In [5]:
from taxii2client.v20 import Server, Collection
from pymongo import MongoClient
import datetime
from stix2 import parse
import matplotlib.pyplot as plt
import networkx as nx
from matplotlib.pyplot import figure
from pyvis.network import Network
import plotly.graph_objs as go
from plotly.offline import plot
import nbformat
#!pip install pyvis plotly

In [6]:
mongo_client = MongoClient('localhost', 27017)
db = mongo_client.stix_database
collection = db.stix_data
G = nx.Graph()

In [7]:
server_url = 'https://cti-taxii.mitre.org/taxii/'

server = Server(server_url)

api_root = server.api_roots[0]

In [80]:
collection_id = '95ecc380-afe9-11e4-9b6c-751b66dd541e'

taxii_collection = Collection(f"{api_root.url}collections/{collection_id}/")

stix_objects = taxii_collection.get_objects()

if stix_objects.get("objects"):
    for obj in stix_objects["objects"]:
        # Jedes STIX-Objekt wird anhand seiner ID aktualisiert oder, falls nicht vorhanden, eingefügt
        collection.update_one({"id": obj["id"]}, {"$set": obj}, upsert=True)


In [None]:
collection_id = '95ecc380-afe9-11e4-9b6c-751b66dd541e'  # Beispiel-Collection-ID
collection = Collection(f"{api_root.url}collections/{collection_id}/")

# STIX-Objekte aus der Collection abrufen
stix_objects = collection.get_objects().get('objects', [])

# Extraktion der Objekte und Beziehungen
for obj in stix_objects:
    if obj['type'] == 'relationship':
        # Fügen Sie die Beziehung als Kante im Graphen hinzu
        G.add_edge(obj['source_ref'], obj['target_ref'], label=obj['relationship_type'])
    else:
        # Fügen Sie das Objekt als Knoten im Graphen hinzu
        G.add_node(obj['id'], label=obj.get('name', obj.get('type')))


In [31]:
def analyze_types():
    pipeline = [
        {"$group": {"_id": "$type", "count": {"$sum": 1}}}
    ]
    return list(collection.aggregate(pipeline))
    

In [32]:
def visualize_data(data):
    labels = [elem['_id'] for elem in data]
    counts = [elem['count'] for elem in data]
    
    # Erstellen eines Balkendiagramms
    plt.figure(figsize=(10, 6))
    plt.bar(labels, counts)
    plt.title('Anzahl der STIX-Objekte nach Typ')
    plt.xlabel('STIX-Objekttyp')
    plt.ylabel('Anzahl')
    plt.xticks(rotation=45, ha='right')  # Drehen der X-Achsen-Beschriftung für bessere Lesbarkeit
    plt.tight_layout()  # Sorgt für genügend Platz für die Beschriftung
    plt.show()

In [None]:
type_data = analyze_types()
visualize_data(type_data)

In [34]:
def analyze_relationships():
    pipeline = [
        {"$match": {"type": "relationship"}},
        {"$group": {"_id": "$relationship_type", "count": {"$sum": 1}}},
        {"$sort": {"count": -1}}  # Sortieren nach der häufigsten Beziehung
    ]
    return list(collection.aggregate(pipeline))

In [35]:
def visualize_relationships(data):
    # Beschränken auf die Top N Beziehungen
    top_relationships = data[:10]  # Nehmen Sie die Top 10 Beziehungstypen

    labels = [elem['_id'] for elem in top_relationships]
    counts = [elem['count'] for elem in top_relationships]
    
    plt.figure(figsize=(12, 6))
    plt.barh(labels, counts, color='skyblue')  # horizontales Balkendiagramm
    plt.title('Top 10 Beziehungstypen in STIX-Daten')
    plt.xlabel('Anzahl der Beziehungen')
    plt.ylabel('Beziehungstyp')
    plt.gca().invert_yaxis()  # Invertieren der Y-Achse, damit die höchsten Werte oben sind
    plt.tight_layout()
    plt.show()

In [None]:
relationship_data = analyze_relationships()
visualize_relationships(relationship_data)

In [None]:

pos = nx.spring_layout(G)

# Knoten und Kanten für Plotly extrahieren
edge_x = []
edge_y = []
for edge in G.edges():
    x0, y0 = pos[edge[0]]
    x1, y1 = pos[edge[1]]
    edge_x.append(x0)
    edge_x.append(x1)
    edge_x.append(None)
    edge_y.append(y0)
    edge_y.append(y1)
    edge_y.append(None)

edge_trace = go.Scatter(
    x=edge_x, y=edge_y,
    line=dict(width=0.5, color='#888'),
    hoverinfo='none',
    mode='lines')

node_x = []
node_y = []
text = []
for node in G.nodes():
    x, y = pos[node]
    node_x.append(x)
    node_y.append(y)
    text.append(node)

node_trace = go.Scatter(
    x=node_x, y=node_y,
    mode='markers+text',
    hoverinfo='text',
    text=text,
    textposition="bottom center",
    marker=dict(
        showscale=True,
        colorscale='YlGnBu',
        size=10,
        line_width=2))

# Graph erstellen
fig = go.Figure(data=[edge_trace, node_trace],
             layout=go.Layout(
                title='<br>Knowledge Graph mit Plotly',
                titlefont_size=16,
                showlegend=False,
                hovermode='closest',
                margin=dict(b=20,l=5,r=5,t=40),
                annotations=[ dict(
                    text="Python-Graphen-Visualisierung",
                    showarrow=False,
                    xref="paper", yref="paper",
                    x=0.005, y=-0.002 ) ],
                xaxis=dict(showgrid=False, zeroline=False, showticklabels=False),
                yaxis=dict(showgrid=False, zeroline=False, showticklabels=False))
                )

# Visualisierung
fig.show()