本文整理汇总了Python中stix.common.Confidence类的典型用法代码示例。如果您正苦于以下问题:Python Confidence类的具体用法?Python Confidence怎么用?Python Confidence使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Confidence类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _add_stix_indicators
def _add_stix_indicators(self, final_indicator_objects, ttp_id):
"""Create and add STIX Indicators for a list of Object History entries.
Link each Indicator to their Indicated TTP.
Note:
Each STIX Indicator is added to the STIX Package stored in the ``stix_package`` class
member.
Args:
final_indicator_objects: a list of ``maec.bundle.object_history.ObjectHistoryEntry`` objects representing
the final, pruned list of Objects to be used in the STIX Indicators.
ttp_id: the id of the STIX TTP that each STIX Indicator should reference as its Indicated TTP.
"""
object_values_list = []
actions_list = []
final_object_list = []
# Deduplicate the Objects and combine their Actions
for entry in final_indicator_objects:
object = entry.object
# Test if we've already created an Indicator for this Object
obj_values = BundleDeduplicator.get_object_values(object)
if obj_values not in object_values_list:
object_values_list.append(obj_values)
final_object_list.append(object)
actions_list.append(entry.get_action_names())
else:
object_index = object_values_list.index(obj_values)
existing_actions = actions_list[object_index]
existing_actions += entry.get_action_names()
# Create the STIX Indicators
for object in final_object_list:
object_index = final_object_list.index(object)
indicator = Indicator()
indicator.title = "Malware Artifact Extracted from MAEC Document"
indicator.add_indicator_type("Malware Artifacts")
indicator.add_observable(object.properties)
# Add the Action-derived description to the Indicator
description = "Corresponding Action(s): "
for action_name in actions_list[object_index]:
description += (action_name + ", ")
indicator.description = description[:-2]
# Set the proper Confidence on the Indicator
confidence = Confidence()
confidence.value = "Low"
confidence.description = "Tool-generated Indicator. It is HIGHLY recommended that it be vetted by a human analyst before usage."
indicator.confidence = confidence
# Link the Indicator to its Indicated TTP
ttp = TTP(idref=ttp_id)
indicator.add_indicated_ttp(ttp)
# Add the Indicator to the STIX Package
self.stix_package.add_indicator(indicator)示例2: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(Incident, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class):
return_obj.time = Time.from_obj(obj.Time)
return_obj.victims = _Victims.from_obj(obj.Victim)
return_obj.categories = IncidentCategories.from_obj(obj.Categories)
return_obj.intended_effects = _IntendedEffects.from_obj(obj.Intended_Effect)
return_obj.affected_assets = AffectedAssets.from_obj(obj.Affected_Assets)
return_obj.discovery_methods = DiscoveryMethods.from_obj(obj.Discovery_Method)
return_obj.coa_taken = _COAsTaken.from_obj(obj.COA_Taken)
return_obj.coa_requested = _COAsRequested.from_obj(obj.COA_Requested)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.attributed_threat_actors = AttributedThreatActors.from_obj(obj.Attributed_Threat_Actors)
return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.related_observables = RelatedObservables.from_obj(obj.Related_Observables)
return_obj.leveraged_ttps = LeveragedTTPs.from_obj(obj.Leveraged_TTPs)
return_obj.related_incidents = RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.history = History.from_obj(obj.History)
return_obj.responders = _InformationSources.from_obj(obj.Responder)
return_obj.coordinators = _InformationSources.from_obj(obj.Coordinator)
return_obj.external_ids = _ExternalIDs.from_obj(obj.External_ID)
return_obj.reporter = InformationSource.from_obj(obj.Reporter)
return_obj.impact_assessment = ImpactAssessment.from_obj(obj.Impact_Assessment)
return_obj.security_compromise = VocabString.from_obj(obj.Security_Compromise)
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj示例3: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.id
return_obj.idref = obj.idref
return_obj.timestamp = obj.timestamp
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.version
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(obj.Short_Description)
return_obj.identity = Identity.from_obj(obj.Identity)
return_obj.types = [Statement.from_obj(x) for x in obj.Type]
return_obj.motivations = [Statement.from_obj(x) for x in obj.Motivation]
return_obj.sophistications = [Statement.from_obj(x) for x in obj.Sophistication]
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.Intended_Effect]
return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.Planning_And_Operational_Support]
