maltoolbox.attackgraph.analyzers.apriori module
MAL-Toolbox Attack Graph Apriori Analyzer Submodule
This submodule contains analyzers that are relevant before attackers are even connected to the attack graph. Currently these are: - Viability = Determine if a node can be traversed under any circumstances or
if the model structure makes it unviable.
Necessity = Determine if a node is necessary for the attacker or if the model structure means it is not needed(it behaves as if it were already compromised) to compromise children attack steps.
- maltoolbox.attackgraph.analyzers.apriori.calculate_viability_and_necessity(graph: AttackGraph) None [source]
Arguments: graph - the attack graph for which we wish to determine the
viability and necessity statuses for the nodes.
- maltoolbox.attackgraph.analyzers.apriori.evaluate_necessity(node: AttackGraphNode) None [source]
Arguments: graph - the node to evaluate necessity for.
- maltoolbox.attackgraph.analyzers.apriori.evaluate_viability(node: AttackGraphNode) None [source]
Arguments: graph - the node to evaluate viability for.
- maltoolbox.attackgraph.analyzers.apriori.evaluate_viability_and_necessity(node: AttackGraphNode) None [source]
Arguments: graph - the node to evaluate viability and necessity for.
- maltoolbox.attackgraph.analyzers.apriori.propagate_necessity_from_node(node: AttackGraphNode) None [source]
Arguments: node - the attack graph node from which to propagate the necessary
status
- maltoolbox.attackgraph.analyzers.apriori.propagate_viability_from_node(node: AttackGraphNode) None [source]
Arguments: node - the attack graph node from which to propagate the viable
status
- maltoolbox.attackgraph.analyzers.apriori.propagate_viability_from_unviable_node(unviable_node: AttackGraphNode) set[AttackGraphNode] [source]
Update viability of nodes affected by newly enabled defense unviable_node in the graph and return any attack steps that are no longer viable because of it.
Propagate recursively via children as long as changes occur.
Arguments: unviable_node - the node to propagate viability from
Returns: attack_steps_made_unviable - set of the attack steps that have been
made unviable by a defense enabled in the current step. Builds up recursively.