locsec/AMITT
1
Форкнуть 0
Код Задачи Запросы на слияние Действия Пакеты Проекты Релизы Вики Активность

Updated code that lists metatechniques

Просмотр исходного кода
Этот коммит содержится в:
Sara-Jayne Terp 2021-02-20 18:08:10 +00:00
родитель e37a45ddca
Коммит 06cd744b6e
413 изменённых файлов: 2732 добавлений и 3884 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

Двоичные данные
AMITT_MASTER_DATA/AMITT_TTPs_MASTER.xlsx
Просмотреть файл

Двоичный файл не отображается.

415
HTML_GENERATING_CODE/.ipynb_checkpoints/test_new_code-checkpoint.ipynb
Просмотреть файл

@ -11,90 +11,16 @@
"name": "stdout",
"output_type": "stream",
"text": [
"Updating ../counters/C00008.md\n",
"Updating ../counters/C00009.md\n",
"Updating ../counters/C00011.md\n",
"Updating ../counters/C00012.md\n",
"Updating ../counters/C00014.md\n",
"Updating ../counters/C00016.md\n",
"Updating ../counters/C00020.md\n",
"Updating ../counters/C00022.md\n",
"Updating ../counters/C00023.md\n",
"Updating ../counters/C00024.md\n",
"Updating ../counters/C00025.md\n",
"Updating ../counters/C00026.md\n",
"Updating ../counters/C00027.md\n",
"Updating ../counters/C00031.md\n",
"Updating ../counters/C00036.md\n",
"Updating ../counters/C00039.md\n",
"Updating ../counters/C00040.md\n",
"Updating ../counters/C00042.md\n",
"Updating ../counters/C00043.md\n",
"Updating ../counters/C00044.md\n",
"Updating ../counters/C00045.md\n",
"Updating ../counters/C00048.md\n",
"Updating ../counters/C00049.md\n",
"Updating ../counters/C00050.md\n",
"Updating ../counters/C00051.md\n",
"Updating ../counters/C00052.md\n",
"Updating ../counters/C00053.md\n",
"Updating ../counters/C00055.md\n",
"Updating ../counters/C00060.md\n",
"Updating ../counters/C00063.md\n",
"Updating ../counters/C00065.md\n",
"Updating ../counters/C00066.md\n",
"Updating ../counters/C00067.md\n",
"Updating ../counters/C00068.md\n",
"Updating ../counters/C00069.md\n",
"Updating ../counters/C00070.md\n",
"Updating ../counters/C00071.md\n",
"Updating ../counters/C00072.md\n",
"Updating ../counters/C00073.md\n",
"Updating ../counters/C00074.md\n",
"Updating ../counters/C00076.md\n",
"Updating ../counters/C00078.md\n",
"Updating ../counters/C00079.md\n",
"Updating ../counters/C00088.md\n",
"Updating ../counters/C00089.md\n",
"Updating ../counters/C00090.md\n",
"Updating ../counters/C00091.md\n",
"Updating ../counters/C00092.md\n",
"Updating ../counters/C00093.md\n",
"Updating ../counters/C00094.md\n",
"Updating ../counters/C00095.md\n",
"Updating ../counters/C00096.md\n",
"Updating ../counters/C00097.md\n",
"Updating ../counters/C00098.md\n",
"Updating ../counters/C00099.md\n",
"Updating ../counters/C00101.md\n",
"Updating ../counters/C00102.md\n",
"Updating ../counters/C00103.md\n",
"Updating ../counters/C00107.md\n",
"Updating ../counters/C00112.md\n",
"Updating ../counters/C00113.md\n",
"Updating ../counters/C00114.md\n",
"Updating ../counters/C00115.md\n",
"Updating ../counters/C00116.md\n",
"Updating ../counters/C00117.md\n",
"Updating ../counters/C00118.md\n",
"Updating ../counters/C00119.md\n",
"Updating ../counters/C00120.md\n",
"Updating ../counters/C00121.md\n",
"Updating ../counters/C00123.md\n",
"Updating ../counters/C00126.md\n",
"Updating ../counters/C00129.md\n",
"Updating ../counters/C00131.md\n",
"Updating ../counters/C00133.md\n",
"Updating ../counters/C00135.md\n",
"Updating ../counters/C00136.md\n",
"Updating ../counters/C00137.md\n",
"Updating ../counters/C00144.md\n",
"Updating ../counters/C00145.md\n",
"Updating ../counters/C00147.md\n",
"Updating ../counters/C00149.md\n",
"Updating ../counters/C00202.md\n",
"Updating ../counters/C00210.md\n",
"updated ../incidents_list.md\n",
"updated ../phase_index.md\n",
"updated ../tactic_index.md\n",
"updated ../technique_index.md\n",
"updated ../task_index.md\n",
"updated ../incident_index.md\n",
"updated ../counter_index.md\n",
"updated ../responsetype_index.md\n",
"updated ../metatechniques_index.md\n",
"updated ../actors_index.md\n",
"updated ../detections_index.md\n",
"updated ../amitt_red_framework.md\n",
"updated ../amitt_blue_framework.md\n",
"updated ../amitt_red_framework_clickable.html\n",
@ -126,6 +52,7 @@
"Writing ../metatechniques/targetingcounters.md\n",
"Writing ../metatechniques/verificationcounters.md\n",
"updated ../metatechniques_by_responsetype_table.md\n",
"Writing ../resources_needed/counters.md\n",
"Writing ../resources_needed/DHScounters.md\n",
"Writing ../resources_needed/NGOcounters.md\n",
"Writing ../resources_needed/activistscounters.md\n",
@ -179,25 +106,333 @@
"metadata": {},
"outputs": [],
"source": [
"# Check which amitt variables we can see from here\n",
"print('{}'.format(vars(amitt).keys()))\n",
"vars(amitt)['tactics']"
]
},
{
"cell_type": "code",
"execution_count": null,
"cell_type": "markdown",
"metadata": {},
"outputs": [],
"source": [
"vars(amitt).keys()"
"# TEST AREA"
]
},
{
"cell_type": "code",
"execution_count": null,
"execution_count": 3,
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>technique_id</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00001</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00003</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00004</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00005</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>C00006</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>182</th>\n",
" <td>C00145</td>\n",
" <td>T0046</td>\n",
" </tr>\n",
" <tr>\n",
" <th>183</th>\n",
" <td>C00147</td>\n",
" <td>T0060</td>\n",
" </tr>\n",
" <tr>\n",
" <th>184</th>\n",
" <td>C00148</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>185</th>\n",
" <td>C00149</td>\n",
" <td>TA12</td>\n",
" </tr>\n",
" <tr>\n",
" <th>185</th>\n",
" <td>C00149</td>\n",
" <td>T0020</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>367 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" id technique_id\n",
"0 C00001 \n",
"1 C00003 \n",
"2 C00004 \n",
"3 C00005 \n",
"4 C00006 \n",
".. ... ...\n",
"182 C00145 T0046\n",
"183 C00147 T0060\n",
"184 C00148 \n",
"185 C00149 TA12\n",
"185 C00149 T0020\n",
"\n",
"[367 rows x 2 columns]"
]
},
"execution_count": 3,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"amitt.cross_counterid_techniqueid"
]
},
{
"cell_type": "code",
"execution_count": 4,
"metadata": {},
"outputs": [],
"source": [
"###. TEST AREA"
"def splitcol(df, col, newcol, divider=','):\n",
" # Thanks https://stackoverflow.com/questions/17116814/pandas-how-do-i-split-text-in-a-column-into-multiple-rows?noredirect=1\n",
" return (df.join(df[col]\n",
" .str.split(divider, expand=True).stack()\n",
" .reset_index(drop=True,level=1)\n",
" .rename(newcol)).drop(col, axis=1))\n"
]
},
{
"cell_type": "code",
"execution_count": 5,
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>id</th>\n",
" <th>resource</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>0</th>\n",
" <td>C00001</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>1</th>\n",
" <td>C00003</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>2</th>\n",
" <td>C00004</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>3</th>\n",
" <td>C00005</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>4</th>\n",
" <td>C00006</td>\n",
" <td>platform_admin:socialmedia</td>\n",
" </tr>\n",
" <tr>\n",
" <th>...</th>\n",
" <td>...</td>\n",
" <td>...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>181</th>\n",
" <td>C00144</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>182</th>\n",
" <td>C00145</td>\n",
" <td></td>\n",
" </tr>\n",
" <tr>\n",
" <th>183</th>\n",
" <td>C00147</td>\n",
" <td>platform_algorithms</td>\n",
" </tr>\n",
" <tr>\n",
" <th>184</th>\n",
" <td>C00148</td>\n",
" <td>platform_algorithms</td>\n",
" </tr>\n",
" <tr>\n",
" <th>185</th>\n",
" <td>C00149</td>\n",
" <td></td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"<p>218 rows × 2 columns</p>\n",
"</div>"
],
"text/plain": [
" id resource\n",
"0 C00001 \n",
"1 C00003 \n",
"2 C00004 \n",
"3 C00005 \n",
"4 C00006 platform_admin:socialmedia\n",
".. ... ...\n",
"181 C00144 \n",
"182 C00145 \n",
"183 C00147 platform_algorithms\n",
"184 C00148 platform_algorithms\n",
"185 C00149 \n",
"\n",
"[218 rows x 2 columns]"
]
},
"execution_count": 5,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"# Create counters cross-tables\n",
"cross_counterid_techniqueid = splitcol(amitt.df_counters[['id', 'techniques']], \n",
" 'techniques', 'technique', '\\n')\n",
"cross_counterid_techniqueid = cross_counterid_techniqueid[cross_counterid_techniqueid['technique'].notnull()]\n",
"cross_counterid_techniqueid['technique_id'] = cross_counterid_techniqueid['technique'].str.split(' ').str[0]\n",
"cross_counterid_techniqueid.drop('technique', axis=1, inplace=True)\n",
"\n",
"cross_counterid_resource = splitcol(amitt.df_counters[['id', 'resources_needed']], \n",
" 'resources_needed', 'resource', ',')\n",
"cross_counterid_resource = cross_counterid_resource[cross_counterid_resource['resource'].notnull()]\n",
"\n",
"cross_counterid_resource"
]
},
{
"cell_type": "code",
"execution_count": 12,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
" 117\n",
"educators 11\n",
"platform_admin 11\n",
"media 10\n",
"platform_algorithms 8\n",
"government:policymakers 8\n",
"government 7\n",
"platform_admin:socialmedia 5\n",
"public 4\n",
"influencers 3\n",
"activists 2\n",
"infosec 2\n",
"money 2\n",
"developers 2\n",
"data_scientist 2\n",
"factcheckers 2\n",
"civil_society 1\n",
"DHS 1\n",
"gamesdesigners 1\n",
"server_admin 1\n",
"military 1\n",
"public:account_owners 1\n",
"platform_admin:fundingsites 1\n",
"platforms 1\n",
"adtech 1\n",
"datastreams 1\n",
"NGO 1\n",
"content_creators 1\n",
"community_groups 1\n",
"religious_organisations 1\n",
"platform_admin:adtech 1\n",
"companies 1\n",
"elves 1\n",
"funding 1\n",
"influencers:trusted_authority 1\n",
"libraries 1\n",
"platform_outreach 1\n",
"schools 1\n",
"Name: resource, dtype: int64"
]
},
"execution_count": 12,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"cross_counterid_resource['resource'].value_counts()"
]
},
{

