maltoolbox.attackgraph.analyzers.apriori module
MAL-Toolbox Attack Graph Apriori Analyzer Submodule
This submodule contains analyzers that are relevant before attackers are even connected to the attack graph. Currently these are: - Viability = Determine if a node can be traversed under any circumstances or
if the model structure makes it unviable.
Necessity = Determine if a node is necessary for the attacker or if the model structure means it is not needed(it behaves as if it were already compromised) to compromise children attack steps.
- maltoolbox.attackgraph.analyzers.apriori.calculate_viability_and_necessity(graph: AttackGraph) None [source]
Arguments: graph - the attack graph for which we wish to determine the
viability and necessity statuses for the nodes.
- maltoolbox.attackgraph.analyzers.apriori.evaluate_necessity(node: AttackGraphNode) None [source]
Arguments: graph - the node to evaluate necessity for.
- maltoolbox.attackgraph.analyzers.apriori.evaluate_viability(node: AttackGraphNode) None [source]
Arguments: graph - the node to evaluate viability for.
- maltoolbox.attackgraph.analyzers.apriori.propagate_necessity_from_node(node: AttackGraphNode) set[AttackGraphNode] [source]
Update necessity of children of node givein as parameter. Propagate recursively via children as long as changes occur. Return all nodes which have changed necessity.
Arguments: node - the attack graph node from which to propagate the
necessity status
Returns: changed_nodes - set of nodes that have changed necessity
- maltoolbox.attackgraph.analyzers.apriori.propagate_viability_from_node(node: AttackGraphNode) set[AttackGraphNode] [source]
Update viability of children of node givein as parameter. Propagate recursively via children as long as changes occur. Return all nodes which have changed viability.
Arguments: node - the attack graph node from which to propagate the
viability status
Returns: changed_nodes - set of nodes that have changed viability