MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 14:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chg: [ATLAS] Update to latest version #newUUIDsForAll

Browse source
This commit is contained in:
Christophe Vandeplas 2024-05-13 15:14:20 +02:00
parent 28c00d6541
commit f3838f4550
No known key found for this signature in database
GPG key ID: BDC48619FFDC5A5B
4 changed files with 323 additions and 264 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
.vscode/launch.json vendored
View file

@ -19,6 +19,15 @@
"args": "-p ../../DW-VA-Taxonomy",
"cwd": "${fileDirname}"
},
{
"name": "gen_mitre_atlas",
"type": "debugpy",
"request": "launch",
"program": "${file}",
"console": "integratedTerminal",
"args": "-p ../../atlas-navigator-data",
"cwd": "${fileDirname}"
},
{
"name": "Python Debugger: Current File",
"type": "debugpy",

342
clusters/mitre-atlas-attack-pattern.json
View file

File diff suppressed because it is too large Load diff

226
clusters/mitre-atlas-course-of-action.json
View file

@ -19,21 +19,35 @@
},
"related": [
{
"dest-uuid": "229ead06-da1e-443c-8ff1-e57a3ae0eb61",
"dest-uuid": "65d21e6b-7abe-4623-8f5c-88011cb362cb",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "d93b2175-90a8-4250-821f-dcc3bbbe194c",
"dest-uuid": "8c26f51a-c403-4c4d-852a-a1c56fe9e7cd",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "aa17fe8d-62f8-4c4c-b7a2-6858c82dd84b",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b23cda85-3457-406d-b043-24d2cf9e6fcf",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "0b016f6f-2f61-493c-bf9d-02cad4c027df",
"uuid": "40076545-e797-4508-a294-943096a12111",
"value": "Limit Release of Public Information"
},
{
@ -46,28 +60,28 @@
},
"related": [
{
"dest-uuid": "292ebe33-addc-4fe7-b2a9-4856293c4c96",
"dest-uuid": "0ec538ca-589b-4e42-bcaa-06097a0d679f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "6945b742-f1d5-4a83-ba4a-d0e0de6620c3",
"dest-uuid": "a3baff3d-7228-4ab7-ae00-ffe150e7ef8a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "6a7f4fc2-272b-4f86-b137-70fa3e239f58",
"dest-uuid": "c086784e-1494-4f75-a4a0-d3ad054b9428",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "c0f65fa8-8e05-4481-b934-ff2c452ae8c3",
"uuid": "79c75215-ada9-4c22-bfed-7d13fb6e966e",
"value": "Limit Model Artifact Release"
},
{
@ -80,49 +94,49 @@
},
"related": [
{
"dest-uuid": "569d6edd-0140-4ab2-97b1-3635d62f40cc",
"dest-uuid": "86b5f486-afb8-4aa9-991f-0e24d5737f0c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "65c5e3b8-9296-46a2-ae7d-1b68a79cbe54",
"dest-uuid": "943303ef-846b-49d6-b53f-b0b9341ac1ca",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "79cdc11c-2ca9-4a6a-96a0-18bd84943086",
"dest-uuid": "c4e52005-7416-45c4-9feb-8cd5fd34f70a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "83c5ba15-5312-4c7d-bbb4-f9c4f2c6ffca",
"dest-uuid": "c552f0b5-2e2c-4f8f-badc-0876ecca7255",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8a115a02-2b88-4a3e-9212-a39dc086320b",
"dest-uuid": "e19c6f8a-f1e2-46cc-9387-03a3092f01ed",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b5d1fd4f-861f-43e0-b1ca-ee8a3b47f7e1",
"dest-uuid": "f78e0ac3-6d72-42ed-b20a-e10d8c752cf6",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "6b53cb14-eade-4760-8dae-75164e62cb7e",
"uuid": "9f92e876-e2c0-4def-afee-626a4a79c524",
"value": "Passive ML Output Obfuscation"
},
{
@ -135,21 +149,21 @@
},
"related": [
{
"dest-uuid": "8bcf7648-2683-421d-b623-bc539de59cb3",
"dest-uuid": "071df654-813a-4708-85dc-f715f785d37f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "bb747632-d988-45ff-9cb3-97d827b4d9db",