Двоичные данные
HTML_GENERATING_CODE/__pycache__/generate_amitt_ttps.cpython-38.pyc
Просмотреть файл

Двоичный файл не отображается.

271
HTML_GENERATING_CODE/generate_amitt_ttps.py
Просмотреть файл

@ -29,7 +29,8 @@ Reads 1 excel file: ../AMITT_MASTER_DATA/AMITT_TTPs_MASTER.xlsx with sheets:
* incidenttechniques
* tactics
* countermeasures
* actors
* actortypes
* resources
* responsetypes
Reads template files:
@ -94,10 +95,14 @@ class Amitt:
self.df_incidents = metadata['incidents']
self.df_counters = metadata['countermeasures'].sort_values('id')
self.df_counters[['tactic_id', 'tactic_name']] = self.df_counters['tactic'].str.split(' ', 1, expand=True)
self.df_actors = metadata['actors']
self.df_counters[['metatechnique_id', 'metatechnique_name']] = self.df_counters['metatechnique'].str.split(' ', 1, expand=True)
self.df_detections = metadata['detections']
self.df_detections[['tactic_id', 'tactic_name']] = self.df_detections['tactic'].str.split(' ', 1, expand=True)
# self.df_detections[['metatechnique_id', 'metatechnique_name']] = self.df_detections['metatechnique'].str.split(' ', 1, expand=True)
self.df_actortypes = metadata['actortypes']
self.df_resources = metadata['resources']
self.df_responsetypes = metadata['responsetypes']
self.df_metatechniques = metadata['metatechniques']
self.df_detections = metadata['detections']
self.it = self.create_incident_technique_crosstable(metadata['incidenttechniques'])
self.df_tactics = metadata['tactics']
@ -111,6 +116,7 @@ class Amitt:
self.tactics = self.make_object_dictionary(self.df_tactics)
self.techniques = self.make_object_dictionary(self.df_techniques)
self.counters = self.make_object_dictionary(self.df_counters)
self.metatechniques = self.make_object_dictionary(self.df_metatechniques)
self.num_tactics = len(self.df_tactics)
self.max_num_techniques_per_tactic = max(df_techniques_per_tactic['technique_ids'].apply(len)) +2
@ -270,6 +276,18 @@ class Amitt:
return table_string
def create_metatechnique_counters_string(self, metatechnique_id):
table_string = '''
| Counters | Response types |
| -------- | -------------- |
'''
metatechnique_counters = self.df_counters[self.df_counters['metatechnique_id']==metatechnique_id]
row_string = '| [{0} {1}](../counters/{0}.md) | {2} |\n'
for index, row in metatechnique_counters.sort_values(['responsetype', 'id']).iterrows():
table_string += row_string.format(row['id'], row['name'], row['responsetype'])
return table_string
def create_technique_counters_string(self, technique_id):
table_string = '''
| Counters |
@ -364,6 +382,75 @@ class Amitt:
return(tactic_id)
def create_object_file(self, index, rowtype, datadir):
oid = index
html = '''# {} counters: {}\n\n'''.format(rowtype, index)
html += '## by action\n\n'
for resp, clist in self.df_counters[self.df_counters[rowtype] == index].groupby('responsetype'):
html += '\n### {}\n'.format(resp)
for c in clist.iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['id'], c[1]['name'],
c[1]['resources_needed'])
datafile = '{}/{}counters.md'.format(datadir, oid)
print('Writing {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(html)
f.close()
return(oid)
def write_object_index_to_file(self, objectname, objectcols, dfobject, outfile):
''' Write HTML version of incident list to markdown file
Assumes that dfobject has columns named 'id' and 'name'
'''
html = '''# AMITT {}:
<table border="1">
<tr>
'''.format(objectname.capitalize())
# Create header row
html += '<th>{}</th>\n'.format('id')
html += ''.join(['<th>{}</th>\n'.format(col) for col in objectcols])
html += '</tr>\n'
# Add row for each object
for index, row in dfobject[dfobject['name'].notnull()].iterrows():
html += '<tr>\n'
html += '<td><a href="{0}/{1}.md">{1}</a></td>\n'.format(objectname, row['id'])
html += ''.join(['<td>{}</td>\n'.format(row[col]) for col in objectcols])
html += '</tr>\n'
html += '</table>\n'
# Write file
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def write_object_indexes_to_file(self):
''' Create an index file for each object type.
'''
self.write_object_index_to_file(
'response types', ['name', 'summary'],
self.df_responsetypes, '../responsetype_index.md')
self.write_object_index_to_file(
'metatechniques', ['name', 'summary'],
self.df_metatechniques, '../metatechniques_index.md')
self.write_object_index_to_file(
'actortypes', ['name', 'summary'],
self.df_actortypes, '../actortypes_index.md')
self.write_object_index_to_file(
'detections', ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
self.df_detections, '../detections_index.md')
return
def update_markdown_files(self):
''' Create or update all the editable markdown files in the repo
@ -381,22 +468,45 @@ class Amitt:
'technique': self.df_techniques,
'task': self.df_tasks,
'incident': self.df_incidents,
'counter': self.df_counters
'counter': self.df_counters,
'metatechnique': self.df_metatechniques,
'actortype': self.df_actortypes,
#'responsetype': self.df_responsetypes,
#'detection': self.df_detections
}
for entity, df in metadata.items():
entities = entity + 's'
entitydir = '../{}'.format(entities)
if not os.path.exists(entitydir):
os.makedirs(entitydir)
indexrows = {
'phase': ['name', 'summary'],
'tactic': ['name', 'summary', 'phase_id'],
'technique': ['name', 'summary', 'tactic_id'],
'task': ['name', 'summary', 'tactic_id'],
'incident': ['name', 'type', 'Year Started', 'To country', 'Found via'],
'counter': ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
'detection': ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
'responsetype': ['name', 'summary'],
'metatechnique': ['name', 'summary'],
'actortype': ['name', 'summary']
}
for objecttype, df in metadata.items():
template = open('template_{}.md'.format(entity)).read()
# Create objecttype directory if needed. Create index file for objecttype
objecttypeplural = objecttype + 's'
objecttypedir = '../{}'.format(objecttypeplural)
if not os.path.exists(objecttypedir):
os.makedirs(objecttypedir)
self.write_object_index_to_file(objecttypeplural, indexrows[objecttype],
metadata[objecttype],
'../{}_index.md'.format(objecttypeplural))
# Update or create file for every object with this objecttype type
template = open('template_{}.md'.format(objecttype)).read()
for index, row in df[df['name'].notnull()].iterrows():
# First read in the file - if it exists - and grab everything
# below the "do not write about this line". Will write this
# out below new metadata.
datafile = '../{}/{}.md'.format(entities, row['id'])
datafile = '../{}/{}.md'.format(objecttypeplural, row['id'])
oldmetatext = ''
