MulVAL工具安装包

/* An implementation of the risk-assessment algorithm developed by Wang et al. Author(s) : Su Zhang Copyright (C) 2011, Argus Cybersecurity Lab, Kansas State University This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ import java.io.BufferedReader; import java.io.File; import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; import java.sql.Connection; import java.sql.DriverManager; //import java.sql.ResultSet; import java.sql.SQLException; //import java.sql.Statement; import java.util.ArrayList; import java.util.Hashtable; import java.util.Iterator; import java.util.Set; public class independentAlgoSumm { /**Input: An attack graph G with individual scores assigned to all vertices Output: A set of cumulative scores for all vertices of G Method: 3. While there exist unprocessed vertices 4. While there exists an unprocessed vertex v whose predecessors are all processed 5. Calculate P(v) and mark v as processed 6. For each vertex v in a cycle that has more than one incoming edge 7. Calculate P(v  ) and mark v  as processed 8. For each unprocessed vertex v  in the cycles 9. Calculate P(v  ) and mark v  as processed 10. Return the set of all calculated cumulative scores @param args */ public static void main(String[] args) { //nodes need to be stored at a hashtable with node id as the key and //an arraylist as its status including "type", status, //unprocessed table includes nodes haven't been processed //the key is their ids and the value is an arraylist including //status, type (leaf, and, or), predecessors (another string arraylist) Hashtable<String, node> unprocessed = initializeNodes(); //printArrayList((ArrayList<String>) unprocessed.get("2").get(3)); //processed table includes nodes whose metrics have been calculated. //the key of the table is the node id and the value is its metric Hashtable<String, Float> processed = new Hashtable<String, Float> (); Hashtable<String, Float> conProb = constructConProb(); // System.out.println("initialization finished"); //kernelAlgo is the kernel part of Wang's algorithm kernelAlgo(unprocessed, processed, conProb); } private static Hashtable<String, Float> constructConProb() { String line = ""; int index = 0; //String cve = ""; String ac = ""; String node = ""; // String successor = ""; //ArrayList<String> successors = new ArrayList<String>(); float conProb = 0; Hashtable<String, Float>conProbTable = new Hashtable<String, Float>(); //System.out.println("I am here"); try{ BufferedReader vertices= new BufferedReader(new FileReader("VERTICES.CSV")); while ((line = vertices.readLine()) != null) { //System.out.println(line); //if(line.contains("capability to likelihood")){ //System.out.println("I am here"); index = line.split(",").length; //find the id of the vulExist node node = line.split(",")[0]; //search the metric over database ac = line.split(",")[index-1]; //System.out.println(ac); conProb = Float.parseFloat(ac); //convert the letter metric into numeric value //conProb = convertLetter2Num(ac); //System.out.println("conProb is: "+ node +" : "+conProb); //for none-zeros, added them as conditional probabilities. if(!ac.trim().equals("0")) conProbTable.put(node, conProb); // } } } catch(Exception e){ e.printStackTrace(); } //System.out.println("conProbTable's size is: "+ conProbTable.size()); return conProbTable; } /* //lookup ac value of cve from NVD database private static String lookup_ac(String cve) { String access = ""; try{ Connection con = getConnection(); Statement sql = con.createStatement(); //String query = "select access from nvd where id=\""+cve+"\""; String query = "select access from nvd where id=\""+cve+"\""; //System.out.println(query); ResultSet result = sql.executeQuery(query); result.next(); access=result.getString(1); // System.out.println("access is: "+access); } catch(Exception e){ e.printStackTrace(); } return access; } */ public static Connection getConnection() throws SQLException, java.lang.ClassNotFoundException, IOException { Class.forName("com.mysql.jdbc.Driver"); String url=""; String userName=""; String password=""; File f = new File("config.txt"); String path = f.getPath(); BufferedReader breader= new BufferedReader(new FileReader(path)); url=breader.readLine(); userName=breader.readLine(); password=breader.readLine(); Connection con = DriverManager.getConnection(url, userName, password); return con; } //convert letter metric into numeric values /* private static float convertLetter2Num(String ac) { if(ac.equals("l")) return (float) 0.9; if(ac.equals("m")) return (float) 0.6; return (float)0.2; } */ private static Hashtable<String, node> initializeNodes() { Hashtable<String, node> unprocessed = new Hashtable<String, node> (); Hashtable<String, ArrayList<String>> predecessorDict = new Hashtable<String, ArrayList<String>>(); Hashtable<String, ArrayList<String>> successorDict = new Hashtable<String, ArrayList<String>>(); String line = ""; String id = ""; String predeccesorID = ""; String successorID = ""; String type = ""; ArrayList<String> predecessors = new ArrayList<String>(); ArrayList<String> successors = new ArrayList<String>(); try { BufferedReader arcs= new BufferedReader(new FileReader("ARCS.CSV")); //first step, collect all predecessors for each node arcs.mark(10000); //System.out.println(predecessorDict.get("14").size()); while ((line = arcs.readLine()) != null) { //node here is the key id = line.split(",")[0]; //System.out.println(node); //each precedent of the node predeccesorID = line.split(",")[1]; //if the node already has a record in the dictionary if(predecessorDict.containsKey(id)) //then take out the record predecessors = predecessorDict.get(id); else predecessors = new ArrayList<String>(); //if the newly discovered precedent hasn't been if(!predecessors.contains(predeccesorID)) predecessors.add(predeccesorID); //put the record back with the newly discovered precedent predecessorDict.put(id, predecessors); } //System.out.println(node); //System.out.println(predecessorDict.get("14").size()); arcs.reset(); while ((line = arcs.readLine()) != null) { //node here is the key successorID = line.split(",")[0]; //each precedent of the node id = line.split(",")[1]; //empty the succesors at the begining of each iteration //successors =null; //if the node already has a record in the dictionary if(successorDict.containsKey(id)) //then take out the record successors = successorDict.get(id); else successors= new ArrayList<String>(); //if the newly discovered precedent hasn't been if(!successors.contains(successorID)) successors.add(successorID); //put the record back with the newly discovered precedent successorDict.put(id, successors); } //se