"dest-uuid": "8735735d-c09d-4298-8e64-9a2b6168a74c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "04e9bb75-1b7e-4825-bc3f-774850d3c1ef",
"uuid": "216f862c-7f34-4676-a913-c4ec6cc4c2cd",
"value": "Model Hardening"
},
{
@ -162,77 +176,77 @@
},
"related": [
{
"dest-uuid": "1cc7f877-cb60-419a-bd1e-32b704b534d0",
"dest-uuid": "6c1fca80-3ba9-41c9-8f7b-9824310a94f1",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "3247b43f-1888-4158-b3da-5b7c7dfaa4e2",
"dest-uuid": "86b5f486-afb8-4aa9-991f-0e24d5737f0c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "3b829988-8bdb-4c4e-a4dd-500a3d3fd3e4",
"dest-uuid": "8f644f37-e2e6-468e-b720-f395b8c27fbc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "569d6edd-0140-4ab2-97b1-3635d62f40cc",
"dest-uuid": "943303ef-846b-49d6-b53f-b0b9341ac1ca",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "65c5e3b8-9296-46a2-ae7d-1b68a79cbe54",
"dest-uuid": "ae71ca3a-8ca4-40d2-bdba-4276b29ac8f9",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "79cdc11c-2ca9-4a6a-96a0-18bd84943086",
"dest-uuid": "b07d147f-51c8-4eb6-9a05-09c86762a9c1",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "83c5ba15-5312-4c7d-bbb4-f9c4f2c6ffca",
"dest-uuid": "c4e52005-7416-45c4-9feb-8cd5fd34f70a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8a115a02-2b88-4a3e-9212-a39dc086320b",
"dest-uuid": "c552f0b5-2e2c-4f8f-badc-0876ecca7255",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b5d1fd4f-861f-43e0-b1ca-ee8a3b47f7e1",
"dest-uuid": "e19c6f8a-f1e2-46cc-9387-03a3092f01ed",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "ba5645e5-d1ab-4f1f-8b82-cb0792543fa8",
"dest-uuid": "f78e0ac3-6d72-42ed-b20a-e10d8c752cf6",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "4a048bfe-dab5-434b-86cc-f4586951ec0d",
"uuid": "46b3e92d-600b-47c9-80f5-ed62a5db0377",
"value": "Restrict Number of ML Model Queries"
},
{
@ -245,56 +259,56 @@
},
"related": [
{
"dest-uuid": "0d002b6b-d006-4aab-a7f9-fa69f4a1e675",
"dest-uuid": "0ec538ca-589b-4e42-bcaa-06097a0d679f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "2792e1f0-3132-4876-878d-a900b8a40e7d",
"dest-uuid": "2680aa95-5620-4677-9c62-b0c3d15d9450",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "481486ed-846c-43ce-931b-86b8a18556b0",
"dest-uuid": "452b8fdf-8679-4013-bb38-4d16f65430bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "666f4d33-1a62-4ad7-9bf9-6387cd3f1fd7",
"dest-uuid": "8d644240-ad99-4410-a7f8-3ef8f53a463e",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "68034561-a079-4052-9b64-427bfcff76ff",
"dest-uuid": "a50f02df-1130-4945-94bb-7857952da585",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "6945b742-f1d5-4a83-ba4a-d0e0de6620c3",
"dest-uuid": "d1f013a8-11f3-4560-831c-8ed5e39247c9",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "822cb1e2-f35f-4b35-a650-59b7770d4abc",
"dest-uuid": "e0eb2b64-aebd-4412-80f3-b71d7805a65f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "da785068-ece5-4c52-b77d-39e1b24cb6d7",
"uuid": "0025dadf-7900-497f-aa03-39f0e319f20e",
"value": "Control Access to ML Models and Data at Rest"
},
{
@ -307,42 +321,42 @@
},
"related": [
{
"dest-uuid": "2792e1f0-3132-4876-878d-a900b8a40e7d",
"dest-uuid": "071df654-813a-4708-85dc-f715f785d37f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "4627c4e6-fb06-4bfa-add5-dc46e0043aff",
"dest-uuid": "452b8fdf-8679-4013-bb38-4d16f65430bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8a115a02-2b88-4a3e-9212-a39dc086320b",
