Update dummy module (#96)

opencybersecurityalliance · Jan 22, 2019 · 7d7eea8 · 7d7eea8
1 parent 48ac5f5
commit 7d7eea8
Show file tree

Hide file tree

Showing 26 changed files with 496 additions and 647 deletions.
diff --git a/...n/src/modules/dummy/dummy_data_mapping.py → ...slation/src/modules/dummy/data_mapping.py b/...n/src/modules/dummy/dummy_data_mapping.py → ...slation/src/modules/dummy/data_mapping.py
@@ -17,7 +17,7 @@ def _fetch_mapping():
         return {}
 
 
-class DummyDataMapper:
+class DataMapper:
 
     def __init__(self, options):
         mapping_json = options['mapping'] if 'mapping' in options else {}

diff --git a/stix_shifter/stix_translation/src/modules/dummy/dummy_translator.py b/stix_shifter/stix_translation/src/modules/dummy/dummy_translator.py
@@ -1,5 +1,5 @@
 from ..base.base_translator import BaseTranslator
-from .stix_to_dummy_query import StixToDummyQuery
+from .stix_to_query import StixToQuery
 from ...json_to_stix.json_to_stix import JSONToStix
 from os import path
 
@@ -12,4 +12,4 @@ def __init__(self):
             path.join(basepath, "json", "to_stix_map.json"))
         self.mapping_filepath = filepath
         self.result_translator = JSONToStix(filepath)
-        self.query_translator = StixToDummyQuery()
+        self.query_translator = StixToQuery()
diff --git a/stix_shifter/stix_translation/src/modules/dummy/json/from_stix_map.json b/stix_shifter/stix_translation/src/modules/dummy/json/from_stix_map.json
@@ -1,51 +1,53 @@
 {
   "ipv4-addr": {
     "fields": {
-      "value": ["dummySourceIpField", "dummyDestinationIpField"]
+      "value": ["SourceIpV4", "DestinationIpV4"]
     }
   },
   "ipv6-addr": {
     "fields": {
-      "value": ["dummyIpField"]
+      "value": ["SourceIpV6", "DestinationIpV6"]
     }
   },
   "url": {
     "fields": {
-      "value": ["dummyUrlField"]
+      "value": ["Url"]
     }
   },
   "mac-addr": {
     "fields": {
-      "value": ["dummySourceMacField", "dummyDestinationMacField"]
+      "value": ["SourceMac", "DestinationMac"]
     }
   },
   "file": {
     "fields": {
-      "name": ["dummyFileNameField"]
+      "name": ["FileName"]
     }
   },
   "network-traffic": {
     "fields": {
-      "src_port": ["dummySourcePortField"],
-      "dst_port": ["dummyDestinationPortField"],
-      "start": ["dummyStartTimeField"],
-      "end": ["dummyEndTimeField"],
-      "protocols[*]": ["dummyNetworkProtocolField"]
+      "src_port": ["SourcePort"],
+      "dst_port": ["DestinationPort"],
+      "start": ["StartTime"],
+      "end": ["EndTime"],
+      "protocols[*]": ["NetworkProtocol"],
+      "src_ref.value": ["SourceIpV4", "SourceIpV6"],
+      "dst_ref.value": ["DestinationIpV4", "DestinationIpV6"]
     }
   },
   "user-account": {
     "fields": {
-      "user_id": ["dummyUserNameField"]
+      "user_id": ["UserName"]
     }
   },
   "artifact": {
     "fields": {
-      "payload_bin": ["dummyPayloadField"]
+      "payload_bin": ["Payload"]
     }
   },
   "domain-name": {
     "fields": {
-      "value": ["dummyDomainNameField"]
+      "value": ["DomainName"]
     }
   }
 }
diff --git a/stix_shifter/stix_translation/src/modules/dummy/json/to_stix_map.json b/stix_shifter/stix_translation/src/modules/dummy/json/to_stix_map.json
@@ -1,20 +1,49 @@
 {
-  "dummyUserNameField": {
+  "UserName": {
     "key": "user-account.user_id"
   },
-  "dummyLogSourceIdField": {
-    "key": "x_dummy_custom_property.log_source_id",
+  "LogSourceId": {
+    "key": "x__custom_property.log_source_id",
     "cybox": false
   },
-  "dummyMagnitudeField": {
-    "key": "x_dummy_custom_property.magnitude",
+  "Magnitude": {
+    "key": "x__custom_property.magnitude",
     "cybox": false
   },
-  "dummyDestinationIpField": [
+  "SourceIpV4": [
+    {
+      "key": "ipv4-addr.value",
+      "object": "src_ip"
+    },
+    {
+      "key": "network-traffic.src_ref",
+      "object": "nt",
+      "references": "src_ip"
+    }
+  ],
+  "DestinationIpV4": [
     {
       "key": "ipv4-addr.value",
       "object": "dst_ip"
     },
+    {
+      "key": "network-traffic.dst_ref",
+      "object": "nt",
+      "references": "dst_ip"
+    }
+  ],
+  "SourceIpV6": [
+    {
+      "key": "ipv6-addr.value",
+      "object": "src_ip"
+    },
+    {
+      "key": "network-traffic.src_ref",
+      "object": "nt",
+      "references": "src_ip"
+    }
+  ],
+  "DestinationIpV6": [
     {
       "key": "ipv6-addr.value",
       "object": "dst_ip"
@@ -25,12 +54,12 @@
       "references": "dst_ip"
     }
   ],
-  "dummyEventCountField": {
+  "EventCount": {
     "key": "number_observed",
     "cybox": false,
     "transformer": "ToInteger"
   },
-  "dummyStartTimeField": [
+  "StartTime": [
     {
       "key": "created",
       "transformer": "EpochToTimestamp",
@@ -52,46 +81,45 @@
       "cybox": false
     }
   ],
-  "dummySourceIpField": [
-    {
-      "key": "ipv4-addr.value",
-      "object": "src_ip"
-    },
-    {
-      "key": "ipv6-addr.value",
-      "object": "src_ip"
-    },
-    {
-      "key": "network-traffic.src_ref",
-      "object": "nt",
-      "references": "src_ip"
-    }
-  ],
-  "dummyUrlField": {
+  "Url": {
     "key": "url.value"
   },
-  "dummyFileNameField": {
+  "FileName": {
     "key": "file.name"
   },
-  "dummyPayloadField": {
+  "Payload": {
     "key": "artifact.payload_bin"
   },
-  "dummyDestinationPortField": {
+  "DestinationPort": {
     "key": "network-traffic.dst_port",
     "object": "nt",
     "transformer": "ToInteger"
   },
-  "dummySourcePortField": {
+  "SourcePort": {
     "key": "network-traffic.src_port",
     "object": "nt",
     "transformer": "ToInteger"
   },
-  "dummyNetworkProtocolField": {
+  "NetworkProtocol": {
     "key": "network-traffic.protocols",
     "object": "nt",
     "transformer": "ToLowercaseArray"
   },
-  "dummyDomainNameField": {
+  "DomainName": {
     "key": "domain-name.value"
+  },
+  "Process": {
+    "Path": [
+      {
+        "object": "proc",
+        "key": "process.command_line"
+      }
+    ],
+    "Pid": [
+      {
+        "object": "proc",
+        "key": "process.id"
+      }
+    ]
   }
 }