Merge pull request #22 from jakewarren/issue-21

extract matrix type from x_mitre_domains

scripts/build-index.js

@@ -64,24 +64,29 @@ function extractAttackObject(stixObject) {
         if (reference.source_name in mitreSources) {
             attackObject.id = reference.external_id;
             attackObject.url = reference.url;
-            switch (reference.source_name) {
-                case "mitre-attack":
-                    attackObject.source_name = "Enterprise";
-                    break;
-                case "mitre-ics-attack":
-                    attackObject.source_name = "ICS";
-                    break;
-                case "mitre-mobile-attack":
-                    attackObject.source_name = "Mobile";
-                    break;
-                default:
-                    process.stderr.write(`warning: could not determine the matrix for object:${attackObject.id}\n`);
-                    break;
-            }
             break;
         }
     }
 
+    // extract the ATT&CK matrix from the STIX object
+    for (const mitreDomain of stixObject.x_mitre_domains) {
+        switch (mitreDomain) {
+            case "enterprise-attack":
+                attackObject.is_enterprise = true;
+                break;
+            case "ics-attack":
+                attackObject.is_ics = true;
+                break;
+            case "mobile-attack":
+                attackObject.is_mobile = true;
+                break;
+            default:
+                process.stderr.write(`warning: could not determine the matrix for object:${attackObject.id}\n`);
+                break;
+        }
+    }
+
+
     if (!("id" in attackObject)) {
         console.log(stixObject);
         throw new Exception("Could not extract reference from STIX object.");

src/SearchResults.svelte

@@ -31,6 +31,9 @@
                     description: { text: item.description, matches: [] },
                     url: item.url,
                     isBookmarked: item.id in $bookmarksSetStore,
+                    is_enterprise: item.is_enterprise,
+                    is_ics: item.is_ics,
+                    is_mobile: item.is_mobile,
                 };
                 for (const match of matches) {
                     const { key, indices } = match;
@@ -104,7 +107,15 @@
                     matches={result.name.matches}
                 />
             </span>
-            <span class="badge bg-secondary">{result.source_name}</span>
+            {#if result.is_enterprise}
+                <span class="badge bg-secondary">Enterprise</span>
+            {/if}
+            {#if result.is_mobile}
+                <span class="badge bg-secondary">Mobile</span>
+            {/if}
+            {#if result.is_ics}
+                <span class="badge bg-secondary">ICS</span>
+            {/if}
             <span class="badge bg-primary">{result.type}</span>
             {#if result.deprecated}
                 <span class="badge bg-secondary">deprecated</span>

src/search.js

@@ -53,12 +53,13 @@ export function search(query, filters) {
     for (const result of unfilteredResults) {
         const type = result.item.type;
         const deprecated = result.item.deprecated;
-        const source = result.item.source_name;
-        if (filters[type] === true && (!deprecated || filters.deprecated === true) && filters[source] === true) {
-            if (resultCount < maxResults) {
-                filteredResults.push(result);
+        if (filters[type] === true && (!deprecated || filters.deprecated === true)) {
+            if (filters["ICS"] == result.item.is_ics || filters["Mobile"] == result.item.is_mobile || filters["Enterprise"] == result.item.is_enterprise) {
+                if (resultCount < maxResults) {
+                    filteredResults.push(result);
+                }
+                resultCount++;
             }
-            resultCount++;
         }
     }