"dest-uuid": "8735735d-c09d-4298-8e64-9a2b6168a74c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8bcf7648-2683-421d-b623-bc539de59cb3",
"dest-uuid": "c552f0b5-2e2c-4f8f-badc-0876ecca7255",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "bb747632-d988-45ff-9cb3-97d827b4d9db",
"dest-uuid": "d8292a1c-21e7-4b45-b110-0e05feb30a9a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "de7a696b-f688-454c-bf61-476a68b50e9f",
"uuid": "dcb586a2-1135-4e2a-97bd-d4adbc79758b",
"value": "Use Ensemble Methods"
},
{
@ -355,32 +369,32 @@
},
"related": [
{
"dest-uuid": "666f4d33-1a62-4ad7-9bf9-6387cd3f1fd7",
"dest-uuid": "0ec538ca-589b-4e42-bcaa-06097a0d679f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "6945b742-f1d5-4a83-ba4a-d0e0de6620c3",
"dest-uuid": "8d644240-ad99-4410-a7f8-3ef8f53a463e",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "822cb1e2-f35f-4b35-a650-59b7770d4abc",
"dest-uuid": "e0eb2b64-aebd-4412-80f3-b71d7805a65f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "7e20b527-6299-4ee3-863e-59fee7cdaa9a",
"uuid": "9395d240-cc32-452a-911b-04feea01bcfb",
"value": "Sanitize Training Data"
},
{
"description": "Validate that machine learning models perform as intended by testing for backdoor triggers or adversarial bias.\n",
"description": "Validate that machine learning models perform as intended by testing for backdoor triggers or adversarial bias.\nMonitor model for concept drift and training data drift, which may indicate data tampering and poisoning.\n",
"meta": {
"external_id": "AML.M0008",
"refs": [
@ -389,28 +403,28 @@
},
"related": [
{
"dest-uuid": "2792e1f0-3132-4876-878d-a900b8a40e7d",
"dest-uuid": "452b8fdf-8679-4013-bb38-4d16f65430bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "68034561-a079-4052-9b64-427bfcff76ff",
"dest-uuid": "a50f02df-1130-4945-94bb-7857952da585",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "822cb1e2-f35f-4b35-a650-59b7770d4abc",
"dest-uuid": "e0eb2b64-aebd-4412-80f3-b71d7805a65f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "32bd077a-90ce-4e97-ad40-8f130a1a7dab",
"uuid": "01c2ec0a-e257-4a75-9e59-f71aa6362b6e",
"value": "Validate ML Model"
},
{
@ -423,21 +437,21 @@
},
"related": [
{
"dest-uuid": "bb747632-d988-45ff-9cb3-97d827b4d9db",
"dest-uuid": "071df654-813a-4708-85dc-f715f785d37f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "e0958449-a880-4410-bbb1-fa102030a883",
"dest-uuid": "4d5c6974-0307-4535-bf37-7bb4c6a2ef47",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "532918ce-83cf-4f6f-86fa-8ad4024e91ab",
"uuid": "1bb9d9a7-c05a-470f-a709-64bd240e2eb0",
"value": "Use Multi-Modal Sensors"
},
{
@ -450,28 +464,28 @@
},
"related": [
{
"dest-uuid": "79cdc11c-2ca9-4a6a-96a0-18bd84943086",
"dest-uuid": "071df654-813a-4708-85dc-f715f785d37f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8bcf7648-2683-421d-b623-bc539de59cb3",
"dest-uuid": "8735735d-c09d-4298-8e64-9a2b6168a74c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "bb747632-d988-45ff-9cb3-97d827b4d9db",
"dest-uuid": "c4e52005-7416-45c4-9feb-8cd5fd34f70a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "88aea80f-498f-403d-b82f-e76c44f9da94",
"uuid": "73a34f24-1ad1-4421-b9c8-c2cbd13e6f47",
"value": "Input Restoration"
},
{
@ -484,14 +498,14 @@
},
"related": [
{
"dest-uuid": "d52b913b-808c-461d-8969-94cd5c9fe07b",
"dest-uuid": "be6ef5c5-1ecb-486d-9743-42085bd2c256",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "6cd8c9ca-bd46-489f-9ccb-5b76b8ef580e",
"uuid": "179e00cb-0948-4282-9132-f8a1f0ff6bd7",
"value": "Restrict Library Loading"
},
{
@ -504,28 +518,28 @@