if os.path.exists(datafile):
with open(datafile) as f:
@ -412,39 +522,46 @@ class Amitt:
usertext = ''
# Now populate datafiles with new metadata plus old userdata
if entity == 'phase':
metatext = template.format(id=row['id'], name=row['name'], summary=row['summary'])
if entity == 'tactic':
metatext = template.format(id=row['id'], name=row['name'],
if objecttype == 'phase':
metatext = template.format(type='Phase', id=row['id'], name=row['name'], summary=row['summary'])
if objecttype == 'tactic':
metatext = template.format(type = 'Tactic', id=row['id'], name=row['name'],
phase=row['phase_id'], summary=row['summary'],
tasks=self.create_tactic_tasks_string(row['id']),
techniques=self.create_tactic_techniques_string(row['id']),
counters=self.create_tactic_counters_string(row['id']))
if entity == 'task':
metatext = template.format(id=row['id'], name=row['name'],
if objecttype == 'task':
metatext = template.format(type='Task', id=row['id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'])
if entity == 'technique':
metatext = template.format(id=row['id'], name=row['name'],
if objecttype == 'technique':
metatext = template.format(type = 'Technique', id=row['id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'],
incidents=self.create_technique_incidents_string(row['id']),
counters=self.create_technique_counters_string(row['id']))
if entity == 'counter':
metatext = template.format(id=row['id'], name=row['name'],
if objecttype == 'counter':
metatext = template.format(type = 'Counter', id=row['id'], name=row['name'],
tactic=row['tactic_id'], summary=row['summary'],
playbooks=row['playbooks'], metatechnique=row['metatechnique'],
resources_needed=row['resources_needed'],
tactics=self.create_counter_tactics_string(row['id']),
techniques=self.create_counter_techniques_string(row['id']),
incidents=self.create_counter_incidents_string(row['id']))
if entity == 'incident':
metatext = template.format(id=row['id'], name=row['name'],
type=row['type'], summary=row['summary'],
if objecttype == 'incident':
metatext = template.format(type = 'Incident', id=row['id'], name=row['name'],
incidenttype=row['type'], summary=row['summary'],
yearstarted=row['Year Started'],
fromcountry=row['From country'],
tocountry=row['To country'],
foundvia=row['Found via'],
dateadded=row['When added'],
techniques=self.create_incident_techniques_string(row['id']))
if objecttype == 'actortype':
metatext = template.format(type = 'Actor Type', id=row['id'], name=row['name'],
summary=row['summary'])
if objecttype == 'metatechnique':
metatext = template.format(type='Metatechnique', id=row['id'], name=row['name'],
summary=row['summary'],
counters=self.create_metatechnique_counters_string(row['id']))
# Make sure the user data goes in
if (metatext + warntext) != oldmetatext:
@ -530,84 +647,6 @@ class Amitt:
return
def write_object_indexes_to_file(self):
''' Create an index file for each object type.
'''
self.write_object_index_to_file(
'phases', ['name', 'summary'],
self.df_phases, '../phases_index.md')
self.write_object_index_to_file(
'tactics', ['name', 'summary', 'phase_id'],
self.df_tactics, '../tactics_index.md')
self.write_object_index_to_file(
'techniques', ['name', 'summary', 'tactic_id'],
self.df_techniques, '../techniques_index.md')
self.write_object_index_to_file(
'tasks', ['name', 'summary', 'tactic_id'],
self.df_tasks, '../tasks_index.md')
self.write_object_index_to_file(
'response types', ['name', 'summary'],
self.df_responsetypes, '../responsetype_index.md')
self.write_object_index_to_file(
'metatechniques', ['name', 'summary'],
self.df_metatechniques, '../metatechniques_index.md')
self.write_object_index_to_file(
'actors', ['name', 'summary'],
self.df_actors, '../actors_index.md')
self.write_object_index_to_file(
'detections', ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
self.df_detections, '../detections_index.md')
self.write_object_index_to_file(
'counters', ['name', 'summary', 'metatechnique', 'tactic', 'responsetype'],
self.df_counters, '../counters_index.md')
self.write_object_index_to_file(
'incidents', ['name', 'type', 'Year Started', 'To country', 'Found via'],
self.df_incidents, '../incidents_index.md')
return
def write_object_index_to_file(self, objectname, objectcols, dfobject, outfile):
''' Write HTML version of incident list to markdown file
Assumes that dfobject has columns named 'id' and 'name'
'''
html = '''# AMITT {}:
<table border="1">
<tr>
'''.format(objectname.capitalize())
# Create header row
html += '<th>{}</th>\n'.format('id')
html += ''.join(['<th>{}</th>\n'.format(col) for col in objectcols])
html += '</tr>\n'
# Add row for each object
for index, row in dfobject[dfobject['name'].notnull()].iterrows():
html += '<tr>\n'
html += '<td><a href="{0}/{1}.md">{1}</a></td>\n'.format(objectname, row['id'])
html += ''.join(['<td>{}</td>\n'.format(row[col]) for col in objectcols])
html += '</tr>\n'
html += '</table>\n'
# Write file
with open(outfile, 'w') as f:
f.write(html)
print('updated {}'.format(outfile))
return
def write_clickable_amitt_red_framework_file(self, outfile='../amitt_red_framework_clickable.html'):
# Write clickable html version of the matrix grid to html file
@ -767,31 +806,10 @@ function handleTechniqueClick(box) {
return
def create_object_file(self, index, rowtype, datadir):
oid = index
html = '''# {} counters: {}\n\n'''.format(rowtype, index)
html += '## by action\n\n'
for resp, clist in self.df_counters[self.df_counters[rowtype] == index].groupby('responsetype'):
html += '\n### {}\n'.format(resp)
for c in clist.iterrows():
html += '* {}: {} (needs {})\n'.format(c[1]['id'], c[1]['name'],
c[1]['resources_needed'])
datafile = '{}/{}counters.md'.format(datadir, oid)
print('Writing {}'.format(datafile))
with open(datafile, 'w') as f:
f.write(html)
f.close()
return(oid)
def write_metatechniques_responsetype_table_file(self, outfile = '../metatechniques_by_responsetype_table.md'):
coltype = 'responsetype'
rowtype = 'metatechnique'
rowtype = 'metatechnique_id'
rowname = 'metatag'
datadirname = 'metatechniques'
datadir = '../' + datadirname
@ -816,9 +834,8 @@ function handleTechniqueClick(box) {
if not os.path.exists(datadir):
os.makedirs(datadir)
for index, counts in mtcounts.iterrows():
tid = self.create_object_file(index, rowtype, datadir)
html += '<td><a href="{0}/{1}counters.md">{2}</a></td>\n'.format(
datadirname, tid, index)
html += '<td><a href="{0}/{1}.md">{1} {2}</a></td>\n'.format(
datadirname, index, self.metatechniques[index])
for val in counts.values:
html += '<td>{}</td>\n'.format(val)
html += '</tr>\n<tr>\n'

4
HTML_GENERATING_CODE/template_actortype.md Обычный файл
Просмотреть файл

@ -0,0 +1,4 @@
# {type} {id}: {name}
* **Summary:** {summary}

8
HTML_GENERATING_CODE/template_counter.md
Просмотреть файл

@ -1,10 +1,4 @@
# {name}
* **Type**: Counter TTP
* **Name**: {name}
* **Id**: {id}
# {type} {id}: {name}
* **Summary**: {summary}

10
HTML_GENERATING_CODE/template_incident.md
Просмотреть файл

@ -1,13 +1,9 @@
# {name}
* **Type:** {type}
* **Name:** {name}
* **Id:** {id}
# {type} {id}: {name}
* **Summary:** {summary}
* **incident type**: {incidenttype}
* **Year started:** {yearstarted}
* **Countries:** {fromcountry} , {tocountry}

6
HTML_GENERATING_CODE/template_metatechnique.md Обычный файл
Просмотреть файл

@ -0,0 +1,6 @@
# {type} {id}: {name}
* **Summary:** {summary}
{counters}

8
HTML_GENERATING_CODE/template_phase.md
Просмотреть файл

@ -1,10 +1,4 @@
# {name}
* **Type:** Phase
* **Name:** {name}
* **Id:** {id}
# {type} {id}: {name}
* **Summary:** {summary}

10
HTML_GENERATING_CODE/template_tactic.md
Просмотреть файл

@ -1,14 +1,8 @@
# {name}
* **Type:** Tactic
* **Name:** {name}
* **Id:** {id}
# {type} {id}: {name}
* **Summary:** {summary}
* **Phase:** {phase}
* **Belongs to phase:** {phase}
{tasks}

10
HTML_GENERATING_CODE/template_task.md
Просмотреть файл

@ -1,12 +1,6 @@
# {name}
* **Type:** Task
* **Name:** {name}
* **Id:** {id}
# {type} {id}: {name}
* **Summary:** {summary}
* **Tactic:** {tactic}
* **Belongs to tactic stage:** {tactic}

10
HTML_GENERATING_CODE/template_technique.md
Просмотреть файл

@ -1,14 +1,8 @@
# {name}
* **Type**: Technique
* **Name**: {name}
* **Id**: {id}
# {type} {id}: {name}
* **Summary**: {summary}
* **Tactic**: {tactic}
* **Belongs to tactic stage**: {tactic}
{incidents}

785
HTML_GENERATING_CODE/test_new_code.ipynb
Просмотреть файл

Различия файлов скрыты, потому что одна или несколько строк слишком длинны

49
actors_index.md
Просмотреть файл

@ -1,49 +0,0 @@
# AMITT Actors:
<table border="1">
<tr>
<th>id</th>
<th>name</th>
<th>summary</th>
</tr>
<tr>
<td><a href="actors/A001.md">A001</a></td>
<td>Nonprofits</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A002.md">A002</a></td>
<td>Civil Society</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A003.md">A003</a></td>
<td>Government Agency</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A004.md">A004</a></td>
<td>Academics</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A005.md">A005</a></td>
<td>Activists</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A006.md">A006</a></td>
<td>Target</td>
<td>Person being targeted by disinformation campaign</td>
</tr>
<tr>
<td><a href="actors/A007.md">A007</a></td>
<td>Social network platforms</td>
<td></td>
</tr>
<tr>
<td><a href="actors/A008.md">A008</a></td>
<td>Corporations</td>
<td></td>
</tr>
</table>

5
actortypes/A001.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A001: Nonprofit
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A002.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A002: Civil Society
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A003.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A003: Government
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A004.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A004: Academic
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A005.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A005: Activist
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A006.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A006: General Public
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A007.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A007: Social Media Company
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A008.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A008: Other Tech Company
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A009.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A009: Other Company
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

5
actortypes/A010.md Обычный файл
Просмотреть файл

@ -0,0 +1,5 @@
# Actor Type A010: Media
* **Summary:**
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW

59
actortypes_index.md Обычный файл
Просмотреть файл

@ -0,0 +1,59 @@
# AMITT Actortypes:
<table border="1">
<tr>
<th>id</th>
<th>name</th>
<th>summary</th>
</tr>
<tr>
<td><a href="actortypes/A001.md">A001</a></td>
<td>Nonprofit</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A002.md">A002</a></td>
<td>Civil Society</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A003.md">A003</a></td>
<td>Government</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A004.md">A004</a></td>
<td>Academic</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A005.md">A005</a></td>
<td>Activist</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A006.md">A006</a></td>
<td>General Public</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A007.md">A007</a></td>
<td>Social Media Company</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A008.md">A008</a></td>
<td>Other Tech Company</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A009.md">A009</a></td>
<td>Other Company</td>
<td></td>
</tr>
<tr>
<td><a href="actortypes/A010.md">A010</a></td>
<td>Media</td>
<td></td>
</tr>
</table>

10
counters/C00001.md
Просмотреть файл

@ -1,16 +1,10 @@
# Better models of info spread up the layers
* **Type**: Counter TTP
* **Name**: Better models of info spread up the layers
* **Id**: C00001
# Counter C00001: Better models of info spread up the layers
* **Summary**:
* **Playbooks**:
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:**

10
counters/C00003.md
Просмотреть файл

@ -1,16 +1,10 @@
# How can we safeguard against extremists using the tools that we will produce?
* **Type**: Counter TTP
* **Name**: How can we safeguard against extremists using the tools that we will produce?
* **Id**: C00003
# Counter C00003: How can we safeguard against extremists using the tools that we will produce?
* **Summary**:
* **Playbooks**:
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:**

10
counters/C00004.md
Просмотреть файл

@ -1,16 +1,10 @@
# Managing like a chronic disease
* **Type**: Counter TTP
* **Name**: Managing like a chronic disease
* **Id**: C00004
# Counter C00004: Managing like a chronic disease
* **Summary**:
* **Playbooks**:
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:**

10
counters/C00005.md
Просмотреть файл

@ -1,16 +1,10 @@
# Policy: makers, terminology, elements: a) broad, b) specific
* **Type**: Counter TTP
* **Name**: Policy: makers, terminology, elements: a) broad, b) specific
* **Id**: C00005
# Counter C00005: Policy: makers, terminology, elements: a) broad, b) specific
* **Summary**:
* **Playbooks**:
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:**

10
counters/C00006.md
Просмотреть файл

@ -1,16 +1,10 @@
# Charge for social media
* **Type**: Counter TTP
* **Name**: Charge for social media
* **Id**: C00006
# Counter C00006: Charge for social media
* **Summary**: No corresponding AMITT technique.
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:** platform_admin:socialmedia

10
counters/C00007.md
Просмотреть файл

@ -1,16 +1,10 @@
# Create framework for BetterBusinessBureau (BBB) for news media
* **Type**: Counter TTP
* **Name**: Create framework for BetterBusinessBureau (BBB) for news media
* **Id**: C00007
# Counter C00007: Create framework for BetterBusinessBureau (BBB) for news media
* **Summary**: No corresponding AMITT technique.
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:**

10
counters/C00008.md
Просмотреть файл

@ -1,16 +1,10 @@
# Create shared fact-checking database
* **Type**: Counter TTP
* **Name**: Create shared fact-checking database
* **Id**: C00008
# Counter C00008: Create shared fact-checking database
* **Summary**: Snopes is best-known example
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:** factcheckers

10
counters/C00009.md
Просмотреть файл

@ -1,16 +1,10 @@
# Educate high profile influencers on best practices
* **Type**: Counter TTP
* **Name**: Educate high profile influencers on best practices
* **Id**: C00009
# Counter C00009: Educate high profile influencers on best practices
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** influencers,educators

10
counters/C00010.md
Просмотреть файл

@ -1,16 +1,10 @@
# Enhanced privacy regulation for social media
* **Type**: Counter TTP
* **Name**: Enhanced privacy regulation for social media
* **Id**: C00010
# Counter C00010: Enhanced privacy regulation for social media
* **Summary**: No corresponding AMITT technique.
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:** government:policymakers

10
counters/C00011.md
Просмотреть файл

@ -1,10 +1,4 @@
# Media literacy. Games to identify fake news
* **Type**: Counter TTP
* **Name**: Media literacy. Games to identify fake news
* **Id**: C00011
# Counter C00011: Media literacy. Games to identify fake news
* **Summary**:
@ -12,7 +6,7 @@
-Show examples of fake news and train the user to identify them on the basis of various types of indicators
-Use a crowd-sourced mechanism so that the public can categorize newly spreading news sources or articles ala Re-Captcha
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators,gamesdesigners,developers

10
counters/C00012.md
Просмотреть файл

@ -1,16 +1,10 @@
# Platform regulation
* **Type**: Counter TTP
* **Name**: Platform regulation
* **Id**: C00012
# Counter C00012: Platform regulation
* **Summary**:
* **Playbooks**: Develop a regulatory body like the CFPB to regulate and enforce regulation for digital organizations
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:** government:policymakers

10
counters/C00013.md
Просмотреть файл

@ -1,16 +1,10 @@
# Rating framework for news - full transcripts, link source, add items, BBB for news
* **Type**: Counter TTP
* **Name**: Rating framework for news - full transcripts, link source, add items, BBB for news
* **Id**: C00013
# Counter C00013: Rating framework for news - full transcripts, link source, add items, BBB for news
* **Summary**: Technique should be in terms of "strategic innoculation", raising the standards of what people expect in terms of evidence when consuming news. No corresponding AMITT technique.
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:**

10
counters/C00014.md
Просмотреть файл

@ -1,16 +1,10 @@
# Real-time updates to fact-checking database
* **Type**: Counter TTP
* **Name**: Real-time updates to fact-checking database
* **Id**: C00014
# Counter C00014: Real-time updates to fact-checking database
* **Summary**: existing examples at Buzzfeed and Fema, especially during disasters
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:** factcheckers

10
counters/C00015.md
Просмотреть файл

@ -1,16 +1,10 @@
# Reputation scores for social media users
* **Type**: Counter TTP
* **Name**: Reputation scores for social media users
* **Id**: C00015
# Counter C00015: Reputation scores for social media users
* **Summary**:
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:** data_scientist,datastreams

10
counters/C00016.md
Просмотреть файл

@ -1,16 +1,10 @@
# Social media as a privilege not right
* **Type**: Counter TTP
* **Name**: Social media as a privilege not right
* **Id**: C00016
# Counter C00016: Social media as a privilege not right
* **Summary**:
* **Playbooks**:
* **Metatechnique**: cleaning
* **Metatechnique**: M012 - cleaning
* **Resources needed:**

10
counters/C00017.md
Просмотреть файл

@ -1,16 +1,10 @@
# Media campaign promoting in-group to out-group in person communication / activities
* **Type**: Counter TTP
* **Name**: Media campaign promoting in-group to out-group in person communication / activities
* **Id**: C00017
# Counter C00017: Media campaign promoting in-group to out-group in person communication / activities
* **Summary**: Technique could be in terms of forcing a reality-check by talking to people instead of reading about bogeymen. No corresponding AMITT technique.
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:** media

10
counters/C00018.md
Просмотреть файл

@ -1,16 +1,10 @@
# Promote constructive communication by shaming division-enablers
* **Type**: Counter TTP
* **Name**: Promote constructive communication by shaming division-enablers
* **Id**: C00018
# Counter C00018: Promote constructive communication by shaming division-enablers
* **Summary**: Duplicate of "Promote playbooks to call out dividers"
* **Playbooks**:
* **Metatechnique**: daylight
* **Metatechnique**: M003 - daylight
* **Resources needed:**

10
counters/C00019.md
Просмотреть файл

@ -1,10 +1,4 @@
# Promote playbooks to call out division-enablers
* **Type**: Counter TTP
* **Name**: Promote playbooks to call out division-enablers
* **Id**: C00019
# Counter C00019: Promote playbooks to call out division-enablers
* **Summary**: Duplicate of "Promote constructive communication by shaming dividers"
@ -15,7 +9,7 @@
-Popularize (via memes, infographics) and get the centrists demographic who are tired of polarization to identify such messaging, call it out and display their outrage on the basis of divisive rhetorical techniques rather than merely arguing about the content
* **Metatechnique**: daylight
* **Metatechnique**: M003 - daylight
* **Resources needed:**

10
counters/C00020.md
Просмотреть файл

@ -1,16 +1,10 @@
# Deligitimise the 24 hour news cycle
* **Type**: Counter TTP
* **Name**: Deligitimise the 24 hour news cycle
* **Id**: C00020
# Counter C00020: Deligitimise the 24 hour news cycle
* **Summary**: Unsure
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:** media

10
counters/C00021.md
Просмотреть файл

@ -1,16 +1,10 @@
# Encourage in-person communication
* **Type**: Counter TTP
* **Name**: Encourage in-person communication
* **Id**: C00021
# Counter C00021: Encourage in-person communication
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00022.md
Просмотреть файл

@ -1,16 +1,10 @@
# Innoculate. Positive campaign to promote feeling of safety - to counter ability and fear based attacks
* **Type**: Counter TTP
* **Name**: Innoculate. Positive campaign to promote feeling of safety - to counter ability and fear based attacks
* **Id**: C00022
# Counter C00022: Innoculate. Positive campaign to promote feeling of safety - to counter ability and fear based attacks
* **Summary**: Unsure
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00023.md
Просмотреть файл

@ -1,10 +1,4 @@
# Promote civility as an identity that people will defend
* **Type**: Counter TTP
* **Name**: Promote civility as an identity that people will defend
* **Id**: C00023
# Counter C00023: Promote civility as an identity that people will defend
* **Summary**:
@ -13,7 +7,7 @@ Playbook 2: Feature established respected thought leaders to model behavior
Playbook 3: Promote dialog from communities with disparate viewpoints
Playbook 4: Establish facilitation guidelines for "civil" interaction.
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00024.md
Просмотреть файл

