# Set working directory

In [2]:
import os
cwd = os.path.split(os.getcwd())
if cwd[-1] == 'tutorials':
    os.chdir('..')
    print(f'Changed directory to {os.getcwd()}')
!python --version

Python 3.7.4


# Import modules

In [3]:
from meta_analysis.find_riskiest_software import load_graph_network, riskiest_software, riskiest_software_network_specific
from meta_analysis.sum_unique_cves import load_graph_network, count_unique_cves, count_unique_cves_network_specific
from meta_analysis.meta_analysis_scripts.count_bron_contents import count_contents

# Extra meta-analysis

This notebook contains _extra_ meta-analysis files that can be run on BRON_db and network-specific BRON_db. Make sure to first build the BRON_db before running the meta-analysis. A tutorial on how to build BRON is available in the tutorials folder.

# Find riskiest software

This file finds the software (listed as an Affected Platform Configuration) that has the highest sum of CVSS scores in a BRON_db or network-specific BRON_db. If this file is used for a network-specific BRON_db, it finds the highest sum of CVSS scores for only Affected Platform Configurations which are connected to other nodes. The file outputs the highest CVSS score and the software with the score. To find the riskiest software, run the following command:
```
python -m meta_analysis.find_riskiest_software --db_path DB_PATH --network_specific (optional)
```
`DB_PATH` is file path of a BRON_db or network-specific BRON_db. If BRON_db is network-specific, add the argument `--network_specific`.

In [4]:
db_path = 'data/BRON_db.json'
graph = load_graph_network(db_path)
riskiest_software(graph)

74.50000000000001 {'freerdp', 'lexiglot'}


(74.50000000000001, {'freerdp', 'lexiglot'})

# Sum CVSS scores of unique Vulnerabilities

This file sums the CVSS scores of unique Vulnerabilities that exist in BRON_db. In the case of a network-specific BRON_db, this file sums the CVSS scores of unique Vulnerabilities for each node in the network. For example, if a Vulnerability connects to two Affected Platform Configurations and the two Affected Platform Configurations connect to the same node, then the CVSS score of that Vulnerability will be counted only once. To sum the CVSS scores of unique Vulnerabilities, run the following command:
```
python -m meta_analysis.sum_unique_cves --db_path DB_PATH --network_specific (optional)
```
`DB_PATH` is file path of a BRON_db or network-specific BRON_db. If BRON_db is network-specific, add the argument `--network_specific`.

In [5]:
db_path = 'data/BRON_db.json'
graph = load_graph_network(db_path)
count_unique_cves(graph)

1013.9999999999999


1013.9999999999999

# Count contents of BRON_db

This file counts the connections between data types in BRON_db. To count contents of BRON_db, run the following command:
```
python meta_analysis/meta_analysis_scripts/count_bron_contents.py --data_summary_folder_path DATA_SUMMARY_FOLDER_PATH --all_versions (optional) --all_years (optional)
```
`DATA_SUMMARY_FOLDER_PATH` is the folder path containing subfolders of the data summaries for all data types. To consider all versions of Affected Platform Configurations, add the argument `--all_versions`. To consider all years of Vulnerability data, add the argument `--all_years`.

In [6]:
data_summary_folder_path = 'data'
all_versions = True
all_years = True
count_contents(data_summary_folder_path, all_versions, all_years)

tactic dict  {'floating': 0, 'above_only': 12, 'below_only': 0, 'both': 0}
technique dict  {'floating': 1, 'above_only': 195, 'below_only': 0, 'both': 70}
capec dict  {'floating': 128, 'above_only': 14, 'below_only': 325, 'both': 52}
cwe dict  {'floating': 0, 'above_only': 212, 'below_only': 9, 'both': 30}
cve dict  {'floating': 73, 'above_only': 0, 'below_only': 4, 'both': 140}
cpe dict  {'floating': 0, 'above_only': 277, 'below_only': 0, 'both': 0}