return_obj.observed_ttps = ObservedTTPs.from_obj(obj.Observed_TTPs)
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
return_obj.associated_actors = AssociatedActors.from_obj(obj.Associated_Actors)
return_obj.handling = Marking.from_obj(obj.Handling)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.information_source = InformationSource.from_obj(obj.Information_Source)
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj示例4: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
super(ThreatActor, cls).from_dict(dict_repr, return_obj=return_obj)
get = dict_repr.get
return_obj.identity = Identity.from_dict(get('identity'))
return_obj.types = _Types.from_dict(get('types'))
return_obj.motivations = _Motivations.from_dict(get('motivations'))
return_obj.sophistications = _Sophistications.from_dict(get('sophistications'))
return_obj.intended_effects = _IntendedEffects.from_dict(get('intended_effects'))
return_obj.planning_and_operational_supports = \
_PlanningAndOperationalSupports.from_dict(get('planning_and_operational_supports'))
return_obj.observed_ttps = ObservedTTPs.from_dict(get('observed_ttps'))
return_obj.associated_campaigns = AssociatedCampaigns.from_dict(get('associated_campaigns'))
return_obj.associated_actors = AssociatedActors.from_dict(get('associated_actors'))
return_obj.handling = Marking.from_dict(get('handling'))
return_obj.confidence = Confidence.from_dict(get('confidence'))
return_obj.related_packages = RelatedPackageRefs.from_dict(get('related_packages'))
return return_obj示例5: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
super(Incident, cls).from_dict(dict_repr, return_obj=return_obj)
get = dict_repr.get
return_obj.time = Time.from_dict(get('time'))
return_obj.victims = _Victims.from_dict(get('victims'))
return_obj.categories = IncidentCategories.from_dict(get('categories'))
return_obj.attributed_threat_actors = AttributedThreatActors.from_dict(get('attributed_threat_actors'))
return_obj.related_indicators = RelatedIndicators.from_dict(get('related_indicators'))
return_obj.related_observables = RelatedObservables.from_dict(get('related_observables'))
return_obj.related_incidents = RelatedIncidents.from_dict(get('related_incidents'))
return_obj.intended_effects = _IntendedEffects.from_list(get('intended_effects'))
return_obj.leveraged_ttps = LeveragedTTPs.from_dict(get('leveraged_ttps'))
return_obj.affected_assets = AffectedAssets.from_dict(get('affected_assets'))
return_obj.discovery_methods = DiscoveryMethods.from_dict(get('discovery_methods'))
return_obj.reporter = InformationSource.from_dict(get('reporter'))
return_obj.responders = _InformationSources.from_dict(get('responders'))
return_obj.coordinators = _InformationSources.from_dict(get('coordinators'))
return_obj.external_ids = _ExternalIDs.from_dict(get('external_ids'))
return_obj.impact_assessment = ImpactAssessment.from_dict(get('impact_assessment'))
return_obj.security_compromise = VocabString.from_dict(get('security_compromise'))
return_obj.confidence = Confidence.from_dict(get('confidence'))
return_obj.coa_taken = _COAsTaken.from_dict(get('coa_taken'))
return_obj.coa_requested = _COAsRequested.from_dict(get('coa_requested'))
return_obj.status = VocabString.from_dict(get('status'))
return_obj.history = History.from_dict(get('history'))
return_obj.related_packages = RelatedPackageRefs.from_dict(get('related_packages'))
return return_obj示例6: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = dict_repr.get('id')
return_obj.idref = dict_repr.get('idref')
return_obj.timestamp = dict_repr.get('timestamp')
return_obj.version = dict_repr.get('version', cls._version)
return_obj.title = dict_repr.get('title')
return_obj.description = StructuredText.from_dict(dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description'))
return_obj.time = Time.from_dict(dict_repr.get('time'))
return_obj.victims = [Identity.from_dict(x) for x in dict_repr.get('victims', [])]
return_obj.categories = [IncidentCategory.from_dict(x) for x in dict_repr.get('categories', [])]
return_obj.attributed_threat_actors = AttributedThreatActors.from_dict(dict_repr.get('attributed_threat_actors'))
return_obj.related_indicators = RelatedIndicators.from_dict(dict_repr.get('related_indicators'))
return_obj.related_observables = RelatedObservables.from_dict(dict_repr.get('related_observables'))
return_obj.related_incidents = RelatedIncidents.from_dict(dict_repr.get('related_incidents'))
return_obj.intended_effects = [Statement.from_dict(x) for x in dict_repr.get('intended_effects', [])]
return_obj.leveraged_ttps = LeveragedTTPs.from_dict(dict_repr.get('leveraged_ttps'))
return_obj.affected_assets = [AffectedAsset.from_dict(x) for x in dict_repr.get('affected_assets', [])]
return_obj.discovery_methdos = [DiscoveryMethod.from_dict(x) for x in dict_repr.get('discovery_methods', [])]
return_obj.reporter = InformationSource.from_dict(dict_repr.get('reporter'))
return_obj.responders = [InformationSource.from_dict(x) for x in dict_repr.get('responders', [])]
return_obj.coordinators = [InformationSource.from_dict(x) for x in dict_repr.get('coordinators', [])]
return_obj.external_ids = [ExternalID.from_dict(x) for x in dict_repr.get('external_ids', [])]
return_obj.impact_assessment = ImpactAssessment.from_dict(dict_repr.get('impact_assessment'))
return_obj.information_source = InformationSource.from_dict(dict_repr.get('information_source'))
return_obj.security_compromise = SecurityCompromise.from_dict(dict_repr.get('security_compromise'))
return_obj.confidence = Confidence.from_dict(dict_repr.get('confidence'))
return_obj.coa_taken = [COATaken.from_dict(x) for x in dict_repr.get('coa_taken', [])]
return return_obj示例7: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(Campaign, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class):
return_obj.names = Names.from_obj(obj.Names)
return_obj.intended_effects = \
_IntendedEffects.from_obj(obj.Intended_Effect)
return_obj.status = VocabString.from_obj(obj.Status)
return_obj.related_ttps = RelatedTTPs.from_obj(obj.Related_TTPs)
return_obj.related_incidents = \
RelatedIncidents.from_obj(obj.Related_Incidents)
return_obj.related_indicators = \
RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.attribution = _AttributionList.from_obj(obj.Attribution)
return_obj.associated_campaigns = \
AssociatedCampaigns.from_obj(obj.Associated_Campaigns)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.activity = _Activities.from_obj(obj.Activity)
return_obj.related_packages = \
RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj示例8: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = obj.get_id()
return_obj.idref = obj.get_idref()
return_obj.timestamp = obj.get_timestamp()
if isinstance(obj, cls._binding_class): # ThreatActorType properties
return_obj.version = obj.get_version() if obj.get_version() else cls._version
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.identity = Identity.from_obj(obj.get_Identity())
return_obj.types = [Statement.from_obj(x) for x in obj.get_Type()]
return_obj.motivations = [Statement.from_obj(x) for x in obj.get_Motivation()]
return_obj.sophistications = [Statement.from_obj(x) for x in obj.get_Sophistication()]
return_obj.intended_effects = [Statement.from_obj(x) for x in obj.get_Intended_Effect()]
return_obj.planning_and_operational_supports = [Statement.from_obj(x) for x in obj.get_Planning_And_Operational_Support()]
return_obj.observed_ttps = ObservedTTPs.from_obj(obj.get_Observed_TTPs())
return_obj.associated_campaigns = AssociatedCampaigns.from_obj(obj.get_Associated_Campaigns())
return_obj.associated_actors = AssociatedActors.from_obj(obj.get_Associated_Actors())
return_obj.handling = Marking.from_obj(obj.get_Handling())
return_obj.confidence = Confidence.from_obj(obj.get_Confidence())
return_obj.information_source = InformationSource.from_obj(obj.get_Information_Source())
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.get_Related_Packages())
return return_obj示例9: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
super(Indicator, cls).from_obj(obj, return_obj=return_obj)
if isinstance(obj, cls._binding_class):
return_obj.negate = obj.negate
return_obj.producer = InformationSource.from_obj(obj.Producer)
return_obj.confidence = Confidence.from_obj(obj.Confidence)
return_obj.sightings = Sightings.from_obj(obj.Sightings)
return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_obj(obj.Composite_Indicator_Expression)
return_obj.kill_chain_phases = KillChainPhasesReference.from_obj(obj.Kill_Chain_Phases)
return_obj.related_indicators = RelatedIndicators.from_obj(obj.Related_Indicators)
return_obj.likely_impact = Statement.from_obj(obj.Likely_Impact)
return_obj.indicator_types = IndicatorTypes.from_obj(obj.Type)
return_obj.test_mechanisms = TestMechanisms.from_obj(obj.Test_Mechanisms)
return_obj.suggested_coas = SuggestedCOAs.from_obj(obj.Suggested_COAs)
return_obj.alternative_id = obj.Alternative_ID
return_obj.indicated_ttps = _IndicatedTTPs.from_obj(obj.Indicated_TTP)
return_obj.valid_time_positions = _ValidTimePositions.from_obj(obj.Valid_Time_Position)
return_obj.observable = Observable.from_obj(obj.Observable)
return_obj.related_campaigns = RelatedCampaignRefs.from_obj(obj.Related_Campaigns)
return_obj.related_packages = RelatedPackageRefs.from_obj(obj.Related_Packages)
return return_obj示例10: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
super(Campaign, cls).from_dict(dict_repr, return_obj=return_obj)
get = dict_repr.get # PEP 8 line lengths
return_obj.names = Names.from_dict(get('names'))
return_obj.intended_effects = \
_IntendedEffects.from_dict(get('intended_effects'))
return_obj.status = VocabString.from_dict(get('status'))
return_obj.related_ttps = \
RelatedTTPs.from_dict(get('related_ttps'))
return_obj.related_incidents = \
RelatedIncidents.from_dict(get('related_incidents'))
return_obj.related_indicators = \
RelatedIndicators.from_dict(get('related_indicators'))
return_obj.attribution = _AttributionList.from_list(get('attribution'))
return_obj.associated_campaigns = \
AssociatedCampaigns.from_dict(get('associated_campaigns'))
return_obj.confidence = \
Confidence.from_dict(get('confidence'))
return_obj.activity = _Activities.from_dict(get('activity'))
return_obj.related_packages = \
RelatedPackageRefs.from_dict(get('related_packages'))
return return_obj示例11: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.id_ = dict_repr.get('id')
return_obj.idref = dict_repr.get('idref')
return_obj.timestamp = dict_repr.get('timestamp')
return_obj.version = dict_repr.get('version')
return_obj.title = dict_repr.get('title')
return_obj.description = StructuredText.from_dict(dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description'))
return_obj.identity = Identity.from_dict(dict_repr.get('identity'))
return_obj.types = [Statement.from_dict(x) for x in dict_repr.get('types', [])]
return_obj.motivations = [Statement.from_dict(x) for x in dict_repr.get('motivations', [])]
return_obj.sophistications = [Statement.from_dict(x) for x in dict_repr.get('sophistications', [])]
return_obj.intended_effects = [Statement.from_dict(x) for x in dict_repr.get('intended_effects', [])]
return_obj.planning_and_operational_supports = [Statement.from_dict(x)
for x in dict_repr.get('planning_and_operational_supports', [])]
return_obj.observed_ttps = ObservedTTPs.from_dict(dict_repr.get('observed_ttps'))
return_obj.associated_campaigns = AssociatedCampaigns.from_dict(dict_repr.get('associated_campaigns'))
return_obj.associated_actors = AssociatedActors.from_dict(dict_repr.get('associated_actors'))
return_obj.handling = Marking.from_dict(dict_repr.get('handling'))
return_obj.confidence = Confidence.from_dict(dict_repr.get('confidence'))
return_obj.information_source = InformationSource.from_dict(dict_repr.get('information_source'))
return_obj.related_packages = RelatedPackageRefs.from_dict(dict_repr.get('related_packages'))
return return_obj示例12: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
super(Indicator, cls).from_dict(dict_repr, return_obj=return_obj)
get = dict_repr.get
return_obj.negate = get('negate')
return_obj.alternative_id = get('alternative_id')
return_obj.indicated_ttps = _IndicatedTTPs.from_dict(get('indicated_ttps'))
return_obj.test_mechanisms = TestMechanisms.from_list(get('test_mechanisms'))
return_obj.suggested_coas = SuggestedCOAs.from_dict(get('suggested_coas'))
return_obj.sightings = Sightings.from_dict(get('sightings'))
return_obj.composite_indicator_expression = CompositeIndicatorExpression.from_dict(get('composite_indicator_expression'))
return_obj.kill_chain_phases = KillChainPhasesReference.from_dict(get('kill_chain_phases'))
return_obj.related_indicators = RelatedIndicators.from_dict(get('related_indicators'))
return_obj.likely_impact = Statement.from_dict(get('likely_impact'))
return_obj.indicator_types = IndicatorTypes.from_list(get('indicator_types'))
return_obj.confidence = Confidence.from_dict(get('confidence'))
return_obj.valid_time_positions = _ValidTimePositions.from_dict(get('valid_time_positions'))
return_obj.observable = Observable.from_dict(get('observable'))
return_obj.producer = InformationSource.from_dict(get('producer'))
return_obj.related_campaigns = RelatedCampaignRefs.from_dict(get('related_campaigns'))
return_obj.related_packages = RelatedPackageRefs.from_dict(get('related_packages'))
return return_obj示例13: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.applicability_confidence = Confidence.from_obj(obj.get_Applicability_Confidence())
return return_obj示例14: from_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.descriptions = StructuredTextList.from_obj(obj.Description)
return_obj.short_descriptions = StructuredTextList.from_obj(obj.Short_Description)
return_obj.applicability_confidence = Confidence.from_obj(obj.Applicability_Confidence)
return return_obj示例15: from_dict
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.description = StructuredText.from_dict(dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description'))
return_obj.applicability_confidence = Confidence.from_dict(dict_repr.get('applicability_confidence'))
return return_obj