Nothing
README.md
In net.security: Security Standards Data Sets
Package for Data Driven Security purposes.
This package provides functions for security standards data management. It comes with data frames of 1000 observations for each security standard and updates are possible from official sources to build updated data sets. This process is slow, so the default option is set to download from this repository an updated set of pre-built data frames. New data updates are published every month.
Install
From R console just type:
devtools::install_github(repo = "r-net-tools/net.security")
If you want to test future features, just add branch as parameter:
devtools::install_github(repo = "r-net-tools/net.security", ref = "devel")
Linux - Debian
If you need to upgrade R to latest version, follow this instructions step by step.
Latest versions of R automate the installation of package dependencies. Check the DESCRIPTION file for required packages. Openssl, curl and XML packages will need system libraries that are not installed by default. Perhaps you will need to install:
sudo apt-get install libssl-dev libcurl4-openssl-dev libxml2-dev lzma
Usage
List available datasets. Results are used in other functions.
> net.security::DataSetList()
[1] "cves" "cpes" "cwes" "capec"
Show data set status. Prints information about update status and number of observations of local data sets.
> net.security::DataSetStatus()
[1] "-: CVES dataset:"
[1] " |- Last update for CVES dataset at 2017-03-28"
[1] " |- Data set with 104075 rows and 24 variables."
[1] " |- Online RAW data updated at 2017-03-30"
[1] " |- CVES dataset 2 days outdated."
[1] "-: CPES dataset:"
[1] " |- Last update for CPES dataset at 2017-03-28"
[1] " |- Data set with 117994 rows and 14 variables."
[1] " |- Online RAW data updated at 2017-03-30"
[1] " |- CPES dataset 2 days outdated."
[1] "-: CWES dataset:"
[1] " |- Last update for CWES dataset at 2017-03-28"
[1] " |- Data set with 720 rows and 26 variables."
[1] "-: CAPEC dataset:"
[1] " |- Last update for CAPEC dataset at 2017-06-10"
[1] " |- Data set with 100 rows and 34 variables."
[1] "-:"
>
Update data sets from official sources. Estimated duration: 1h for cves, 15min for cpes. Set use.remote = FALSE to download from offical sources. Default option gets the updated data sets from this repository.
> net.security::DataSetUpdate(use.remote = FALSE)
[1] "Updating local cves data.frame from official sources."
[1] "Unzip, extract, etc..."
[1] "Processing MITRE raw data..."
[1] "Processing NIST 2002 raw data..."
[1] "Processing NIST 2003 raw data..."
[1] "Processing NIST 2004 raw data..."
[1] "Processing NIST 2005 raw data..."
[1] "Processing NIST 2006 raw data..."
[1] "Processing NIST 2007 raw data..."
[1] "Processing NIST 2008 raw data..."
[1] "Processing NIST 2009 raw data..."
[1] "Processing NIST 2010 raw data..."
[1] "Processing NIST 2011 raw data..."
[1] "Processing NIST 2012 raw data..."
[1] "Processing NIST 2013 raw data..."
[1] "Processing NIST 2014 raw data..."
[1] "Processing NIST 2015 raw data..."
[1] "Processing NIST 2016 raw data..."
[1] "Processing NIST 2017 raw data..."
[1] "Indexing data..."
[1] "Tidy data..."
[1] "CVES data frame building process finished."
[1] "Updating local cpes data.frame from official sources."
[1] "Downloading raw data..."
[1] "Extracting data..."
[1] "Indexing data..."
[1] "CPES data frame building process finished."
[1] "Updating local cwes data.frame from official sources."
[1] "Downloading raw data..."
[1] "Unzip, extract, etc..."
[1] "Processing MITRE raw data..."
[1] "CWES data frame building process finished."
[1] "Updating local capec data.frame from official sources."
[1] "CAPEC data frame building process finished."
[1] "Updated CVEs data.frame has 105521 new observations."
[1] "Updated CPEs data.frame has 119072 new observations."
[1] "Updated CWEs data.frame has 620 new observations."
[1] "Updated CAPECs data.frame has 442 new observations."
[1] "Compressing and saving data sets to local file..."
[1] "2017-06-07"
>
Get data sets as data frames. Check data sets documentation for details of data frames.
> cves <- net.security::GetDataFrame("cves")
> class(cves)
[1] "data.frame"
>
Security Standards
CVE: Common Vulnerability Enumeration
Quick Reference: http://cve.mitre.org/about/faqs.html
Raw Data:
- MITRE: http://cve.mitre.org/data/downloads/index.html#download
- NIST: https://nvd.nist.gov/download.cfm
Standard:
- NIST Special Publication 800-51. Use of the Common. Vulnerabilities and Exposures. (CVE) Vulnerability Naming.
- NIST SP 800-51 Revision 1, Guide to Using Vulnerability Naming Schemes
- NIST: Vulnerability Data Model -DRAFT-
- NIST XML schema (xsd file)
CPE: Common Platform Enumeration
Quick Reference: https://nvd.nist.gov/cpe.cfm
Raw Data:
- NIST: http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz
Standard:
- NISTIR 7695, Common Platform Enumeration: Naming Specification Version 2.3
CWE: Common Weakness Enumeration
Quick Reference: https://cwe.mitre.org/about/faq.html
Raw Data:
- MITRE: https://cwe.mitre.org/data/xml/cwec_v2.10.xml.zip
Standard:
- CWE XML Schema documentation
- CWE XSD File
- All CWE Standard content. PDF File
CAPEC: Common Attack Pattern Enumeration and Classification
Quick Reference: https://capec.mitre.org/about/index.html
Raw Data:
- MITRE: https://capec.mitre.org/data/
Standard: https://capec.mitre.org/documents/schema/index.html
Try the net.security package in your browser
Any scripts or data that you put into this service are public.
net.security documentation built on June 25, 2017, 5:03 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Package for Data Driven Security purposes.
