import pandas as pd\n",
"import sqlite3 as sql\n",
"from generate_DISARM_pages import Disarm\n",
"import pandas as pd\n",
"import numpy as np\n",
"import os\n",
"from sklearn.feature_extraction.text import CountVectorizer\n",
"pd.set_option('display.max_rows', 1000)\n",
"pd.set_option('display.max_colwidth', -1)\n",
"\n",
"newfile = '../DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER.xlsx'\n",
"oldfile = '../DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER_previous_version.xlsx'\n",
"\n",
"# Load dfs from file\n",
"newdfs = {}\n",
"newxlsx = pd.ExcelFile(newfile)\n",
"for sheetname in newxlsx.sheet_names:\n",
" newdfs[sheetname] = newxlsx.parse(sheetname)\n",
" newdfs[sheetname].fillna('', inplace=True)\n",
"\n",
"olddfs = {}\n",
"oldxlsx = pd.ExcelFile(oldfile)\n",
"for sheetname in oldxlsx.sheet_names:\n",
" olddfs[sheetname] = oldxlsx.parse(sheetname)\n",
" olddfs[sheetname].fillna('', inplace=True)\n",
"\n",
"addedtables = newdfs.keys() - olddfs.keys()\n",
"losttables = olddfs.keys() - newdfs.keys()\n",
"if len(addedtables) + len(losttables) > 0:\n",
" print('Table changes: new tables are {}, lost tables are {}'.format(addedtables, losttables))\n",
"\n",
"def investigate_table(table):\n",
" print('\\n\\nTable {} is changed'.format(table))\n",
" # Column headings\n",
" coldiffs = set(newdfs[table].columns).symmetric_difference(set(olddfs[table].columns))\n",
" if len(coldiffs) > 0:\n",
" print('column differences: {}'.format(coldiffs))\n",
" # length\n",
" if len(newdfs[table]) != len(olddfs[table]):\n",
" print('length differences: new {} old {}'.format(len(newdfs[table]), len(olddfs[table])))\n",
"\n",
" # column by column\n",
" for column in newdfs[table].columns:\n",
" coldiffs = newdfs[table][column] != olddfs[table][column]\n",
" if len(newdfs[table][coldiffs]) > 0:\n",
" print('Differences in column {}'.format(column))\n",
" return\n",
"\n",
"for table in newdfs.keys():\n",
" if newdfs[table].equals(olddfs[table]) == False:\n",
" investigate_table(table)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# Look at individual table differences\n",
"table = 'countermeasures'\n",
"column = 'summary'\n",
"coldiffs = newdfs[table][column] != olddfs[table][column]\n",
"diffcols = pd.DataFrame()\n",
"diffcols['amitt_id'] = newdfs[table][coldiffs]['amitt_id']\n",
"diffcols['new'] = newdfs[table][coldiffs][column]\n",
"diffcols['old'] = olddfs[table][coldiffs][column]\n",
"diffcols[diffcols['old'] != '']"
]
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

View File

@ -0,0 +1,268 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Create AMITT incident visualisations\n",
"\n",
"Many thanks to https://python-graph-gallery.com/91-customize-seaborn-heatmap/"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"import seaborn as sns\n",
"import pandas as pd\n",
"import numpy as np\n",
"import generate_amitt_ttps\n",
"\n",
"# Check that heatmap works\n",
"df = pd.DataFrame(np.random.random((10,12)), columns=[\"a\",\"b\",\"c\",\"d\",\"e\",\"f\",\"g\",\"h\",\"i\",\"j\",\"k\",\"l\"])\n",
"sns.heatmap(df, annot=True, annot_kws={\"size\": 7})"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt = generate_amitt_ttps.Amitt()\n",
"redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
"\n",
"techcounts = amitt.it[['id_incident','id_technique']].drop_duplicates().groupby('id_technique').count().to_dict()['id_incident']\n",
"techlabels = redgrid[2:][:]\n",
"nrows = len(techlabels)\n",
"ncols = len(techlabels[0])\n",
"techgrid = np.zeros([nrows, ncols], dtype = int)\n",
"\n",
"for row in range(nrows):\n",
" for col in range(ncols):\n",
" if techlabels[row][col] in techcounts:\n",
" techgrid[row][col] = techcounts[techlabels[row][col]]\n",
"\n",
"sns.heatmap(techgrid, annot=True, annot_kws={\"size\": 7})\n",
"techgrid"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt.df_tactics"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"amitt.it"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct = amitt.cross_counterid_techniqueid\n",
"ct[ct['technique_id'] != '']"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct[(ct['id'] == 'C00197') & (ct['technique_id'].isin(['T0002', 'T0007']))]"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"ct = ct[ct['technique_id'].isin(amitt.df_techniques['id'].to_list()) & ct['id'].isin(amitt.df_counters['id'].to_list())]\n",
"ct"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"technique_id_list = ['T0007', 'T0008', 'T0022', 'T0023', 'T0043', 'T0052', 'T0036', 'T0037', 'T0038']\n",
"counter_id_list = ['C00009', 'C00008', 'C00042', 'C00030', 'C00093', 'C00193', 'C00073', 'C000197', 'C00174', 'C00205']\n",
"possible_counters_for_techniques = ct[ct['technique_id'].isin(technique_id_list)] \n",
"possible_techniques_for_counters = ct[ct['id'].isin(counter_id_list)] \n",
"coverage = ct[(ct['id'].isin(counter_id_list)) & (ct['technique_id'].isin(technique_id_list))]\n",
"coverage"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"possible_techniques_for_counters"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"possible_counters_for_techniques"
]
},
{
"cell_type": "code",
"execution_count": 6,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"clicked button T0045 8 7\n",
"clicked button T0046 9 7\n",
"clicked button T0049 4 8\n",
"clicked button T0057 2 9\n",
"clicked button T0060 4 10\n",
"clicked button T0029 2 6\n",
"clicked button T0016 2 4\n"
]
}
],
"source": [
"import tkinter as Tk\n",
"import numpy as np\n",
"import generate_amitt_ttps\n",
"\n",
"class Begueradj(Tk.Frame):\n",
" def __init__(self,parent):\n",
" amitt = generate_amitt_ttps.Amitt()\n",
" self.redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
" self.bluegrid = amitt.create_padded_framework_table('AMITT Blue', 'counter_ids', False)\n",
"\n",
" Tk.Frame.__init__(self, parent)\n",
" self.parent = parent\n",
" self.button= ''\n",
" self.initialize()\n",
" \n",
" def initialize(self):\n",
" '''\n",
" Draw the GUI\n",
" '''\n",
" self.parent.title(\"AMITT FRAMEWORK COVERAGE\") \n",
" self.parent.grid_rowconfigure(1,weight=1)\n",
" self.parent.grid_columnconfigure(1,weight=1)\n",
"\n",
" self.frame = Tk.Frame(self.parent) \n",
" self.frame.pack(fill=Tk.X, padx=5, pady=5)\n",
"\n",
" # Create a 6x7 array of zeros as the one you used\n",
" numrows = len(self.redgrid) - 1\n",
" numcols = len(self.redgrid[0])\n",
" self.buttons = {}\n",
" for row in range(1,numrows):\n",
" for col in range(0,numcols):\n",
" button_id = self.redgrid[row][col]\n",
" self.button = Tk.Button(self.frame, text = button_id, bg='blue', \n",
" command= lambda bid=button_id, row=row, col=col: self.clicked(bid, row, col))\n",
" self.button.grid(row=row, column=col)\n",
" \n",
" def clicked(self, bid, row, col):\n",
" print('clicked button {} {} {}'.format(bid, row, col))\n",
" self.find_in_grid(self.frame, row, col)\n",
"\n",
" def find_in_grid(self, frame, row, column):\n",
" for children in frame.children.values():\n",
" info = children.grid_info()\n",
" #note that rows and column numbers are stored as string\n",
" if info['row'] == str(row) and info['column'] == str(column):\n",
" print('{}'.format(children.get()))\n",
" return None\n",
"\n",
"root=Tk.Tk()\n",
"app = Begueradj(root) \n",
"root.mainloop()"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"scrolled": true
},
"outputs": [],
"source": [
"redgrid"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"for row in range(2,len(redgrid)):\n",
" print(len(redgrid[row]))"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"redgrid[1][2]"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 2
}

View File

@ -0,0 +1,575 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Generate AMITT github files\n",
"\n",
"Generate all the AMITT github files from the AMITT master spreadsheet, being careful to reatin any comments people have made below the \"don't write above this\" line in them. "
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {
"scrolled": true
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"updated ../generated_pages/disarm_red_framework.md\n",
"updated ../generated_files/disarm_red_framework_clickable.html\n",
"updated ../generated_pages/disarm_blue_framework.md\n",
"updated ../generated_files/disarm_blue_framework_clickable.html\n",
"Temp: objecttype phase\n",
"updated ../generated_pages/phases_index.md\n",
"Temp: objecttype tactic\n",
"updated ../generated_pages/tactics_index.md\n",
"Temp: objecttype technique\n",
"updated ../generated_pages/techniques_index.md\n",
"Temp: objecttype task\n",
"updated ../generated_pages/tasks_index.md\n",
"Temp: objecttype incident\n",
"updated ../generated_pages/incidents_index.md\n",
"Temp: objecttype counter\n",
"updated ../generated_pages/counters_index.md\n",
"Temp: objecttype metatechnique\n",
"updated ../generated_pages/metatechniques_index.md\n",
"Temp: objecttype actortype\n",
"updated ../generated_pages/actortypes_index.md\n",
"updated ../generated_pages/responsetype_index.md\n",
"updated ../generated_pages/detections_index.md\n",
"updated ../generated_pages/tactics_by_responsetype_table.md\n",
"updated ../generated_pages/metatechniques_by_responsetype_table.md\n"
]
}
],
"source": [
"import pandas as pd\n",
"from generate_DISARM_pages import Disarm\n",
"disarm = Disarm()\n",
"disarm.generate_and_write_datafiles()"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"scrolled": true
},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>disarm_id</th>\n",
" <th>name</th>\n",
" <th>summary</th>\n",
" <th>sector_ids</th>\n",
" <th>framework_ids</th>\n",
" <th>longname</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>A001</td>\n",
" <td>data scientist</td>\n",
" <td>Person who can wrangle data, implement machine...</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A001 - data scientist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>A002</td>\n",
" <td>target</td>\n",
" <td>Person being targeted by disinformation campaign</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW02</td>\n",
" <td>A002 - target</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>A003</td>\n",
" <td>trusted authority</td>\n",
" <td>Influencer</td>\n",
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A003 - trusted authority</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>A004</td>\n",
" <td>activist</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A004 - activist</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>A005</td>\n",
" <td>community group</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A005 - community group</td>\n",
" </tr>\n",
" <tr>\n",
" <th>5</th>\n",
" <td>A006</td>\n",
" <td>educator</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A006 - educator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>6</th>\n",
" <td>A007</td>\n",
" <td>factchecker</td>\n",
" <td>Someone with the skills to verify whether info...</td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A007 - factchecker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>7</th>\n",
" <td>A008</td>\n",
" <td>library</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A008 - library</td>\n",
" </tr>\n",
" <tr>\n",
" <th>8</th>\n",
" <td>A009</td>\n",
" <td>NGO</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A009 - NGO</td>\n",
" </tr>\n",
" <tr>\n",
" <th>9</th>\n",
" <td>A010</td>\n",
" <td>religious organisation</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A010 - religious organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>10</th>\n",
" <td>A011</td>\n",
" <td>school</td>\n",
" <td></td>\n",
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A011 - school</td>\n",
" </tr>\n",
" <tr>\n",
" <th>11</th>\n",
" <td>A012</td>\n",
" <td>account owner</td>\n",
" <td>Anyone who owns an account online</td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A012 - account owner</td>\n",
" </tr>\n",
" <tr>\n",
" <th>12</th>\n",
" <td>A013</td>\n",
" <td>content creator</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A013 - content creator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>13</th>\n",
" <td>A014</td>\n",
" <td>elves</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A014 - elves</td>\n",
" </tr>\n",
" <tr>\n",
" <th>14</th>\n",
" <td>A015</td>\n",
" <td>general public</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A015 - general public</td>\n",
" </tr>\n",
" <tr>\n",
" <th>15</th>\n",
" <td>A016</td>\n",
" <td>influencer</td>\n",
" <td></td>\n",
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A016 - influencer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>16</th>\n",
" <td>A017</td>\n",
" <td>coordinating body</td>\n",
" <td>For example the DHS</td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A017 - coordinating body</td>\n",
" </tr>\n",
" <tr>\n",
" <th>17</th>\n",
" <td>A018</td>\n",
" <td>government</td>\n",
" <td>Government agencies</td>\n",
" <td>S003</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A018 - government</td>\n",
" </tr>\n",
" <tr>\n",
" <th>18</th>\n",
" <td>A019</td>\n",
" <td>military</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A019 - military</td>\n",
" </tr>\n",
" <tr>\n",
" <th>19</th>\n",
" <td>A020</td>\n",
" <td>policy maker</td>\n",
" <td></td>\n",
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A020 - policy maker</td>\n",
" </tr>\n",
" <tr>\n",
" <th>20</th>\n",
" <td>A021</td>\n",
" <td>media organisation</td>\n",
" <td></td>\n",
" <td>S010</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A021 - media organisation</td>\n",
" </tr>\n",
" <tr>\n",
" <th>21</th>\n",
" <td>A022</td>\n",
" <td>company</td>\n",
" <td></td>\n",
" <td>S009</td>\n",
" <td>FW02</td>\n",
" <td>A022 - company</td>\n",
" </tr>\n",
" <tr>\n",
" <th>22</th>\n",
" <td>A023</td>\n",
" <td>adtech provider</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A023 - adtech provider</td>\n",
" </tr>\n",
" <tr>\n",
" <th>23</th>\n",
" <td>A024</td>\n",
" <td>developer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A024 - developer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>24</th>\n",
" <td>A025</td>\n",
" <td>funding_site_admin</td>\n",
" <td>Funding site admin</td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A025 - funding_site_admin</td>\n",
" </tr>\n",
" <tr>\n",
" <th>25</th>\n",
" <td>A026</td>\n",
" <td>games designer</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A026 - games designer</td>\n",
" </tr>\n",
" <tr>\n",
" <th>26</th>\n",
" <td>A027</td>\n",
" <td>information security</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A027 - information security</td>\n",
" </tr>\n",
" <tr>\n",
" <th>27</th>\n",
" <td>A028</td>\n",
" <td>platform administrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A028 - platform administrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>28</th>\n",
" <td>A029</td>\n",
" <td>server admininistrator</td>\n",
" <td></td>\n",
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A029 - server admininistrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>29</th>\n",
" <td>A030</td>\n",
" <td>platforms</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A030 - platforms</td>\n",
" </tr>\n",
" <tr>\n",
" <th>30</th>\n",
" <td>A031</td>\n",
" <td>social media platform adminstrator</td>\n",
" <td>Person with the authority to make changes to a...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A031 - social media platform adminstrator</td>\n",
" </tr>\n",
" <tr>\n",
" <th>31</th>\n",
" <td>A032</td>\n",
" <td>social media platform outreach</td>\n",
" <td></td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A032 - social media platform outreach</td>\n",
" </tr>\n",
" <tr>\n",
" <th>32</th>\n",
" <td>A033</td>\n",
" <td>social media platform owner</td>\n",
" <td>Person with authority to make changes to a soc...</td>\n",
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A033 - social media platform owner</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"</div>"
],
"text/plain": [
" disarm_id name \\\n",
"0 A001 data scientist \n",
"1 A002 target \n",
"2 A003 trusted authority \n",
"3 A004 activist \n",
"4 A005 community group \n",
"5 A006 educator \n",
"6 A007 factchecker \n",
"7 A008 library \n",
"8 A009 NGO \n",
"9 A010 religious organisation \n",
"10 A011 school \n",
"11 A012 account owner \n",
"12 A013 content creator \n",
"13 A014 elves \n",
"14 A015 general public \n",
"15 A016 influencer \n",
"16 A017 coordinating body \n",
"17 A018 government \n",
"18 A019 military \n",
"19 A020 policy maker \n",
"20 A021 media organisation \n",
"21 A022 company \n",
"22 A023 adtech provider \n",
"23 A024 developer \n",
"24 A025 funding_site_admin \n",
"25 A026 games designer \n",
"26 A027 information security \n",
"27 A028 platform administrator \n",
"28 A029 server admininistrator \n",
"29 A030 platforms \n",
"30 A031 social media platform adminstrator \n",
"31 A032 social media platform outreach \n",
"32 A033 social media platform owner \n",
"\n",
" summary \\\n",
"0 Person who can wrangle data, implement machine... \n",
"1 Person being targeted by disinformation campaign \n",
"2 Influencer \n",
"3 \n",
"4 \n",
"5 \n",
"6 Someone with the skills to verify whether info... \n",
"7 \n",
"8 \n",
"9 \n",
"10 \n",
"11 Anyone who owns an account online \n",
"12 \n",
"13 \n",
"14 \n",
"15 \n",
"16 For example the DHS \n",
"17 Government agencies \n",
"18 \n",
"19 \n",
"20 \n",
"21 \n",
"22 \n",
"23 \n",
"24 Funding site admin \n",
"25 \n",
"26 \n",
"27 \n",
"28 \n",
"29 \n",
"30 Person with the authority to make changes to a... \n",
"31 \n",
"32 Person with authority to make changes to a soc... \n",
"\n",
" sector_ids framework_ids \\\n",
"0 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"1 S001, S002, S003, S004, S005, S006, S007, S008... FW02 \n",
"2 S001, S002, S003, S004, S005, S006, S007, S008... FW01, FW02 \n",
"3 S002 FW02 \n",
"4 S002 FW02 \n",
"5 S002 FW02 \n",
"6 S002 FW02 \n",
"7 S002 FW02 \n",
"8 S002 FW02 \n",
"9 S002 FW02 \n",
"10 S002 FW02 \n",
"11 S006 FW01\\nFW02 \n",
"12 S006 FW01\\nFW02 \n",
"13 S006 FW02 \n",
"14 S006 FW02 \n",
"15 S006 FW01\\nFW02 \n",
"16 S003 FW02 \n",
"17 S003 FW01\\nFW02 \n",
"18 S003 FW02 \n",
"19 S003 FW02 \n",
"20 S010 FW01\\nFW02 \n",
"21 S009 FW02 \n",
"22 S008 FW02 \n",
"23 S008 FW02 \n",
"24 S008 FW02 \n",
"25 S008 FW01, FW02 \n",
"26 S008 FW02 \n",
"27 S008 FW02 \n",
"28 S008 FW02 \n",
"29 S007 FW02 \n",
"30 S007 FW02 \n",
"31 S007 FW02 \n",
"32 S007 FW02 \n",
"\n",
" longname \n",
"0 A001 - data scientist \n",
"1 A002 - target \n",
"2 A003 - trusted authority \n",
"3 A004 - activist \n",
"4 A005 - community group \n",
"5 A006 - educator \n",
"6 A007 - factchecker \n",
"7 A008 - library \n",
"8 A009 - NGO \n",
"9 A010 - religious organisation \n",
"10 A011 - school \n",
"11 A012 - account owner \n",
"12 A013 - content creator \n",
"13 A014 - elves \n",
"14 A015 - general public \n",
"15 A016 - influencer \n",
"16 A017 - coordinating body \n",
"17 A018 - government \n",
"18 A019 - military \n",
"19 A020 - policy maker \n",
"20 A021 - media organisation \n",
"21 A022 - company \n",
"22 A023 - adtech provider \n",
"23 A024 - developer \n",
"24 A025 - funding_site_admin \n",
"25 A026 - games designer \n",
"26 A027 - information security \n",
"27 A028 - platform administrator \n",
"28 A029 - server admininistrator \n",
"29 A030 - platforms \n",
"30 A031 - social media platform adminstrator \n",
"31 A032 - social media platform outreach \n",
"32 A033 - social media platform owner "
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"disarm.df_actortypes"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 4
}

View File

@ -0,0 +1,794 @@
''' Manage DISARM metadata
The DISARM github repo at https://github.com/cDISARMFoundation/DISARMFrameworks serves multiple purposes:
* Holds the master copy of DISARM (in excel file DISARM_FRAMEWORK_MASTER.xlsx)
* Holds the master copy of DISARM data (in excel file DISARM_DATA_MASTER.xlsx)
* Holds notes on each DISARM object (in excel file DISARM_comments.xlsx)
* Holds a list of suggested changes to DISARM, in the github repo's issues list
* Provides a set of indexed views of DISARM objects, to make exploring DISARM easier
The file in this code updates the github repo contents, after the master spreadsheet is updated.
It creates this:
* A html page for each DISARM TTP object (creator and counter), if it doesn't already exist.
If a html page does exist, update the metadata on it, and preserve any hand-created
notes below the metadata area in it.
* A html page for each DISARM phase, tactic, and task.
* A html page for each incident used to create DISARM
* A grid view of all the DISARM creator techniques
* A grid view of all the DISARM counter techniques
* Indexes for the counter techniques, by tactic, resource and metatag
Here are the file inputs and outputs associated with that work:
Reads 1 excel file: MASTERDATA_DIR + 'DISARM_FRAMEWORKS_MASTER.xlsx' with sheets:
* phases
* techniques
* tasks
* incidents
* incidenttechniques
* tactics
* countermeasures
* actortypes
* resources
* responsetypes
Reads template files from directory page_templates:
* template_phase.md
* template_tactic.md
* template_task.md
* template_technique.md
* template_incident.md
* template_counter.md
Creates markdown files:
* GENERATED_PAGES_DIR + disarm_blue_framework.md
* GENERATED_PAGES_DIR + disarm_red_framework.md
* GENERATED_PAGES_DIR + disarm_red_framework_clickable.md
* GENERATED_PAGES_DIR + incidents_list.md
* GENERATED_PAGES_DIR + counter_tactic_counts.md
* GENERATED_PAGES_DIR + metatechniques_by_responsetype.md
* GENERATED_PAGES_DIR + resources_by_responsetype.md
* GENERATED_PAGES_DIR + tactics_by_responsetype.md
* GENERATED_PAGES_DIR + counter_tactics/*counters.md
* GENERATED_PAGES_DIR + metatechniques/*.md
* GENERATED_PAGES_DIR + resources_needed/*.md
Updates markdown files:
* GENERATED_PAGES_DIR + phases/*.md
* GENERATED_PAGES_DIR + tactics/*.md
* GENERATED_PAGES_DIR + techniques/*.md
* GENERATED_PAGES_DIR + incidents/*.md
* GENERATED_PAGES_DIR + tasks/*.md
* GENERATED_PAGES_DIR + counters/*.md
Creates CSVs
* GENERATED_FILES_DIR + generated_csvs/counters_tactics_table.csv
* GENERATED_FILES_DIR + generated_csvs/techniques_tactics_table.csv
todo:
* add all framework comments to the repo issues list
* add clickable blue framework
* add detections
'''
import pandas as pd
import numpy as np
import os
from sklearn.feature_extraction.text import CountVectorizer
GENERATED_PAGES_DIR = '../generated_pages/'
GENERATED_FILES_DIR = '../generated_files/'
MASTERDATA_DIR = '../DISARM_MASTER_DATA/'
class Disarm:
def __init__(self,
frameworkfile = MASTERDATA_DIR + 'DISARM_FRAMEWORKS_MASTER.xlsx',
datafile = MASTERDATA_DIR + 'DISARM_DATA_MASTER.xlsx',
commentsfile = MASTERDATA_DIR + 'DISARM_COMMENTS_MASTER.xlsx'):
# Load metadata from file
metadata = {}
xlsx = pd.ExcelFile(frameworkfile)
for sheetname in xlsx.sheet_names:
metadata[sheetname] = xlsx.parse(sheetname)
metadata[sheetname].fillna('', inplace=True)
xlsx = pd.ExcelFile(datafile)
for sheetname in xlsx.sheet_names:
metadata[sheetname] = xlsx.parse(sheetname)
metadata[sheetname].fillna('', inplace=True)
# Create individual tables and dictionaries
self.df_phases = metadata['phases']
self.df_frameworks = metadata['frameworks']
self.df_techniques = metadata['techniques']
self.df_tasks = metadata['tasks']
self.df_incidents = metadata['incidents']
self.df_groups = metadata['groups']
self.df_tools = metadata['tools']
self.df_examples = metadata['examples']
self.df_counters = metadata['countermeasures'].sort_values('disarm_id')
self.df_counters[['tactic_id', 'tactic_name']] = self.df_counters['tactic'].str.split(' ', 1, expand=True)
self.df_counters[['metatechnique_id', 'metatechnique_name']] = self.df_counters['metatechnique'].str.split(' ', 1, expand=True)
self.df_detections = metadata['detections']
self.df_detections[['tactic_id', 'tactic_name']] = self.df_detections['tactic'].str.split(' ', 1, expand=True)
# self.df_detections[['metatechnique_id', 'metatechnique_name']] = self.df_detections['metatechnique'].str.split(' ', 1, expand=True) #FIXIT
self.df_actortypes = metadata['actortypes']
self.df_resources = metadata['resources']
self.df_responsetypes = metadata['responsetypes']
self.df_metatechniques = metadata['metatechniques']
self.it = self.create_incident_technique_crosstable(metadata['incidenttechniques'])
self.df_tactics = metadata['tactics']
self.df_playbooks = metadata['playbooks']
# Add columns containing lists of techniques and counters to the tactics dataframe
self.df_techniques_per_tactic = self.df_techniques.groupby('tactic_id')['disarm_id'].apply(list).reset_index().rename({'disarm_id':'technique_ids'}, axis=1)
self.df_counters_per_tactic = self.df_counters.groupby('tactic_id')['disarm_id'].apply(list).reset_index().rename({'disarm_id':'counter_ids'}, axis=1)
self.df_tactics = self.df_tactics.merge(self.df_techniques_per_tactic, left_on='disarm_id', right_on='tactic_id', how='left').fillna('').drop('tactic_id', axis=1)
self.df_tactics = self.df_tactics.merge(self.df_counters_per_tactic, left_on='disarm_id', right_on='tactic_id', how='left').fillna('').drop('tactic_id', axis=1)
# Add simple dictionaries (id -> name) for objects
self.phases = self.make_object_dictionary(self.df_phases)
self.tactics = self.make_object_dictionary(self.df_tactics)
self.techniques = self.make_object_dictionary(self.df_techniques)
self.counters = self.make_object_dictionary(self.df_counters)
self.metatechniques = self.make_object_dictionary(self.df_metatechniques)
self.actortypes = self.make_object_dictionary(self.df_actortypes)
self.resources = self.make_object_dictionary(self.df_resources)
# Create the data table for each framework file
self.num_tactics = len(self.df_tactics)
# Create counters and detections cross-tables
self.cross_counterid_techniqueid = self.create_cross_table(self.df_counters[['disarm_id', 'techniques']],
'techniques', 'technique', '\n')
self.cross_counterid_resourceid = self.create_cross_table(self.df_counters[['disarm_id', 'resources_needed']],
'resources_needed', 'resource', ',')
self.cross_counterid_actortypeid = self.create_cross_table(self.df_counters[['disarm_id', 'actortypes']],
'actortypes', 'actortype', ',')
self.cross_detectionid_techniqueid = self.create_cross_table(self.df_detections[['disarm_id', 'techniques']],
'techniques', 'technique', '\n')
self.cross_detectionid_resourceid = self.create_cross_table(self.df_detections[['disarm_id', 'resources_needed']],
'resources_needed', 'resource', ',')
self.cross_detectionid_actortypeid = self.create_cross_table(self.df_detections[['disarm_id', 'actortypes']],
'actortypes', 'actortype', ',')
def create_incident_technique_crosstable(self, it_metadata):
# Generate full cross-table between incidents and techniques
it = it_metadata
it.index=it['disarm_id']
it = it['technique_ids'].str.split(',').apply(lambda x: pd.Series(x)).stack().reset_index(level=1, drop=True).to_frame('technique_id').reset_index().merge(it.drop('disarm_id', axis=1).reset_index()).drop('technique_ids', axis=1)
it = it.merge(self.df_incidents[['disarm_id','name']],
left_on='incident_id', right_on='disarm_id',
suffixes=['','_incident']).drop('incident_id', axis=1)
it = it.merge(self.df_techniques[['disarm_id','name']],
left_on='technique_id', right_on='disarm_id',
suffixes=['','_technique']).drop('technique_id', axis=1)
return(it)
def make_object_dictionary(self, df):
return(pd.Series(df.name.values,index=df.disarm_id).to_dict())
def create_cross_table(self, df, col, newcol, divider=','):
''' Convert a column with multiple values per cell into a crosstable
# Thanks https://stackoverflow.com/questions/17116814/pandas-how-do-i-split-text-in-a-column-into-multiple-rows?noredirect=1
'''
crosstable = df.join(df[col]
.str.split(divider, expand=True).stack()
.reset_index(drop=True,level=1)
.rename(newcol)).drop(col, axis=1)
crosstable = crosstable[crosstable[newcol].notnull()]
crosstable[newcol+'_id'] = crosstable[newcol].str.split(' ').str[0]
crosstable.drop(newcol, axis=1, inplace=True)
return crosstable
def create_technique_incidents_string(self, techniqueid):
incidentstr = '''
| Incident | Descriptions given for this incident |
| -------- | -------------------- |
'''
incirow = '| [{0} {1}]({2}incidents/{0}.md) | {3} |\n'
its = self.it[self.it['disarm_id_technique']==techniqueid]
for index, row in its[['disarm_id_incident', 'name_incident']].drop_duplicates().sort_values('disarm_id_incident').iterrows():
techstring = ', '.join(its[its['disarm_id_incident']==row['disarm_id_incident']]['name'].to_list())
incidentstr += incirow.format(row['disarm_id_incident'], row['name_incident'],
GENERATED_PAGES_DIR, techstring)
return incidentstr
def create_incident_techniques_string(self, incidentid):
techstr = '''
| Technique | Description given for this incident |
| --------- | ------------------------- |
'''
techrow = '| [{0} {1}]({2}techniques/{0}.md) | {3} {4} |\n'
techlist = self.it[self.it['disarm_id_incident'] == incidentid]
for index, row in techlist.sort_values('disarm_id_technique').iterrows():
techstr += techrow.format(row['disarm_id_technique'], row['name_technique'],
GENERATED_PAGES_DIR, row['disarm_id'], row['name'])
return techstr
def create_tactic_tasks_string(self, tactic_id):
table_string = '''
| Tasks |
| ----- |
'''
tactic_tasks = self.df_tasks[self.df_tasks['tactic_id']==tactic_id]
task_string = '| [{0} {1}]({2}tasks/{0}.md) |\n'
for index, row in tactic_tasks.sort_values('disarm_id').iterrows():
table_string += task_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR)
return table_string
def create_tactic_techniques_string(self, tactic_id):
table_string = '''
| Techniques |
| ---------- |
'''
tactic_techniques = self.df_techniques[self.df_techniques['tactic_id']==tactic_id]
row_string = '| [{0} {1}]({2}techniques/{0}.md) |\n'
for index, row in tactic_techniques.sort_values('disarm_id').iterrows():
table_string += row_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR)
return table_string
def create_object_counters_string(self, objectcolumn, object_id):
table_string = '''
| Counters | Response types |
| -------- | -------------- |
'''
object_counters = self.df_counters[self.df_counters[objectcolumn]==object_id]
row_string = '| [{0} {1}]({2}counters/{0}.md) | {3} |\n'
for index, row in object_counters.sort_values(['responsetype', 'disarm_id']).iterrows():
table_string += row_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR, row['responsetype'])
return table_string
def create_technique_counters_string(self, technique_id):
table_string = '''
| Counters | Response types |
| -------- | -------------- |
'''
technique_counters = self.cross_counterid_techniqueid[self.cross_counterid_techniqueid['technique_id']==technique_id]
technique_counters = pd.merge(technique_counters, self.df_counters[['disarm_id', 'name', 'responsetype']])
row_string = '| [{0} {1}]({2}counters/{0}.md) | {3} |\n'
for index, row in technique_counters.sort_values('disarm_id').iterrows():
table_string += row_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR, row['responsetype'])
return table_string
def create_counter_actortypes_string(self, counter_id):
table_string = '''
| Actor types | Sectors |
| ----------- | ------- |
'''
counter_actortypes = self.cross_counterid_actortypeid[self.cross_counterid_actortypeid['disarm_id']==counter_id]
counter_actortypes = pd.merge(counter_actortypes, self.df_actortypes[['disarm_id', 'name', 'sector_ids']], left_on='actortype_id', right_on='disarm_id')
row_string = '| [{0} {1}]({2}actortypes/{0}.md) | {3} |\n'
for index, row in counter_actortypes.sort_values('actortype_id').iterrows():
table_string += row_string.format(row['actortype_id'], row['name'], GENERATED_PAGES_DIR, row['sector_ids'])
return table_string
def create_actortype_counters_string(self, actortype_id):
table_string = '''
| Counters | Response types |
| -------- | -------------- |
'''
actortype_counters = self.cross_counterid_actortypeid[self.cross_counterid_actortypeid['actortype_id']==actortype_id]
actortype_counters = pd.merge(actortype_counters, self.df_counters[['disarm_id', 'name', 'responsetype']])
row_string = '| [{0} {1}]({2}counters/{0}.md) | {3} |\n'
for index, row in actortype_counters.sort_values('disarm_id').iterrows():
table_string += row_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR, row['responsetype'])
return table_string
def create_resource_counters_string(self, resource_id):
table_string = '''
| Counters | Response types |
| -------- | -------------- |
'''
resource_counters = self.cross_counterid_resourceid[self.cross_counterid_resourceid['resource_id']==resource_id]
resource_counters = pd.merge(resource_counters, self.df_counters[['disarm_id', 'name', 'responsetype']])
row_string = '| [{0} {1}]({2}counters/{0}.md) | {3} |\n'
for index, row in actortype_counters.sort_values('disarm_id').iterrows():
table_string += row_string.format(row['disarm_id'], row['name'], GENERATED_PAGES_DIR, row['responsetype'])
return table_string
def create_counter_tactics_string(self, counter_id):
table_string = '''
| Counters these Tactics |
| ---------------------- |
'''
# tactic_counters = self.df_counters[self.df_counters['tactic_id']==tactic_id]
# row_string = '| {0} | [{1} {2}]({3}counters/{1}.md) |\n'
# for index, row in tactic_counters.sort_values(['responsetype', 'disarm_id']).iterrows():
# table_string += row_string.format(row['responsetype'], row['disarm_id'], row['name'], GENERATED_PAGES_DIR)
return table_string
def create_counter_techniques_string(self, counter_id):
table_string = '''
| Counters these Techniques |
| ------------------------- |
'''
counter_techniques = self.cross_counterid_techniqueid[self.cross_counterid_techniqueid['disarm_id']==counter_id]
counter_techniques = pd.merge(counter_techniques, self.df_techniques[['disarm_id', 'name']].rename(columns={'disarm_id': 'technique_id'}))
row_string = '| [{0} {1}]({2}techniques/{0}.md) |\n'
for index, row in counter_techniques.sort_values('disarm_id').iterrows():
table_string += row_string.format(row['technique_id'], row['name'], GENERATED_PAGES_DIR)
return table_string
def create_counter_incidents_string(self, counter_id):
table_string = '''
| Seen in incidents |
| ----------------- |
'''
# tactic_counters = self.df_counters[self.df_counters['tactic_id']==tactic_id]
# row_string = '| {0} | [{1} {2}]({3}counters/{1}.md) |\n'
# for index, row in tactic_counters.sort_values(['responsetype', 'disarm_id']).iterrows():
# table_string += row_string.format(row['responsetype'], row['disarm_id'], row['name'], GENERATED_PAGES_DIR)
return table_string
def write_object_index_to_file(self, objectname, objectcols, dfobject, outfile):
''' Write HTML version of incident list to markdown file
Assumes that dfobject has columns named 'disarm_id' and 'name'
'''
html = '''# DISARM {}:
<table border="1">
<tr>
'''.format(objectname.capitalize())
# Create header row
html += '<th>{}</th>\n'.format('disarm_id')
html += ''.join(['<th>{}</th>\n'.format(col) for col in objectcols])
html += '</tr>\n'
# Add row for each object
for index, row in dfobject[dfobject['name'].notnull()].iterrows():
html += '<tr>\n'
html += '<td><a href="{0}/{1}.md">{1}</a></td>\n'.format(objectname, row['disarm_id'])
html += ''.join(['<td>{}</td>\n'.format(row[col]) for col in objectcols])
html += '</tr>\n'
html += '</table>\n'
# Write file
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def write_object_indexes_to_file(self):
''' Create an index file for each object type.
'''
self.write_object_index_to_file(
'response types', ['name', 'summary'],
self.df_responsetypes, GENERATED_PAGES_DIR + 'responsetype_index.md')
self.write_object_index_to_file(
'detections', ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
self.df_detections, GENERATED_PAGES_DIR + 'detections_index.md')
return
def update_markdown_files(self):
''' Create or update all the editable markdown files in the repo
Reads in any user-written text before updating the header information above it
Does this for phase, tactic, technique, task, incident and counter objects
'''
warntext = 'DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW'
warnlen = len(warntext)
metadata = {
'phase': self.df_phases,
'tactic': self.df_tactics,
'technique': self.df_techniques,
'task': self.df_tasks,
'incident': self.df_incidents,
'counter': self.df_counters,
'metatechnique': self.df_metatechniques,
'actortype': self.df_actortypes,
#'resource': self.df_resources,
#'responsetype': self.df_responsetypes,
#'detection': self.df_detections
}
indexrows = {
'phase': ['name', 'summary'],
'tactic': ['name', 'summary', 'phase_id'],
'technique': ['name', 'summary', 'tactic_id'],
'task': ['name', 'summary', 'tactic_id'],
'incident': ['name', 'objecttype', 'year_started', 'found_in_country', 'found_via'],
'counter': ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
'detection': ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
'responsetype': ['name', 'summary'],
'metatechnique': ['name', 'summary'],
'actortype': ['name', 'summary', 'sector_ids'],
'resource': ['name', 'summary', 'resource type']
}
for objecttype, df in metadata.items():
print('Temp: objecttype {}'.format(objecttype))
# Create objecttype directory if needed. Create index file for objecttype
objecttypeplural = objecttype + 's'
objecttypedir = GENERATED_PAGES_DIR + '{}'.format(objecttypeplural)
if not os.path.exists(objecttypedir):
os.makedirs(objecttypedir)
self.write_object_index_to_file(objecttypeplural, indexrows[objecttype],
metadata[objecttype],
GENERATED_PAGES_DIR + '{}_index.md'.format(objecttypeplural))
# Update or create file for every object with this objecttype type
template = open('page_templates/template_{}.md'.format(objecttype)).read()
for index, row in df[df['name'].notnull()].iterrows():
# First read in the file - if it exists - and grab everything
# below the "do not write about this line". Will write this
# out below new metadata.
datafile = GENERATED_PAGES_DIR + '{}/{}.md'.format(objecttypeplural, row['disarm_id'])
oldmetatext = ''
if os.path.exists(datafile):
with open(datafile) as f:
filetext = f.read()
warnpos = filetext.find(warntext)
if warnpos == -1:
print('no warning text found in {}: adding to file'.format(datafile))
usertext = filetext
else:
oldmetatext = filetext[:warnpos+warnlen]
usertext = filetext[warnpos+warnlen:]
else:
usertext = ''
# Now populate datafiles with new metadata plus old userdata
if objecttype == 'phase':
metatext = template.format(type='Phase', id=row['disarm_id'], name=row['name'], summary=row['summary'])
if objecttype == 'tactic':
metatext = template.format(type = 'Tactic', id=row['disarm_id'], name=row['name'],
phase=row['phase_id'], summary=row['summary'],
tasks=self.create_tactic_tasks_string(row['disarm_id']),
techniques=self.create_tactic_techniques_string(row['disarm_id']),
counters=self.create_object_counters_string('tactic_id', row['disarm_id']))
if objecttype == 'task':
metatext = template.format(type='Task', id=row['disarm_id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'])
if objecttype == 'technique':
metatext = template.format(type = 'Technique', id=row['disarm_id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'],
incidents=self.create_technique_incidents_string(row['disarm_id']),
counters=self.create_technique_counters_string(row['disarm_id']))
if objecttype == 'counter':
metatext = template.format(type = 'Counter', id=row['disarm_id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'],
playbooks='', metatechnique=row['metatechnique'],
actortypes=self.create_counter_actortypes_string(row['disarm_id']),
resources_needed=row['resources_needed'],
tactics=self.create_counter_tactics_string(row['disarm_id']),
techniques=self.create_counter_techniques_string(row['disarm_id']),
incidents=self.create_counter_incidents_string(row['disarm_id']))
if objecttype == 'incident':
metatext = template.format(type = 'Incident', id=row['disarm_id'], name=row['name'],
incidenttype=row['objecttype'], summary=row['summary'],
yearstarted=row['year_started'],
fromcountry=row['attributions_seen'],
tocountry=row['found_in_country'],
foundvia=row['found_via'],
dateadded=row['when_added'],
techniques=self.create_incident_techniques_string(row['disarm_id']))
if objecttype == 'actortype':
metatext = template.format(type = 'Actor', id=row['disarm_id'], name=row['name'],
summary=row['summary'], sector=row['sector_ids'],
viewpoint=row['framework_ids'],
counters=self.create_actortype_counters_string(row['disarm_id']))
if objecttype == 'resource':
metatext = template.format(type = 'Resource', id=row['disarm_id'], name=row['name'],
summary=row['summary'], resource_type=row['resource_type'],
counters=self.create_resource_counters_string(row['disarm_id']))
if objecttype == 'metatechnique':
metatext = template.format(type='Metatechnique', id=row['disarm_id'], name=row['name'],
summary=row['summary'],
counters=self.create_object_counters_string('metatechnique_id', row['disarm_id']))
# Make sure the user data goes in
if (metatext + warntext) != oldmetatext:
print('Updating {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(metatext)
f.write(warntext)
f.write(usertext)
f.close()
return
def create_padded_framework_table(self, title, ttp_col, tocsv=True):
# Create the master grid that we make all the framework visuals from
# cols = number of tactics
# rows = max number of techniques per tactic + 2
numrows = max(self.df_tactics[ttp_col].apply(len)) + 2
arr = [['' for i in range(self.num_tactics)] for j in range(numrows)]
for index, tactic in self.df_tactics.iterrows():
arr[0][index] = tactic['phase_id']
arr[1][index] = tactic['disarm_id']
if tactic[ttp_col] == '':
continue
for index2, technique in enumerate(tactic[ttp_col]):
arr[index2+2][index] = technique
#Save grid to file
if tocsv:
snakecase_title = title.replace(' ', '_')
csvdir = GENERATED_FILES_DIR
if not os.path.exists(csvdir):
os.makedirs(csvdir)
pd.DataFrame(arr).to_csv('{0}/{1}_ids.csv'.format(csvdir, snakecase_title), index=False, header=False)
return(arr)
def write_disarm_frameworks(self):
self.write_disarm_framework_files("red framework", self.techniques, "techniques", 'technique_ids')
self.write_disarm_framework_files("blue framework", self.counters, "counters", 'counter_ids')
return
def write_disarm_framework_files(self, title, ttp_dictionary, ttp_dir, ttp_col):
# Write HTML version of framework diagram to markdown file
# Needs phases, tactics
snakecase_title = title.replace(' ', '_')
outfile = GENERATED_PAGES_DIR + 'disarm_{}.md'.format(snakecase_title)
clickable_file = GENERATED_FILES_DIR + 'disarm_{}_clickable.html'.format(snakecase_title)
# Create padded table to make the writing easier
padded_table = self.create_padded_framework_table(title, ttp_col)
html = '''# DISARM {}: Latest Framework
<table border="1">
<tr>
'''.format(title.capitalize())
# row with phase names in - removed because it makes the tables confusing
# for col in range(self.num_tactics):
# html += '<td><a href="phases/{0}.md">{0} {1}</a></td>\n'.format(
# padded_table[0][col], self.phases[padded_table[0][col]])
# html += '</tr>\n'
html += '<tr style="background-color:blue;color:white;">\n'
for col in range(self.num_tactics):
html += '<td><a href="tactics/{0}.md">{0} {1}</a></td>\n'.format(
padded_table[1][col], self.tactics[padded_table[1][col]])
html += '</tr>\n<tr>\n'
for row in range(2,len(padded_table)):
for col in range(self.num_tactics):
if padded_table[row][col] == '':
html += '<td> </td>\n'
else:
html += '<td><a href="{0}/{1}.md">{1} {2}</a></td>\n'.format(
ttp_dir, padded_table[row][col], ttp_dictionary[padded_table[row][col]])
html += '</tr>\n<tr>\n'
html += '</tr>\n</table>\n'
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
# Clickable version
self.write_clickable_disarm_framework_file(title, padded_table, ttp_dictionary, clickable_file)
return
def write_clickable_disarm_framework_file(self, title, padded_table, ttp_dictionary, outfile):
# Write clickable html version of the matrix grid to html file
html = '''<!DOCTYPE html>
<html>
<head>
<title>DISARM {}</title>
</head>
<body>
<script>
function handleTechniqueClick(box) {{
var technique = document.getElementById(box);
var checkBox = document.getElementById(box+"check");
var text = document.getElementById(box+"text");
if (checkBox.checked == true){{
text.style.display = "block";
technique.bgColor = "Lime"
}} else {{
text.style.display = "none";
technique.bgColor = "Silver"
}}
}}
</script>
<h1>DISARM</h1>
<table border=1 bgcolor=silver>
'''.format(title.capitalize())
html += '<tr bgcolor=fuchsia>\n'
for col in range(self.num_tactics):
html += '<td>{0} {1}</td>\n'.format(padded_table[0][col], self.phases[padded_table[0][col]])
html += '</tr>\n'
html += '<tr bgcolor=aqua>\n'
for col in range(self.num_tactics):
html += '<td>{0} {1}</td>\n'.format(padded_table[1][col], self.tactics[padded_table[1][col]])
html += '</tr>\n'
liststr = ''
html += '<tr>\n'
for row in range(2,len(padded_table)):
for col in range(self.num_tactics):
techid = padded_table[row][col]
if techid == '':
html += '<td bgcolor=white> </td>\n'
else:
html += '<td id="{0}">{0} {1}<input type="checkbox" id="{0}check" onclick="handleTechniqueClick(\'{0}\')"></td>\n'.format(
techid, ttp_dictionary[techid])
liststr += '<li id="{0}text" style="display:none">{0}: {1}</li>\n'.format(
techid, ttp_dictionary[techid])
html += '</tr>\n<tr>\n'
html += '</tr>\n</table>\n<hr>\n'
html += '<ul>\n{}</ul>\n'.format(liststr)
html += '''
</body>
</html>
'''
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def print_technique_incidents(self):
for id_technique in self.df_techniques['disarm_id'].to_list():
print('{}\n{}'.format(id_technique,
self.create_incidentstring(id_technique)))
return
def print_incident_techniques(self):
for id_incident in self.df_incidents['disarm_id'].to_list():
print('{}\n{}'.format(id_incident,
self.create_techstring(id_incident)))
return
def analyse_counter_text(self, col='name'):
# Analyse text in counter descriptions
alltext = (' ').join(self.df_counters[col].to_list()).lower()
count_vect = CountVectorizer(stop_words='english')
word_counts = count_vect.fit_transform([alltext])
dfw = pd.DataFrame(word_counts.A, columns=count_vect.get_feature_names()).transpose()
dfw.columns = ['count']
dfw = dfw.sort_values(by='count', ascending=False)
return(dfw)
def analyse_coverage(self, technique_id_list, counter_id_list):
ct = self.cross_counterid_techniqueid.copy()
ct = ct[ct['technique_id'].isin(self.df_techniques['disarm_id'].to_list()) & ct['disarm_id'].isin(self.df_counters['disarm_id'].to_list())]
possible_counters_for_techniques = ct[ct['technique_id'].isin(technique_id_list)]
possible_techniques_for_counters = ct[ct['technique_id'].isin(counter_id_list)]
coverage = ct[(ct['disarm_id'].isin(counter_id_list)) & (ct['technique_id'].isin(technique_id_list))]
return coverage, possible_counters_for_techniques, possible_techniques_for_counters
def write_counts_table_to_file(self, objectname, objectdict, counts_table, outfile):
html = '''# DISARM {} courses of action
<table border="1">
<tr>
<td> </td>
'''.format(objectname.capitalize())
# Table heading row
for col in counts_table.columns.get_level_values(1)[:-1]:
html += '<td>{}</td>\n'.format(col)
html += '<td>TOTALS</td></tr><tr>\n'
# Data rows
for index, counts in counts_table.iterrows():
html += '<td><a href="{3}{0}s/{1}.md">{1} {2}</a></td>\n'.format(
objectname, index, objectdict[index], GENERATED_PAGES_DIR)
for val in counts.values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n<tr>\n'
# Column sums
html += '<td>TOTALS</td>\n'
for val in counts_table.sum().values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n</table>\n'
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def write_responsetype_tactics_table_file(self, outfile = GENERATED_PAGES_DIR + 'tactics_by_responsetype_table.md'):
''' Write course of action matrix for tactics vs responsetype
'''
counts_table = pd.pivot_table(self.df_counters[['responsetype', 'tactic_id','disarm_id']],
index='tactic_id', columns='responsetype', aggfunc=len,
fill_value=0)
counts_table['TOTALS'] = counts_table.sum(axis=1)
self.write_counts_table_to_file('tactic', self.tactics, counts_table, outfile)
return
def write_metatechniques_responsetype_table_file(self, outfile = GENERATED_PAGES_DIR + 'metatechniques_by_responsetype_table.md'):
counts_table = pd.pivot_table(self.df_counters[['responsetype', 'metatechnique_id','disarm_id']],
index='metatechnique_id', columns='responsetype', aggfunc=len,
fill_value=0)
counts_table['TOTALS'] = counts_table.sum(axis=1)
self.write_counts_table_to_file('metatechnique', self.metatechniques, counts_table, outfile)
return
def write_resources_responsetype_table_file(self, outfile = GENERATED_PAGES_DIR + 'resources_by_responsetype_table.md'):
# dirty hack because there are lots of -blanks?- in the cross-table that should have been filtered out
crosstable_with_responsetype = self.cross_counterid_resourceid.merge(self.df_counters[['disarm_id', 'responsetype']])
crosstable_with_responsetype = crosstable_with_responsetype[crosstable_with_responsetype['responsetype'].isin(self.resources.keys())]
counts_table = pd.pivot_table(crosstable_with_responsetype,
index='resource_id', columns='responsetype', aggfunc=len,
fill_value=0)
counts_table['TOTALS'] = counts_table.sum(axis=1)
self.write_counts_table_to_file('resource', self.resources, counts_table, outfile)
return
def generate_and_write_datafiles(self):
# Framework matrices
self.write_disarm_frameworks()
# Editable files
self.update_markdown_files()
self.write_object_indexes_to_file()
# Cross tables
self.write_responsetype_tactics_table_file()
self.write_metatechniques_responsetype_table_file()
# FIXIT - this is just giving trouble today self.write_resources_responsetype_table_file()
return
def main():
disarm = Disarm()
disarm.generate_and_write_datafiles()
if __name__ == "__main__":
main()