},
"related": [
{
"dest-uuid": "0d002b6b-d006-4aab-a7f9-fa69f4a1e675",
"dest-uuid": "6a88dccb-fb37-4f11-a5ad-42908aaee1d0",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "529fac49-5f88-4a3c-829f-eb50cb90bcf1",
"dest-uuid": "d1f013a8-11f3-4560-831c-8ed5e39247c9",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b67fc223-fecf-4ee6-9de7-9392d9f04060",
"dest-uuid": "e2ebc190-9ff6-496e-afeb-ac868df2361e",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "8bba19a7-fc6f-4381-8b34-2d43cdc14627",
"uuid": "aad92d43-774b-4612-8437-8d6c7ee7e4af",
"value": "Encrypt Sensitive Information"
},
{
@ -538,28 +552,28 @@
},
"related": [
{
"dest-uuid": "2792e1f0-3132-4876-878d-a900b8a40e7d",
"dest-uuid": "452b8fdf-8679-4013-bb38-4d16f65430bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "4627c4e6-fb06-4bfa-add5-dc46e0043aff",
"dest-uuid": "be6ef5c5-1ecb-486d-9743-42085bd2c256",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "d52b913b-808c-461d-8969-94cd5c9fe07b",
"dest-uuid": "d8292a1c-21e7-4b45-b110-0e05feb30a9a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "c55ed072-eca7-41d6-b5e0-68c10753544d",
"uuid": "88073b07-2fe9-41cb-8e76-6e244fbabc74",
"value": "Code Signing"
},
{
@ -572,28 +586,28 @@
},
"related": [
{
"dest-uuid": "0799f2f2-1038-4391-ba1f-4117595db45a",
"dest-uuid": "be6ef5c5-1ecb-486d-9743-42085bd2c256",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b6697dbf-3e3f-41ce-a212-361d1c0ca0e9",
"dest-uuid": "d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "d52b913b-808c-461d-8969-94cd5c9fe07b",
"dest-uuid": "f4fc2abd-71a4-401a-a742-18fc5aeb4bc3",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "a861f658-4203-48ba-bdca-fe068518eefb",
"uuid": "cdccb3ab-2dde-41a9-a988-783a25b7bd00",
"value": "Verify ML Artifacts"
},
{
@ -606,39 +620,39 @@
},
"related": [
{
"dest-uuid": "1cc7f877-cb60-419a-bd1e-32b704b534d0",
"dest-uuid": "071df654-813a-4708-85dc-f715f785d37f",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "79cdc11c-2ca9-4a6a-96a0-18bd84943086",
"dest-uuid": "8735735d-c09d-4298-8e64-9a2b6168a74c",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "8bcf7648-2683-421d-b623-bc539de59cb3",
"dest-uuid": "8f644f37-e2e6-468e-b720-f395b8c27fbc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "bb747632-d988-45ff-9cb3-97d827b4d9db",
"dest-uuid": "c4e52005-7416-45c4-9feb-8cd5fd34f70a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "825f21ab-f3c9-46ce-b539-28f295f519f8",
"uuid": "0ed2ef71-cdc9-4eef-8432-1c3dadbdda20",
"value": "Adversarial Input Detection"
},
{
"description": "Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.\n\nFile formats such as pickle files that are commonly used to store machine learning models can contain exploits that allow for arbitrary code execution.\n",
"description": "Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.\n\nFile formats such as pickle files that are commonly used to store machine learning models can contain exploits that allow for arbitrary code execution.\nBoth model artifacts and downstream products produced by models should be scanned for known vulnerabilities.\n",
"meta": {
"external_id": "AML.M0016",
"refs": [
@ -647,18 +661,25 @@
},
"related": [
{
"dest-uuid": "d52b913b-808c-461d-8969-94cd5c9fe07b",
"dest-uuid": "be6ef5c5-1ecb-486d-9743-42085bd2c256",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "c704a49c-abf0-4258-9919-a862b1865469",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "e2cb599d-2714-4673-bc1a-976c471d7c58",
"uuid": "79752061-aac1-4ed9-b7f3-3b4dc5e81280",
