Git-Mirrors/DISARMframeworks
1
0
Fork 0
mirror of https://github.com/DISARMFoundation/DISARMframeworks.git synced 2025-05-11 11:15:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added EEAS framework objects and STIX generator

Browse source 
Added framework objects:
- Added technique T0066 "Degrade adversary" to TA02
- Added technique T0067 "Plan to discredit credible sources" to TA02
- Added technique T0068 "respond to breaking news event" to TA02
- Added technique T0069  "respond to active crisis" to TA02
- Added technique T0070 "Analyze existing communities" to TA02
- Added technique T0071 "Find echo chambers" to TA13
- Added technique T0072  "Segment audiences" to TA13

Added STIX generator from repo DISARM-stix2, and added code to generate github files, databases, and STIX from the same Jupyter notebook.
This commit is contained in:
Sara-Jayne Terp 2022-02-20 15:40:34 -05:00
parent 2117dcf09b
commit c11e9d06ad
46 changed files with 2428 additions and 17533 deletions
Download patch file Download diff file Expand all files Collapse all files

206
CODE/.ipynb_checkpoints/generate_DISARM_pages-checkpoint.ipynb
View file

@ -4,9 +4,16 @@
"cell_type": "markdown",
"metadata": {},
"source": [
"# Generate DISARM github files\n",
"# Generate DISARM files\n",
"\n",
"Generate all the DISARM github files from the DISARM master spreadsheets, being careful to retain any comments people have made below the \"don't write above this\" line in them. "
"Generate DISARM files and database objects from the DISARM master spreadsheets."
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Step 1. Generate DISARM github pages"
]
},
{
@ -54,9 +61,64 @@
"disarm.generate_and_write_datafiles()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Step 2. Generate DISARM STIX objects"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"'conduct-center-of-gravity-analysis' is not a recognized DISARM Tactic.\n",
"'drive-offline-activity' is not a recognized DISARM Tactic.\n"
]
}
],
"source": [
"import sys\n",
"sys.path.insert(0, \"DISARM-STIX2\")\n",
"from main import generate_disarm_stix\n",
"\n",
"generate_disarm_stix()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Step 3. Generate DISARM database objects"
]
},
{
"cell_type": "code",
"execution_count": 3,
"metadata": {},
"outputs": [],
"source": [
"from generate_disarm_sql import generate_disarm_sql\n",
"\n",
"generate_disarm_sql('sqlite')\n",
"generate_disarm_sql('postgresql_local')"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Step 4 (optional). Look at datasets"
]
},
{
"cell_type": "code",
"execution_count": 4,
"metadata": {
"scrolled": true
},
@ -88,6 +150,7 @@
" <th>sector_ids</th>\n",
" <th>framework_ids</th>\n",
" <th>longname</th>\n",
" <th>Jon's comments/questions</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
@ -99,6 +162,7 @@
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A001 - data scientist</td>\n",
" <td>What actual actions do data scientists execute...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
@ -108,6 +172,7 @@
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW02</td>\n",
" <td>A002 - target</td>\n",
" <td>Both red and blue framework users will refer t...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
@ -117,6 +182,7 @@
" <td>S001, S002, S003, S004, S005, S006, S007, S008...</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A003 - trusted authority</td>\n",
" <td>Is A003 best summarised by the word \"Inluencer...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
@ -126,6 +192,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A004 - activist</td>\n",
" <td>What does this actortype do?</td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
@ -135,6 +202,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A005 - community group</td>\n",
" <td>What does this actortype do?</td>\n",
" </tr>\n",
" <tr>\n",
" <th>5</th>\n",
@ -144,6 +212,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A006 - educator</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>6</th>\n",
@ -153,6 +222,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A007 - factchecker</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>7</th>\n",
@ -162,6 +232,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A008 - library</td>\n",
