PyPI - mal-toolbox - Versions diffs - 0.3.6__tar.gz → 0.3.7__tar.gz - Mend

mal-toolbox 0.3.6tar.gz → 0.3.7tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

{mal_toolbox-0.3.6/mal_toolbox.egg-info → mal_toolbox-0.3.7}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.6
+Version: 0.3.7
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.6 → mal_toolbox-0.3.7/mal_toolbox.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.3.6
+Version: 0.3.7
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
 License: Apache Software License

{mal_toolbox-0.3.6 → mal_toolbox-0.3.7}/maltoolbox/__init__.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v0.3.6
+# MAL Toolbox v0.3.7
 # Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 __title__ = "maltoolbox"
-__version__ = "0.3.6"
+__version__ = "0.3.7"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",

{mal_toolbox-0.3.6 → mal_toolbox-0.3.7}/maltoolbox/attackgraph/analyzers/apriori.py RENAMED Viewed

@@ -195,7 +195,7 @@ def prune_unviable_and_unnecessary_nodes(graph: AttackGraph) -> None:
 def propagate_viability_from_unviable_node(
         unviable_node: AttackGraphNode,
-    ) -> list[AttackGraphNode]:
+    ) -> set[AttackGraphNode]:
     """
     Update viability of nodes affected by newly enabled defense
     `unviable_node` in the graph and return any attack steps
@@ -207,12 +207,12 @@ def propagate_viability_from_unviable_node(
     unviable_node               - the node to propagate viability from
     Returns:
-    attack_steps_made_unviable  - list of the attack steps that have been
+    attack_steps_made_unviable  - set of the attack steps that have been
                                   made unviable by a defense enabled in the
                                   current step. Builds up recursively.
     """
-    attack_steps_made_unviable = []
+    attack_steps_made_unviable = set()
     logger.debug(
         'Update viability for node "%s"(%d)',
@@ -226,7 +226,7 @@ def propagate_viability_from_unviable_node(
     )
     if unviable_node.type in ('and', 'or'):
-        attack_steps_made_unviable.append(unviable_node)
+        attack_steps_made_unviable.add(unviable_node)
     for child in unviable_node.children:
         original_value = child.is_viable
@@ -238,7 +238,7 @@ def propagate_viability_from_unviable_node(
             child.is_viable = False
         if child.is_viable != original_value:
-            attack_steps_made_unviable += \
+            attack_steps_made_unviable |= \
                 propagate_viability_from_unviable_node(child)
     return attack_steps_made_unviable

{mal_toolbox-0.3.6 → mal_toolbox-0.3.7}/maltoolbox/attackgraph/query.py RENAMED Viewed

@@ -5,8 +5,9 @@ This submodule contains functions that analyze the information present in the
 attack graph, but do not alter the structure or nodes in any way.
 """
 from __future__ import annotations
+from collections.abc import Iterable
 import logging
-from typing import TYPE_CHECKING
+from typing import TYPE_CHECKING, Optional
 from .attackgraph import AttackGraph, Attacker
@@ -113,25 +114,37 @@ def is_node_traversable_by_attacker(
             )
             return False
-def get_attack_surface(
-        attacker: Attacker
-    ) -> list[AttackGraphNode]:
+def calculate_attack_surface(
+        attacker: Attacker,
+        *,
+        from_nodes: Optional[Iterable[AttackGraphNode]] = None,
+        skip_compromised: bool = False,
+) -> set[AttackGraphNode]:
     """
-    Get the current attack surface of an attacker. This includes all of the
-    viable children nodes of already reached attack steps that are of 'or'
-    type and the 'and' type children nodes which have all of their necessary
-    parents in the attack steps reached.
+    Calculate the attack surface of the attacker. If from_nodes are provided
+    only calculate the attack surface stemming from those nodes, otherwise use
+    all nodes the attacker has compromised. If skip_compromised is true,
+    exclude already compromised nodes from the returned attack surface.
+    The attack surface includes all of the viable children nodes that are of
+    'or' type and the 'and' type children nodes which have all of their
+    necessary parents compromised by the attacker.
     Arguments:
-    attacker    - the Attacker whose attack surface is sought
+    attacker          - the Attacker whose attack surface is sought
+    from_nodes        - the nodes to calculate the attack surface from; defaults
+                        to the attackers compromised nodes list if omitted
+    skip_compromised  - if true do not add already compromised nodes to the
+                        attack surface
     """
     logger.debug(
         'Get the attack surface for Attacker "%s"(%d).',
         attacker.name,
         attacker.id
     )
-    attack_surface = []
-    for attack_step in attacker.reached_attack_steps:
+    attack_surface = set()
+    for attack_step in from_nodes or attacker.reached_attack_steps:
         logger.debug(
             'Determine attack surface stemming from '
             '"%s"(%d) for Attacker "%s"(%d).',
@@ -141,44 +154,10 @@ def get_attack_surface(
             attacker.id
         )
         for child in attack_step.children:
+            if skip_compromised and child.is_compromised_by(attacker):
+                continue
             if is_node_traversable_by_attacker(child, attacker) and \
                     child not in attack_surface:
-                attack_surface.append(child)
-    return attack_surface
-def update_attack_surface_add_nodes(
-        attacker: Attacker,
-        current_attack_surface: list[AttackGraphNode],
-        nodes: list[AttackGraphNode]
-    ) -> list[AttackGraphNode]:
-    """
-    Update the attack surface of an attacker with the new attack step nodes
-    provided to see if any of their children can be added.
-    Arguments:
-    attacker                - the Attacker whose attack surface is sought
-    current_attack_surface  - the current attack surface that we wish to
-                              expand
-    nodes                   - the newly compromised attack step nodes that we
-                              wish to see if any of their children should be
-                              added to the attack surface
-    """
-    logger.debug('Update the attack surface for Attacker "%s"(%d).',
-        attacker.name,
-        attacker.id)
-    attack_surface = current_attack_surface
-    for attack_step in nodes:
-        logger.debug(
-            'Determine attack surface stemming from "%s"(%d) '
-            'for Attacker "%s"(%d).',
-            attack_step.full_name,
-            attack_step.id,
-            attacker.name,
-            attacker.id
-        )
-        for child in attack_step.children:
-            is_traversable = is_node_traversable_by_attacker(child, attacker)
-            if is_traversable and child not in attack_surface:
                 logger.debug(
                     'Add node "%s"(%d) to the attack surface of '
                     'Attacker "%s"(%d).',
@@ -187,10 +166,11 @@ def update_attack_surface_add_nodes(
                     attacker.name,
                     attacker.id
                 )
-                attack_surface.append(child)
+                attack_surface.add(child)
     return attack_surface
-def get_defense_surface(graph: AttackGraph) -> list[AttackGraphNode]:
+def get_defense_surface(graph: AttackGraph) -> set[AttackGraphNode]:
     """
     Get the defense surface. All non-suppressed defense steps that are not
     already fully enabled.
@@ -199,8 +179,8 @@ def get_defense_surface(graph: AttackGraph) -> list[AttackGraphNode]:
     graph       - the attack graph
     """
     logger.debug('Get the defense surface.')
-    return [node for node in graph.nodes.values()
-        if node.is_available_defense()]
+    return {node for node in graph.nodes.values()
+        if node.is_available_defense()}
 def get_enabled_defenses(graph: AttackGraph) -> list[AttackGraphNode]:
     """

{mal_toolbox-0.3.6 → mal_toolbox-0.3.7}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "mal-toolbox"
-version = "0.3.6"
+version = "0.3.7"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },