private void AnalyzeRelationships([NotNull] ThreatSource threatSource, [NotNull] Attack_PatternType attack)
{
foreach (var relatedAttack in attack.Related_Attack_Patterns)
{
if (relatedAttack.Relationship_Target_Form == RelationshipTypeRelationship_Target_Form.AttackPattern &&
relatedAttack.Relationship_Nature != null && relatedAttack.Relationship_Nature.Count > 0)
{
switch (relatedAttack.Relationship_Nature[0])
{
case RelationshipTypeRelationship_Nature.ChildOf:
foreach (var view in relatedAttack.Relationship_Views)
{
threatSource.AddParentChild(view.Value, relatedAttack.Relationship_Target_ID, Id);
}
break;
case RelationshipTypeRelationship_Nature.ParentOf:
foreach (var view in relatedAttack.Relationship_Views)
{
threatSource.AddParentChild(view.Value, Id, relatedAttack.Relationship_Target_ID);
}
break;
}
}
}
}
public ThreatSourceNode([NotNull] ThreatSource threatSource, [NotNull] Attack_PatternType attack)
{
Id = attack.ID;
Name = attack.Name;
IsRoot = false;
ThreatSourceType = ThreatSourceType.Capec;
AnalyzeRelationships(threatSource, attack);
_properties.Add(new KeyValuePair <string, string>("Name", attack.Name));
if (attack.Description?.Summary != null)
{
_properties.Add(new KeyValuePair <string, string>("Summary", Convert(attack.Description.Summary)));
}
var alternate = Convert(attack.Alternate_Terms);
if (!string.IsNullOrWhiteSpace(alternate))
{
_properties.Add(new KeyValuePair <string, string>("Alternate Terms", alternate));
}
var attackSurface = Convert(attack.Target_Attack_Surface);
if (!string.IsNullOrWhiteSpace(attackSurface))
{
_properties.Add(new KeyValuePair <string, string>("Target Attack Surface", attackSurface));
}
var prerequisites = Convert(attack.Attack_Prerequisites);
if (!string.IsNullOrWhiteSpace(prerequisites))
{
_properties.Add(new KeyValuePair <string, string>("Prerequisites", prerequisites));
}
_properties.Add(new KeyValuePair <string, string>("Severity", attack.Typical_Severity.ToString()));
_properties.Add(new KeyValuePair <string, string>("Likelihood of Exploit", attack.Typical_Likelihood_of_Exploit.Likelihood));
var methodsOfAttack = Convert(attack.Methods_of_Attack);
if (!string.IsNullOrWhiteSpace(methodsOfAttack))
{
_properties.Add(new KeyValuePair <string, string>("Methods of Attack", methodsOfAttack));
}
var examples = Convert(attack.ExamplesInstances);
if (!string.IsNullOrWhiteSpace(examples))
{
_properties.Add(new KeyValuePair <string, string>("Examples", examples));
}
var skills = Convert(attack.Attacker_Skills_or_Knowledge_Required);
if (!string.IsNullOrWhiteSpace(skills))
{
_properties.Add(new KeyValuePair <string, string>("Skills or Knowledge Required", skills));
}
var resources = Convert(attack.Resources_Required);
if (!string.IsNullOrWhiteSpace(resources))
{
_properties.Add(new KeyValuePair <string, string>("Resources Required", resources));
}
var probing = Convert(attack.Probing_Techniques);
if (!string.IsNullOrWhiteSpace(probing))
{
_properties.Add(new KeyValuePair <string, string>("Probing Techniques", probing));
}
var warning = Convert(attack.IndicatorsWarnings_of_Attack);
if (!string.IsNullOrWhiteSpace(warning))
{
_properties.Add(new KeyValuePair <string, string>("Warning of Attack", warning));
}
var obfuscation = Convert(attack.Obfuscation_Techniques);
if (!string.IsNullOrWhiteSpace(obfuscation))
{
_properties.Add(new KeyValuePair <string, string>("Obfuscation Techniques", obfuscation));
}
var mitigations = Convert(attack.Solutions_and_Mitigations);
if (!string.IsNullOrWhiteSpace(mitigations))
{
_properties.Add(new KeyValuePair <string, string>("Solutions and Mitigations", mitigations));
}
var injectionVector = Convert(attack.Injection_Vector);
if (!string.IsNullOrWhiteSpace(injectionVector))
{
_properties.Add(new KeyValuePair <string, string>("Injection Vector", injectionVector));
}
var payload = Convert(attack.Payload);
if (!string.IsNullOrWhiteSpace(payload))
{
_properties.Add(new KeyValuePair <string, string>("Payload", payload));
}
var activationZone = Convert(attack.Activation_Zone);
if (!string.IsNullOrWhiteSpace(activationZone))
{
_properties.Add(new KeyValuePair <string, string>("Activation Zone", activationZone));
}
var activationImpact = Convert(attack.Payload_Activation_Impact);
if (!string.IsNullOrWhiteSpace(activationImpact))
{
_properties.Add(new KeyValuePair <string, string>("Payload Activation Impact", activationImpact));
}
var weaknesses = Convert(attack.Related_Weaknesses);
if (!string.IsNullOrWhiteSpace(weaknesses))
{
_properties.Add(new KeyValuePair <string, string>("Related Weaknesses", weaknesses));
}
var vulnerabilities = Convert(attack.Related_Vulnerabilities);
if (!string.IsNullOrWhiteSpace(vulnerabilities))
{
_properties.Add(new KeyValuePair <string, string>("Related Vulnerabilities", vulnerabilities));
}
var requirements = Convert(attack.Relevant_Security_Requirements);
if (!string.IsNullOrWhiteSpace(requirements))
{
_properties.Add(new KeyValuePair <string, string>("Security Requirements", requirements));
}
var principles = Convert(attack.Related_Security_Principles);
if (!string.IsNullOrWhiteSpace(principles))
{
_properties.Add(new KeyValuePair <string, string>("Security Principles", principles));
}
var guidelines = Convert(attack.Related_Guidelines);
if (!string.IsNullOrWhiteSpace(guidelines))
{
_properties.Add(new KeyValuePair <string, string>("Related Guidelines", guidelines));
}
var ciaImpact = Convert(attack.CIA_Impact);
if (!string.IsNullOrWhiteSpace(ciaImpact))
{
_properties.Add(new KeyValuePair <string, string>("CIA Impact", ciaImpact));
}
var context = Convert(attack.Technical_Context);
if (!string.IsNullOrWhiteSpace(context))
{
_properties.Add(new KeyValuePair <string, string>("Technical Context", context));
}
var references = Convert(attack.References);
if (!string.IsNullOrWhiteSpace(references))
{
_properties.Add(new KeyValuePair <string, string>("References", references));
}
var notes = Convert(attack.Other_Notes);
if (!string.IsNullOrWhiteSpace(notes))
{
_properties.Add(new KeyValuePair <string, string>("Other Notes", notes));
}
}
