Skip to content
AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools.
Jupyter Notebook HTML Python
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
generating_code Synched amitt object descriptions Oct 16, 2019
history added 6-monthly report Aug 29, 2019
incidents
matrices Added tasks list to tactics files Jul 18, 2019
phases added tactic descriptions, added local descriptions to technique lists Jul 26, 2019
tactics Synched amitt object descriptions Oct 16, 2019
tasks test generating framework diagram Jul 14, 2019
techniques
.DS_Store Synched amitt object descriptions Oct 16, 2019
AMITT logo v03.png added AMITT logos (thanks DavidP) Aug 1, 2019
AMITT logo v03.svg added AMITT logos (thanks DavidP) Aug 1, 2019
LICENSE.md added license, updated readme Jul 16, 2019
README.md
incidents.md moved AMITT datasheet generating code into a library, added heatmap v… Jul 28, 2019
matrix.md Synched amitt object descriptions Oct 16, 2019
matrix_to_message.html

README.md

Credibility Coalition AMITT Framework

AMITT (Adversarial Misinformation and Influence Tactics and Techniques) is a framework designed for describing and understanding disinformation incidents. AMITT is part of misinfosec - work on adapting information security (infosec) practices to help track and counter misinformation, and is designed as far as possible to fit existing infosec practices and tools.

AMITT's style is based on the MITRE ATT&CK framework; we're working on generating STIX templates for all its objects so it can be passed between ISAOs and similar bodies using standards like TAXI.

How this works

The framework is shown in Framework diagram. Its entities are:

  • Tactics: stages that someone running a misinformation incident is likely to use
  • Techniques: activities that might be seen at each stage
  • Tasks: things that need to be done at each stage. In Pablospeak, tasks are things you do, techniques are how you do them.
  • Phases: higher-level groupings of tactics, created so we could check we didn't miss anything

There's a directory for each of these entities, containing a datasheet for each individual entity (e.g. technique T0046 Search Engine Optimization). The details above "DO NOT EDIT ABOVE THIS LINE" are generated from the code and spreadsheet in folder generating_code, which you can use to update framework metadata; you can add notes below "DO NOT EDIT ABOVE THIS LINE" and they won't be removed when you do metadata updates. (Yes, this is an unholy hack, but it's one that lets us generate all the messages we need, and keep notes in the same place.)

The framework was created by finding and analysing a set of existing misinformation incidents, which also have room for more notes.

Updating the fileset

The code to create all the datasheets is in directory generating_code

  • Metadata is in the file amitt_metadata_v3.xlsx
  • If you change something in the metadata file, go into generating_code, and type "python amitt.py" - this will update the metadata in all the datasheets, and create a datasheet each for any new objects you've added to the spreadsheet.
  • If you don't have any datasheets yet, use "python amitt.py" to create them all.

Provenance

AMITT was created by the Credibilty Coalition's Misinfosec working group, which is the standards group connected to Misinfosec. We would love any and all suggestions for improvements, comments and offers of help via the issues list on this github.

AMITT is licensed under CC-BY-4.0

You can’t perform that action at this time.