@ -1,16 +1,10 @@
# Promote constructive narratives i.e. not polarising. Pro-life, pro-choice, or pro-USA?
* **Type**: Counter TTP
* **Name**: Promote constructive narratives i.e. not polarising. Pro-life, pro-choice, or pro-USA?
* **Id**: C00024
# Counter C00024: Promote constructive narratives i.e. not polarising. Pro-life, pro-choice, or pro-USA?
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00025.md
Просмотреть файл

@ -1,16 +1,10 @@
# Promote identity neutral narratives
* **Type**: Counter TTP
* **Name**: Promote identity neutral narratives
* **Id**: C00025
# Counter C00025: Promote identity neutral narratives
* **Summary**:
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**

10
counters/C00026.md
Просмотреть файл

@ -1,16 +1,10 @@
# Shore up democracy based messages (peace, freedom) - make it sexy
* **Type**: Counter TTP
* **Name**: Shore up democracy based messages (peace, freedom) - make it sexy
* **Id**: C00026
# Counter C00026: Shore up democracy based messages (peace, freedom) - make it sexy
* **Summary**: Unsure
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**

10
counters/C00027.md
Просмотреть файл

@ -1,16 +1,10 @@
# Create culture of civility
* **Type**: Counter TTP
* **Name**: Create culture of civility
* **Id**: C00027
# Counter C00027: Create culture of civility
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00028.md
Просмотреть файл

@ -1,10 +1,4 @@
# Blockchain audit log and validation with collaborative decryption to post comments
* **Type**: Counter TTP
* **Name**: Blockchain audit log and validation with collaborative decryption to post comments
* **Id**: C00028
# Counter C00028: Blockchain audit log and validation with collaborative decryption to post comments
* **Summary**: Use blockchain technology to require collaborative validation before posts or comments are submitted.
@ -12,7 +6,7 @@ This could be used to adjust upvote weight via a trust factor of people and orga
* **Playbooks**:
* **Metatechnique**: verification
* **Metatechnique**: M011 - verification
* **Resources needed:**

10
counters/C00029.md
Просмотреть файл

@ -1,10 +1,4 @@
# Create fake website to issue counter narrative and counter narrative through physical merchandise
* **Type**: Counter TTP
* **Name**: Create fake website to issue counter narrative and counter narrative through physical merchandise
* **Id**: C00029
# Counter C00029: Create fake website to issue counter narrative and counter narrative through physical merchandise
* **Summary**:
@ -14,7 +8,7 @@
Secondary Objective:
-Obtain real-life identity of ignorant agents, to further disrupt their influence activities
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

10
counters/C00030.md
Просмотреть файл

@ -1,16 +1,10 @@
# Develop a compelling counter narrative (truth based)
* **Type**: Counter TTP
* **Name**: Develop a compelling counter narrative (truth based)
* **Id**: C00030
# Counter C00030: Develop a compelling counter narrative (truth based)
* **Summary**:
* **Playbooks**:
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

10
counters/C00031.md
Просмотреть файл

@ -1,17 +1,11 @@
# Dilute the core narrative - create multiple permutations, target / amplify
* **Type**: Counter TTP
* **Name**: Dilute the core narrative - create multiple permutations, target / amplify
* **Id**: C00031
# Counter C00031: Dilute the core narrative - create multiple permutations, target / amplify
* **Summary**: Create competing narratives. Included "Facilitate State Propaganda" as diluting the narrative could have an effect on the pro-state narrative used by volunteers, or lower their involvement.
* **Playbooks**: Playbook 1: Create multiple versions of the narrative and amplify.
Playbook 2: Dissect narrative, piecemeal the components and then amplify
* **Metatechnique**: dilution
* **Metatechnique**: M009 - dilution
* **Resources needed:**

10
counters/C00032.md
Просмотреть файл

@ -1,17 +1,11 @@
# Hijack content and link to truth- based info (platform)
* **Type**: Counter TTP
* **Name**: Hijack content and link to truth- based info (platform)
* **Id**: C00032
# Counter C00032: Hijack content and link to truth- based info (platform)
* **Summary**:
* **Playbooks**: Playbook 1: Hijack hashtag and redirect conversation to truth based content.
Playbook 2: Hijack (man in the middle) redirect from bad content to good content
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

10
counters/C00033.md
Просмотреть файл

@ -1,16 +1,10 @@
# Build cultural resistance to false content
* **Type**: Counter TTP
* **Name**: Build cultural resistance to false content
* **Id**: C00033
# Counter C00033: Build cultural resistance to false content
* **Summary**: Cultural resistance to bullshit
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00034.md
Просмотреть файл

@ -1,16 +1,10 @@
# Create more friction at account creation
* **Type**: Counter TTP
* **Name**: Create more friction at account creation
* **Id**: C00034
# Counter C00034: Create more friction at account creation
* **Summary**: Counters fake account
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:**

10
counters/C00035.md
Просмотреть файл

@ -1,16 +1,10 @@
# Friction
* **Type**: Counter TTP
* **Name**: Friction
* **Id**: C00035
# Counter C00035: Friction
* **Summary**:
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:**

10
counters/C00036.md
Просмотреть файл

@ -1,10 +1,4 @@
# Infiltrate the in-group to discredit leaders (divide)
* **Type**: Counter TTP
* **Name**: Infiltrate the in-group to discredit leaders (divide)
* **Id**: C00036
# Counter C00036: Infiltrate the in-group to discredit leaders (divide)
* **Summary**: All of these would be highly affected by infiltration or false-claims of infiltration.
@ -12,7 +6,7 @@
-Create a trail of commentary about their idea of infiltrating the enemy (current in-group)
-Publicize this by targeting their in-group competitors (ignorant agents)
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:**

10
counters/C00039.md
Просмотреть файл

@ -1,10 +1,4 @@
# Standard reporting for false profiles
* **Type**: Counter TTP
* **Name**: Standard reporting for false profiles
* **Id**: C00039
# Counter C00039: Standard reporting for false profiles
* **Summary**: Deplatform. Reporting fake profiles is the only solution (identity issues). Only resolution
@ -22,7 +16,7 @@ Playbook 2:
Playbook 3: Report suspected bots.
- Report ToS violations
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00040.md
Просмотреть файл

@ -1,10 +1,4 @@
# third party verification for people
* **Type**: Counter TTP
* **Name**: third party verification for people
* **Id**: C00040
# Counter C00040: third party verification for people
* **Summary**: counters fake experts
@ -12,7 +6,7 @@
- Syndicated reputation management (fact-checking syndication)
- Academia ISAO
* **Metatechnique**: verification
* **Metatechnique**: M011 - verification
* **Resources needed:**

10
counters/C00042.md
Просмотреть файл

@ -1,16 +1,10 @@
# Address truth contained in narratives
* **Type**: Counter TTP
* **Name**: Address truth contained in narratives
* **Id**: C00042
# Counter C00042: Address truth contained in narratives
* **Summary**:
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**

10
counters/C00043.md
Просмотреть файл

@ -1,10 +1,4 @@
# Detect hijacked accounts and reallocate them
* **Type**: Counter TTP
* **Name**: Detect hijacked accounts and reallocate them
* **Id**: C00043
# Counter C00043: Detect hijacked accounts and reallocate them
* **Summary**:
@ -15,7 +9,7 @@ Playbook 3: Detect sudden deviation in user sentiment such as suddenly dropping
Playbook 4: Purchase "likes", "retweets" and other vehicles which identify a bot and/or hijacked account. Ban the account.
Playbook 5: Detect hijacked account and spam their posts. "OP is a known disinformation bot. http://link.to.proof[.]com"
* **Metatechnique**: cleaning
* **Metatechnique**: M012 - cleaning
* **Resources needed:** platform_admin,activists,civil_society,money

10
counters/C00044.md
Просмотреть файл

@ -1,17 +1,11 @@
# Keep people from posting to social media immediately
* **Type**: Counter TTP
* **Name**: Keep people from posting to social media immediately
* **Id**: C00044
# Counter C00044: Keep people from posting to social media immediately
* **Summary**: My interpretation is that this is method would be used to slow down activities or force a small delay between posts or replies to new posts.
* **Playbooks**: Rate restrict via regulation posting above a statistical threshold
Unless account is de-anonymized and advertised as automated messaging
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:** platform_algorithms

10
counters/C00045.md
Просмотреть файл

@ -1,16 +1,10 @@
# S4d detection and re-allocation approaches
* **Type**: Counter TTP
* **Name**: S4d detection and re-allocation approaches
* **Id**: C00045
# Counter C00045: S4d detection and re-allocation approaches
* **Summary**: What's S4D?
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:**

10
counters/C00046.md
Просмотреть файл

@ -1,16 +1,10 @@
# Marginalise and discredit extremist
* **Type**: Counter TTP
* **Name**: Marginalise and discredit extremist
* **Id**: C00046
# Counter C00046: Marginalise and discredit extremist
* **Summary**: Duplicate of "Name and Shame" - recommend removal. No, not quite.
* **Playbooks**:
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:**

10
counters/C00047.md
Просмотреть файл

@ -1,16 +1,10 @@
# Coordinated inauthentics
* **Type**: Counter TTP
* **Name**: Coordinated inauthentics
* **Id**: C00047
# Counter C00047: Coordinated inauthentics
* **Summary**:
* **Playbooks**:
* **Metatechnique**: data pollution
* **Metatechnique**: M008 - data pollution
* **Resources needed:**

10
counters/C00048.md
Просмотреть файл

@ -1,16 +1,10 @@
# Name and Shame
* **Type**: Counter TTP
* **Name**: Name and Shame
* **Id**: C00048
# Counter C00048: Name and Shame
* **Summary**:
* **Playbooks**: Identify the accounts, the real person's name and shame them on social media.
* **Metatechnique**: daylight
* **Metatechnique**: M003 - daylight
* **Resources needed:**

10
counters/C00049.md
Просмотреть файл

@ -1,16 +1,10 @@
# Influence literacy training
* **Type**: Counter TTP
* **Name**: Influence literacy training
* **Id**: C00049
# Counter C00049: Influence literacy training
* **Summary**: Inoculate against "cult" recruiting
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators

10
counters/C00050.md
Просмотреть файл

@ -1,16 +1,10 @@
# Anti-elicitation training
* **Type**: Counter TTP
* **Name**: Anti-elicitation training
* **Id**: C00050
# Counter C00050: Anti-elicitation training
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators

10
counters/C00051.md
Просмотреть файл

@ -1,16 +1,10 @@
# Phishing prevention education etc
* **Type**: Counter TTP
* **Name**: Phishing prevention education etc
* **Id**: C00051
# Counter C00051: Phishing prevention education etc
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators

10
counters/C00052.md
Просмотреть файл

@ -1,16 +1,10 @@
# Infiltrate platforms
* **Type**: Counter TTP
* **Name**: Infiltrate platforms
* **Id**: C00052
# Counter C00052: Infiltrate platforms
* **Summary**: Detect and degrade
* **Playbooks**:
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:** activists

10
counters/C00053.md
Просмотреть файл

@ -1,16 +1,10 @@
# Delete old accounts / Remove unused social media accounts
* **Type**: Counter TTP
* **Name**: Delete old accounts / Remove unused social media accounts
* **Id**: C00053
# Counter C00053: Delete old accounts / Remove unused social media accounts
* **Summary**:
* **Playbooks**: Social media companies remove inactive accounts. Account holders remove accounts they're no longer using. Influencers encourage people to remove their inactive accounts "Do you really need that old account" campaign, world-war-two poster-style. Create alternative memorial websites for accounts of deceased people, so their accounts can't be reactivated on 'live' sites. Educate/scare users on the risks of losing control over a dormant account (would their employer be forgiving if an account associated with the user suddenly starting posting extremist content?).
* **Metatechnique**: cleaning
* **Metatechnique**: M012 - cleaning
* **Resources needed:** platform_admin,platform_admin:socialmedia,public:account_owners

10
counters/C00054.md
Просмотреть файл

@ -1,16 +1,10 @@
# Media literacy training.
* **Type**: Counter TTP
* **Name**: Media literacy training.
* **Id**: C00054
# Counter C00054: Media literacy training.
* **Summary**: Leverage librarians / library for media literacy training. Covers detect, deny and degrade.
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators,libraries,schools,DHS,NGO,platform_outreach,media,community_groups,religious_organisations

10
counters/C00055.md
Просмотреть файл

@ -1,16 +1,10 @@
# Empower existing regulators to govern social media
* **Type**: Counter TTP
* **Name**: Empower existing regulators to govern social media
* **Id**: C00055
# Counter C00055: Empower existing regulators to govern social media
* **Summary**: Also covers Destroy.
* **Playbooks**: Government regulation. Government shutdown.
* **Metatechnique**: metatechnique
* **Metatechnique**: M007 - metatechnique
* **Resources needed:** government:policymakers,government,platform_admin

10
counters/C00056.md
Просмотреть файл

@ -1,16 +1,10 @@
# Get off social media
* **Type**: Counter TTP
* **Name**: Get off social media
* **Id**: C00056
# Counter C00056: Get off social media
* **Summary**:
* **Playbooks**:
* **Metatechnique**: friction
* **Metatechnique**: M004 - friction
* **Resources needed:**

10
counters/C00057.md
Просмотреть файл

@ -1,16 +1,10 @@
# Privacy standards
* **Type**: Counter TTP
* **Name**: Privacy standards
* **Id**: C00057
# Counter C00057: Privacy standards
* **Summary**:
* **Playbooks**:
* **Metatechnique**: scoring
* **Metatechnique**: M006 - scoring
* **Resources needed:**

10
counters/C00058.md
Просмотреть файл

@ -1,16 +1,10 @@
# Report crowdfunder as violator
* **Type**: Counter TTP
* **Name**: Report crowdfunder as violator
* **Id**: C00058
# Counter C00058: Report crowdfunder as violator
* **Summary**: counters crowdfunding
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00059.md
Просмотреть файл

@ -1,16 +1,10 @@
# Verification of project before posting (counters funding campaigns)
* **Type**: Counter TTP
* **Name**: Verification of project before posting (counters funding campaigns)
* **Id**: C00059
# Counter C00059: Verification of project before posting (counters funding campaigns)
* **Summary**:
* **Playbooks**:
* **Metatechnique**: verification
* **Metatechnique**: M011 - verification
* **Resources needed:**

10
counters/C00060.md
Просмотреть файл

@ -1,16 +1,10 @@
# Enhanced legal enforcement against for-profit follower/engagement factories
* **Type**: Counter TTP
* **Name**: Enhanced legal enforcement against for-profit follower/engagement factories
* **Id**: C00060
# Counter C00060: Enhanced legal enforcement against for-profit follower/engagement factories
* **Summary**:
* **Playbooks**:
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:** government:policymakers

10
counters/C00061.md
Просмотреть файл

@ -1,16 +1,10 @@
# Innoculating at language
* **Type**: Counter TTP
* **Name**: Innoculating at language
* **Id**: C00061
# Counter C00061: Innoculating at language
* **Summary**:
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:**

10
counters/C00062.md
Просмотреть файл

@ -1,16 +1,10 @@
# Free open library sources worldwide
* **Type**: Counter TTP
* **Name**: Free open library sources worldwide
* **Id**: C00062
# Counter C00062: Free open library sources worldwide
* **Summary**: Open-source libraries could be created that aid in some way for each technique. Even for Strategic Planning, some open-source frameworks such as AMITT can be created to counter the adversarial efforts.
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**