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,10 @@
# {type} {id}: {name}
* **Summary:** {summary}
* **Sector:** {sector}
* **Viewpoint:** {viewpoint}
{counters}

View File

@ -0,0 +1,20 @@
# {type} {id}: {name}
* **Summary**: {summary}
* **Playbooks**: {playbooks}
* **Metatechnique**: {metatechnique}
* **Resources needed:** {resources_needed}
* **Belongs to tactic stage**: {tactic}
{actortypes}
{tactics}
{techniques}
{incidents}

View File

@ -0,0 +1,16 @@
# {type} {id}: {name}
* **Summary:** {summary}
* **incident type**: {incidenttype}
* **Year started:** {yearstarted}
* **Countries:** {fromcountry} , {tocountry}
* **Found via:** {foundvia}
* **Date added:** {dateadded}
{techniques}

View File

@ -0,0 +1,7 @@
# {type} {id}: {name}
* **Summary:** {summary}
{counters}

View File

@ -0,0 +1,4 @@
# {type} {id}: {name}
* **Summary:** {summary}

View File

@ -0,0 +1,8 @@
# {type} {id}: {name}
* **Summary:** {summary}
* **Resource type:** {resource_type}
{counters}

View File

@ -0,0 +1,13 @@
# {type} {id}: {name}
* **Summary:** {summary}
* **Belongs to phase:** {phase}
{tasks}
{techniques}
{counters}

View File

@ -0,0 +1,6 @@
# {type} {id}: {name}
* **Summary:** {summary}
* **Belongs to tactic stage:** {tactic}

View File

@ -0,0 +1,10 @@
# {type} {id}: {name}
* **Summary**: {summary}
* **Belongs to tactic stage**: {tactic}
{incidents}
{counters}

BIN
DISARM_DOCUMENTATION/.DS_Store vendored Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,459 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Create counters summaries\n",
"Create summaries of disinfo countermeasures for use in dataset cleaning etc."
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Writing ../counter_tactics/ALcounters.md\n",
"Writing ../counter_tactics/TA01counters.md\n",
"Writing ../counter_tactics/TA02counters.md\n",
"Writing ../counter_tactics/TA03counters.md\n",
"Writing ../counter_tactics/TA04counters.md\n",
"Writing ../counter_tactics/TA05counters.md\n",
"Writing ../counter_tactics/TA06counters.md\n",
"Writing ../counter_tactics/TA07counters.md\n",
"Writing ../counter_tactics/TA08counters.md\n",
"Writing ../counter_tactics/TA09counters.md\n",
"Writing ../counter_tactics/TA10counters.md\n",
"Writing ../counter_tactics/TA11counters.md\n",
"Writing ../counter_tactics/TA12counters.md\n",
"updated ../counter_tactic_counts.md\n",
"Writing ../counters_metatag/cleaningcounters.md\n",
"Writing ../counters_metatag/countermessagingcounters.md\n",
"Writing ../counters_metatag/data pollutioncounters.md\n",
"Writing ../counters_metatag/daylightcounters.md\n",
"Writing ../counters_metatag/dilutioncounters.md\n",
"Writing ../counters_metatag/diversioncounters.md\n",
"Writing ../counters_metatag/frictioncounters.md\n",
"Writing ../counters_metatag/metatechniquecounters.md\n",
"Writing ../counters_metatag/reduce resourcescounters.md\n",
"Writing ../counters_metatag/removalcounters.md\n",
"Writing ../counters_metatag/resiliencecounters.md\n",
"Writing ../counters_metatag/scoringcounters.md\n",
"Writing ../counters_metatag/targetingcounters.md\n",
"Writing ../counters_metatag/verificationcounters.md\n",
"updated ../counter_metatag_counts.md\n",
"Writing ../counter_resource/DHScounters.md\n",
"Writing ../counter_resource/NGOcounters.md\n",
"Writing ../counter_resource/activistscounters.md\n",
"Writing ../counter_resource/adtechcounters.md\n",
"Writing ../counter_resource/civil_societycounters.md\n",
"Writing ../counter_resource/community_groupscounters.md\n",
"Writing ../counter_resource/companiescounters.md\n",
"Writing ../counter_resource/content_creatorscounters.md\n",
"Writing ../counter_resource/data_scientistcounters.md\n",
"Writing ../counter_resource/datastreamscounters.md\n",
"Writing ../counter_resource/developerscounters.md\n",
"Writing ../counter_resource/educatorscounters.md\n",
"Writing ../counter_resource/elvescounters.md\n",
"Writing ../counter_resource/factcheckerscounters.md\n",
"Writing ../counter_resource/fundingcounters.md\n",
"Writing ../counter_resource/gamesdesignerscounters.md\n",
"Writing ../counter_resource/governmentcounters.md\n",
"Writing ../counter_resource/government:policymakerscounters.md\n",
"Writing ../counter_resource/influencerscounters.md\n",
"Writing ../counter_resource/influencers:trusted_authoritycounters.md\n",
"Writing ../counter_resource/infoseccounters.md\n",
"Writing ../counter_resource/librariescounters.md\n",
"Writing ../counter_resource/mediacounters.md\n",
"Writing ../counter_resource/militarycounters.md\n",
"Writing ../counter_resource/moneycounters.md\n",
"Writing ../counter_resource/platform_admincounters.md\n",
"Writing ../counter_resource/platform_admin:adtechcounters.md\n",
"Writing ../counter_resource/platform_admin:fundingsitescounters.md\n",
"Writing ../counter_resource/platform_admin:socialmediacounters.md\n",
"Writing ../counter_resource/platform_algorithmscounters.md\n",
"Writing ../counter_resource/platform_outreachcounters.md\n",
"Writing ../counter_resource/platformscounters.md\n",
"Writing ../counter_resource/publiccounters.md\n",
"Writing ../counter_resource/public:account_ownerscounters.md\n",
"Writing ../counter_resource/religious_organisationscounters.md\n",
"Writing ../counter_resource/schoolscounters.md\n",
"Writing ../counter_resource/server_admincounters.md\n",
"updated ../counter_resource_counts.md\n"
]
},
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>ID</th>\n",
" <th>metatechnique</th>\n",
" <th>Title</th>\n",
" <th>Details</th>\n",
" <th>Playbook(s)</th>\n",
" <th>Resources needed</th>\n",
" <th>How found</th>\n",
" <th>References</th>\n",
" <th>Incidents</th>\n",
" <th>Tactic</th>\n",
" <th>Response</th>\n",
" <th>Techniques</th>\n",
" <th>NOTES</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00043</td>\n",
" <td>cleaning</td>\n",
" <td>Detect hijacked accounts and reallocate them</td>\n",
" <td>NaN</td>\n",
" <td>In all playbooks the platform must force user ...</td>\n",
" <td>platform_admin,activists,civil_society,money</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA03 Develop People</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>T0011 - Hijack accounts</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00053</td>\n",
" <td>cleaning</td>\n",
" <td>Delete old accounts / Remove unused social med...</td>\n",
" <td>NaN</td>\n",
" <td>Social media companies remove inactive account...</td>\n",
" <td>platform_admin,platform_admin:socialmedia,publ...</td>\n",
" <td>2019-11-workshop,2019-11-search</td>\n",
" <td>NaN</td>\n",
" <td>I00004</td>\n",
" <td>TA04 Develop Networks</td>\n",
" <td>D4 Degrade</td>\n",
" <td>T0011 - Hijack accounts\\nTA06 - Develop Conten...</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00074</td>\n",
" <td>cleaning</td>\n",
" <td>Identify identical content and mass deplatform</td>\n",
" <td>\\n</td>\n",
" <td>In all cases some checks need to prevent depla...</td>\n",
" <td>platform_admin,platform_admin:socialmedia</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D2 Deny</td>\n",
" <td>T0022 - Conspiracy narratives\\nT0026 - Create ...</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00026</td>\n",
" <td>countermessaging</td>\n",
" <td>Shore up democracy based messages (peace, free...</td>\n",
" <td>Unsure</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA01 Strategic Planning</td>\n",
" <td>D4 Degrade</td>\n",
" <td>T0002 - Facilitate State Propaganda</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>C00082</td>\n",
" <td>countermessaging</td>\n",
" <td>Ground truthing as automated response to pollu...</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>181</th>\n",
" <td>C00214</td>\n",
" <td>metatechnique</td>\n",
" <td>Create policy that makes social media police d...</td>\n",
" <td>German model: facebook forced to police conten...</td>\n",
" <td>NaN</td>\n",
" <td>government:policymakers</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>182</th>\n",
" <td>C00215</td>\n",
" <td>metatechnique</td>\n",
" <td>Use fraud legislation to clean up social media</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>government:policymakers</td>\n",
" <td>2019-11-workshop</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>183</th>\n",
" <td>C00217</td>\n",
" <td>daylight</td>\n",
" <td>Registries alert when large batches of newsy U...</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>platform_admin</td>\n",
" <td>grugq</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA07 Channel Selection</td>\n",
" <td>D2 Deny</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>184</th>\n",
" <td>C00218</td>\n",
" <td>removal</td>\n",
" <td>Censorship</td>\n",
" <td>Alter and/or block the publication/disseminati...</td>\n",
" <td>NaN</td>\n",
" <td>platform_admin</td>\n",
" <td>grugq</td>\n",
" <td>Taylor81</td>\n",
" <td>NaN</td>\n",
" <td>TA09 Exposure</td>\n",
" <td>D2 Deny</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" <tr>\n",
" <th>185</th>\n",
" <td>C00219</td>\n",
" <td>daylight</td>\n",
" <td>Add metadata to content - out of the control o...</td>\n",
" <td>NaN</td>\n",
" <td>Add date and source to images</td>\n",
" <td>NaN</td>\n",
" <td>grugq</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" <td>TA06 Develop Content</td>\n",
" <td>D3 Disrupt</td>\n",
" <td>NaN</td>\n",
" <td>NaN</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>186 rows × 13 columns</p>\n",
"</div>"
],
"text/plain": [
" ID metatechnique \\\n",
"0 C00043 cleaning \n",
"1 C00053 cleaning \n",
"2 C00074 cleaning \n",
"3 C00026 countermessaging \n",
"4 C00082 countermessaging \n",
".. ... ... \n",
"181 C00214 metatechnique \n",
"182 C00215 metatechnique \n",
"183 C00217 daylight \n",
"184 C00218 removal \n",
"185 C00219 daylight \n",
"\n",
" Title \\\n",
"0 Detect hijacked accounts and reallocate them \n",
"1 Delete old accounts / Remove unused social med... \n",
"2 Identify identical content and mass deplatform \n",
"3 Shore up democracy based messages (peace, free... \n",
"4 Ground truthing as automated response to pollu... \n",
".. ... \n",
"181 Create policy that makes social media police d... \n",
"182 Use fraud legislation to clean up social media \n",
"183 Registries alert when large batches of newsy U... \n",
"184 Censorship \n",
"185 Add metadata to content - out of the control o... \n",
"\n",
" Details \\\n",
"0 NaN \n",
"1 NaN \n",
"2 \\n \n",
"3 Unsure \n",
"4 NaN \n",
".. ... \n",
"181 German model: facebook forced to police conten... \n",
"182 NaN \n",
"183 NaN \n",
"184 Alter and/or block the publication/disseminati... \n",
"185 NaN \n",
"\n",
" Playbook(s) \\\n",
"0 In all playbooks the platform must force user ... \n",
"1 Social media companies remove inactive account... \n",
"2 In all cases some checks need to prevent depla... \n",
"3 NaN \n",
"4 NaN \n",
".. ... \n",
"181 NaN \n",
"182 NaN \n",
"183 NaN \n",
"184 NaN \n",
"185 Add date and source to images \n",
"\n",
" Resources needed \\\n",
"0 platform_admin,activists,civil_society,money \n",
"1 platform_admin,platform_admin:socialmedia,publ... \n",
"2 platform_admin,platform_admin:socialmedia \n",
"3 NaN \n",
"4 NaN \n",
".. ... \n",
"181 government:policymakers \n",
"182 government:policymakers \n",
"183 platform_admin \n",
"184 platform_admin \n",
"185 NaN \n",
"\n",
" How found References Incidents \\\n",
"0 2019-11-workshop NaN NaN \n",
"1 2019-11-workshop,2019-11-search NaN I00004 \n",
"2 2019-11-workshop NaN NaN \n",
"3 2019-11-workshop NaN NaN \n",
"4 2019-11-workshop NaN NaN \n",
".. ... ... ... \n",
"181 2019-11-workshop NaN NaN \n",
"182 2019-11-workshop NaN NaN \n",
"183 grugq NaN NaN \n",
"184 grugq Taylor81 NaN \n",
"185 grugq NaN NaN \n",
"\n",
" Tactic Response \\\n",
"0 TA03 Develop People D3 Disrupt \n",
"1 TA04 Develop Networks D4 Degrade \n",
"2 TA06 Develop Content D2 Deny \n",
"3 TA01 Strategic Planning D4 Degrade \n",
"4 TA06 Develop Content D3 Disrupt \n",
".. ... ... \n",
"181 TA07 Channel Selection D3 Disrupt \n",
"182 TA07 Channel Selection D3 Disrupt \n",
"183 TA07 Channel Selection D2 Deny \n",
"184 TA09 Exposure D2 Deny \n",
"185 TA06 Develop Content D3 Disrupt \n",
"\n",
" Techniques NOTES \n",
"0 T0011 - Hijack accounts NaN \n",
"1 T0011 - Hijack accounts\\nTA06 - Develop Conten... NaN \n",
"2 T0022 - Conspiracy narratives\\nT0026 - Create ... NaN \n",
"3 T0002 - Facilitate State Propaganda NaN \n",
"4 NaN NaN \n",
".. ... ... \n",
"181 NaN NaN \n",
"182 NaN NaN \n",
"183 NaN NaN \n",
"184 NaN NaN \n",
"185 NaN NaN \n",
"\n",
"[186 rows x 13 columns]"
]
},
"execution_count": 1,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"import generate_amitt_counters\n",
"\n",
"counter = generate_amitt_counters.Counter()\n",
"counter.write_tactics_markdown()\n",
"counter.write_metacounts_markdown()\n",
"counter.write_resource_markdown()\n",
"counter.dfcounters"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.3"
}
},
"nbformat": 4,
"nbformat_minor": 2
}

Binary file not shown.