" <td>Is this an actortype? A sub-sector, yes. But w...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>8</th>\n",
@ -171,6 +242,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A009 - NGO</td>\n",
" <td>This is a sector, not an actortype</td>\n",
" </tr>\n",
" <tr>\n",
" <th>9</th>\n",
@ -180,6 +252,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A010 - religious organisation</td>\n",
" <td>\"Faith communities\" are a sub-sector of the Ci...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>10</th>\n",
@ -189,6 +262,7 @@
" <td>S002</td>\n",
" <td>FW02</td>\n",
" <td>A011 - school</td>\n",
" <td>This is a subsector of S004 - not an actortype...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>11</th>\n",
@ -198,6 +272,7 @@
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A012 - account owner</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>12</th>\n",
@ -207,6 +282,7 @@
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A013 - content creator</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>13</th>\n",
@ -216,6 +292,7 @@
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A014 - elves</td>\n",
" <td>??? SJ, you have told me, but I've forgotten</td>\n",
" </tr>\n",
" <tr>\n",
" <th>14</th>\n",
@ -225,6 +302,7 @@
" <td>S006</td>\n",
" <td>FW02</td>\n",
" <td>A015 - general public</td>\n",
" <td>Duplication of a field in the sector object. B...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>15</th>\n",
@ -234,6 +312,7 @@
" <td>S006</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A016 - influencer</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>16</th>\n",
@ -243,6 +322,7 @@
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A017 - coordinating body</td>\n",
" <td>\"Response coordinator\"? Or just 'Coordinator\"</td>\n",
" </tr>\n",
" <tr>\n",
" <th>17</th>\n",
@ -252,6 +332,7 @@
" <td>S003</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A018 - government</td>\n",
" <td>DHS (A017) is \"government\". Again, this is a f...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>18</th>\n",
@ -261,6 +342,7 @@
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A019 - military</td>\n",
" <td>A019 is a sub-sector of \"government\". Again, t...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>19</th>\n",
@ -270,6 +352,7 @@
" <td>S003</td>\n",
" <td>FW02</td>\n",
" <td>A020 - policy maker</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>20</th>\n",
@ -279,6 +362,7 @@
" <td>S010</td>\n",
" <td>FW01\\nFW02</td>\n",
" <td>A021 - media organisation</td>\n",
" <td>Not an actortype. The actor is perhaps as the ...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>21</th>\n",
@ -288,6 +372,7 @@
" <td>S009</td>\n",
" <td>FW02</td>\n",
" <td>A022 - company</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>22</th>\n",
@ -297,6 +382,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A023 - adtech provider</td>\n",
" <td>Should Adtech be a called-out subsector of S00...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>23</th>\n",
@ -306,6 +392,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A024 - developer</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>24</th>\n",
@ -315,6 +402,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A025 - funding_site_admin</td>\n",
" <td>What is this?</td>\n",
" </tr>\n",
" <tr>\n",
" <th>25</th>\n",
@ -324,6 +412,7 @@
" <td>S008</td>\n",
" <td>FW01, FW02</td>\n",
" <td>A026 - games designer</td>\n",
" <td>Just \"Designer\"? Would the TTP context not mak...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>26</th>\n",
@ -333,6 +422,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A027 - information security</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>27</th>\n",
@ -342,6 +432,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A028 - platform administrator</td>\n",
" <td>Just \"Administrator\"?</td>\n",
" </tr>\n",
" <tr>\n",
" <th>28</th>\n",
@ -351,6 +442,7 @@
" <td>S008</td>\n",
" <td>FW02</td>\n",
" <td>A029 - server admininistrator</td>\n",
" <td>Just \"Administrator\"? (de-duplicating A028)</td>\n",
" </tr>\n",
" <tr>\n",
" <th>29</th>\n",
@ -360,6 +452,7 @@
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A030 - platforms</td>\n",
" <td>The same as S007? If there is an action here, ...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>30</th>\n",
@ -369,6 +462,7 @@
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A031 - social media platform adminstrator</td>\n",
" <td>Not needed, given A028. The sector selection d...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>31</th>\n",
@ -378,6 +472,7 @@
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A032 - social media platform outreach</td>\n",
" <td>What does this do?</td>\n",
" </tr>\n",
" <tr>\n",
" <th>32</th>\n",
@ -387,6 +482,7 @@
" <td>S007</td>\n",
" <td>FW02</td>\n",
" <td>A033 - social media platform owner</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
@ -498,48 +594,84 @@
"31 S007 FW02 \n",
"32 S007 FW02 \n",
"\n",
" longname \n",
"0 A001 - data scientist \n",
"1 A002 - target \n",
"2 A003 - trusted authority \n",
"3 A004 - activist \n",
"4 A005 - community group \n",
"5 A006 - educator \n",
"6 A007 - factchecker \n",
"7 A008 - library \n",
"8 A009 - NGO \n",
"9 A010 - religious organisation \n",
"10 A011 - school \n",
"11 A012 - account owner \n",
"12 A013 - content creator \n",
"13 A014 - elves \n",
"14 A015 - general public \n",
"15 A016 - influencer \n",
"16 A017 - coordinating body \n",
"17 A018 - government \n",
"18 A019 - military \n",
"19 A020 - policy maker \n",
"20 A021 - media organisation \n",
"21 A022 - company \n",
"22 A023 - adtech provider \n",
"23 A024 - developer \n",
"24 A025 - funding_site_admin \n",
"25 A026 - games designer \n",
"26 A027 - information security \n",
"27 A028 - platform administrator \n",
"28 A029 - server admininistrator \n",
"29 A030 - platforms \n",
"30 A031 - social media platform adminstrator \n",
"31 A032 - social media platform outreach \n",
"32 A033 - social media platform owner "
" longname \\\n",
"0 A001 - data scientist \n",
"1 A002 - target \n",
"2 A003 - trusted authority \n",
"3 A004 - activist \n",
"4 A005 - community group \n",
"5 A006 - educator \n",
"6 A007 - factchecker \n",
"7 A008 - library \n",
"8 A009 - NGO \n",
"9 A010 - religious organisation \n",
"10 A011 - school \n",
"11 A012 - account owner \n",
"12 A013 - content creator \n",
"13 A014 - elves \n",
"14 A015 - general public \n",
"15 A016 - influencer \n",
"16 A017 - coordinating body \n",
"17 A018 - government \n",
"18 A019 - military \n",
"19 A020 - policy maker \n",
"20 A021 - media organisation \n",
"21 A022 - company \n",
"22 A023 - adtech provider \n",
"23 A024 - developer \n",
"24 A025 - funding_site_admin \n",
"25 A026 - games designer \n",
"26 A027 - information security \n",
"27 A028 - platform administrator \n",
"28 A029 - server admininistrator \n",
"29 A030 - platforms \n",
"30 A031 - social media platform adminstrator \n",
"31 A032 - social media platform outreach \n",
"32 A033 - social media platform owner \n",
"\n",
" Jon's comments/questions \n",
"0 What actual actions do data scientists execute... \n",
"1 Both red and blue framework users will refer t... \n",
"2 Is A003 best summarised by the word \"Inluencer... \n",
"3 What does this actortype do? \n",
"4 What does this actortype do? \n",
"5 \n",
"6 \n",
"7 Is this an actortype? A sub-sector, yes. But w... \n",
"8 This is a sector, not an actortype \n",
"9 \"Faith communities\" are a sub-sector of the Ci... \n",
"10 This is a subsector of S004 - not an actortype... \n",
"11 \n",
"12 \n",
"13 ??? SJ, you have told me, but I've forgotten \n",
"14 Duplication of a field in the sector object. B... \n",
"15 \n",
"16 \"Response coordinator\"? Or just 'Coordinator\" \n",
"17 DHS (A017) is \"government\". Again, this is a f... \n",
"18 A019 is a sub-sector of \"government\". Again, t... \n",
"19 \n",
"20 Not an actortype. The actor is perhaps as the ... \n",
"21 \n",
"22 Should Adtech be a called-out subsector of S00... \n",
"23 \n",
"24 What is this? \n",
"25 Just \"Designer\"? Would the TTP context not mak... \n",
"26 \n",
"27 Just \"Administrator\"? \n",
"28 Just \"Administrator\"? (de-duplicating A028) \n",
"29 The same as S007? If there is an action here, ... \n",
"30 Not needed, given A028. The sector selection d... \n",
"31 What does this do? \n",
"32 "
]
},
"execution_count": 2,
"execution_count": 4,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"pd.set_option('display.max_rows', 1000)\n",
"disarm.df_actortypes"
]
},