Learn R Programming

mitre

mitre package is designed to provide easy access to cybersecurity data standards. You can expect sample data frames for every standard object. It provide a directed graph with all relationships for deep exploratory analysis. Using scripts in data-raw folder you can build the data sets using the latest public source files.

Installation

You can install the released version of mitre from CRAN with:

install.packages("mitre")

And the development version from GitHub with:

# install.packages("devtools")
devtools::install_github("motherhack3r/mitre")

Explore cybersecurity standards

This is a basic example which shows you how to view shield tactics ids and names:

library(mitre)
shield <- mitre::shield.tactics
shield[, c("id", "name")]
#>        id       name
#> 1 DTA0001    Channel
#> 2 DTA0002    Collect
#> 3 DTA0003    Contain
#> 4 DTA0004     Detect
#> 5 DTA0005    Disrupt
#> 6 DTA0006 Facilitate
#> 7 DTA0007 Legitimize
#> 8 DTA0008       Test

This example shows the distribution of vulnerability risk:

hist(mitre::cve.nist$cvss3.score, 
     main = "CVE risk distribution", xlab = "cvss3")

Standards network

This code shows you the type of nodes for each standard:

mitrenet <- mitre::build_network(as_igraph = FALSE)
table(mitrenet$nodes$type, mitrenet$nodes$group)
#>                   
#>                    attck capec  car  cpe  cve  cwe shield
#>   analytic             0     0   84    0    0    0      0
#>   category             0     1    0    0    0  319      0
#>   cpe                  0     0    0 1369    0    0      0
#>   cve                  0     0    0    0 4059    0      0
#>   data_model           0     0   33    0    0    0      0
#>   group              120     0    0    0    0    0      0
#>   mitigation          42     0    0    0    0    0      0
#>   opportunity          0     0    0    0    0    0     81
#>   pattern              0   525    0    0    0    0      0
#>   procedure            0     0    0    0    0    0     65
#>   software-malware   423     0    0    0    0    0      0
#>   software-tool       70     0    0    0    0    0      0
#>   tactic              14     0    0    0    0    0      8
#>   technique          552     0    0    0    0    0     33
#>   use_case             0     0    0    0    0    0    197
#>   view                 0     0    0    0    0   28      0
#>   weakness             0     0    0    0    0  918      0

And the type of relationships:

table(mitrenet$edges$label)
#> 
#>            ATTACK         CanAlsoBe        CanPrecede           ChildOf 
#>               155                 3               101               497 
#>             cover            defend               has         implement 
#>               528               258               108               219 
#>           include     is_vulnerable          leverage         mitigates 
#>              4817              1984              1245              1026 
#>            PeerOf      problem_type   subtechnique-of take advantage of 
#>                10              3916               367              1178 
#>               use              uses 
#>               202              8758

Code of conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

Copy Link

Version

Install

install.packages('mitre')

Monthly Downloads

154

Version

1.0.0

License

CC0

Issues

1

Pull Requests

0

Stars

19

Forks

6

Maintainer

Humbert Costas

Last Published

May 21st, 2021

Functions in mitre (1.0.0)

car.model

CAR data model Objects.
newEdge

Create an empty node
car.relations

CAR relations Objects.
newNode

Create an empty node
shield.techniques

SHIELD techniques Objects.
car.sensors

CAR sensors Objects.
car.coverage

CAR coverage Objects.
cpe.nist

Common Platform Enumeration.
car.implementations

CAR implementations Objects.
attck.techniques

ATT&CK techniques Objects.
shield.use_cases

SHIELD use cases Objects.
capec.views

CAPEC views Objects.
cwe.categories

CWE categories Objects.
capec.relations

CAPEC relations Objects.
cve.nist

Common Vulnerability Enumeration.
capec.patterns

CAPEC patterns Objects.
cwe.views

CWE views Objects.
cwe.weaknesses

CWE Weaknesses Objects.
shield.tactics

SHIELD tactics Objects.
shield.relations

SHIELD relations Objects.
shield.procedures

SHIELD procedures Objects.
car.analytics

CAR analytics Objects.
shield.opportunities

SHIELD opportunities Objects.
attck.groups

ATT&CK Groups Objects.
build_network

Create a list of nodes and edges related to all standards in data folder.
build_nodes

Transform all standards as nodes in a data frame.
build_edges

Extract relationships between standards as edges in a data frame.
attck.mitigations

ATT&CK Mitigation Objects.
attck.relations

ATT&CK relations Objects.
capec.categories

CAPEC categories Objects.
attck.tactics

ATT&CK tactics Objects.
attck.software

ATT&CK software Objects.