After

Width:  |  Height:  |  Size: 908 KiB

View File

@ -0,0 +1,282 @@
''' Manage AMITT counters
Create a page for each of the AMITT counter objects.
Don't worry about creating notes etc for these - they'll be in the generating spreadsheet
Reads 1 excel file: ../AMITT_MASTER_DATA/AMITT_Counters_MASTER.xlsx with sheets
* AMITT_objects: tactics, responses, actors, techniques
* Countermeasures
*
Creates markdown files
* ../counter_tactic_counts.md
* ../counter_tactics/{}counters.md
* ../counter_metatag_counts.md
* ../counter_metatag/{1}counters.md
* ../counter_resource_counts.md
* ../counter_resource/{1}counters.md
*
* {}/{}counters.md
*
'''
import pandas as pd
import numpy as np
import os
from sklearn.feature_extraction.text import CountVectorizer
class Counter:
def __init__(self, infile = '../AMITT_MASTER_DATA/AMITT_Counters_MASTER.xlsx'):
# Create counters cross-tables
crossidtechs = self.splitcol(self.dfcounters[['ID', 'Techniques']],
'Techniques', 'Techs', '\n')
crossidtechs = crossidtechs[crossidtechs['Techs'].notnull()]
crossidtechs['TID'] = crossidtechs['Techs'].str.split(' ').str[0]
crossidtechs.drop('Techs', axis=1, inplace=True)
self.idtechnique = crossidtechs
crossidres = self.splitcol(self.dfcounters[['ID', 'Resources needed']],
'Resources needed', 'Res', ',')
crossidres = crossidres[crossidres['Res'].notnull()]
self.idresource = crossidres
def analyse_counter_text(self, col='Title'):
# Analyse text in counter descriptions
alltext = (' ').join(self.dfcounters[col].to_list()).lower()
count_vect = CountVectorizer(stop_words='english')
word_counts = count_vect.fit_transform([alltext])
dfw = pd.DataFrame(word_counts.A, columns=count_vect.get_feature_names()).transpose()
dfw.columns = ['count']
dfw = dfw.sort_values(by='count', ascending=False)
return(dfw)
def splitcol(self, df, col, newcol, divider=','):
# Thanks https://stackoverflow.com/questions/17116814/pandas-how-do-i-split-text-in-a-column-into-multiple-rows?noredirect=1
return (df.join(df[col]
.str.split(divider, expand=True).stack()
.reset_index(drop=True,level=1)
.rename(newcol)).drop(col, axis=1))
# Print list of counters for each square of the COA matrix
# Write HTML version of framework diagram to markdown file
def write_counters_tactics_markdown(self, outfile = '../counter_tactic_counts.md'):
coacounts = pd.pivot_table(self.dfcounters[['Tactic', 'Response',
'ID']], index='Response', columns='Tactic', aggfunc=len, fill_value=0)
html = '''# AMITT Courses of Action matrix:
<table border="1">
<tr>
<td> </td>
'''
#Table heading = Tactic names
for col in coacounts.columns.get_level_values(1):
tid = self.create_tactic_file(col)
html += '<td><a href="counter_tactics/{0}counters.md">{1}</a></td>\n'.format(
tid, col)
html += '</tr><tr>\n'
# number of counters per response type
for response, counts in coacounts.iterrows():
html += '<td>{}</td>\n'.format(response)
for val in counts.values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n<tr>\n'
# Total per tactic
html += '<td>TOTALS</td>\n'
for val in coacounts.sum().values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n</table>\n'
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def create_tactic_file(self, tname):
if not os.path.exists('../counter_tactics'):
os.makedirs('../counter_tactics')
tid = tname[:tname.find(' ')]
html = '''# Tactic {} counters\n\n'''.format(tname)
html += '## by action\n\n'
for resp, counters in self.dfcounters[self.dfcounters['Tactic'] == tname].groupby('Response'):
html += '\n### {}\n'.format(resp)
for c in counters.iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['ID'], c[1]['Title'],
c[1]['Resources needed'])
html += '\n## by technique\n\n'
tactecs = self.techniques[self.techniques['phase'] == tid]['Id'].to_list()
for tech in [tid] + tactecs:
if tech == tid:
html += '\n### {}\n'.format(tech)
else:
techname = self.techniques[self.techniques['Id']==tech]['longname']
html += '\n### {}\n'.format(techname)
taccounts = self.idtechnique[self.idtechnique['TID'] == tech]
# html += '\n{}\n'.format(taccounts)
for c in self.dfcounters[self.dfcounters['ID'].isin(taccounts['ID'])].iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['ID'], c[1]['Title'],
c[1]['Resources needed'])
datafile = '../counter_tactics/{}counters.md'.format(tid)
print('Writing {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(html)
f.close()
return(tid)
def create_object_file(self, index, rowtype, datadir):
oid = index
html = '''# {} counters: {}\n\n'''.format(rowtype, index)
html += '## by action\n\n'
for resp, clist in self.dfcounters[self.dfcounters[rowtype] == index].groupby('Response'):
html += '\n### {}\n'.format(resp)
for c in clist.iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['ID'], c[1]['Title'],
c[1]['Resources needed'])
datafile = '{}/{}counters.md'.format(datadir, oid)
print('Writing {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(html)
f.close()
return(oid)
def write_counters_metacounts_markdown(self, outfile = '../counter_metatag_counts.md'):
coltype = 'Response'
rowtype = 'metatechnique'
rowname = 'metatag'
mtcounts = pd.pivot_table(self.dfcounters[[coltype, rowtype,'ID']],
index=rowtype, columns=coltype, aggfunc=len,
fill_value=0)
mtcounts['TOTALS'] = mtcounts.sum(axis=1)
html = '''# AMITT {} courses of action
<table border="1">
<tr>
<td> </td>
'''.format(rowtype)
# Table heading row
for col in mtcounts.columns.get_level_values(1)[:-1]:
html += '<td>{}</td>\n'.format(col)
html += '<td>TOTALS</td></tr><tr>\n'
# Data rows
datadir = '../counters_{}'.format(rowname)
if not os.path.exists(datadir):
os.makedirs(datadir)
for index, counts in mtcounts.iterrows():
tid = self.create_object_file(index, rowtype, datadir)
html += '<td><a href="counter_{0}/{1}counters.md">{2}</a></td>\n'.format(
rowname, tid, index)
for val in counts.values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n<tr>\n'
# Column sums
html += '<td>TOTALS</td>\n'
for val in mtcounts.sum().values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n</table>\n'
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def create_resource_file(self, index, rowtype, datadir):
oid = index
counterrows = self.idresource[self.idresource['Res'] == index]['ID'].to_list()
html = '''# {} counters: {}\n\n'''.format(rowtype, index)
html += '## by action\n\n'
omatrix = self.dfcounters[self.dfcounters['ID'].isin(counterrows)].groupby('Response')
for resp, clist in omatrix:
html += '\n### {}\n'.format(resp)
for c in clist.iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['ID'], c[1]['Title'],
c[1]['Resources needed'])
datafile = '{}/{}counters.md'.format(datadir, oid)
print('Writing {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(html)
f.close()
return(oid, omatrix)
def write_counters_resource_markdown(self, outfile = '../counter_resource_counts.md'):
coltype = 'Response'
rowtype = 'resource'
rowname = 'resource'
html = '''# AMITT {} courses of action
<table border="1">
<tr>
<td> </td>
'''.format(rowtype)
# Table heading row
colvals = self.dfcounters[coltype].value_counts().sort_index().index
for col in colvals:
html += '<td>{}</td>\n'.format(col)
html += '<td>TOTALS</td></tr><tr>\n'
# Data rows
datadir = '../counter_{}'.format(rowname)
if not os.path.exists(datadir):
os.makedirs(datadir)
for index in self.idresource['Res'].value_counts().sort_index().index:
(oid, omatrix) = self.create_resource_file(index, rowtype, datadir) #self
row = pd.DataFrame(omatrix.apply(len), index=colvals).fillna(' ')
html += '<td><a href="counter_{0}/{1}counters.md">{2}</a></td>\n'.format(
rowname, oid, index)
if len(row.columns) > 0:
for val in row[0].to_list():
html += '<td>{}</td>\n'.format(val)
html += '<td>{}</td></tr>\n<tr>\n'.format('')
html += '</tr>\n</table>\n'
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def main():
counter = Counter()
counter.write_counters_tactics_markdown()
counter.write_counters_metacounts_markdown()
counter.write_counters_resource_markdown()
if __name__ == "__main__":
main()

View File

@ -0,0 +1,19 @@
# AMITT Design Guides
## README: About the AMITT Guides
These are introductions to the AMITT family of disinformation models: STIX, TTPs, and Countermeasures. It covers their origins, their contents, and their uses.
## Guides
* [AMITT Design Guide](00_AMITT_Design_Guide_version1.pdf) - design and philosophy behind AMITT frameworks
* [AMITT User Guide](05_AMITT_User_Guide.pdf) - ways to work with AMITT frameworks
* [AMITT TTP Guide](01_AMITT_TTP_Guide.pdf) - describes each of the AMITT and counter TTPs
* [Proposed changes to AMITT](02_Proposed_Changes_to_AMITT.pdf)
* [AMITT Use Cases](03_AMITT_Use_Cases.pdf) - examples
* [AMITT Incident List](04_AMITT_Incident_List.pdf) - the incident descriptions we used to create AMITT
The guides are being worked on - these PDFs will be updated periodically. For latest edits, see the [working copies of the guides](https://drive.google.com/drive/u/0/folders/1SVOp-D6ukSfqQSBTZCXfBSQPT0FAWFkH).
Copyright CC-BY-SA, CogSecCollab and CTI League Disinformation Team

File diff suppressed because it is too large Load Diff

Binary file not shown.

Binary file not shown.

427
LICENSE.md Normal file
View File

@ -0,0 +1,427 @@
Attribution-ShareAlike 4.0 International
=======================================================================
Creative Commons Corporation ("Creative Commons") is not a law firm and
does not provide legal services or legal advice. Distribution of
Creative Commons public licenses does not create a lawyer-client or
other relationship. Creative Commons makes its licenses and related
information available on an "as-is" basis. Creative Commons gives no
warranties regarding its licenses, any material licensed under their
terms and conditions, or any related information. Creative Commons
disclaims all liability for damages resulting from their use to the
fullest extent possible.
Using Creative Commons Public Licenses
Creative Commons public licenses provide a standard set of terms and
conditions that creators and other rights holders may use to share
original works of authorship and other material subject to copyright
and certain other rights specified in the public license below. The
following considerations are for informational purposes only, are not
exhaustive, and do not form part of our licenses.
Considerations for licensors: Our public licenses are
intended for use by those authorized to give the public
permission to use material in ways otherwise restricted by
copyright and certain other rights. Our licenses are
irrevocable. Licensors should read and understand the terms
and conditions of the license they choose before applying it.
Licensors should also secure all rights necessary before
applying our licenses so that the public can reuse the
material as expected. Licensors should clearly mark any
material not subject to the license. This includes other CC-
licensed material, or material used under an exception or
limitation to copyright. More considerations for licensors:
wiki.creativecommons.org/Considerations_for_licensors
Considerations for the public: By using one of our public
licenses, a licensor grants the public permission to use the
licensed material under specified terms and conditions. If
the licensor's permission is not necessary for any reason--for
example, because of any applicable exception or limitation to
copyright--then that use is not regulated by the license. Our
licenses grant only permissions under copyright and certain
other rights that a licensor has authority to grant. Use of
the licensed material may still be restricted for other
reasons, including because others have copyright or other
rights in the material. A licensor may make special requests,
such as asking that all changes be marked or described.
Although not required by our licenses, you are encouraged to
respect those requests where reasonable. More_considerations
for the public:
wiki.creativecommons.org/Considerations_for_licensees
=======================================================================
Creative Commons Attribution-ShareAlike 4.0 International Public
License
By exercising the Licensed Rights (defined below), You accept and agree
to be bound by the terms and conditions of this Creative Commons
Attribution-ShareAlike 4.0 International Public License ("Public
License"). To the extent this Public License may be interpreted as a
contract, You are granted the Licensed Rights in consideration of Your
acceptance of these terms and conditions, and the Licensor grants You
such rights in consideration of benefits the Licensor receives from
making the Licensed Material available under these terms and
conditions.
Section 1 -- Definitions.
a. Adapted Material means material subject to Copyright and Similar
Rights that is derived from or based upon the Licensed Material
and in which the Licensed Material is translated, altered,
arranged, transformed, or otherwise modified in a manner requiring
permission under the Copyright and Similar Rights held by the
Licensor. For purposes of this Public License, where the Licensed
Material is a musical work, performance, or sound recording,
Adapted Material is always produced where the Licensed Material is
synched in timed relation with a moving image.
b. Adapter's License means the license You apply to Your Copyright
and Similar Rights in Your contributions to Adapted Material in
accordance with the terms and conditions of this Public License.
c. BY-SA Compatible License means a license listed at
creativecommons.org/compatiblelicenses, approved by Creative
Commons as essentially the equivalent of this Public License.
d. Copyright and Similar Rights means copyright and/or similar rights
closely related to copyright including, without limitation,
performance, broadcast, sound recording, and Sui Generis Database
Rights, without regard to how the rights are labeled or
categorized. For purposes of this Public License, the rights
specified in Section 2(b)(1)-(2) are not Copyright and Similar
Rights.
e. Effective Technological Measures means those measures that, in the
absence of proper authority, may not be circumvented under laws
fulfilling obligations under Article 11 of the WIPO Copyright
Treaty adopted on December 20, 1996, and/or similar international
agreements.
f. Exceptions and Limitations means fair use, fair dealing, and/or
any other exception or limitation to Copyright and Similar Rights
that applies to Your use of the Licensed Material.
g. License Elements means the license attributes listed in the name
of a Creative Commons Public License. The License Elements of this
Public License are Attribution and ShareAlike.
h. Licensed Material means the artistic or literary work, database,
or other material to which the Licensor applied this Public
License.
i. Licensed Rights means the rights granted to You subject to the
terms and conditions of this Public License, which are limited to
all Copyright and Similar Rights that apply to Your use of the
Licensed Material and that the Licensor has authority to license.
j. Licensor means the individual(s) or entity(ies) granting rights
under this Public License.
k. Share means to provide material to the public by any means or
process that requires permission under the Licensed Rights, such
as reproduction, public display, public performance, distribution,
dissemination, communication, or importation, and to make material
available to the public including in ways that members of the
public may access the material from a place and at a time
individually chosen by them.
l. Sui Generis Database Rights means rights other than copyright
resulting from Directive 96/9/EC of the European Parliament and of
the Council of 11 March 1996 on the legal protection of databases,
as amended and/or succeeded, as well as other essentially
equivalent rights anywhere in the world.
m. You means the individual or entity exercising the Licensed Rights
under this Public License. Your has a corresponding meaning.
Section 2 -- Scope.
a. License grant.
1. Subject to the terms and conditions of this Public License,
the Licensor hereby grants You a worldwide, royalty-free,
non-sublicensable, non-exclusive, irrevocable license to
exercise the Licensed Rights in the Licensed Material to:
a. reproduce and Share the Licensed Material, in whole or
in part; and
b. produce, reproduce, and Share Adapted Material.
2. Exceptions and Limitations. For the avoidance of doubt, where
Exceptions and Limitations apply to Your use, this Public
License does not apply, and You do not need to comply with
its terms and conditions.
3. Term. The term of this Public License is specified in Section
6(a).
4. Media and formats; technical modifications allowed. The
Licensor authorizes You to exercise the Licensed Rights in
all media and formats whether now known or hereafter created,
and to make technical modifications necessary to do so. The
Licensor waives and/or agrees not to assert any right or
authority to forbid You from making technical modifications
necessary to exercise the Licensed Rights, including
technical modifications necessary to circumvent Effective
Technological Measures. For purposes of this Public License,
simply making modifications authorized by this Section 2(a)
(4) never produces Adapted Material.
5. Downstream recipients.
a. Offer from the Licensor -- Licensed Material. Every
recipient of the Licensed Material automatically
receives an offer from the Licensor to exercise the
Licensed Rights under the terms and conditions of this
Public License.
b. Additional offer from the Licensor -- Adapted Material.
Every recipient of Adapted Material from You
automatically receives an offer from the Licensor to
exercise the Licensed Rights in the Adapted Material
under the conditions of the Adapter's License You apply.
c. No downstream restrictions. You may not offer or impose
any additional or different terms or conditions on, or
apply any Effective Technological Measures to, the
Licensed Material if doing so restricts exercise of the
Licensed Rights by any recipient of the Licensed
Material.
6. No endorsement. Nothing in this Public License constitutes or
may be construed as permission to assert or imply that You
are, or that Your use of the Licensed Material is, connected
with, or sponsored, endorsed, or granted official status by,
the Licensor or others designated to receive attribution as
provided in Section 3(a)(1)(A)(i).
b. Other rights.
1. Moral rights, such as the right of integrity, are not
licensed under this Public License, nor are publicity,
privacy, and/or other similar personality rights; however, to
the extent possible, the Licensor waives and/or agrees not to
assert any such rights held by the Licensor to the limited
extent necessary to allow You to exercise the Licensed
Rights, but not otherwise.
2. Patent and trademark rights are not licensed under this
Public License.
3. To the extent possible, the Licensor waives any right to
collect royalties from You for the exercise of the Licensed
Rights, whether directly or through a collecting society
under any voluntary or waivable statutory or compulsory
licensing scheme. In all other cases the Licensor expressly
reserves any right to collect such royalties.
Section 3 -- License Conditions.
Your exercise of the Licensed Rights is expressly made subject to the
following conditions.
a. Attribution.
1. If You Share the Licensed Material (including in modified
form), You must:
a. retain the following if it is supplied by the Licensor
with the Licensed Material:
i. identification of the creator(s) of the Licensed
Material and any others designated to receive
attribution, in any reasonable manner requested by
the Licensor (including by pseudonym if
designated);
ii. a copyright notice;
iii. a notice that refers to this Public License;
iv. a notice that refers to the disclaimer of
warranties;
v. a URI or hyperlink to the Licensed Material to the
extent reasonably practicable;
b. indicate if You modified the Licensed Material and
retain an indication of any previous modifications; and
c. indicate the Licensed Material is licensed under this
Public License, and include the text of, or the URI or
hyperlink to, this Public License.
2. You may satisfy the conditions in Section 3(a)(1) in any
reasonable manner based on the medium, means, and context in
which You Share the Licensed Material. For example, it may be
reasonable to satisfy the conditions by providing a URI or
hyperlink to a resource that includes the required
information.
3. If requested by the Licensor, You must remove any of the
information required by Section 3(a)(1)(A) to the extent
reasonably practicable.
b. ShareAlike.
In addition to the conditions in Section 3(a), if You Share
Adapted Material You produce, the following conditions also apply.
1. The Adapter's License You apply must be a Creative Commons
license with the same License Elements, this version or
later, or a BY-SA Compatible License.
2. You must include the text of, or the URI or hyperlink to, the
Adapter's License You apply. You may satisfy this condition
in any reasonable manner based on the medium, means, and
context in which You Share Adapted Material.
3. You may not offer or impose any additional or different terms
or conditions on, or apply any Effective Technological
Measures to, Adapted Material that restrict exercise of the
rights granted under the Adapter's License You apply.
Section 4 -- Sui Generis Database Rights.
Where the Licensed Rights include Sui Generis Database Rights that
apply to Your use of the Licensed Material:
a. for the avoidance of doubt, Section 2(a)(1) grants You the right
to extract, reuse, reproduce, and Share all or a substantial
portion of the contents of the database;
b. if You include all or a substantial portion of the database
contents in a database in which You have Sui Generis Database
Rights, then the database in which You have Sui Generis Database
Rights (but not its individual contents) is Adapted Material,
including for purposes of Section 3(b); and
c. You must comply with the conditions in Section 3(a) if You Share
all or a substantial portion of the contents of the database.
For the avoidance of doubt, this Section 4 supplements and does not
replace Your obligations under this Public License where the Licensed
Rights include other Copyright and Similar Rights.
Section 5 -- Disclaimer of Warranties and Limitation of Liability.
a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
c. The disclaimer of warranties and limitation of liability provided
above shall be interpreted in a manner that, to the extent
possible, most closely approximates an absolute disclaimer and
waiver of all liability.
Section 6 -- Term and Termination.
a. This Public License applies for the term of the Copyright and
Similar Rights licensed here. However, if You fail to comply with
this Public License, then Your rights under this Public License
terminate automatically.
b. Where Your right to use the Licensed Material has terminated under
Section 6(a), it reinstates:
1. automatically as of the date the violation is cured, provided
it is cured within 30 days of Your discovery of the
violation; or
2. upon express reinstatement by the Licensor.
For the avoidance of doubt, this Section 6(b) does not affect any
right the Licensor may have to seek remedies for Your violations
of this Public License.
c. For the avoidance of doubt, the Licensor may also offer the
Licensed Material under separate terms or conditions or stop
distributing the Licensed Material at any time; however, doing so
will not terminate this Public License.
d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
License.
Section 7 -- Other Terms and Conditions.
a. The Licensor shall not be bound by any additional or different
terms or conditions communicated by You unless expressly agreed.
b. Any arrangements, understandings, or agreements regarding the
Licensed Material not stated herein are separate from and
independent of the terms and conditions of this Public License.
Section 8 -- Interpretation.
a. For the avoidance of doubt, this Public License does not, and
shall not be interpreted to, reduce, limit, restrict, or impose
conditions on any use of the Licensed Material that could lawfully
be made without permission under this Public License.
b. To the extent possible, if any provision of this Public License is
deemed unenforceable, it shall be automatically reformed to the
minimum extent necessary to make it enforceable. If the provision
cannot be reformed, it shall be severed from this Public License
without affecting the enforceability of the remaining terms and
conditions.
c. No term or condition of this Public License will be waived and no
failure to comply consented to unless expressly agreed to by the
Licensor.
d. Nothing in this Public License constitutes or may be interpreted
as a limitation upon, or waiver of, any privileges and immunities
that apply to the Licensor or You, including from the legal
processes of any jurisdiction or authority.
=======================================================================
Creative Commons is not a party to its public
licenses. Notwithstanding, Creative Commons may elect to apply one of
its public licenses to material it publishes and in those instances
will be considered the “Licensor.” The text of the Creative Commons
public licenses is dedicated to the public domain under the CC0 Public
Domain Dedication. Except for the limited purpose of indicating that
material is shared under a Creative Commons public license or as
otherwise permitted by the Creative Commons policies published at
creativecommons.org/policies, Creative Commons does not authorize the
use of the trademark "Creative Commons" or any other trademark or logo
of Creative Commons without its prior written consent including,
without limitation, in connection with any unauthorized modifications
to any of its public licenses or any other arrangements,
understandings, or agreements concerning use of licensed material. For
the avoidance of doubt, this paragraph does not form part of the
public licenses.
Creative Commons may be contacted at creativecommons.org.

58
README.md Normal file
View File

@ -0,0 +1,58 @@
# DISARM Disinformation TTP (Tactics, Techniques and Procedures) Framework
DISARM is a framework designed for describing and understanding disinformation incidents. DISARM is part of work on adapting information security (infosec) practices to help track and counter disinformation and other information harms, and is designed to fit existing infosec practices and tools.
DISARM's style is based on the [MITRE ATT&amp;CK framework](https://github.com/mitre-attack/attack-website/). STIX templates for DISARM objects are available in the [DISARM_CTI repo](https://github.com/DISARMFoundation/DISARM_cti) - these make it easy for DISARM data to be passed between ISAOs and similar bodies using standards like TAXII.
## What's in this folder
DISARM DOCUMENTATION:
* [DISARM_GUIDES](DISARM_GUIDES): DISARM user guides, design guides, and more detailed TTP documentation.
* [DISARM_HISTORY](DISARM_GUIDES/DISARM_HISTORY): earlier models and reports.
DISARM FRAMEWORKS:
* [DISARM Red Team Framework](generated_pages/DISARM_red_framework.md) - Disinformation creator TTPs, listed by tactic stage. This is the classic "DISARM Framework" that's bundled with MISP. The [clickable](generated_files/DISARM_red_framework_clickable.html) version is for rapidly creating lists of TTPs.
* [DISARM Blue Team Framework](generated_pages/DISARM_blue_framework.md) - Disinformation responder TTPs, listed by tactic stage. These are countermeasures, listed by the earliest tactic stages they're likely to be used in.
DISARM OBJECTS: all the entities used to create the Red Team and Blue Team frameworks:
* [Phases](generated_pages/phases_index.md): higher-level groupings of tactics, created so we could check we didn't miss anything
* [Tactics](generated_pages/tactics_index.md): stages that someone running a misinformation incident is likely to use
* [Techniques](generated_pages/techniques_index.md): activities that might be seen at each stage
* [Tasks](generated_pages/tasks_index.md): things that need to be done at each stage. In Pablospeak, tasks are things you do, techniques are how you do them.
* [Counters](generated_pages/counters_index.md): countermeasures to DISARM TTPs.
* [Actors](generated_pages/actors_index.md): resources needed to run countermeasures
* [Response types](generated_pages/responsetype_index.md): the course-of-action categories we used to create counters
* [Metatechniques](generated_pages/metatechniques_index.md): a higher-level grouping for countermeasures
* [Incidents](generated_pages/incidents_index.md): incident descriptions used to create the DISARM frameworks
There's a directory for each of these, containing a datasheet for each individual entity (e.g. [technique T0046 Search Engine Optimization](generated_pages/techniques/T0046.md)). There's also a directory [generated_files](generated_files) containing any files (CSVs, sqlite etc) we generate from the above tables.
## Updating DISARM
Major changes: Any major changes to DISARM models are agreed on by the DISARM Foundation.
Minor changes: We love any and all suggestions for improvements, comments and offers of help - reach out to us using [this google form](https://docs.google.com/forms/d/e/1FAIpQLSdZuyKFp1UZzk6qUE4IN1O14HaJ-F4TH9thxR3hrRU-Mu7QUQ/viewform). (We're also going back through earlier issues lists: [AMITT issues list](https://github.com//DISARM/issues) and [Misinfosec issues list](https://github.com/misinfosecproject/DISARM_framework/issues))
Using your own datasets: DISARM is open source. If you want to do your own thing with DISARM data, these will help:
* all the master data for DISARM is in directory [DISARM_MASTER_DATA](DISARM_MASTER_DATA). Look for the [DISARM_FRAMEWORKS_MASTER.xlsx](DISARM_MASTER_DATA/DISARM_FRAMEWORKS_MASTER.xlsx) spreadsheet. This contains disinformation creators' tactics, techniques, tasks, phases, and counters.
* The [DISARM TTP Guide](https://docs.google.com/document/d/1Kc0O7owFyGiYs8N8wSq17gRUPEDQsD5lLUL_3KGCgRE/edit#) has more detailed information on each technique.
* The code to create all the HTML datasheets is in directory [CODE](CODE): you'll need generate_DISARM_pages.py and all the template files.
If you have your own version of this repository and update DISARM_FRAMEWORKS_MASTER.xlsx, typing "python generate_DISARM_pages.py" will update all the files above from it.
## Who's Responsible for DISARM
* **DISARM Foundation** maintains and updates the DISARM family of models: DISARM-STIX, the DISARM Red framework (of disinformation creation), and the DISARM Blue framework (of disinformation countermeasures and mitigations).
* **[CogSecCollab](http://cogsec-collab.org/)** maintained and updated the original AMITT models. We've used DISARM in the CTI League's Covid19 responses, and tested it in trials with NATO, the EU, and several other countries' disinformation units. Pablo Breuer and are the current design authorities for the DISARM models.
* **MisinfosecWG**, aka the Credibility Coalition's [Misinfosec working group](https://github.com/credcoalition/community-site/wiki/Working-Groups) created the original DISARM frameworks. The Red Framework was started in December 2018, and refined in a Credibility Coalition Misinfosec seminar; the Blue Framework was started as a collection of potential disinformation countermeasures, at a Coalition Misinfosec seminar in November 2019. CogSecCollab is the nonprofit that spun out of MisinfosecWG.
* **Everyone who contributes to DISARM** (and there are many of you). Thank you to everyone who contributes to DISARM, and has contributed to DISARM over the years.
* **You**. Thank you for being here.
DISARM is licensed under [CC-BY-4.0](LICENSE.md)

BIN
generated_files/.DS_Store vendored Normal file

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,30 @@
P01,P01,P02,P02,P02,P02,P02,P03,P03,P03,P03,P04
TA01,TA02,TA03,TA04,TA05,TA06,TA07,TA08,TA09,TA10,TA11,TA12
C00006,C00009,C00034,C00047,C00065,C00014,C00090,C00100,C00109,,C00131,C00140
C00008,C00011,C00036,C00052,C00066,C00032,C00097,C00112,C00122,,C00138,C00148
C00010,C00028,C00040,C00053,C00130,C00071,C00098,C00113,C00123,,C00139,C00149
C00012,C00029,C00042,C00056,C00178,C00072,C00099,C00114,C00124,,C00143,
C00013,C00030,C00044,C00059,C00216,C00074,C00101,C00115,C00125,,,
C00016,C00031,C00046,C00062,,C00075,C00103,C00116,C00126,,,
C00017,C00060,C00048,C00135,,C00076,C00105,C00117,C00128,,,
C00019,C00070,C00051,C00162,,C00078,C00195,C00118,C00129,,,
C00021,C00092,C00058,C00172,,C00080,,C00119,C00147,,,
C00022,C00144,C00067,C00203,,C00081,,C00120,C00182,,,
C00024,C00156,C00077,,,C00082,,C00121,C00200,,,
C00026,C00164,C00093,,,C00084,,C00136,C00211,,,
C00027,C00169,C00133,,,C00085,,C00154,,,,
C00073,C00207,C00155,,,C00086,,C00184,,,,
C00096,C00222,C00160,,,C00087,,C00188,,,,
C00111,,C00189,,,C00091,,,,,,
C00153,,C00197,,,C00094,,,,,,
C00159,,,,,C00106,,,,,,
C00161,,,,,C00107,,,,,,
C00170,,,,,C00142,,,,,,
C00174,,,,,C00165,,,,,,
C00176,,,,,C00202,,,,,,
C00190,,,,,C00219,,,,,,
C00205,,,,,,,,,,,
C00212,,,,,,,,,,,
C00220,,,,,,,,,,,
C00221,,,,,,,,,,,
C00223,,,,,,,,,,,
1 P01 P01 P02 P02 P02 P02 P02 P03 P03 P03 P03 P04
2 TA01 TA02 TA03 TA04 TA05 TA06 TA07 TA08 TA09 TA10 TA11 TA12
3 C00006 C00009 C00034 C00047 C00065 C00014 C00090 C00100 C00109 C00131 C00140
4 C00008 C00011 C00036 C00052 C00066 C00032 C00097 C00112 C00122 C00138 C00148
5 C00010 C00028 C00040 C00053 C00130 C00071 C00098 C00113 C00123 C00139 C00149
6 C00012 C00029 C00042 C00056 C00178 C00072 C00099 C00114 C00124 C00143
7 C00013 C00030 C00044 C00059 C00216 C00074 C00101 C00115 C00125
8 C00016 C00031 C00046 C00062 C00075 C00103 C00116 C00126
9 C00017 C00060 C00048 C00135 C00076 C00105 C00117 C00128
10 C00019 C00070 C00051 C00162 C00078 C00195 C00118 C00129
11 C00021 C00092 C00058 C00172 C00080 C00119 C00147
12 C00022 C00144 C00067 C00203 C00081 C00120 C00182
13 C00024 C00156 C00077 C00082 C00121 C00200
14 C00026 C00164 C00093 C00084 C00136 C00211
15 C00027 C00169 C00133 C00085 C00154
16 C00073 C00207 C00155 C00086 C00184
17 C00096 C00222 C00160 C00087 C00188
18 C00111 C00189 C00091
19 C00153 C00197 C00094
20 C00159 C00106
21 C00161 C00107
22 C00170 C00142
23 C00174 C00165
24 C00176 C00202
25 C00190 C00219
26 C00205
27 C00212
28 C00220
29 C00221
30 C00223

View File

@ -0,0 +1,594 @@
<!DOCTYPE html>
<html>
<head>
<title>DISARM Blue framework</title>
</head>
<body>
<script>
function handleTechniqueClick(box) {
var technique = document.getElementById(box);
var checkBox = document.getElementById(box+"check");
var text = document.getElementById(box+"text");
if (checkBox.checked == true){
text.style.display = "block";
technique.bgColor = "Lime"
} else {
text.style.display = "none";
technique.bgColor = "Silver"
}
}
</script>
<h1>DISARM</h1>
<table border=1 bgcolor=silver>
<tr bgcolor=fuchsia>
<td>P01 Plan</td>
<td>P01 Plan</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P04 Assess</td>
</tr>
<tr bgcolor=aqua>
<td>TA01 Strategic Planning</td>
<td>TA02 Objective Planning</td>
<td>TA03 Develop People</td>
<td>TA04 Develop Networks</td>
<td>TA05 Microtargeting</td>
<td>TA06 Develop Content</td>
<td>TA07 Channel Selection</td>
<td>TA08 Pump Priming</td>
<td>TA09 Exposure</td>
<td>TA10 Go Physical</td>
<td>TA11 Persistence</td>
<td>TA12 Measure Effectiveness</td>
</tr>
<tr>
<td id="C00006">C00006 Charge for social media<input type="checkbox" id="C00006check" onclick="handleTechniqueClick('C00006')"></td>
<td id="C00009">C00009 Educate high profile influencers on best practices<input type="checkbox" id="C00009check" onclick="handleTechniqueClick('C00009')"></td>
<td id="C00034">C00034 Create more friction at account creation<input type="checkbox" id="C00034check" onclick="handleTechniqueClick('C00034')"></td>
<td id="C00047">C00047 Honeypot with coordinated inauthentics<input type="checkbox" id="C00047check" onclick="handleTechniqueClick('C00047')"></td>
<td id="C00065">C00065 Reduce political targeting<input type="checkbox" id="C00065check" onclick="handleTechniqueClick('C00065')"></td>
<td id="C00014">C00014 Real-time updates to fact-checking database<input type="checkbox" id="C00014check" onclick="handleTechniqueClick('C00014')"></td>
<td id="C00090">C00090 Fake engagement system<input type="checkbox" id="C00090check" onclick="handleTechniqueClick('C00090')"></td>
<td id="C00100">C00100 Hashtag jacking<input type="checkbox" id="C00100check" onclick="handleTechniqueClick('C00100')"></td>
<td id="C00109">C00109 Dampen Emotional Reaction<input type="checkbox" id="C00109check" onclick="handleTechniqueClick('C00109')"></td>
<td bgcolor=white> </td>
<td id="C00131">C00131 Seize and analyse botnet servers<input type="checkbox" id="C00131check" onclick="handleTechniqueClick('C00131')"></td>
<td id="C00140">C00140 "Bomb" link shorteners with lots of calls<input type="checkbox" id="C00140check" onclick="handleTechniqueClick('C00140')"></td>
</tr>
<tr>
<td id="C00008">C00008 Create shared fact-checking database<input type="checkbox" id="C00008check" onclick="handleTechniqueClick('C00008')"></td>
<td id="C00011">C00011 Media literacy. Games to identify fake news<input type="checkbox" id="C00011check" onclick="handleTechniqueClick('C00011')"></td>
<td id="C00036">C00036 Infiltrate the in-group to discredit leaders (divide)<input type="checkbox" id="C00036check" onclick="handleTechniqueClick('C00036')"></td>
<td id="C00052">C00052 Infiltrate platforms<input type="checkbox" id="C00052check" onclick="handleTechniqueClick('C00052')"></td>
<td id="C00066">C00066 Co-opt a hashtag and drown it out (hijack it back)<input type="checkbox" id="C00066check" onclick="handleTechniqueClick('C00066')"></td>
<td id="C00032">C00032 Hijack content and link to truth- based info<input type="checkbox" id="C00032check" onclick="handleTechniqueClick('C00032')"></td>
<td id="C00097">C00097 Require use of verified identities to contribute to poll or comment<input type="checkbox" id="C00097check" onclick="handleTechniqueClick('C00097')"></td>
<td id="C00112">C00112 "Prove they are not an op!"<input type="checkbox" id="C00112check" onclick="handleTechniqueClick('C00112')"></td>
<td id="C00122">C00122 Content moderation<input type="checkbox" id="C00122check" onclick="handleTechniqueClick('C00122')"></td>
<td bgcolor=white> </td>
<td id="C00138">C00138 Spam domestic actors with lawsuits<input type="checkbox" id="C00138check" onclick="handleTechniqueClick('C00138')"></td>
<td id="C00148">C00148 Add random links to network graphs<input type="checkbox" id="C00148check" onclick="handleTechniqueClick('C00148')"></td>
</tr>
<tr>
<td id="C00010">C00010 Enhanced privacy regulation for social media<input type="checkbox" id="C00010check" onclick="handleTechniqueClick('C00010')"></td>
<td id="C00028">C00028 Make information provenance available<input type="checkbox" id="C00028check" onclick="handleTechniqueClick('C00028')"></td>
<td id="C00040">C00040 third party verification for people<input type="checkbox" id="C00040check" onclick="handleTechniqueClick('C00040')"></td>
<td id="C00053">C00053 Delete old accounts / Remove unused social media accounts<input type="checkbox" id="C00053check" onclick="handleTechniqueClick('C00053')"></td>
<td id="C00130">C00130 Mentorship: elders, youth, credit. Learn vicariously.<input type="checkbox" id="C00130check" onclick="handleTechniqueClick('C00130')"></td>
<td id="C00071">C00071 Block source of pollution<input type="checkbox" id="C00071check" onclick="handleTechniqueClick('C00071')"></td>
<td id="C00098">C00098 Revocation of allowlisted or "verified" status<input type="checkbox" id="C00098check" onclick="handleTechniqueClick('C00098')"></td>
<td id="C00113">C00113 Debunk and defuse a fake expert / credentials.<input type="checkbox" id="C00113check" onclick="handleTechniqueClick('C00113')"></td>
<td id="C00123">C00123 Remove or rate limit botnets<input type="checkbox" id="C00123check" onclick="handleTechniqueClick('C00123')"></td>
<td bgcolor=white> </td>
<td id="C00139">C00139 Weaponise youtube content matrices<input type="checkbox" id="C00139check" onclick="handleTechniqueClick('C00139')"></td>
<td id="C00149">C00149 Poison the monitoring & evaluation data<input type="checkbox" id="C00149check" onclick="handleTechniqueClick('C00149')"></td>
</tr>
<tr>
<td id="C00012">C00012 Platform regulation<input type="checkbox" id="C00012check" onclick="handleTechniqueClick('C00012')"></td>
<td id="C00029">C00029 Create fake website to issue counter narrative and counter narrative through physical merchandise<input type="checkbox" id="C00029check" onclick="handleTechniqueClick('C00029')"></td>
<td id="C00042">C00042 Address truth contained in narratives<input type="checkbox" id="C00042check" onclick="handleTechniqueClick('C00042')"></td>
<td id="C00056">C00056 Encourage people to leave social media<input type="checkbox" id="C00056check" onclick="handleTechniqueClick('C00056')"></td>
<td id="C00178">C00178 Fill information voids with non-disinformation content<input type="checkbox" id="C00178check" onclick="handleTechniqueClick('C00178')"></td>
<td id="C00072">C00072 Remove non-relevant content from special interest groups - not recommended<input type="checkbox" id="C00072check" onclick="handleTechniqueClick('C00072')"></td>
<td id="C00099">C00099 Strengthen verification methods<input type="checkbox" id="C00099check" onclick="handleTechniqueClick('C00099')"></td>
<td id="C00114">C00114 Don't engage with payloads<input type="checkbox" id="C00114check" onclick="handleTechniqueClick('C00114')"></td>
<td id="C00124">C00124 Don't feed the trolls<input type="checkbox" id="C00124check" onclick="handleTechniqueClick('C00124')"></td>
<td bgcolor=white> </td>
<td id="C00143">C00143 (botnet) DMCA takedown requests to waste group time<input type="checkbox" id="C00143check" onclick="handleTechniqueClick('C00143')"></td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00013">C00013 Rating framework for news<input type="checkbox" id="C00013check" onclick="handleTechniqueClick('C00013')"></td>
<td id="C00030">C00030 Develop a compelling counter narrative (truth based)<input type="checkbox" id="C00030check" onclick="handleTechniqueClick('C00030')"></td>
<td id="C00044">C00044 Keep people from posting to social media immediately<input type="checkbox" id="C00044check" onclick="handleTechniqueClick('C00044')"></td>
<td id="C00059">C00059 Verification of project before posting fund requests<input type="checkbox" id="C00059check" onclick="handleTechniqueClick('C00059')"></td>
<td id="C00216">C00216 Use advertiser controls to stem flow of funds to bad actors<input type="checkbox" id="C00216check" onclick="handleTechniqueClick('C00216')"></td>
<td id="C00074">C00074 Identify and delete or rate limit identical content<input type="checkbox" id="C00074check" onclick="handleTechniqueClick('C00074')"></td>
<td id="C00101">C00101 Create friction by rate-limiting engagement<input type="checkbox" id="C00101check" onclick="handleTechniqueClick('C00101')"></td>
<td id="C00115">C00115 Expose actor and intentions<input type="checkbox" id="C00115check" onclick="handleTechniqueClick('C00115')"></td>
<td id="C00125">C00125 Prebunking<input type="checkbox" id="C00125check" onclick="handleTechniqueClick('C00125')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00016">C00016 Censorship<input type="checkbox" id="C00016check" onclick="handleTechniqueClick('C00016')"></td>
<td id="C00031">C00031 Dilute the core narrative - create multiple permutations, target / amplify<input type="checkbox" id="C00031check" onclick="handleTechniqueClick('C00031')"></td>
<td id="C00046">C00046 Marginalise and discredit extremist groups<input type="checkbox" id="C00046check" onclick="handleTechniqueClick('C00046')"></td>
<td id="C00062">C00062 Free open library sources worldwide<input type="checkbox" id="C00062check" onclick="handleTechniqueClick('C00062')"></td>
<td bgcolor=white> </td>
<td id="C00075">C00075 normalise language<input type="checkbox" id="C00075check" onclick="handleTechniqueClick('C00075')"></td>
<td id="C00103">C00103 Create a bot that engages / distract trolls<input type="checkbox" id="C00103check" onclick="handleTechniqueClick('C00103')"></td>
<td id="C00116">C00116 Provide proof of involvement<input type="checkbox" id="C00116check" onclick="handleTechniqueClick('C00116')"></td>
<td id="C00126">C00126 Social media amber alert<input type="checkbox" id="C00126check" onclick="handleTechniqueClick('C00126')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00017">C00017 Repair broken social connections<input type="checkbox" id="C00017check" onclick="handleTechniqueClick('C00017')"></td>
<td id="C00060">C00060 Legal action against for-profit engagement factories<input type="checkbox" id="C00060check" onclick="handleTechniqueClick('C00060')"></td>
<td id="C00048">C00048 Name and Shame Influencers<input type="checkbox" id="C00048check" onclick="handleTechniqueClick('C00048')"></td>
<td id="C00135">C00135 Deplatform message groups and/or message boards<input type="checkbox" id="C00135check" onclick="handleTechniqueClick('C00135')"></td>
<td bgcolor=white> </td>
<td id="C00076">C00076 Prohibit images in political discourse channels<input type="checkbox" id="C00076check" onclick="handleTechniqueClick('C00076')"></td>
<td id="C00105">C00105 Buy more advertising than misinformation creators<input type="checkbox" id="C00105check" onclick="handleTechniqueClick('C00105')"></td>
<td id="C00117">C00117 Downgrade / de-amplify so message is seen by fewer people<input type="checkbox" id="C00117check" onclick="handleTechniqueClick('C00117')"></td>
<td id="C00128">C00128 Create friction by marking content with ridicule or other "decelerants"<input type="checkbox" id="C00128check" onclick="handleTechniqueClick('C00128')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00019">C00019 Reduce effect of division-enablers<input type="checkbox" id="C00019check" onclick="handleTechniqueClick('C00019')"></td>
<td id="C00070">C00070 Block access to disinformation resources<input type="checkbox" id="C00070check" onclick="handleTechniqueClick('C00070')"></td>
<td id="C00051">C00051 Counter social engineering training<input type="checkbox" id="C00051check" onclick="handleTechniqueClick('C00051')"></td>
<td id="C00162">C00162 Unravel/target the Potemkin villages<input type="checkbox" id="C00162check" onclick="handleTechniqueClick('C00162')"></td>
<td bgcolor=white> </td>
<td id="C00078">C00078 Change Search Algorithms for Disinformation Content<input type="checkbox" id="C00078check" onclick="handleTechniqueClick('C00078')"></td>
<td id="C00195">C00195 Redirect searches away from disinformation or extremist content <input type="checkbox" id="C00195check" onclick="handleTechniqueClick('C00195')"></td>
<td id="C00118">C00118 Repurpose images with new text<input type="checkbox" id="C00118check" onclick="handleTechniqueClick('C00118')"></td>
<td id="C00129">C00129 Use banking to cut off access <input type="checkbox" id="C00129check" onclick="handleTechniqueClick('C00129')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00021">C00021 Encourage in-person communication<input type="checkbox" id="C00021check" onclick="handleTechniqueClick('C00021')"></td>
<td id="C00092">C00092 Establish a truth teller reputation score for influencers<input type="checkbox" id="C00092check" onclick="handleTechniqueClick('C00092')"></td>
<td id="C00058">C00058 Report crowdfunder as violator<input type="checkbox" id="C00058check" onclick="handleTechniqueClick('C00058')"></td>
<td id="C00172">C00172 social media source removal<input type="checkbox" id="C00172check" onclick="handleTechniqueClick('C00172')"></td>
<td bgcolor=white> </td>
<td id="C00080">C00080 Create competing narrative<input type="checkbox" id="C00080check" onclick="handleTechniqueClick('C00080')"></td>
<td bgcolor=white> </td>
<td id="C00119">C00119 Engage payload and debunk.<input type="checkbox" id="C00119check" onclick="handleTechniqueClick('C00119')"></td>
<td id="C00147">C00147 Make amplification of social media posts expire (e.g. can't like/ retweet after n days)<input type="checkbox" id="C00147check" onclick="handleTechniqueClick('C00147')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00022">C00022 Innoculate. Positive campaign to promote feeling of safety<input type="checkbox" id="C00022check" onclick="handleTechniqueClick('C00022')"></td>
<td id="C00144">C00144 Buy out troll farm employees / offer them jobs<input type="checkbox" id="C00144check" onclick="handleTechniqueClick('C00144')"></td>
<td id="C00067">C00067 Denigrate the recipient/ project (of online funding)<input type="checkbox" id="C00067check" onclick="handleTechniqueClick('C00067')"></td>
<td id="C00203">C00203 Stop offering press credentials to propaganda outlets<input type="checkbox" id="C00203check" onclick="handleTechniqueClick('C00203')"></td>
<td bgcolor=white> </td>
<td id="C00081">C00081 Highlight flooding and noise, and explain motivations<input type="checkbox" id="C00081check" onclick="handleTechniqueClick('C00081')"></td>
<td bgcolor=white> </td>
<td id="C00120">C00120 Open dialogue about design of platforms to produce different outcomes<input type="checkbox" id="C00120check" onclick="handleTechniqueClick('C00120')"></td>
<td id="C00182">C00182 Redirection / malware detection/ remediation<input type="checkbox" id="C00182check" onclick="handleTechniqueClick('C00182')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00024">C00024 Promote healthy narratives<input type="checkbox" id="C00024check" onclick="handleTechniqueClick('C00024')"></td>
<td id="C00156">C00156 Better tell your country or organization story<input type="checkbox" id="C00156check" onclick="handleTechniqueClick('C00156')"></td>
<td id="C00077">C00077 Active defence: run TA03 "develop people” - not recommended<input type="checkbox" id="C00077check" onclick="handleTechniqueClick('C00077')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00082">C00082 Ground truthing as automated response to pollution<input type="checkbox" id="C00082check" onclick="handleTechniqueClick('C00082')"></td>
<td bgcolor=white> </td>
<td id="C00121">C00121 Tool transparency and literacy for channels people follow. <input type="checkbox" id="C00121check" onclick="handleTechniqueClick('C00121')"></td>
<td id="C00200">C00200 Respected figure (influencer) disavows misinfo<input type="checkbox" id="C00200check" onclick="handleTechniqueClick('C00200')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00026">C00026 Shore up democracy based messages<input type="checkbox" id="C00026check" onclick="handleTechniqueClick('C00026')"></td>
<td id="C00164">C00164 compatriot policy<input type="checkbox" id="C00164check" onclick="handleTechniqueClick('C00164')"></td>
<td id="C00093">C00093 Influencer code of conduct<input type="checkbox" id="C00093check" onclick="handleTechniqueClick('C00093')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00084">C00084 Modify disinformation narratives, and rebroadcast them<input type="checkbox" id="C00084check" onclick="handleTechniqueClick('C00084')"></td>
<td bgcolor=white> </td>
<td id="C00136">C00136 Microtarget most likely targets then send them countermessages<input type="checkbox" id="C00136check" onclick="handleTechniqueClick('C00136')"></td>
<td id="C00211">C00211 Use humorous counter-narratives<input type="checkbox" id="C00211check" onclick="handleTechniqueClick('C00211')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00027">C00027 Create culture of civility<input type="checkbox" id="C00027check" onclick="handleTechniqueClick('C00027')"></td>
<td id="C00169">C00169 develop a creative content hub<input type="checkbox" id="C00169check" onclick="handleTechniqueClick('C00169')"></td>
<td id="C00133">C00133 Deplatform Account*<input type="checkbox" id="C00133check" onclick="handleTechniqueClick('C00133')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00085">C00085 Mute content<input type="checkbox" id="C00085check" onclick="handleTechniqueClick('C00085')"></td>
<td bgcolor=white> </td>
<td id="C00154">C00154 Ask media not to report false information<input type="checkbox" id="C00154check" onclick="handleTechniqueClick('C00154')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00073">C00073 Inoculate populations through media literacy training<input type="checkbox" id="C00073check" onclick="handleTechniqueClick('C00073')"></td>
<td id="C00207">C00207 Run a competing disinformation campaign - not recommended<input type="checkbox" id="C00207check" onclick="handleTechniqueClick('C00207')"></td>
<td id="C00155">C00155 Ban incident actors from funding sites<input type="checkbox" id="C00155check" onclick="handleTechniqueClick('C00155')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00086">C00086 Distract from noise with addictive content<input type="checkbox" id="C00086check" onclick="handleTechniqueClick('C00086')"></td>
<td bgcolor=white> </td>
<td id="C00184">C00184 Media exposure<input type="checkbox" id="C00184check" onclick="handleTechniqueClick('C00184')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00096">C00096 Strengthen institutions that are always truth tellers<input type="checkbox" id="C00096check" onclick="handleTechniqueClick('C00096')"></td>
<td id="C00222">C00222 Tabletop simulations<input type="checkbox" id="C00222check" onclick="handleTechniqueClick('C00222')"></td>
<td id="C00160">C00160 find and train influencers<input type="checkbox" id="C00160check" onclick="handleTechniqueClick('C00160')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00087">C00087 Make more noise than the disinformation<input type="checkbox" id="C00087check" onclick="handleTechniqueClick('C00087')"></td>
<td bgcolor=white> </td>
<td id="C00188">C00188 Newsroom/Journalist training to counter influence moves<input type="checkbox" id="C00188check" onclick="handleTechniqueClick('C00188')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00111">C00111 Reduce polarisation by connecting and presenting sympathetic renditions of opposite views<input type="checkbox" id="C00111check" onclick="handleTechniqueClick('C00111')"></td>
<td bgcolor=white> </td>
<td id="C00189">C00189 Ensure that platforms are taking down flagged accounts<input type="checkbox" id="C00189check" onclick="handleTechniqueClick('C00189')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00091">C00091 Honeypot social community<input type="checkbox" id="C00091check" onclick="handleTechniqueClick('C00091')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00153">C00153 Take pre-emptive action against actors' infrastructure<input type="checkbox" id="C00153check" onclick="handleTechniqueClick('C00153')"></td>
<td bgcolor=white> </td>
<td id="C00197">C00197 remove suspicious accounts<input type="checkbox" id="C00197check" onclick="handleTechniqueClick('C00197')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00094">C00094 Force full disclosure on corporate sponsor of research<input type="checkbox" id="C00094check" onclick="handleTechniqueClick('C00094')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00159">C00159 Have a disinformation response plan<input type="checkbox" id="C00159check" onclick="handleTechniqueClick('C00159')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00106">C00106 Click-bait centrist content<input type="checkbox" id="C00106check" onclick="handleTechniqueClick('C00106')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00161">C00161 Coalition Building with stakeholders and Third-Party Inducements<input type="checkbox" id="C00161check" onclick="handleTechniqueClick('C00161')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00107">C00107 Content moderation<input type="checkbox" id="C00107check" onclick="handleTechniqueClick('C00107')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00170">C00170 elevate information as a critical domain of statecraft<input type="checkbox" id="C00170check" onclick="handleTechniqueClick('C00170')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00142">C00142 Platform adds warning label and decision point when sharing content<input type="checkbox" id="C00142check" onclick="handleTechniqueClick('C00142')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00174">C00174 Create a healthier news environment<input type="checkbox" id="C00174check" onclick="handleTechniqueClick('C00174')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00165">C00165 Ensure integrity of official documents<input type="checkbox" id="C00165check" onclick="handleTechniqueClick('C00165')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00176">C00176 Improve Coordination amongst stakeholders: public and private<input type="checkbox" id="C00176check" onclick="handleTechniqueClick('C00176')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00202">C00202 Set data 'honeytraps'<input type="checkbox" id="C00202check" onclick="handleTechniqueClick('C00202')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00190">C00190 open engagement with civil society<input type="checkbox" id="C00190check" onclick="handleTechniqueClick('C00190')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="C00219">C00219 Add metadata to content thats out of the control of disinformation creators<input type="checkbox" id="C00219check" onclick="handleTechniqueClick('C00219')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00205">C00205 strong dialogue between the federal government and private sector to encourage better reporting<input type="checkbox" id="C00205check" onclick="handleTechniqueClick('C00205')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00212">C00212 build public resilience by making civil society more vibrant<input type="checkbox" id="C00212check" onclick="handleTechniqueClick('C00212')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00220">C00220 Develop a monitoring and intelligence plan<input type="checkbox" id="C00220check" onclick="handleTechniqueClick('C00220')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00221">C00221 Run a disinformation red team, and design mitigation factors<input type="checkbox" id="C00221check" onclick="handleTechniqueClick('C00221')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td id="C00223">C00223 Strengthen Trust in social media platforms<input type="checkbox" id="C00223check" onclick="handleTechniqueClick('C00223')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
</tr>
</table>
<hr>
<ul>
<li id="C00006text" style="display:none">C00006: Charge for social media</li>
<li id="C00009text" style="display:none">C00009: Educate high profile influencers on best practices</li>
<li id="C00034text" style="display:none">C00034: Create more friction at account creation</li>
<li id="C00047text" style="display:none">C00047: Honeypot with coordinated inauthentics</li>
<li id="C00065text" style="display:none">C00065: Reduce political targeting</li>
<li id="C00014text" style="display:none">C00014: Real-time updates to fact-checking database</li>
<li id="C00090text" style="display:none">C00090: Fake engagement system</li>
<li id="C00100text" style="display:none">C00100: Hashtag jacking</li>
<li id="C00109text" style="display:none">C00109: Dampen Emotional Reaction</li>
<li id="C00131text" style="display:none">C00131: Seize and analyse botnet servers</li>
<li id="C00140text" style="display:none">C00140: "Bomb" link shorteners with lots of calls</li>
<li id="C00008text" style="display:none">C00008: Create shared fact-checking database</li>
<li id="C00011text" style="display:none">C00011: Media literacy. Games to identify fake news</li>
<li id="C00036text" style="display:none">C00036: Infiltrate the in-group to discredit leaders (divide)</li>
<li id="C00052text" style="display:none">C00052: Infiltrate platforms</li>
<li id="C00066text" style="display:none">C00066: Co-opt a hashtag and drown it out (hijack it back)</li>
<li id="C00032text" style="display:none">C00032: Hijack content and link to truth- based info</li>
<li id="C00097text" style="display:none">C00097: Require use of verified identities to contribute to poll or comment</li>
<li id="C00112text" style="display:none">C00112: "Prove they are not an op!"</li>
<li id="C00122text" style="display:none">C00122: Content moderation</li>
<li id="C00138text" style="display:none">C00138: Spam domestic actors with lawsuits</li>
<li id="C00148text" style="display:none">C00148: Add random links to network graphs</li>
<li id="C00010text" style="display:none">C00010: Enhanced privacy regulation for social media</li>
<li id="C00028text" style="display:none">C00028: Make information provenance available</li>
<li id="C00040text" style="display:none">C00040: third party verification for people</li>
<li id="C00053text" style="display:none">C00053: Delete old accounts / Remove unused social media accounts</li>
<li id="C00130text" style="display:none">C00130: Mentorship: elders, youth, credit. Learn vicariously.</li>
<li id="C00071text" style="display:none">C00071: Block source of pollution</li>
<li id="C00098text" style="display:none">C00098: Revocation of allowlisted or "verified" status</li>
<li id="C00113text" style="display:none">C00113: Debunk and defuse a fake expert / credentials.</li>
<li id="C00123text" style="display:none">C00123: Remove or rate limit botnets</li>
<li id="C00139text" style="display:none">C00139: Weaponise youtube content matrices</li>
<li id="C00149text" style="display:none">C00149: Poison the monitoring & evaluation data</li>
<li id="C00012text" style="display:none">C00012: Platform regulation</li>
<li id="C00029text" style="display:none">C00029: Create fake website to issue counter narrative and counter narrative through physical merchandise</li>
<li id="C00042text" style="display:none">C00042: Address truth contained in narratives</li>
<li id="C00056text" style="display:none">C00056: Encourage people to leave social media</li>
<li id="C00178text" style="display:none">C00178: Fill information voids with non-disinformation content</li>
<li id="C00072text" style="display:none">C00072: Remove non-relevant content from special interest groups - not recommended</li>
<li id="C00099text" style="display:none">C00099: Strengthen verification methods</li>
<li id="C00114text" style="display:none">C00114: Don't engage with payloads</li>
<li id="C00124text" style="display:none">C00124: Don't feed the trolls</li>
<li id="C00143text" style="display:none">C00143: (botnet) DMCA takedown requests to waste group time</li>
<li id="C00013text" style="display:none">C00013: Rating framework for news</li>
<li id="C00030text" style="display:none">C00030: Develop a compelling counter narrative (truth based)</li>
<li id="C00044text" style="display:none">C00044: Keep people from posting to social media immediately</li>
<li id="C00059text" style="display:none">C00059: Verification of project before posting fund requests</li>
<li id="C00216text" style="display:none">C00216: Use advertiser controls to stem flow of funds to bad actors</li>
<li id="C00074text" style="display:none">C00074: Identify and delete or rate limit identical content</li>
<li id="C00101text" style="display:none">C00101: Create friction by rate-limiting engagement</li>
<li id="C00115text" style="display:none">C00115: Expose actor and intentions</li>
<li id="C00125text" style="display:none">C00125: Prebunking</li>
<li id="C00016text" style="display:none">C00016: Censorship</li>
<li id="C00031text" style="display:none">C00031: Dilute the core narrative - create multiple permutations, target / amplify</li>
<li id="C00046text" style="display:none">C00046: Marginalise and discredit extremist groups</li>
<li id="C00062text" style="display:none">C00062: Free open library sources worldwide</li>
<li id="C00075text" style="display:none">C00075: normalise language</li>
<li id="C00103text" style="display:none">C00103: Create a bot that engages / distract trolls</li>
<li id="C00116text" style="display:none">C00116: Provide proof of involvement</li>
<li id="C00126text" style="display:none">C00126: Social media amber alert</li>
<li id="C00017text" style="display:none">C00017: Repair broken social connections</li>
<li id="C00060text" style="display:none">C00060: Legal action against for-profit engagement factories</li>
<li id="C00048text" style="display:none">C00048: Name and Shame Influencers</li>
<li id="C00135text" style="display:none">C00135: Deplatform message groups and/or message boards</li>
<li id="C00076text" style="display:none">C00076: Prohibit images in political discourse channels</li>
<li id="C00105text" style="display:none">C00105: Buy more advertising than misinformation creators</li>
<li id="C00117text" style="display:none">C00117: Downgrade / de-amplify so message is seen by fewer people</li>
<li id="C00128text" style="display:none">C00128: Create friction by marking content with ridicule or other "decelerants"</li>
<li id="C00019text" style="display:none">C00019: Reduce effect of division-enablers</li>
<li id="C00070text" style="display:none">C00070: Block access to disinformation resources</li>
<li id="C00051text" style="display:none">C00051: Counter social engineering training</li>
<li id="C00162text" style="display:none">C00162: Unravel/target the Potemkin villages</li>
<li id="C00078text" style="display:none">C00078: Change Search Algorithms for Disinformation Content</li>
<li id="C00195text" style="display:none">C00195: Redirect searches away from disinformation or extremist content </li>
<li id="C00118text" style="display:none">C00118: Repurpose images with new text</li>
<li id="C00129text" style="display:none">C00129: Use banking to cut off access </li>
<li id="C00021text" style="display:none">C00021: Encourage in-person communication</li>
<li id="C00092text" style="display:none">C00092: Establish a truth teller reputation score for influencers</li>
<li id="C00058text" style="display:none">C00058: Report crowdfunder as violator</li>
<li id="C00172text" style="display:none">C00172: social media source removal</li>
<li id="C00080text" style="display:none">C00080: Create competing narrative</li>
<li id="C00119text" style="display:none">C00119: Engage payload and debunk.</li>
<li id="C00147text" style="display:none">C00147: Make amplification of social media posts expire (e.g. can't like/ retweet after n days)</li>
<li id="C00022text" style="display:none">C00022: Innoculate. Positive campaign to promote feeling of safety</li>
<li id="C00144text" style="display:none">C00144: Buy out troll farm employees / offer them jobs</li>
<li id="C00067text" style="display:none">C00067: Denigrate the recipient/ project (of online funding)</li>
<li id="C00203text" style="display:none">C00203: Stop offering press credentials to propaganda outlets</li>
<li id="C00081text" style="display:none">C00081: Highlight flooding and noise, and explain motivations</li>
<li id="C00120text" style="display:none">C00120: Open dialogue about design of platforms to produce different outcomes</li>
<li id="C00182text" style="display:none">C00182: Redirection / malware detection/ remediation</li>
<li id="C00024text" style="display:none">C00024: Promote healthy narratives</li>
<li id="C00156text" style="display:none">C00156: Better tell your country or organization story</li>
<li id="C00077text" style="display:none">C00077: Active defence: run TA03 "develop people” - not recommended</li>
<li id="C00082text" style="display:none">C00082: Ground truthing as automated response to pollution</li>
<li id="C00121text" style="display:none">C00121: Tool transparency and literacy for channels people follow. </li>
<li id="C00200text" style="display:none">C00200: Respected figure (influencer) disavows misinfo</li>
<li id="C00026text" style="display:none">C00026: Shore up democracy based messages</li>
<li id="C00164text" style="display:none">C00164: compatriot policy</li>
<li id="C00093text" style="display:none">C00093: Influencer code of conduct</li>
<li id="C00084text" style="display:none">C00084: Modify disinformation narratives, and rebroadcast them</li>
<li id="C00136text" style="display:none">C00136: Microtarget most likely targets then send them countermessages</li>
<li id="C00211text" style="display:none">C00211: Use humorous counter-narratives</li>
<li id="C00027text" style="display:none">C00027: Create culture of civility</li>
<li id="C00169text" style="display:none">C00169: develop a creative content hub</li>
<li id="C00133text" style="display:none">C00133: Deplatform Account*</li>
<li id="C00085text" style="display:none">C00085: Mute content</li>
<li id="C00154text" style="display:none">C00154: Ask media not to report false information</li>
<li id="C00073text" style="display:none">C00073: Inoculate populations through media literacy training</li>
<li id="C00207text" style="display:none">C00207: Run a competing disinformation campaign - not recommended</li>
<li id="C00155text" style="display:none">C00155: Ban incident actors from funding sites</li>
<li id="C00086text" style="display:none">C00086: Distract from noise with addictive content</li>
<li id="C00184text" style="display:none">C00184: Media exposure</li>
<li id="C00096text" style="display:none">C00096: Strengthen institutions that are always truth tellers</li>
<li id="C00222text" style="display:none">C00222: Tabletop simulations</li>
<li id="C00160text" style="display:none">C00160: find and train influencers</li>
<li id="C00087text" style="display:none">C00087: Make more noise than the disinformation</li>
<li id="C00188text" style="display:none">C00188: Newsroom/Journalist training to counter influence moves</li>
<li id="C00111text" style="display:none">C00111: Reduce polarisation by connecting and presenting sympathetic renditions of opposite views</li>
<li id="C00189text" style="display:none">C00189: Ensure that platforms are taking down flagged accounts</li>
<li id="C00091text" style="display:none">C00091: Honeypot social community</li>
<li id="C00153text" style="display:none">C00153: Take pre-emptive action against actors' infrastructure</li>
<li id="C00197text" style="display:none">C00197: remove suspicious accounts</li>
<li id="C00094text" style="display:none">C00094: Force full disclosure on corporate sponsor of research</li>
<li id="C00159text" style="display:none">C00159: Have a disinformation response plan</li>
<li id="C00106text" style="display:none">C00106: Click-bait centrist content</li>
<li id="C00161text" style="display:none">C00161: Coalition Building with stakeholders and Third-Party Inducements</li>
<li id="C00107text" style="display:none">C00107: Content moderation</li>
<li id="C00170text" style="display:none">C00170: elevate information as a critical domain of statecraft</li>
<li id="C00142text" style="display:none">C00142: Platform adds warning label and decision point when sharing content</li>
<li id="C00174text" style="display:none">C00174: Create a healthier news environment</li>
<li id="C00165text" style="display:none">C00165: Ensure integrity of official documents</li>
<li id="C00176text" style="display:none">C00176: Improve Coordination amongst stakeholders: public and private</li>
<li id="C00202text" style="display:none">C00202: Set data 'honeytraps'</li>
<li id="C00190text" style="display:none">C00190: open engagement with civil society</li>
<li id="C00219text" style="display:none">C00219: Add metadata to content thats out of the control of disinformation creators</li>
<li id="C00205text" style="display:none">C00205: strong dialogue between the federal government and private sector to encourage better reporting</li>
<li id="C00212text" style="display:none">C00212: build public resilience by making civil society more vibrant</li>
<li id="C00220text" style="display:none">C00220: Develop a monitoring and intelligence plan</li>
<li id="C00221text" style="display:none">C00221: Run a disinformation red team, and design mitigation factors</li>
<li id="C00223text" style="display:none">C00223: Strengthen Trust in social media platforms</li>
</ul>
</body>
</html>

View File

@ -0,0 +1,266 @@
<!DOCTYPE html>
<html>
<head>
<title>DISARM Red framework</title>
</head>
<body>
<script>
function handleTechniqueClick(box) {
var technique = document.getElementById(box);
var checkBox = document.getElementById(box+"check");
var text = document.getElementById(box+"text");
if (checkBox.checked == true){
text.style.display = "block";
technique.bgColor = "Lime"
} else {
text.style.display = "none";
technique.bgColor = "Silver"
}
}
</script>
<h1>DISARM</h1>
<table border=1 bgcolor=silver>
<tr bgcolor=fuchsia>
<td>P01 Plan</td>
<td>P01 Plan</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P02 Prepare</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P03 Execute</td>
<td>P04 Assess</td>
</tr>
<tr bgcolor=aqua>
<td>TA01 Strategic Planning</td>
<td>TA02 Objective Planning</td>
<td>TA03 Develop People</td>
<td>TA04 Develop Networks</td>
<td>TA05 Microtargeting</td>
<td>TA06 Develop Content</td>
<td>TA07 Channel Selection</td>
<td>TA08 Pump Priming</td>
<td>TA09 Exposure</td>
<td>TA10 Go Physical</td>
<td>TA11 Persistence</td>
<td>TA12 Measure Effectiveness</td>
</tr>
<tr>
<td id="T0001">T0001 5Ds (dismiss, distort, distract, dismay, divide)<input type="checkbox" id="T0001check" onclick="handleTechniqueClick('T0001')"></td>
<td id="T0005">T0005 Center of Gravity Analysis<input type="checkbox" id="T0005check" onclick="handleTechniqueClick('T0005')"></td>
<td id="T0007">T0007 Create fake Social Media Profiles / Pages / Groups<input type="checkbox" id="T0007check" onclick="handleTechniqueClick('T0007')"></td>
<td id="T0010">T0010 Cultivate ignorant agents<input type="checkbox" id="T0010check" onclick="handleTechniqueClick('T0010')"></td>
<td id="T0016">T0016 Clickbait<input type="checkbox" id="T0016check" onclick="handleTechniqueClick('T0016')"></td>
<td id="T0019">T0019 Generate information pollution<input type="checkbox" id="T0019check" onclick="handleTechniqueClick('T0019')"></td>
<td id="T0029">T0029 Manipulate online polls<input type="checkbox" id="T0029check" onclick="handleTechniqueClick('T0029')"></td>
<td id="T0039">T0039 Bait legitimate influencers<input type="checkbox" id="T0039check" onclick="handleTechniqueClick('T0039')"></td>
<td id="T0047">T0047 Muzzle social media as a political force<input type="checkbox" id="T0047check" onclick="handleTechniqueClick('T0047')"></td>
<td id="T0057">T0057 Organise remote rallies and events<input type="checkbox" id="T0057check" onclick="handleTechniqueClick('T0057')"></td>
<td id="T0058">T0058 Legacy web content<input type="checkbox" id="T0058check" onclick="handleTechniqueClick('T0058')"></td>
<td id="T0062">T0062 Behaviour changes<input type="checkbox" id="T0062check" onclick="handleTechniqueClick('T0062')"></td>
</tr>
<tr>
<td id="T0002">T0002 Facilitate State Propaganda<input type="checkbox" id="T0002check" onclick="handleTechniqueClick('T0002')"></td>
<td id="T0006">T0006 Create Master Narratives<input type="checkbox" id="T0006check" onclick="handleTechniqueClick('T0006')"></td>
<td id="T0008">T0008 Create fake or imposter news sites<input type="checkbox" id="T0008check" onclick="handleTechniqueClick('T0008')"></td>
<td id="T0011">T0011 Hijack legitimate account<input type="checkbox" id="T0011check" onclick="handleTechniqueClick('T0011')"></td>
<td id="T0017">T0017 Promote online funding<input type="checkbox" id="T0017check" onclick="handleTechniqueClick('T0017')"></td>
<td id="T0020">T0020 Trial content<input type="checkbox" id="T0020check" onclick="handleTechniqueClick('T0020')"></td>
<td id="T0030">T0030 Backstop personas<input type="checkbox" id="T0030check" onclick="handleTechniqueClick('T0030')"></td>
<td id="T0040">T0040 Demand unsurmountable proof<input type="checkbox" id="T0040check" onclick="handleTechniqueClick('T0040')"></td>
<td id="T0048">T0048 Cow online opinion leaders<input type="checkbox" id="T0048check" onclick="handleTechniqueClick('T0048')"></td>
<td id="T0061">T0061 Sell merchandising<input type="checkbox" id="T0061check" onclick="handleTechniqueClick('T0061')"></td>
<td id="T0059">T0059 Play the long game<input type="checkbox" id="T0059check" onclick="handleTechniqueClick('T0059')"></td>
<td id="T0063">T0063 Message reach<input type="checkbox" id="T0063check" onclick="handleTechniqueClick('T0063')"></td>
</tr>
<tr>
<td id="T0003">T0003 Leverage Existing Narratives<input type="checkbox" id="T0003check" onclick="handleTechniqueClick('T0003')"></td>
<td bgcolor=white> </td>
<td id="T0009">T0009 Create fake experts<input type="checkbox" id="T0009check" onclick="handleTechniqueClick('T0009')"></td>
<td id="T0012">T0012 Use concealment<input type="checkbox" id="T0012check" onclick="handleTechniqueClick('T0012')"></td>
<td id="T0018">T0018 Paid targeted ads<input type="checkbox" id="T0018check" onclick="handleTechniqueClick('T0018')"></td>
<td id="T0021">T0021 Memes<input type="checkbox" id="T0021check" onclick="handleTechniqueClick('T0021')"></td>
<td id="T0031">T0031 YouTube<input type="checkbox" id="T0031check" onclick="handleTechniqueClick('T0031')"></td>
<td id="T0041">T0041 Deny involvement<input type="checkbox" id="T0041check" onclick="handleTechniqueClick('T0041')"></td>
<td id="T0049">T0049 Flooding<input type="checkbox" id="T0049check" onclick="handleTechniqueClick('T0049')"></td>
<td bgcolor=white> </td>
<td id="T0060">T0060 Continue to amplify<input type="checkbox" id="T0060check" onclick="handleTechniqueClick('T0060')"></td>
<td id="T0064">T0064 Social media engagement<input type="checkbox" id="T0064check" onclick="handleTechniqueClick('T0064')"></td>
</tr>
<tr>
<td id="T0004">T0004 Competing Narratives<input type="checkbox" id="T0004check" onclick="handleTechniqueClick('T0004')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0013">T0013 Create fake websites<input type="checkbox" id="T0013check" onclick="handleTechniqueClick('T0013')"></td>
<td bgcolor=white> </td>
<td id="T0022">T0022 Conspiracy narratives<input type="checkbox" id="T0022check" onclick="handleTechniqueClick('T0022')"></td>
<td id="T0032">T0032 Reddit<input type="checkbox" id="T0032check" onclick="handleTechniqueClick('T0032')"></td>
<td id="T0042">T0042 Kernel of Truth<input type="checkbox" id="T0042check" onclick="handleTechniqueClick('T0042')"></td>
<td id="T0050">T0050 Cheerleading domestic social media ops<input type="checkbox" id="T0050check" onclick="handleTechniqueClick('T0050')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0014">T0014 Create funding campaigns<input type="checkbox" id="T0014check" onclick="handleTechniqueClick('T0014')"></td>
<td bgcolor=white> </td>
<td id="T0023">T0023 Distort facts<input type="checkbox" id="T0023check" onclick="handleTechniqueClick('T0023')"></td>
<td id="T0033">T0033 Instagram<input type="checkbox" id="T0033check" onclick="handleTechniqueClick('T0033')"></td>
<td id="T0043">T0043 Use SMS/ WhatsApp/ Chat apps<input type="checkbox" id="T0043check" onclick="handleTechniqueClick('T0043')"></td>
<td id="T0051">T0051 Fabricate social media comment<input type="checkbox" id="T0051check" onclick="handleTechniqueClick('T0051')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0015">T0015 Create hashtag<input type="checkbox" id="T0015check" onclick="handleTechniqueClick('T0015')"></td>
<td bgcolor=white> </td>
<td id="T0024">T0024 Create fake videos and images<input type="checkbox" id="T0024check" onclick="handleTechniqueClick('T0024')"></td>
<td id="T0034">T0034 LinkedIn<input type="checkbox" id="T0034check" onclick="handleTechniqueClick('T0034')"></td>
<td id="T0044">T0044 Seed distortions<input type="checkbox" id="T0044check" onclick="handleTechniqueClick('T0044')"></td>
<td id="T0052">T0052 Tertiary sites amplify news<input type="checkbox" id="T0052check" onclick="handleTechniqueClick('T0052')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0025">T0025 Leak altered documents<input type="checkbox" id="T0025check" onclick="handleTechniqueClick('T0025')"></td>
<td id="T0035">T0035 Pinterest<input type="checkbox" id="T0035check" onclick="handleTechniqueClick('T0035')"></td>
<td id="T0045">T0045 Use fake experts<input type="checkbox" id="T0045check" onclick="handleTechniqueClick('T0045')"></td>
<td id="T0053">T0053 Twitter trolls amplify and manipulate<input type="checkbox" id="T0053check" onclick="handleTechniqueClick('T0053')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0026">T0026 Create fake research<input type="checkbox" id="T0026check" onclick="handleTechniqueClick('T0026')"></td>
<td id="T0036">T0036 WhatsApp<input type="checkbox" id="T0036check" onclick="handleTechniqueClick('T0036')"></td>
<td id="T0046">T0046 Search Engine Optimization<input type="checkbox" id="T0046check" onclick="handleTechniqueClick('T0046')"></td>
<td id="T0054">T0054 Twitter bots amplify<input type="checkbox" id="T0054check" onclick="handleTechniqueClick('T0054')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0027">T0027 Adapt existing narratives<input type="checkbox" id="T0027check" onclick="handleTechniqueClick('T0027')"></td>
<td id="T0037">T0037 Facebook<input type="checkbox" id="T0037check" onclick="handleTechniqueClick('T0037')"></td>
<td bgcolor=white> </td>
<td id="T0055">T0055 Use hashtag<input type="checkbox" id="T0055check" onclick="handleTechniqueClick('T0055')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td id="T0028">T0028 Create competing narratives<input type="checkbox" id="T0028check" onclick="handleTechniqueClick('T0028')"></td>
<td id="T0038">T0038 Twitter<input type="checkbox" id="T0038check" onclick="handleTechniqueClick('T0038')"></td>
<td bgcolor=white> </td>
<td id="T0056">T0056 Dedicated channels disseminate information pollution<input type="checkbox" id="T0056check" onclick="handleTechniqueClick('T0056')"></td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
<td bgcolor=white> </td>
</tr>
<tr>
</tr>
</table>
<hr>
<ul>
<li id="T0001text" style="display:none">T0001: 5Ds (dismiss, distort, distract, dismay, divide)</li>
<li id="T0005text" style="display:none">T0005: Center of Gravity Analysis</li>
<li id="T0007text" style="display:none">T0007: Create fake Social Media Profiles / Pages / Groups</li>
<li id="T0010text" style="display:none">T0010: Cultivate ignorant agents</li>
<li id="T0016text" style="display:none">T0016: Clickbait</li>
<li id="T0019text" style="display:none">T0019: Generate information pollution</li>
<li id="T0029text" style="display:none">T0029: Manipulate online polls</li>
<li id="T0039text" style="display:none">T0039: Bait legitimate influencers</li>
<li id="T0047text" style="display:none">T0047: Muzzle social media as a political force</li>
<li id="T0057text" style="display:none">T0057: Organise remote rallies and events</li>
<li id="T0058text" style="display:none">T0058: Legacy web content</li>
<li id="T0062text" style="display:none">T0062: Behaviour changes</li>
<li id="T0002text" style="display:none">T0002: Facilitate State Propaganda</li>
<li id="T0006text" style="display:none">T0006: Create Master Narratives</li>
<li id="T0008text" style="display:none">T0008: Create fake or imposter news sites</li>
<li id="T0011text" style="display:none">T0011: Hijack legitimate account</li>
<li id="T0017text" style="display:none">T0017: Promote online funding</li>
<li id="T0020text" style="display:none">T0020: Trial content</li>
<li id="T0030text" style="display:none">T0030: Backstop personas</li>
<li id="T0040text" style="display:none">T0040: Demand unsurmountable proof</li>
<li id="T0048text" style="display:none">T0048: Cow online opinion leaders</li>
<li id="T0061text" style="display:none">T0061: Sell merchandising</li>
<li id="T0059text" style="display:none">T0059: Play the long game</li>
<li id="T0063text" style="display:none">T0063: Message reach</li>
<li id="T0003text" style="display:none">T0003: Leverage Existing Narratives</li>
<li id="T0009text" style="display:none">T0009: Create fake experts</li>
<li id="T0012text" style="display:none">T0012: Use concealment</li>
<li id="T0018text" style="display:none">T0018: Paid targeted ads</li>
<li id="T0021text" style="display:none">T0021: Memes</li>
<li id="T0031text" style="display:none">T0031: YouTube</li>
<li id="T0041text" style="display:none">T0041: Deny involvement</li>
<li id="T0049text" style="display:none">T0049: Flooding</li>
<li id="T0060text" style="display:none">T0060: Continue to amplify</li>
<li id="T0064text" style="display:none">T0064: Social media engagement</li>
<li id="T0004text" style="display:none">T0004: Competing Narratives</li>
<li id="T0013text" style="display:none">T0013: Create fake websites</li>
<li id="T0022text" style="display:none">T0022: Conspiracy narratives</li>
<li id="T0032text" style="display:none">T0032: Reddit</li>
<li id="T0042text" style="display:none">T0042: Kernel of Truth</li>
<li id="T0050text" style="display:none">T0050: Cheerleading domestic social media ops</li>
<li id="T0014text" style="display:none">T0014: Create funding campaigns</li>
<li id="T0023text" style="display:none">T0023: Distort facts</li>
<li id="T0033text" style="display:none">T0033: Instagram</li>
<li id="T0043text" style="display:none">T0043: Use SMS/ WhatsApp/ Chat apps</li>
<li id="T0051text" style="display:none">T0051: Fabricate social media comment</li>
<li id="T0015text" style="display:none">T0015: Create hashtag</li>
<li id="T0024text" style="display:none">T0024: Create fake videos and images</li>
<li id="T0034text" style="display:none">T0034: LinkedIn</li>
<li id="T0044text" style="display:none">T0044: Seed distortions</li>
<li id="T0052text" style="display:none">T0052: Tertiary sites amplify news</li>
<li id="T0025text" style="display:none">T0025: Leak altered documents</li>
<li id="T0035text" style="display:none">T0035: Pinterest</li>
<li id="T0045text" style="display:none">T0045: Use fake experts</li>
<li id="T0053text" style="display:none">T0053: Twitter trolls amplify and manipulate</li>
<li id="T0026text" style="display:none">T0026: Create fake research</li>
<li id="T0036text" style="display:none">T0036: WhatsApp</li>
<li id="T0046text" style="display:none">T0046: Search Engine Optimization</li>
<li id="T0054text" style="display:none">T0054: Twitter bots amplify</li>
<li id="T0027text" style="display:none">T0027: Adapt existing narratives</li>
<li id="T0037text" style="display:none">T0037: Facebook</li>
<li id="T0055text" style="display:none">T0055: Use hashtag</li>
<li id="T0028text" style="display:none">T0028: Create competing narratives</li>
<li id="T0038text" style="display:none">T0038: Twitter</li>
<li id="T0056text" style="display:none">T0056: Dedicated channels disseminate information pollution</li>
</ul>
</body>
</html>

View File

@ -0,0 +1,12 @@
P01,P01,P02,P02,P02,P02,P02,P03,P03,P03,P03,P04
TA01,TA02,TA03,TA04,TA05,TA06,TA07,TA08,TA09,TA10,TA11,TA12
T0001,T0005,T0007,T0010,T0016,T0019,T0029,T0039,T0047,T0057,T0058,T0062
T0002,T0006,T0008,T0011,T0017,T0020,T0030,T0040,T0048,T0061,T0059,T0063
T0003,,T0009,T0012,T0018,T0021,T0031,T0041,T0049,,T0060,T0064
T0004,,,T0013,,T0022,T0032,T0042,T0050,,,
,,,T0014,,T0023,T0033,T0043,T0051,,,
,,,T0015,,T0024,T0034,T0044,T0052,,,
,,,,,T0025,T0035,T0045,T0053,,,
,,,,,T0026,T0036,T0046,T0054,,,
,,,,,T0027,T0037,,T0055,,,
,,,,,T0028,T0038,,T0056,,,
1 P01 P01 P02 P02 P02 P02 P02 P03 P03 P03 P03 P04
2 TA01 TA02 TA03 TA04 TA05 TA06 TA07 TA08 TA09 TA10 TA11 TA12
3 T0001 T0005 T0007 T0010 T0016 T0019 T0029 T0039 T0047 T0057 T0058 T0062
4 T0002 T0006 T0008 T0011 T0017 T0020 T0030 T0040 T0048 T0061 T0059 T0063
5 T0003 T0009 T0012 T0018 T0021 T0031 T0041 T0049 T0060 T0064
6 T0004 T0013 T0022 T0032 T0042 T0050
7 T0014 T0023 T0033 T0043 T0051
8 T0015 T0024 T0034 T0044 T0052
9 T0025 T0035 T0045 T0053
10 T0026 T0036 T0046 T0054
11 T0027 T0037 T0055
12 T0028 T0038 T0056