"value": "Vulnerability Scanning"
},
{
"description": "Deploying ML models to edge devices can increase the attack surface of the system. Consider serving models in the cloud to reduce the level of access the adversary has to the model.\n",
"description": "Deploying ML models to edge devices can increase the attack surface of the system.\nConsider serving models in the cloud to reduce the level of access the adversary has to the model.\nAlso consider computing features in the cloud to prevent gray-box attacks, where an adversary has access to the model preprocessing methods.\n",
"meta": {
"external_id": "AML.M0017",
"refs": [
@ -667,28 +688,28 @@
},
"related": [
{
"dest-uuid": "2792e1f0-3132-4876-878d-a900b8a40e7d",
"dest-uuid": "3de90963-bc9f-4ae1-b780-7d05e46eacdd",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "51c95da5-d7f1-4b57-9229-869b80305b37",
"dest-uuid": "452b8fdf-8679-4013-bb38-4d16f65430bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "afcd723a-e5ff-4c09-8f72-fe16f7345af7",
"dest-uuid": "ab01ba21-1438-4cd9-a588-92eb271086bc",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "79316871-3bf9-4a59-b517-b0156e84fcb4",
"uuid": "432c3a44-3974-4b73-9eb9-fa5dd5298e47",
"value": "Model Distribution Methods"
},
{
@ -701,23 +722,50 @@
},
"related": [
{
"dest-uuid": "5e8e4108-beb6-479a-a617-323d425e5d03",
"dest-uuid": "8c849dd4-5d15-45aa-b5b2-59c96a3ab939",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "d52b913b-808c-461d-8969-94cd5c9fe07b",
"dest-uuid": "be6ef5c5-1ecb-486d-9743-42085bd2c256",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "8c2cb25a-46b0-4551-beeb-21e8425a48bd",
"uuid": "cce983e7-13a2-4545-8c39-ec6c8dff148d",
"value": "User Training"
},
{
"description": "Require users to verify their identities before accessing a production model.\nRequire authentication for API endpoints and monitor production model queries to ensure compliance with usage policies and to prevent model misuse.\n",
"meta": {
"external_id": "AML.M0019",
"refs": [
"https://atlas.mitre.org/mitigations/AML.M0019"
]
},
"related": [
{
"dest-uuid": "90a420d4-3f03-4800-86c0-223c4376804a",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
},
{
"dest-uuid": "b07d147f-51c8-4eb6-9a05-09c86762a9c1",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "mitigates"
}
],
"uuid": "7b00dd51-f719-433d-afd6-3d386f64386d",
"value": "Control Access to ML Models and Data in Production"
}
],
"version": 10
"version": 12
}

10
tools/gen_mitre_atlas.py
View file

@ -107,9 +107,11 @@ for item in attack_data['objects']:
if 'external_id' in reference and reference.get("source_name", None) in mitre_sources:
value['meta']['external_id'] = reference['external_id']
if not value['meta'].get('external_id', None):
exit("Entry is missing an external ID, please update mitre_sources. Available references: {}".format(
json.dumps(item['external_references'])
))
# dataset also contains MITRE ATT&CK, whenever we don't find external ID from the allowed sources it's a sign that the entry is not of the type of interest
continue
# exit("Entry is missing an external ID, please update mitre_sources. Available references: {}".format(
# json.dumps(item['external_references'])
# ))
if 'kill_chain_phases' in item: # many (but not all) attack-patterns have this
value['meta']['kill_chain'] = []
@ -127,7 +129,7 @@ for item in attack_data['objects']:
all_data_uuid[uuid] = value
except Exception as e:
except Exception:
print(json.dumps(item, sort_keys=True, indent=2))
import traceback
traceback.print_exc()