forked from vz-risk/VCDB
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.Rmd
73 lines (65 loc) · 4.41 KB
/
README.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# The VERIS Community Database
Information sharing is a complex and challenging undertaking. If done correctly, everyone involved benefits from the collective intelligence. If done poorly, it may mislead participants or create a learning opportunity for our adversaries. The Verizon RISK Team supports and participates in a variety of information sharing initiatives and research efforts. We continue to drive the publication of the Verizon Data Breach Investigations Report (DBIR) annually, where we have an unprecedented number of new data-sharing partners, and we are committed to keeping the report publicly available and free to download. We regularly receive inquiries about our dataset, and our ability to share further, but we are limited in what data we can share in raw format due to agreements with our partners and customers.
## The Problem
While there are a handful of efforts to capture security incidents that are publicly disclosed, there is no unrestricted, comprehensive raw dataset available for download on security incidents that is sufficiently rich to support both community research and corporate decision-making. There are organizations that collect—and in some form—disseminate aggregated collections, but they are either not in a format that lends itself to ease of data manipulation and transformation required for research, or the underlying data are not freely and publicly available for use. This gap has long hampered researchers who are studying the problems surrounding security incidents, as well as the risk managers who are starved for reliable data upon which to base their risk calculations.
# Getting Involved
If you want to get involved in this project, we have directions in the wiki for this repo. If you are new to GitHub, it is the book icon to the right of this page section.
```{r echo=F}
library(verisr)
library(ggplot2)
vcdb <- json2veris("data/json")
```
# VCDB Statistics
```{r "yearly", echo=F, warning=F, fig.height=4, fig.width=10}
years <- getenum(vcdb, "timeline.incident.year")
yr <- as.numeric(as.character(years$enum))
years <- years[order(yr), ]
years$enum <- factor(years$enum, years$enum, ordered=T)
gg <- ggplot(years, aes(x=enum, y=x, label=x))
gg <- gg + geom_bar(stat="identity", fill="steelblue")
gg <- gg + geom_text(size=3, vjust=-0.4)
gg <- gg + xlab("Year") + ggtitle("Incidents per year")
gg <- gg + scale_y_continuous(expand=c(0,0), limit=c(0, max(years$x*1.05)))
gg <- gg + theme(panel.grid = element_blank(),
panel.background = element_blank(),
axis.text.y = element_blank(),
axis.title.y = element_blank(),
legend.position = "none",
axis.ticks = element_blank())
print(gg)
```
```{r "a2grid", echo=FALSE, fig.height=6, fig.width=7}
action.asset <- getenumby(vcdb, enum="asset.assets", primary="action")
assetmap <- c("Server", "Network", "User Dev", "Media",
"Person", "Kiosk/Term", "Unknown")
action.asset$enum <- factor(action.asset$enum,
levels=rev(assetmap), ordered=T)
action.asset$primary <- factor(action.asset$primary,
levels=c("malware", "hacking", "social",
"misuse", "physical", "error",
"environmental", "unknown"),
ordered=T)
slim.aa <- action.asset[which(action.asset$x>0), ]
gg <- ggplot(action.asset, aes(x = primary, y = enum, fill = x, label = x))
gg <- gg + geom_tile(fill="white", color="gray80")
gg <- gg + geom_tile(data=slim.aa, color="gray80") + geom_text(data=slim.aa)
gg <- gg + scale_fill_gradient(low = "#D8EEFE", high = "#4682B4")
gg <- gg + scale_x_discrete(expand=c(0,0)) + scale_y_discrete(expand=c(0,0))
gg <- gg + ylab("") + xlab("")
gg <- gg + ggtitle("A2 Grid: Assets and Actions")
gg <- gg + theme_bw()
gg <- gg + theme(axis.text.x = element_text(angle = 90, hjust = 1, vjust=0.5),
axis.text = element_text(size=14),
axis.ticks = element_blank(),
legend.position = "none",
plot.background = element_blank(),
panel.grid.major = element_blank(),
panel.grid.minor = element_blank(),
panel.border = element_rect(colour = "gray30"),
panel.background = element_blank())
print(gg)
```
```{r echo=F}
csv.out <- veris2csv(vcdb)
write.csv(csv.out, "data/csv/vcdb.csv", row.names=F)
```