View File

@ -0,0 +1,16 @@
# Actor A001: data scientist
* **Summary:** Person who can wrangle data, implement machine learning algorithms etc
* **Sector:** S001, S002, S003, S004, S005, S006, S007, S008, S009, S010
* **Viewpoint:** FW01, FW02
| Counters | Response types |
| -------- | -------------- |
| [C00092 Establish a truth teller reputation score for influencers](../generated_pages/counters/C00092.md) | D07 |
| [C00160 find and train influencers](../generated_pages/counters/C00160.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,14 @@
# Actor A002: target
* **Summary:** Person being targeted by disinformation campaign
* **Sector:** S001, S002, S003, S004, S005, S006, S007, S008, S009, S010
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A003: trusted authority
* **Summary:** Influencer
* **Sector:** S001, S002, S003, S004, S005, S006, S007, S008, S009, S010
* **Viewpoint:** FW01, FW02
| Counters | Response types |
| -------- | -------------- |
| [C00128 Create friction by marking content with ridicule or other "decelerants"](../generated_pages/counters/C00128.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A004: activist
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00052 Infiltrate platforms](../generated_pages/counters/C00052.md) | D04 |
| [C00197 remove suspicious accounts](../generated_pages/counters/C00197.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A005: community group
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,20 @@
# Actor A006: educator
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00009 Educate high profile influencers on best practices](../generated_pages/counters/C00009.md) | D02 |
| [C00011 Media literacy. Games to identify fake news](../generated_pages/counters/C00011.md) | D02 |
| [C00051 Counter social engineering training](../generated_pages/counters/C00051.md) | D02 |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
| [C00188 Newsroom/Journalist training to counter influence moves](../generated_pages/counters/C00188.md) | D03 |
| [C00212 build public resilience by making civil society more vibrant](../generated_pages/counters/C00212.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A007: factchecker
* **Summary:** Someone with the skills to verify whether information posted is factual
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00008 Create shared fact-checking database](../generated_pages/counters/C00008.md) | D04 |
| [C00014 Real-time updates to fact-checking database](../generated_pages/counters/C00014.md) | D04 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A008: library
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A009: NGO
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A010: religious organisation
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,14 @@
# Actor A011: school
* **Summary:**
* **Sector:** S002
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A012: account owner
* **Summary:** Anyone who owns an account online
* **Sector:** S006
* **Viewpoint:** FW01
FW02
| Counters | Response types |
| -------- | -------------- |
| [C00053 Delete old accounts / Remove unused social media accounts](../generated_pages/counters/C00053.md) | D04 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A013: content creator
* **Summary:**
* **Sector:** S006
* **Viewpoint:** FW01
FW02
| Counters | Response types |
| -------- | -------------- |
| [C00111 Reduce polarisation by connecting and presenting sympathetic renditions of opposite views](../generated_pages/counters/C00111.md) | D04 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A014: elves
* **Summary:**
* **Sector:** S006
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00143 (botnet) DMCA takedown requests to waste group time](../generated_pages/counters/C00143.md) | D04 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,18 @@
# Actor A015: general public
* **Summary:**
* **Sector:** S006
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00114 Don't engage with payloads](../generated_pages/counters/C00114.md) | D02 |
| [C00124 Don't feed the trolls](../generated_pages/counters/C00124.md) | D03 |
| [C00143 (botnet) DMCA takedown requests to waste group time](../generated_pages/counters/C00143.md) | D04 |
| [C00190 open engagement with civil society](../generated_pages/counters/C00190.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,18 @@
# Actor A016: influencer
* **Summary:**
* **Sector:** S006
* **Viewpoint:** FW01
FW02
| Counters | Response types |
| -------- | -------------- |
| [C00009 Educate high profile influencers on best practices](../generated_pages/counters/C00009.md) | D02 |
| [C00160 find and train influencers](../generated_pages/counters/C00160.md) | D02 |
| [C00200 Respected figure (influencer) disavows misinfo](../generated_pages/counters/C00200.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A017: coordinating body
* **Summary:** For example the DHS
* **Sector:** S003
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,21 @@
# Actor A018: government
* **Summary:** Government agencies
* **Sector:** S003
* **Viewpoint:** FW01
FW02
| Counters | Response types |
| -------- | -------------- |
| [C00012 Platform regulation](../generated_pages/counters/C00012.md) | D02 |
| [C00156 Better tell your country or organization story](../generated_pages/counters/C00156.md) | D03 |
| [C00203 Stop offering press credentials to propaganda outlets](../generated_pages/counters/C00203.md) | D03 |
| [C00205 strong dialogue between the federal government and private sector to encourage better reporting](../generated_pages/counters/C00205.md) | D03 |
| [C00207 Run a competing disinformation campaign - not recommended](../generated_pages/counters/C00207.md) | D07 |
| [C00212 build public resilience by making civil society more vibrant](../generated_pages/counters/C00212.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A019: military
* **Summary:**
* **Sector:** S003
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00156 Better tell your country or organization story](../generated_pages/counters/C00156.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,18 @@
# Actor A020: policy maker
* **Summary:**
* **Sector:** S003
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00010 Enhanced privacy regulation for social media](../generated_pages/counters/C00010.md) | D02 |
| [C00012 Platform regulation](../generated_pages/counters/C00012.md) | D02 |
| [C00060 Legal action against for-profit engagement factories](../generated_pages/counters/C00060.md) | D03 |
| [C00065 Reduce political targeting](../generated_pages/counters/C00065.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,22 @@
# Actor A021: media organisation
* **Summary:**
* **Sector:** S010
* **Viewpoint:** FW01
FW02
| Counters | Response types |
| -------- | -------------- |
| [C00017 Repair broken social connections](../generated_pages/counters/C00017.md) | D03 |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
| [C00111 Reduce polarisation by connecting and presenting sympathetic renditions of opposite views](../generated_pages/counters/C00111.md) | D04 |
| [C00124 Don't feed the trolls](../generated_pages/counters/C00124.md) | D03 |
| [C00154 Ask media not to report false information](../generated_pages/counters/C00154.md) | D02 |
| [C00174 Create a healthier news environment](../generated_pages/counters/C00174.md) | D02 |
| [C00188 Newsroom/Journalist training to counter influence moves](../generated_pages/counters/C00188.md) | D03 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,14 @@
# Actor A022: company
* **Summary:**
* **Sector:** S009
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A023: adtech provider
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00105 Buy more advertising than misinformation creators](../generated_pages/counters/C00105.md) | D03 |
| [C00216 Use advertiser controls to stem flow of funds to bad actors](../generated_pages/counters/C00216.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A024: developer
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00011 Media literacy. Games to identify fake news](../generated_pages/counters/C00011.md) | D02 |
| [C00103 Create a bot that engages / distract trolls](../generated_pages/counters/C00103.md) | D05 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A025: funding_site_admin
* **Summary:** Funding site admin
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00155 Ban incident actors from funding sites](../generated_pages/counters/C00155.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A026: games designer
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW01, FW02
| Counters | Response types |
| -------- | -------------- |
| [C00011 Media literacy. Games to identify fake news](../generated_pages/counters/C00011.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A027: information security
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00153 Take pre-emptive action against actors' infrastructure](../generated_pages/counters/C00153.md) | D03 |
| [C00182 Redirection / malware detection/ remediation](../generated_pages/counters/C00182.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,16 @@
# Actor A028: platform administrator
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00053 Delete old accounts / Remove unused social media accounts](../generated_pages/counters/C00053.md) | D04 |
| [C00074 Identify and delete or rate limit identical content](../generated_pages/counters/C00074.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A029: server admininistrator
* **Summary:**
* **Sector:** S008
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00131 Seize and analyse botnet servers](../generated_pages/counters/C00131.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,14 @@
# Actor A030: platforms
* **Summary:**
* **Sector:** S007
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,31 @@
# Actor A031: social media platform adminstrator
* **Summary:** Person with the authority to make changes to algorithms, take down content etc.
* **Sector:** S007
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00016 Censorship](../generated_pages/counters/C00016.md) | D02 |
| [C00044 Keep people from posting to social media immediately](../generated_pages/counters/C00044.md) | D03 |
| [C00053 Delete old accounts / Remove unused social media accounts](../generated_pages/counters/C00053.md) | D04 |
| [C00074 Identify and delete or rate limit identical content](../generated_pages/counters/C00074.md) | D02 |
| [C00097 Require use of verified identities to contribute to poll or comment](../generated_pages/counters/C00097.md) | D02 |
| [C00098 Revocation of allowlisted or "verified" status](../generated_pages/counters/C00098.md) | D02 |
| [C00099 Strengthen verification methods](../generated_pages/counters/C00099.md) | D02 |
| [C00101 Create friction by rate-limiting engagement](../generated_pages/counters/C00101.md) | D04 |
| [C00107 Content moderation](../generated_pages/counters/C00107.md) | D02 |
| [C00122 Content moderation](../generated_pages/counters/C00122.md) | D02 |
| [C00133 Deplatform Account*](../generated_pages/counters/C00133.md) | D03 |
| [C00135 Deplatform message groups and/or message boards](../generated_pages/counters/C00135.md) | D03 |
| [C00142 Platform adds warning label and decision point when sharing content](../generated_pages/counters/C00142.md) | D04 |
| [C00147 Make amplification of social media posts expire (e.g. can't like/ retweet after n days)](../generated_pages/counters/C00147.md) | D03 |
| [C00148 Add random links to network graphs](../generated_pages/counters/C00148.md) | D04 |
| [C00172 social media source removal](../generated_pages/counters/C00172.md) | D02 |
| [C00197 remove suspicious accounts](../generated_pages/counters/C00197.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,15 @@
# Actor A032: social media platform outreach
* **Summary:**
* **Sector:** S007
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00073 Inoculate populations through media literacy training](../generated_pages/counters/C00073.md) | D02 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,18 @@
# Actor A033: social media platform owner
* **Summary:** Person with authority to make changes to a social media companys business model
* **Sector:** S007
* **Viewpoint:** FW02
| Counters | Response types |
| -------- | -------------- |
| [C00006 Charge for social media](../generated_pages/counters/C00006.md) | D02 |
| [C00012 Platform regulation](../generated_pages/counters/C00012.md) | D02 |
| [C00205 strong dialogue between the federal government and private sector to encourage better reporting](../generated_pages/counters/C00205.md) | D03 |
| [C00207 Run a competing disinformation campaign - not recommended](../generated_pages/counters/C00207.md) | D07 |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,208 @@
# DISARM Actortypes:
<table border="1">
<tr>
<th>disarm_id</th>
<th>name</th>
<th>summary</th>
<th>sector_ids</th>
</tr>
<tr>
<td><a href="actortypes/A001.md">A001</a></td>
<td>data scientist </td>
<td>Person who can wrangle data, implement machine learning algorithms etc</td>
<td>S001, S002, S003, S004, S005, S006, S007, S008, S009, S010</td>
</tr>
<tr>
<td><a href="actortypes/A002.md">A002</a></td>
<td>target</td>
<td>Person being targeted by disinformation campaign</td>
<td>S001, S002, S003, S004, S005, S006, S007, S008, S009, S010</td>
</tr>
<tr>
<td><a href="actortypes/A003.md">A003</a></td>
<td>trusted authority </td>
<td>Influencer</td>
<td>S001, S002, S003, S004, S005, S006, S007, S008, S009, S010</td>
</tr>
<tr>
<td><a href="actortypes/A004.md">A004</a></td>
<td>activist</td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A005.md">A005</a></td>
<td>community group</td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A006.md">A006</a></td>
<td>educator</td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A007.md">A007</a></td>
<td>factchecker</td>
<td>Someone with the skills to verify whether information posted is factual</td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A008.md">A008</a></td>
<td>library</td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A009.md">A009</a></td>
<td>NGO</td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A010.md">A010</a></td>
<td>religious organisation </td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A011.md">A011</a></td>
<td>school </td>
<td></td>
<td>S002</td>
</tr>
<tr>
<td><a href="actortypes/A012.md">A012</a></td>
<td>account owner</td>
<td>Anyone who owns an account online</td>
<td>S006</td>
</tr>
<tr>
<td><a href="actortypes/A013.md">A013</a></td>
<td>content creator </td>
<td></td>
<td>S006</td>
</tr>
<tr>
<td><a href="actortypes/A014.md">A014</a></td>
<td>elves</td>
<td></td>
<td>S006</td>
</tr>
<tr>
<td><a href="actortypes/A015.md">A015</a></td>
<td>general public</td>
<td></td>
<td>S006</td>
</tr>
<tr>
<td><a href="actortypes/A016.md">A016</a></td>
<td>influencer</td>
<td></td>
<td>S006</td>
</tr>
<tr>
<td><a href="actortypes/A017.md">A017</a></td>
<td>coordinating body</td>
<td>For example the DHS</td>
<td>S003</td>
</tr>
<tr>
<td><a href="actortypes/A018.md">A018</a></td>
<td>government </td>
<td>Government agencies</td>
<td>S003</td>
</tr>
<tr>
<td><a href="actortypes/A019.md">A019</a></td>
<td>military </td>
<td></td>
<td>S003</td>
</tr>
<tr>
<td><a href="actortypes/A020.md">A020</a></td>
<td>policy maker</td>
<td></td>
<td>S003</td>
</tr>
<tr>
<td><a href="actortypes/A021.md">A021</a></td>
<td>media organisation</td>
<td></td>
<td>S010</td>
</tr>
<tr>
<td><a href="actortypes/A022.md">A022</a></td>
<td>company</td>
<td></td>
<td>S009</td>
</tr>
<tr>
<td><a href="actortypes/A023.md">A023</a></td>
<td>adtech provider</td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A024.md">A024</a></td>
<td>developer</td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A025.md">A025</a></td>
<td>funding_site_admin</td>
<td>Funding site admin</td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A026.md">A026</a></td>
<td>games designer</td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A027.md">A027</a></td>
<td>information security</td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A028.md">A028</a></td>
<td>platform administrator</td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A029.md">A029</a></td>
<td>server admininistrator </td>
<td></td>
<td>S008</td>
</tr>
<tr>
<td><a href="actortypes/A030.md">A030</a></td>
<td>platforms </td>
<td></td>
<td>S007</td>
</tr>
<tr>
<td><a href="actortypes/A031.md">A031</a></td>
<td>social media platform adminstrator</td>
<td>Person with the authority to make changes to algorithms, take down content etc. </td>
<td>S007</td>
</tr>
<tr>
<td><a href="actortypes/A032.md">A032</a></td>
<td>social media platform outreach </td>
<td></td>
<td>S007</td>
</tr>
<tr>
<td><a href="actortypes/A033.md">A033</a></td>
<td>social media platform owner</td>
<td>Person with authority to make changes to a social media companys business model</td>
<td>S007</td>
</tr>
</table>

View File

@ -0,0 +1,40 @@
# Counter C00006: Charge for social media
* **Summary**: Include a paid-for privacy option, e.g. pay Facebook for an option of them not collecting your personal information. There are examples of this not work, e.g. most people dont use proton mail etc.
* **Playbooks**:
* **Metatechnique**: M004 - friction
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A033 social media platform owner](../generated_pages/actortypes/A033.md) | S007 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0007 Create fake Social Media Profiles / Pages / Groups](../generated_pages/techniques/T0007.md) |
| [T0015 Create hashtag](../generated_pages/techniques/T0015.md) |
| [T0018 Paid targeted ads](../generated_pages/techniques/T0018.md) |
| [T0043 Use SMS/ WhatsApp/ Chat apps](../generated_pages/techniques/T0043.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0054 Twitter bots amplify](../generated_pages/techniques/T0054.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,52 @@
# Counter C00008: Create shared fact-checking database
* **Summary**: Share fact-checking resources - tips, responses, countermessages, across respose groups. Snopes is best-known example of fact-checking sites.
* **Playbooks**:
* **Metatechnique**: M006 - scoring
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A007 factchecker](../generated_pages/actortypes/A007.md) | S002 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0051 Fabricate social media comment](../generated_pages/techniques/T0051.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0026 Create fake research](../generated_pages/techniques/T0026.md) |
| [T0024 Create fake videos and images](../generated_pages/techniques/T0024.md) |
| [T0025 Leak altered documents](../generated_pages/techniques/T0025.md) |
| [T0021 Memes](../generated_pages/techniques/T0021.md) |
| [T0014 Create funding campaigns](../generated_pages/techniques/T0014.md) |
| [T0013 Create fake websites](../generated_pages/techniques/T0013.md) |
| [T0008 Create fake or imposter news sites](../generated_pages/techniques/T0008.md) |
| [T0009 Create fake experts](../generated_pages/techniques/T0009.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0045 Use fake experts](../generated_pages/techniques/T0045.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,44 @@
# Counter C00009: Educate high profile influencers on best practices
* **Summary**: Find online influencers. Provide training in the mechanisms of disinformation, how to spot campaigns, and/or how to contribute to responses by countermessaging, boosting information sites etc.
* **Playbooks**:
* **Metatechnique**: M001 - resilience
* **Resources needed:**
* **Belongs to tactic stage**: TA02
| Actor types | Sectors |
| ----------- | ------- |
| [A006 educator](../generated_pages/actortypes/A006.md) | S002 |
| [A016 influencer](../generated_pages/actortypes/A016.md) | S006 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0010 Cultivate ignorant agents](../generated_pages/techniques/T0010.md) |
| [T0039 Bait legitimate influencers](../generated_pages/techniques/T0039.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0042 Kernel of Truth](../generated_pages/techniques/T0042.md) |
| [T0048 Cow online opinion leaders](../generated_pages/techniques/T0048.md) |
| [T0052 Tertiary sites amplify news](../generated_pages/techniques/T0052.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0055 Use hashtag](../generated_pages/techniques/T0055.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,36 @@
# Counter C00010: Enhanced privacy regulation for social media
* **Summary**: Implement stronger privacy standards, to reduce the ability to microtarget community members.
* **Playbooks**:
* **Metatechnique**: M004 - friction
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A020 policy maker](../generated_pages/actortypes/A020.md) | S003 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0005 Center of Gravity Analysis](../generated_pages/techniques/T0005.md) |
| [T0018 Paid targeted ads](../generated_pages/techniques/T0018.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,53 @@
# Counter C00011: Media literacy. Games to identify fake news
* **Summary**: Create and use games to show people the mechanics of disinformation, and how to counter them.
* **Playbooks**:
* **Metatechnique**: M001 - resilience
* **Resources needed:**
* **Belongs to tactic stage**: TA02
| Actor types | Sectors |
| ----------- | ------- |
| [A006 educator](../generated_pages/actortypes/A006.md) | S002 |
| [A024 developer](../generated_pages/actortypes/A024.md) | S008 |
| [A026 games designer](../generated_pages/actortypes/A026.md) | S008 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0051 Fabricate social media comment](../generated_pages/techniques/T0051.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0026 Create fake research](../generated_pages/techniques/T0026.md) |
| [T0024 Create fake videos and images](../generated_pages/techniques/T0024.md) |
| [T0025 Leak altered documents](../generated_pages/techniques/T0025.md) |
| [T0021 Memes](../generated_pages/techniques/T0021.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0013 Create fake websites](../generated_pages/techniques/T0013.md) |
| [T0009 Create fake experts](../generated_pages/techniques/T0009.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0008 Create fake or imposter news sites](../generated_pages/techniques/T0008.md) |
| [T0045 Use fake experts](../generated_pages/techniques/T0045.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,68 @@
# Counter C00012: Platform regulation
* **Summary**: Empower existing regulators to govern social media. Also covers Destroy. Includes: Include the role of social media in the regulatory framework for media - The European Union created significant new regulations in 2018; the U.S. approach will need to be carefully crafted to protect First Amendment principles, create needed transparency, ensure liability, and impose costs for noncompliance. Includes Create policy that makes social media police disinformation - example: German model: facebook forced to police content by law. Includes: Use fraud legislation to clean up social media
* **Playbooks**:
* **Metatechnique**: M007 - metatechnique
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A018 government ](../generated_pages/actortypes/A018.md) | S003 |
| [A020 policy maker](../generated_pages/actortypes/A020.md) | S003 |
| [A033 social media platform owner](../generated_pages/actortypes/A033.md) | S007 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0055 Use hashtag](../generated_pages/techniques/T0055.md) |
| [T0054 Twitter bots amplify](../generated_pages/techniques/T0054.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0052 Tertiary sites amplify news](../generated_pages/techniques/T0052.md) |
| [T0051 Fabricate social media comment](../generated_pages/techniques/T0051.md) |
| [T0050 Cheerleading domestic social media ops](../generated_pages/techniques/T0050.md) |
| [T0049 Flooding](../generated_pages/techniques/T0049.md) |
| [T0048 Cow online opinion leaders](../generated_pages/techniques/T0048.md) |
| [T0047 Muzzle social media as a political force](../generated_pages/techniques/T0047.md) |
| [T0046 Search Engine Optimization](../generated_pages/techniques/T0046.md) |
| [T0045 Use fake experts](../generated_pages/techniques/T0045.md) |
| [T0043 Use SMS/ WhatsApp/ Chat apps](../generated_pages/techniques/T0043.md) |
| [T0026 Create fake research](../generated_pages/techniques/T0026.md) |
| [T0025 Leak altered documents](../generated_pages/techniques/T0025.md) |
| [T0024 Create fake videos and images](../generated_pages/techniques/T0024.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0021 Memes](../generated_pages/techniques/T0021.md) |
| [T0018 Paid targeted ads](../generated_pages/techniques/T0018.md) |
| [T0017 Promote online funding](../generated_pages/techniques/T0017.md) |
| [T0016 Clickbait](../generated_pages/techniques/T0016.md) |
| [T0015 Create hashtag](../generated_pages/techniques/T0015.md) |
| [T0014 Create funding campaigns](../generated_pages/techniques/T0014.md) |
| [T0013 Create fake websites](../generated_pages/techniques/T0013.md) |
| [T0009 Create fake experts](../generated_pages/techniques/T0009.md) |
| [T0008 Create fake or imposter news sites](../generated_pages/techniques/T0008.md) |
| [T0007 Create fake Social Media Profiles / Pages / Groups](../generated_pages/techniques/T0007.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0057 Organise remote rallies and events](../generated_pages/techniques/T0057.md) |
| [T0061 Sell merchandising](../generated_pages/techniques/T0061.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,40 @@
# Counter C00013: Rating framework for news
* **Summary**: This is "strategic innoculation", raising the standards of what people expect in terms of evidence when consuming news. Example: journalistic ethics, or journalistic licensing body. Include full transcripts, link source, add items.
* **Playbooks**:
* **Metatechnique**: M006 - scoring
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0052 Tertiary sites amplify news](../generated_pages/techniques/T0052.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,52 @@
# Counter C00014: Real-time updates to fact-checking database
* **Summary**: Update fact-checking databases and resources in real time. Especially import for time-limited events like natural disasters. Existing examples at Buzzfeed and Fema.
* **Playbooks**:
* **Metatechnique**: M006 - scoring
* **Resources needed:**
* **Belongs to tactic stage**: TA06
| Actor types | Sectors |
| ----------- | ------- |
| [A007 factchecker](../generated_pages/actortypes/A007.md) | S002 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0051 Fabricate social media comment](../generated_pages/techniques/T0051.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0026 Create fake research](../generated_pages/techniques/T0026.md) |
| [T0024 Create fake videos and images](../generated_pages/techniques/T0024.md) |
| [T0025 Leak altered documents](../generated_pages/techniques/T0025.md) |
| [T0021 Memes](../generated_pages/techniques/T0021.md) |
| [T0014 Create funding campaigns](../generated_pages/techniques/T0014.md) |
| [T0013 Create fake websites](../generated_pages/techniques/T0013.md) |
| [T0008 Create fake or imposter news sites](../generated_pages/techniques/T0008.md) |
| [T0009 Create fake experts](../generated_pages/techniques/T0009.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0045 Use fake experts](../generated_pages/techniques/T0045.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,65 @@
# Counter C00016: Censorship
* **Summary**: Alter and/or block the publication/dissemination of information controlled by disinformation creators. Not recommended.
* **Playbooks**:
* **Metatechnique**: M005 - removal
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A031 social media platform adminstrator](../generated_pages/actortypes/A031.md) | S007 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0055 Use hashtag](../generated_pages/techniques/T0055.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0054 Twitter bots amplify](../generated_pages/techniques/T0054.md) |
| [T0052 Tertiary sites amplify news](../generated_pages/techniques/T0052.md) |
| [T0049 Flooding](../generated_pages/techniques/T0049.md) |
| [T0051 Fabricate social media comment](../generated_pages/techniques/T0051.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| [T0043 Use SMS/ WhatsApp/ Chat apps](../generated_pages/techniques/T0043.md) |
| [T0045 Use fake experts](../generated_pages/techniques/T0045.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0026 Create fake research](../generated_pages/techniques/T0026.md) |
| [T0024 Create fake videos and images](../generated_pages/techniques/T0024.md) |
| [T0025 Leak altered documents](../generated_pages/techniques/T0025.md) |
| [T0058 Legacy web content](../generated_pages/techniques/T0058.md) |
| [T0021 Memes](../generated_pages/techniques/T0021.md) |
| [T0018 Paid targeted ads](../generated_pages/techniques/T0018.md) |
| [T0017 Promote online funding](../generated_pages/techniques/T0017.md) |
| [T0016 Clickbait](../generated_pages/techniques/T0016.md) |
| [T0015 Create hashtag](../generated_pages/techniques/T0015.md) |
| [T0014 Create funding campaigns](../generated_pages/techniques/T0014.md) |
| [T0013 Create fake websites](../generated_pages/techniques/T0013.md) |
| [T0007 Create fake Social Media Profiles / Pages / Groups](../generated_pages/techniques/T0007.md) |
| [T0008 Create fake or imposter news sites](../generated_pages/techniques/T0008.md) |
| [T0009 Create fake experts](../generated_pages/techniques/T0009.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0057 Organise remote rallies and events](../generated_pages/techniques/T0057.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,41 @@
# Counter C00017: Repair broken social connections
* **Summary**: For example, use a media campaign to promote in-group to out-group in person communication / activities . Technique could be in terms of forcing a reality-check by talking to people instead of reading about bogeymen.
* **Playbooks**:
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| [A021 media organisation](../generated_pages/actortypes/A021.md) | S010 |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0023 Distort facts](../generated_pages/techniques/T0023.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,44 @@
# Counter C00019: Reduce effect of division-enablers
* **Summary**: includes Promote constructive communication by shaming division-enablers, and Promote playbooks to call out division-enablers
* **Playbooks**:
* **Metatechnique**: M003 - daylight
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0023 Distort facts](../generated_pages/techniques/T0023.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| [T0052 Tertiary sites amplify news](../generated_pages/techniques/T0052.md) |
| [T0056 Dedicated channels disseminate information pollution](../generated_pages/techniques/T0056.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,43 @@
# Counter C00021: Encourage in-person communication
* **Summary**: Encourage offline communication
* **Playbooks**:
* **Metatechnique**: M001 - resilience
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0023 Distort facts](../generated_pages/techniques/T0023.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,43 @@
# Counter C00022: Innoculate. Positive campaign to promote feeling of safety
* **Summary**: Used to counter ability based and fear based attacks
* **Playbooks**:
* **Metatechnique**: M001 - resilience
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0023 Distort facts](../generated_pages/techniques/T0023.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

View File

@ -0,0 +1,43 @@
# Counter C00024: Promote healthy narratives
* **Summary**: Includes promoting constructive narratives i.e. not polarising (e.g. pro-life, pro-choice, pro-USA). Includes promoting identity neutral narratives.
* **Playbooks**:
* **Metatechnique**: M001 - resilience
* **Resources needed:**
* **Belongs to tactic stage**: TA01
| Actor types | Sectors |
| ----------- | ------- |
| Counters these Tactics |
| ---------------------- |
| Counters these Techniques |
| ------------------------- |
| [T0001 5Ds (dismiss, distort, distract, dismay, divide)](../generated_pages/techniques/T0001.md) |
| [T0002 Facilitate State Propaganda](../generated_pages/techniques/T0002.md) |
| [T0003 Leverage Existing Narratives](../generated_pages/techniques/T0003.md) |
| [T0006 Create Master Narratives](../generated_pages/techniques/T0006.md) |
| [T0027 Adapt existing narratives](../generated_pages/techniques/T0027.md) |
| [T0028 Create competing narratives](../generated_pages/techniques/T0028.md) |
| [T0022 Conspiracy narratives](../generated_pages/techniques/T0022.md) |
| [T0023 Distort facts](../generated_pages/techniques/T0023.md) |
| [T0053 Twitter trolls amplify and manipulate](../generated_pages/techniques/T0053.md) |
| [T0044 Seed distortions](../generated_pages/techniques/T0044.md) |
| Seen in incidents |
| ----------------- |
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

Some files were not shown because too many files have changed in this diff Show More