/*
An implementation of the risk-assessment algorithm developed by Wang et al.
Author(s) : Su Zhang
Copyright (C) 2011, Argus Cybersecurity Lab, Kansas State University
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
//import java.sql.ResultSet;
import java.sql.SQLException;
//import java.sql.Statement;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
public class independentAlgoSumm {
/**Input: An attack graph G with individual scores assigned to all vertices
Output: A set of cumulative scores for all vertices of G
Method:
3. While there exist unprocessed vertices
4. While there exists an unprocessed vertex v whose predecessors are all processed
5. Calculate P(v) and mark v as processed
6. For each vertex v in a cycle that has more than one incoming edge
7. Calculate P(v
) and mark v
as processed
8. For each unprocessed vertex v
in the cycles
9. Calculate P(v
) and mark v
as processed
10. Return the set of all calculated cumulative scores @param args
*/
public static void main(String[] args) {
//nodes need to be stored at a hashtable with node id as the key and
//an arraylist as its status including "type", status,
//unprocessed table includes nodes haven't been processed
//the key is their ids and the value is an arraylist including
//status, type (leaf, and, or), predecessors (another string arraylist)
Hashtable<String, node> unprocessed = initializeNodes();
//printArrayList((ArrayList<String>) unprocessed.get("2").get(3));
//processed table includes nodes whose metrics have been calculated.
//the key of the table is the node id and the value is its metric
Hashtable<String, Float> processed = new Hashtable<String, Float> ();
Hashtable<String, Float> conProb = constructConProb();
// System.out.println("initialization finished");
//kernelAlgo is the kernel part of Wang's algorithm
kernelAlgo(unprocessed, processed, conProb);
}
private static Hashtable<String, Float> constructConProb() {
String line = "";
int index = 0;
//String cve = "";
String ac = "";
String node = "";
// String successor = "";
//ArrayList<String> successors = new ArrayList<String>();
float conProb = 0;
Hashtable<String, Float>conProbTable = new Hashtable<String, Float>();
//System.out.println("I am here");
try{
BufferedReader vertices= new BufferedReader(new FileReader("VERTICES.CSV"));
while ((line = vertices.readLine()) != null) {
//System.out.println(line);
//if(line.contains("capability to likelihood")){
//System.out.println("I am here");
index = line.split(",").length;
//find the id of the vulExist node
node = line.split(",")[0];
//search the metric over database
ac = line.split(",")[index-1];
//System.out.println(ac);
conProb = Float.parseFloat(ac);
//convert the letter metric into numeric value
//conProb = convertLetter2Num(ac);
//System.out.println("conProb is: "+ node +" : "+conProb);
//for none-zeros, added them as conditional probabilities.
if(!ac.trim().equals("0"))
conProbTable.put(node, conProb);
// }
}
}
catch(Exception e){
e.printStackTrace();
}
//System.out.println("conProbTable's size is: "+ conProbTable.size());
return conProbTable;
}
/*
//lookup ac value of cve from NVD database
private static String lookup_ac(String cve) {
String access = "";
try{
Connection con = getConnection();
Statement sql = con.createStatement();
//String query = "select access from nvd where id=\""+cve+"\"";
String query = "select access from nvd where id=\""+cve+"\"";
//System.out.println(query);
ResultSet result = sql.executeQuery(query);
result.next();
access=result.getString(1);
// System.out.println("access is: "+access);
}
catch(Exception e){
e.printStackTrace();
}
return access;
}
*/
public static Connection getConnection() throws SQLException,
java.lang.ClassNotFoundException, IOException {
Class.forName("com.mysql.jdbc.Driver");
String url="";
String userName="";
String password="";
File f = new File("config.txt");
String path = f.getPath();
BufferedReader breader= new BufferedReader(new FileReader(path));
url=breader.readLine();
userName=breader.readLine();
password=breader.readLine();
Connection con = DriverManager.getConnection(url, userName, password);
return con;
}
//convert letter metric into numeric values
/*
private static float convertLetter2Num(String ac) {
if(ac.equals("l"))
return (float) 0.9;
if(ac.equals("m"))
return (float) 0.6;
return (float)0.2;
}
*/
private static Hashtable<String, node> initializeNodes() {
Hashtable<String, node> unprocessed = new Hashtable<String, node> ();
Hashtable<String, ArrayList<String>> predecessorDict = new Hashtable<String, ArrayList<String>>();
Hashtable<String, ArrayList<String>> successorDict = new Hashtable<String, ArrayList<String>>();
String line = "";
String id = "";
String predeccesorID = "";
String successorID = "";
String type = "";
ArrayList<String> predecessors = new ArrayList<String>();
ArrayList<String> successors = new ArrayList<String>();
try {
BufferedReader arcs= new BufferedReader(new FileReader("ARCS.CSV"));
//first step, collect all predecessors for each node
arcs.mark(10000);
//System.out.println(predecessorDict.get("14").size());
while ((line = arcs.readLine()) != null) {
//node here is the key
id = line.split(",")[0];
//System.out.println(node);
//each precedent of the node
predeccesorID = line.split(",")[1];
//if the node already has a record in the dictionary
if(predecessorDict.containsKey(id))
//then take out the record
predecessors = predecessorDict.get(id);
else
predecessors = new ArrayList<String>();
//if the newly discovered precedent hasn't been
if(!predecessors.contains(predeccesorID))
predecessors.add(predeccesorID);
//put the record back with the newly discovered precedent
predecessorDict.put(id, predecessors);
}
//System.out.println(node);
//System.out.println(predecessorDict.get("14").size());
arcs.reset();
while ((line = arcs.readLine()) != null) {
//node here is the key
successorID = line.split(",")[0];
//each precedent of the node
id = line.split(",")[1];
//empty the succesors at the begining of each iteration
//successors =null;
//if the node already has a record in the dictionary
if(successorDict.containsKey(id))
//then take out the record
successors = successorDict.get(id);
else
successors= new ArrayList<String>();
//if the newly discovered precedent hasn't been
if(!successors.contains(successorID))
successors.add(successorID);
//put the record back with the newly discovered precedent
successorDict.put(id, successors);
}
//se
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
mulval.tar.gz (66个子文件)
mulval
utils
oval_translate.sh 3KB
ARCS_sed_script.sed 73B
ARCS_noLabel.sed 58B
vul_summary.sh 2KB
VERTICES_no_metric.sed 193B
render.sh 2KB
riskAssess.sh 1KB
nessus_vul_summary.sh 2KB
compute_metrics.sh 537B
probAssess.sh 945B
nvd_sync.sh 2KB
getMulVALDownloadersInfo.sh 121B
ARCS_reverse.sed 73B
ARCS.sed 73B
dom.py 6KB
VERTICES_simple_no_metric.sed 187B
nessusXML_translate.sh 2KB
graph_gen.sh 6KB
VERTICES_coloured_sed_script.sed 153B
getVisitorInfo.sh 278B
VERTICES_simple.sed 614B
load_policy.sh 433B
trim.py 10KB
runRiskAssess.sh 397B
ARCS_reverse_noLabel.sed 58B
nessus_translate.sh 3KB
VERTICES.sed 376B
risk_assessment.py 33KB
testcases
h2v1s5.P 14KB
3host
input.P 919B
kb
interaction_rules_with_metric_artifacts.P 9KB
interaction_rules.P 10KB
interaction_rules_with_metrics.P 9KB
src
metrics
independentAlgoSumm.java 28KB
node.java 1KB
Makefile 194B
analyzer
advances_trim.P 1KB
translate.P 16KB
advances_notrim.P 16B
auxiliary.P 4KB
attack_trace.P 2KB
adapter
oval_translator.P 1KB
MetricParser.java 3KB
GetTplQry_nessusXML.java 6KB
InitializeDB.java 9KB
GetTplQry.java 4KB
vul_summary.P 2KB
nessus_translator.P 2KB
mysqlConnectionChecker.java 3KB
Makefile 475B
GetCVEID.java 5KB
NessusXMLParser.java 4KB
XMLConstructor.java 3KB
attack_graph
graphit.l 932B
attack_graph.h 11KB
attack_graph.cpp 36KB
Makefile 561B
graphit.y 8KB
Queue.h 9KB
lib
dom4j-1.6.1.jar 307KB
libmulval.P 7KB
jaxen-1.1.1.jar 222KB
mysql-connector-java-5.1.8-bin.jar 707KB
doc
README 10KB
LICENSE 37KB
Makefile 299B
bin
metrics
adapter
共 66 条
- 1
资源评论
学号9527的小铭同学
- 粉丝: 55
- 资源: 5
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功