10
counters/C00063.md
Просмотреть файл

@ -1,16 +1,10 @@
# Ban political microtargeting
* **Type**: Counter TTP
* **Name**: Ban political microtargeting
* **Id**: C00063
# Counter C00063: Ban political microtargeting
* **Summary**:
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:** government:policymakers

10
counters/C00065.md
Просмотреть файл

@ -1,16 +1,10 @@
# Ban political ads
* **Type**: Counter TTP
* **Name**: Ban political ads
* **Id**: C00065
# Counter C00065: Ban political ads
* **Summary**:
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:** government:policymakers

10
counters/C00066.md
Просмотреть файл

@ -1,16 +1,10 @@
# Co-opt a hashtag and drown it out (hijack it back)
* **Type**: Counter TTP
* **Name**: Co-opt a hashtag and drown it out (hijack it back)
* **Id**: C00066
# Counter C00066: Co-opt a hashtag and drown it out (hijack it back)
* **Summary**:
* **Playbooks**:
* **Metatechnique**: dilution
* **Metatechnique**: M009 - dilution
* **Resources needed:**

10
counters/C00067.md
Просмотреть файл

@ -1,16 +1,10 @@
# Denigrate the recipient/ project (of online funding)
* **Type**: Counter TTP
* **Name**: Denigrate the recipient/ project (of online funding)
* **Id**: C00067
# Counter C00067: Denigrate the recipient/ project (of online funding)
* **Summary**:
* **Playbooks**:
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:**

10
counters/C00068.md
Просмотреть файл

@ -1,16 +1,10 @@
# Expose online funding as fake
* **Type**: Counter TTP
* **Name**: Expose online funding as fake
* **Id**: C00068
# Counter C00068: Expose online funding as fake
* **Summary**:
* **Playbooks**:
* **Metatechnique**: daylight
* **Metatechnique**: M003 - daylight
* **Resources needed:**

10
counters/C00069.md
Просмотреть файл

@ -1,16 +1,10 @@
# Mark clickbait visually
* **Type**: Counter TTP
* **Name**: Mark clickbait visually
* **Id**: C00069
# Counter C00069: Mark clickbait visually
* **Summary**:
* **Playbooks**:
* **Metatechnique**: daylight
* **Metatechnique**: M003 - daylight
* **Resources needed:**

10
counters/C00070.md
Просмотреть файл

@ -1,10 +1,4 @@
# Block access to platform. DDOS an attacker.
* **Type**: Counter TTP
* **Name**: Block access to platform. DDOS an attacker.
* **Id**: C00070
# Counter C00070: Block access to platform. DDOS an attacker.
* **Summary**: TA02*: DDOS at the critical time (ie. midterm-2018 elections DDOS against troll farms) to deny an adversary's time-bound objective.
@ -16,7 +10,7 @@ T0046 - Search Engine Optimization: Sub-optimal website performance affect its s
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00071.md
Просмотреть файл

@ -1,16 +1,10 @@
# Block source of pollution
* **Type**: Counter TTP
* **Name**: Block source of pollution
* **Id**: C00071
# Counter C00071: Block source of pollution
* **Summary**:
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00072.md
Просмотреть файл

@ -1,16 +1,10 @@
# Content censorship in non-relevant domains e.g. Pinterest antivax
* **Type**: Counter TTP
* **Name**: Content censorship in non-relevant domains e.g. Pinterest antivax
* **Id**: C00072
# Counter C00072: Content censorship in non-relevant domains e.g. Pinterest antivax
* **Summary**:
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00073.md
Просмотреть файл

@ -1,16 +1,10 @@
# Educate on how to handle info pollution. Push out targeted education on why it's pollution
* **Type**: Counter TTP
* **Name**: Educate on how to handle info pollution. Push out targeted education on why it's pollution
* **Id**: C00073
# Counter C00073: Educate on how to handle info pollution. Push out targeted education on why it's pollution
* **Summary**: Strategic planning included as innoculating population has strategic value. Example is the "Learn to Discern" Program, funded by the Canadian government, operated in Ukraine from July 2015 to March 2016. The program trained 15,000 Ukrainians in safe, informed media consumption techniques, including avoiding emotional manipulation, verifying sources, identifying hate speech, verifying expert credentials, detecting censorship, and debunking news, photos, and videos."
* **Playbooks**:
* **Metatechnique**: resilience
* **Metatechnique**: M001 - resilience
* **Resources needed:** educators

10
counters/C00074.md
Просмотреть файл

@ -1,10 +1,4 @@
# Identify identical content and mass deplatform
* **Type**: Counter TTP
* **Name**: Identify identical content and mass deplatform
* **Id**: C00074
# Counter C00074: Identify identical content and mass deplatform
* **Summary**:
@ -16,7 +10,7 @@ Playbook 3: Use message hashing and fuzzy hashing to detect identical/similar co
Playbook 4: Use plagiarism algorithm to detect similar blog posts.
Playbook 5: Use basic web scraping techniques, Google dorks, etc to identify similar head lines, uniques phrases, authorship, embedded links and any other correlating data point.
* **Metatechnique**: cleaning
* **Metatechnique**: M012 - cleaning
* **Resources needed:** platform_admin,platform_admin:socialmedia

10
counters/C00075.md
Просмотреть файл

@ -1,16 +1,10 @@
# normalise language
* **Type**: Counter TTP
* **Name**: normalise language
* **Id**: C00075
# Counter C00075: normalise language
* **Summary**:
* **Playbooks**:
* **Metatechnique**: countermessaging
* **Metatechnique**: M010 - countermessaging
* **Resources needed:**

10
counters/C00076.md
Просмотреть файл

@ -1,16 +1,10 @@
# Prohibit images in political discourse channels
* **Type**: Counter TTP
* **Name**: Prohibit images in political discourse channels
* **Id**: C00076
# Counter C00076: Prohibit images in political discourse channels
* **Summary**:
* **Playbooks**:
* **Metatechnique**: removal
* **Metatechnique**: M005 - removal
* **Resources needed:**

10
counters/C00077.md
Просмотреть файл

@ -1,16 +1,10 @@
# Active defence: replay "develop people"
* **Type**: Counter TTP
* **Name**: Active defence: replay "develop people"
* **Id**: C00077
# Counter C00077: Active defence: replay "develop people"
* **Summary**:
* **Playbooks**:
* **Metatechnique**: targeting
* **Metatechnique**: M013 - targeting
* **Resources needed:**

10
counters/C00078.md
Просмотреть файл

@ -1,16 +1,10 @@
# Change Search Algorithms for Disinformation Content. More specifically, change image search algorithms for hate groups and extremists
* **Type**: Counter TTP
* **Name**: Change Search Algorithms for Disinformation Content. More specifically, change image search algorithms for hate groups and extremists
* **Id**: C00078
# Counter C00078: Change Search Algorithms for Disinformation Content. More specifically, change image search algorithms for hate groups and extremists
* **Summary**: Note: Suggest a more generic technique since this applies to non-image content and to non-hate groups.
* **Playbooks**:
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

10
counters/C00079.md
Просмотреть файл

@ -1,16 +1,10 @@
# Change search algorithms for hate and extremist queries to show content sympathetic to opposite side
* **Type**: Counter TTP
* **Name**: Change search algorithms for hate and extremist queries to show content sympathetic to opposite side
* **Id**: C00079
# Counter C00079: Change search algorithms for hate and extremist queries to show content sympathetic to opposite side
* **Summary**:
* **Playbooks**:
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

10
counters/C00080.md
Просмотреть файл

@ -1,16 +1,10 @@
# Create competing narrative
* **Type**: Counter TTP
* **Name**: Create competing narrative
* **Id**: C00080
# Counter C00080: Create competing narrative
* **Summary**:
* **Playbooks**:
* **Metatechnique**: diversion
* **Metatechnique**: M002 - diversion
* **Resources needed:**

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше