mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2025-01-11 15:29:43 -05:00
22abaf93d8
Took a copy of the current AMITT github repository - we'll be updating this and merging the SPICE branch back in Rebranded to DISARM Moved generated pages to their own folder, to make looking at the repository less confusing
269 lines
7.3 KiB
Plaintext
269 lines
7.3 KiB
Plaintext
{
|
|
"cells": [
|
|
{
|
|
"cell_type": "markdown",
|
|
"metadata": {},
|
|
"source": [
|
|
"# Create AMITT incident visualisations\n",
|
|
"\n",
|
|
"Many thanks to https://python-graph-gallery.com/91-customize-seaborn-heatmap/"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"import seaborn as sns\n",
|
|
"import pandas as pd\n",
|
|
"import numpy as np\n",
|
|
"import generate_amitt_ttps\n",
|
|
"\n",
|
|
"# Check that heatmap works\n",
|
|
"df = pd.DataFrame(np.random.random((10,12)), columns=[\"a\",\"b\",\"c\",\"d\",\"e\",\"f\",\"g\",\"h\",\"i\",\"j\",\"k\",\"l\"])\n",
|
|
"sns.heatmap(df, annot=True, annot_kws={\"size\": 7})"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"amitt = generate_amitt_ttps.Amitt()\n",
|
|
"redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
|
|
"\n",
|
|
"techcounts = amitt.it[['id_incident','id_technique']].drop_duplicates().groupby('id_technique').count().to_dict()['id_incident']\n",
|
|
"techlabels = redgrid[2:][:]\n",
|
|
"nrows = len(techlabels)\n",
|
|
"ncols = len(techlabels[0])\n",
|
|
"techgrid = np.zeros([nrows, ncols], dtype = int)\n",
|
|
"\n",
|
|
"for row in range(nrows):\n",
|
|
" for col in range(ncols):\n",
|
|
" if techlabels[row][col] in techcounts:\n",
|
|
" techgrid[row][col] = techcounts[techlabels[row][col]]\n",
|
|
"\n",
|
|
"sns.heatmap(techgrid, annot=True, annot_kws={\"size\": 7})\n",
|
|
"techgrid"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"amitt.df_tactics"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"amitt.it"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"ct = amitt.cross_counterid_techniqueid\n",
|
|
"ct[ct['technique_id'] != '']"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"ct[(ct['id'] == 'C00197') & (ct['technique_id'].isin(['T0002', 'T0007']))]"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"ct = ct[ct['technique_id'].isin(amitt.df_techniques['id'].to_list()) & ct['id'].isin(amitt.df_counters['id'].to_list())]\n",
|
|
"ct"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"technique_id_list = ['T0007', 'T0008', 'T0022', 'T0023', 'T0043', 'T0052', 'T0036', 'T0037', 'T0038']\n",
|
|
"counter_id_list = ['C00009', 'C00008', 'C00042', 'C00030', 'C00093', 'C00193', 'C00073', 'C000197', 'C00174', 'C00205']\n",
|
|
"possible_counters_for_techniques = ct[ct['technique_id'].isin(technique_id_list)] \n",
|
|
"possible_techniques_for_counters = ct[ct['id'].isin(counter_id_list)] \n",
|
|
"coverage = ct[(ct['id'].isin(counter_id_list)) & (ct['technique_id'].isin(technique_id_list))]\n",
|
|
"coverage"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {
|
|
"scrolled": true
|
|
},
|
|
"outputs": [],
|
|
"source": [
|
|
"possible_techniques_for_counters"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {
|
|
"scrolled": true
|
|
},
|
|
"outputs": [],
|
|
"source": [
|
|
"possible_counters_for_techniques"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": 6,
|
|
"metadata": {},
|
|
"outputs": [
|
|
{
|
|
"name": "stdout",
|
|
"output_type": "stream",
|
|
"text": [
|
|
"clicked button T0045 8 7\n",
|
|
"clicked button T0046 9 7\n",
|
|
"clicked button T0049 4 8\n",
|
|
"clicked button T0057 2 9\n",
|
|
"clicked button T0060 4 10\n",
|
|
"clicked button T0029 2 6\n",
|
|
"clicked button T0016 2 4\n"
|
|
]
|
|
}
|
|
],
|
|
"source": [
|
|
"import tkinter as Tk\n",
|
|
"import numpy as np\n",
|
|
"import generate_amitt_ttps\n",
|
|
"\n",
|
|
"class Begueradj(Tk.Frame):\n",
|
|
" def __init__(self,parent):\n",
|
|
" amitt = generate_amitt_ttps.Amitt()\n",
|
|
" self.redgrid = amitt.create_padded_framework_table('AMITT Red', 'technique_ids', False)\n",
|
|
" self.bluegrid = amitt.create_padded_framework_table('AMITT Blue', 'counter_ids', False)\n",
|
|
"\n",
|
|
" Tk.Frame.__init__(self, parent)\n",
|
|
" self.parent = parent\n",
|
|
" self.button= ''\n",
|
|
" self.initialize()\n",
|
|
" \n",
|
|
" def initialize(self):\n",
|
|
" '''\n",
|
|
" Draw the GUI\n",
|
|
" '''\n",
|
|
" self.parent.title(\"AMITT FRAMEWORK COVERAGE\") \n",
|
|
" self.parent.grid_rowconfigure(1,weight=1)\n",
|
|
" self.parent.grid_columnconfigure(1,weight=1)\n",
|
|
"\n",
|
|
" self.frame = Tk.Frame(self.parent) \n",
|
|
" self.frame.pack(fill=Tk.X, padx=5, pady=5)\n",
|
|
"\n",
|
|
" # Create a 6x7 array of zeros as the one you used\n",
|
|
" numrows = len(self.redgrid) - 1\n",
|
|
" numcols = len(self.redgrid[0])\n",
|
|
" self.buttons = {}\n",
|
|
" for row in range(1,numrows):\n",
|
|
" for col in range(0,numcols):\n",
|
|
" button_id = self.redgrid[row][col]\n",
|
|
" self.button = Tk.Button(self.frame, text = button_id, bg='blue', \n",
|
|
" command= lambda bid=button_id, row=row, col=col: self.clicked(bid, row, col))\n",
|
|
" self.button.grid(row=row, column=col)\n",
|
|
" \n",
|
|
" def clicked(self, bid, row, col):\n",
|
|
" print('clicked button {} {} {}'.format(bid, row, col))\n",
|
|
" self.find_in_grid(self.frame, row, col)\n",
|
|
"\n",
|
|
" def find_in_grid(self, frame, row, column):\n",
|
|
" for children in frame.children.values():\n",
|
|
" info = children.grid_info()\n",
|
|
" #note that rows and column numbers are stored as string\n",
|
|
" if info['row'] == str(row) and info['column'] == str(column):\n",
|
|
" print('{}'.format(children.get()))\n",
|
|
" return None\n",
|
|
"\n",
|
|
"root=Tk.Tk()\n",
|
|
"app = Begueradj(root) \n",
|
|
"root.mainloop()"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {
|
|
"scrolled": true
|
|
},
|
|
"outputs": [],
|
|
"source": [
|
|
"redgrid"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"for row in range(2,len(redgrid)):\n",
|
|
" print(len(redgrid[row]))"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": [
|
|
"redgrid[1][2]"
|
|
]
|
|
},
|
|
{
|
|
"cell_type": "code",
|
|
"execution_count": null,
|
|
"metadata": {},
|
|
"outputs": [],
|
|
"source": []
|
|
}
|
|
],
|
|
"metadata": {
|
|
"kernelspec": {
|
|
"display_name": "Python 3",
|
|
"language": "python",
|
|
"name": "python3"
|
|
},
|
|
"language_info": {
|
|
"codemirror_mode": {
|
|
"name": "ipython",
|
|
"version": 3
|
|
},
|
|
"file_extension": ".py",
|
|
"mimetype": "text/x-python",
|
|
"name": "python",
|
|
"nbconvert_exporter": "python",
|
|
"pygments_lexer": "ipython3",
|
|
"version": "3.8.3"
|
|
}
|
|
},
|
|
"nbformat": 4,
|
|
"nbformat_minor": 2
|
|
}
|