This package provides functions for security standards data management. It comes with data frames of 1000 observations for each security standard and updates are possible from official sources to build updated data sets. This process is slow, so the default option is set to download from this repository an updated set of pre-built data frames. New data updates are published every month.
Install
From R console just type:
devtools::install_github(repo = "r-net-tools/net.security")
If you want to test future features, just add branch as parameter:
devtools::install_github(repo = "r-net-tools/net.security", ref = "devel")
Linux - Debian
If you need to upgrade R to latest version, follow this instructions step by step.
Latest versions of R automate the installation of package dependencies. Check the DESCRIPTION file for required packages. Openssl, curl and XML packages will need system libraries that are not installed by default. Perhaps you will need to install:
sudo apt-get install libssl-dev libcurl4-openssl-dev libxml2-dev lzma
Usage
List available datasets. Results are used in other functions.
> net.security::DataSetList()
[1] "cves" "cpes" "cwes" "capec"
Show data set status. Prints information about update status and number of observations of local data sets.
> net.security::DataSetStatus()
[1] "-: CVES dataset:"
[1] " |- Last update for CVES dataset at 2017-03-28"
[1] " |- Data set with 104075 rows and 24 variables."
[1] " |- Online RAW data updated at 2017-03-30"
[1] " |- CVES dataset 2 days outdated."
[1] "-: CPES dataset:"
[1] " |- Last update for CPES dataset at 2017-03-28"
[1] " |- Data set with 117994 rows and 14 variables."
[1] " |- Online RAW data updated at 2017-03-30"
[1] " |- CPES dataset 2 days outdated."
[1] "-: CWES dataset:"
[1] " |- Last update for CWES dataset at 2017-03-28"
[1] " |- Data set with 720 rows and 26 variables."
[1] "-: CAPEC dataset:"
[1] " |- Last update for CAPEC dataset at 2017-06-10"
[1] " |- Data set with 100 rows and 34 variables."
[1] "-:"
>
Update data sets from official sources. Estimated duration: 1h for cves, 15min for cpes. Set use.remote = FALSE to download from offical sources. Default option gets the updated data sets from this repository.
> net.security::DataSetUpdate(use.remote = FALSE)
[1] "Updating local cves data.frame from official sources."
[1] "Unzip, extract, etc..."
[1] "Processing MITRE raw data..."
[1] "Processing NIST 2002 raw data..."
[1] "Processing NIST 2003 raw data..."
[1] "Processing NIST 2004 raw data..."
[1] "Processing NIST 2005 raw data..."
[1] "Processing NIST 2006 raw data..."
[1] "Processing NIST 2007 raw data..."
[1] "Processing NIST 2008 raw data..."
[1] "Processing NIST 2009 raw data..."
[1] "Processing NIST 2010 raw data..."
[1] "Processing NIST 2011 raw data..."
[1] "Processing NIST 2012 raw data..."
[1] "Processing NIST 2013 raw data..."
[1] "Processing NIST 2014 raw data..."
[1] "Processing NIST 2015 raw data..."
[1] "Processing NIST 2016 raw data..."
[1] "Processing NIST 2017 raw data..."
[1] "Indexing data..."
[1] "Tidy data..."
[1] "CVES data frame building process finished."
[1] "Updating local cpes data.frame from official sources."
[1] "Downloading raw data..."
[1] "Extracting data..."
[1] "Indexing data..."
[1] "CPES data frame building process finished."
[1] "Updating local cwes data.frame from official sources."
[1] "Downloading raw data..."
[1] "Unzip, extract, etc..."
[1] "Processing MITRE raw data..."
[1] "CWES data frame building process finished."
[1] "Updating local capec data.frame from official sources."
[1] "CAPEC data frame building process finished."
[1] "Updated CVEs data.frame has 105521 new observations."
[1] "Updated CPEs data.frame has 119072 new observations."
[1] "Updated CWEs data.frame has 620 new observations."
[1] "Updated CAPECs data.frame has 442 new observations."
[1] "Compressing and saving data sets to local file..."
[1] "2017-06-07"
>
Get data sets as data frames. Check data sets documentation for details of data frames.
> cves <- net.security::GetDataFrame("cves")
> class(cves)
[1] "data.frame"
>
Security Standards
CVE: Common Vulnerability Enumeration
Quick Reference: http://cve.mitre.org/about/faqs.html Raw Data: - MITRE: http://cve.mitre.org/data/downloads/index.html#download - NIST: https://nvd.nist.gov/download.cfm
Standard: - NIST Special Publication 800-51. Use of the Common. Vulnerabilities and Exposures. (CVE) Vulnerability Naming. - NIST SP 800-51 Revision 1, Guide to Using Vulnerability Naming Schemes - NIST: Vulnerability Data Model -DRAFT- - NIST XML schema (xsd file)
CPE: Common Platform Enumeration
Quick Reference: https://nvd.nist.gov/cpe.cfm Raw Data: - NIST: http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz
Standard: - NISTIR 7695, Common Platform Enumeration: Naming Specification Version 2.3
CWE: Common Weakness Enumeration
Quick Reference: https://cwe.mitre.org/about/faq.html Raw Data: - MITRE: https://cwe.mitre.org/data/xml/cwec_v2.10.xml.zip
Standard: - CWE XML Schema documentation - CWE XSD File - All CWE Standard content. PDF File
CAPEC: Common Attack Pattern Enumeration and Classification
Quick Reference: https://capec.mitre.org/about/index.html Raw Data: - MITRE: https://capec.mitre.org/data/
Standard: https://capec.mitre.org/documents/schema/index.html
Try the net.security package in your browser
Any scripts or data that you put into this service are public.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.