Skip to content

Commit

Permalink
ATLAS Data 4.4, ATT&CK Enterprise v13
Browse files Browse the repository at this point in the history
  • Loading branch information
@lilyjw
lilyjw committed Apr 25, 2023
1 parent f7e1fe7 commit ff9c843
Show file tree
Hide file tree
Showing 24 changed files with 50 additions and 44 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# ATLAS Navigator Data Changelog

## [1.5.0]() (2023-04-25)

- ATLAS STIX updated with ATT&CK Enterprise v13
- Updated to use ATLAS Data 4.4.0

## [1.4.0]() (2023-03-01)

- Updated to use ATLAS Data 4.3.0
Expand Down
2 changes: 1 addition & 1 deletion atlas-data
Submodule atlas-data updated 9 files
+1 −1 .gitlab-ci.yml
+4 −0 CHANGELOG.md
+2 −0 data/case-studies/AML.CS0009.yaml
+1 −1 data/data.yaml
+1 −0 data/matrix.yaml
+456 −0 data/mitigations.yaml
+1 −1 data/techniques.yaml
+591 −2 dist/ATLAS.yaml
+12 −4 schemas/atlas_obj.py
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0000.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Evasion of Deep Learning Detector for Malware C&C Traffic",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0001.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Botnet Domain Generation Algorithm (DGA) Detection Evasion",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0002.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "VirusTotal Poisoning",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0003.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Bypassing Cylance's AI Malware Detection",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0004.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Camera Hijack Attack on Facial Recognition System",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0005.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Attack on Machine Translation Service - Google Translate, Bing Translator, and Systran Translate",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0006.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "ClearviewAI Misconfiguration",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0007.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "GPT-2 Model Replication",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0008.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "ProofPoint Evasion",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0009.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Tay Poisoning",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0010.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Microsoft Azure Service Disruption",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0011.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Microsoft Edge AI Evasion",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0012.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Face Identification System Evasion via Physical Countermeasures",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0013.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Backdoor Attack on Deep Learning Models in Mobile Apps",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0014.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Confusing Antimalware Neural Networks",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0015.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Compromised PyTorch Dependency Chain",
Expand Down
4 changes: 2 additions & 2 deletions dist/case-study-navigator-layers/AML.CS0016.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@
},
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "Achieving Code Execution in MathGPT via Prompt Injection",
Expand Down
4 changes: 2 additions & 2 deletions dist/default-navigator-layers/atlas_case_study_frequency.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@
"metadata": [
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "ATLAS Case Study Frequency",
Expand Down
4 changes: 2 additions & 2 deletions dist/default-navigator-layers/atlas_layer_matrix.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@
"metadata": [
{
"name": "atlas_data_version",
"value": "4.3.0"
"value": "4.4.0"
},
{
"name": "generated_on",
"value": "2023-03-01"
"value": "2023-04-25"
}
],
"name": "ATLAS Matrix",
Expand Down
2 changes: 1 addition & 1 deletion dist/stix-atlas.json
View file

Large diffs are not rendered by default.

7 changes: 4 additions & 3 deletions tools/generate_stix.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def __init__(self, **kwargs):
('description', properties.StringProperty()),
# https://github.com/oasis-open/cti-python-stix2/blob/master/stix2/properties.py#L197
('external_references', properties.ListProperty(ExternalReference)),
('tactic_refs', properties.ListProperty(properties.StringProperty))
('tactic_refs', properties.ListProperty(properties.ReferenceProperty(valid_types='x-mitre-tactic')))
])
class AttackMatrix():
"""Custom MITRE ATT&CK matrix STIX object."""
Expand All @@ -49,7 +49,7 @@ def __init__(self, **kwargs):
('x_mitre_version', properties.StringProperty()),
('spec_version', properties.StringProperty()),
('x_mitre_attack_spec_version', properties.StringProperty()),
('created_by_ref', properties.StringProperty()),
('created_by_ref', properties.ReferenceProperty(valid_types='identity')),
('object_marking_refs', properties.ListProperty(properties.IDProperty(type='x-mitre-collection'))),
('x_mitre_contents', properties.ListProperty(properties.DictionaryProperty())),
])
Expand Down Expand Up @@ -156,7 +156,8 @@ def to_stix_json(self, stix_output_filepath, atlas_url, identity_name):
name=f'{matrix["name"]}',
description=f'{self.data_id} matrix for {matrix["name"]}',
external_references=external_references,
tactic_refs=tactic_refs
tactic_refs=tactic_refs,
allow_custom=True
)

stix_matrices.append(stix_matrix_obj)
Expand Down
2 changes: 1 addition & 1 deletion tools/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
PyYAML==6.0
stix2==2.1.0
stix2==3.0.1

0 comments on commit ff9c843

Please sign in to comment.