{
"cells": [
{
"cell_type": "code",
"execution_count": 64,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": [
"from pymongo import MongoClient\n",
"import pandas as pd\n",
"import json\n",
"from bson.json_util import dumps\n",
"from pandas.io.json import json_normalize"
]
},
{
"cell_type": "code",
"execution_count": 92,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": [
"client = MongoClient('mongodb://test:test@ds129796.mlab.com:29796/android-vulnerabilities')\n",
"db = client['android-vulnerabilities']\n",
"# LLAMADO A LA COLECCION JoinedVulnerabilitiesDateFormat\n",
"vulnerabilities = db['JoinedVulnerabilitiesDateFormat']"
]
},
{
"cell_type": "code",
"execution_count": 93,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": [
"def getRootAndSeverity():\n",
" return vulnerabilities.aggregate(\n",
" [\n",
" { \"$match\" : {\"Root Parent\":{\"$ne\":\"Unclear\"} }},\n",
" { \"$project\" : \n",
" { \n",
" \"_id\" : 0,\n",
" \"Root Parent\" : 1,\n",
" \"Severity\" : \"$webScrapingInformation.cvssScoreNVD2.severity\"\n",
" }\n",
" },\n",
" {\"$sort\":{\"_id.layer\":1}}\n",
" ]\n",
" )"
]
},
{
"cell_type": "code",
"execution_count": 102,
"metadata": {},
"outputs": [],
"source": [
"MongoResponse = getRootAndSeverity()\n",
"dataFrame = pd.DataFrame([])\n",
"dataFromMongoResponse = json.loads(dumps(MongoResponse))\n",
"dataFrameTemp = json_normalize(dataFromMongoResponse)\n",
"dataFrame = dataFrame.append(pd.DataFrame(dataFrameTemp))\n",
"dfResult = dataFrame.reset_index()"
]
},
{
"cell_type": "code",
"execution_count": 103,
"metadata": {},
"outputs": [],
"source": [
"dfResult = dfResult.groupby([\"Root Parent\", \"Severity\"]).count().unstack('Severity')\n",
"dfResult = dfResult.fillna(0)"
]
},
{
"cell_type": "code",
"execution_count": 104,
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"
\n",
"\n",
"
\n",
" \n",
" \n",
" Severity | \n",
" HIGH | \n",
" LOW | \n",
" MEDIUM | \n",
"
\n",
" \n",
" Root Parent | \n",
" | \n",
" | \n",
" | \n",
"
\n",
" \n",
" \n",
" \n",
" Behavioral problems | \n",
" 9.0 | \n",
" 0.0 | \n",
" 8.0 | \n",
"
\n",
" \n",
" Data handling | \n",
" 66.0 | \n",
" 23.0 | \n",
" 45.0 | \n",
"
\n",
" \n",
" Improper Fulfillment of API Contract | \n",
" 3.0 | \n",
" 0.0 | \n",
" 1.0 | \n",
"
\n",
" \n",
" Improper check or handling of exceptional conditions | \n",
" 66.0 | \n",
" 0.0 | \n",
" 28.0 | \n",
"
\n",
" \n",
" Improper input validation | \n",
" 52.0 | \n",
" 0.0 | \n",
" 28.0 | \n",
"
\n",
" \n",
" Indicator of poor quality code | \n",
" 48.0 | \n",
" 7.0 | \n",
" 13.0 | \n",
"
\n",
" \n",
" Initialization and cleanup errors | \n",
" 28.0 | \n",
" 5.0 | \n",
" 20.0 | \n",
"
\n",
" \n",
" Injection flaws | \n",
" 3.0 | \n",
" 0.0 | \n",
" 1.0 | \n",
"
\n",
" \n",
" Permissions, privileges, and access control | \n",
" 182.0 | \n",
" 12.0 | \n",
" 49.0 | \n",
"
\n",
" \n",
" Pointer issues | \n",
" 39.0 | \n",
" 2.0 | \n",
" 16.0 | \n",
"
\n",
" \n",
" Security features | \n",
" 17.0 | \n",
" 1.0 | \n",
" 27.0 | \n",
"
\n",
" \n",
" Time and state | \n",
" 35.0 | \n",
" 6.0 | \n",
" 11.0 | \n",
"
\n",
" \n",
" Weaknesses that affect files or directories | \n",
" 1.0 | \n",
" 0.0 | \n",
" 5.0 | \n",
"
\n",
" \n",
" Weaknesses that affect the memory | \n",
" 142.0 | \n",
" 7.0 | \n",
" 60.0 | \n",
"
\n",
" \n",
"
\n",
"
"
],
"text/plain": [
"Severity HIGH LOW MEDIUM\n",
"Root Parent \n",
"Behavioral problems 9.0 0.0 8.0\n",
"Data handling 66.0 23.0 45.0\n",
"Improper Fulfillment of API Contract 3.0 0.0 1.0\n",
"Improper check or handling of exceptional condi... 66.0 0.0 28.0\n",
"Improper input validation 52.0 0.0 28.0\n",
"Indicator of poor quality code 48.0 7.0 13.0\n",
"Initialization and cleanup errors 28.0 5.0 20.0\n",
"Injection flaws 3.0 0.0 1.0\n",
"Permissions, privileges, and access control 182.0 12.0 49.0\n",
"Pointer issues 39.0 2.0 16.0\n",
"Security features 17.0 1.0 27.0\n",
"Time and state 35.0 6.0 11.0\n",
"Weaknesses that affect files or directories 1.0 0.0 5.0\n",
"Weaknesses that affect the memory 142.0 7.0 60.0"
]
},
"execution_count": 104,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"types = dfResult.index.values.tolist()\n",
"dfResult.columns = dfResult.columns.droplevel()\n",
"dfResult"
]
},
{
"cell_type": "code",
"execution_count": 107,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"['HIGH' 'LOW' 'MEDIUM' 'Root Parent']\n"
]
},
{
"data": {
"text/html": [
"\n",
"\n",
"
\n",
" \n",
" \n",
" Severity | \n",
" Root Parent | \n",
" LOW | \n",
" MEDIUM | \n",
" HIGH | \n",
"
\n",
" \n",
" Root Parent | \n",
" | \n",
" | \n",
" | \n",
" | \n",
"
\n",
" \n",
" \n",
" \n",
" Behavioral problems | \n",
" Behavioral problems | \n",
" 0.0 | \n",
" 8.0 | \n",
" 9.0 | \n",
"
\n",
" \n",
" Data handling | \n",
" Data handling | \n",
" 23.0 | \n",
" 45.0 | \n",
" 66.0 | \n",
"
\n",
" \n",
" Improper Fulfillment of API Contract | \n",
" Improper Fulfillment of API Contract | \n",
" 0.0 | \n",
" 1.0 | \n",
" 3.0 | \n",
"
\n",
" \n",
" Improper check or handling of exceptional conditions | \n",
" Improper check or handling of exceptional cond... | \n",
" 0.0 | \n",
" 28.0 | \n",
" 66.0 | \n",
"
\n",
" \n",
" Improper input validation | \n",
" Improper input validation | \n",
" 0.0 | \n",
" 28.0 | \n",
" 52.0 | \n",
"
\n",
" \n",
" Indicator of poor quality code | \n",
" Indicator of poor quality code | \n",
" 7.0 | \n",
" 13.0 | \n",
" 48.0 | \n",
"
\n",
" \n",
" Initialization and cleanup errors | \n",
" Initialization and cleanup errors | \n",
" 5.0 | \n",
" 20.0 | \n",
" 28.0 | \n",
"
\n",
" \n",
" Injection flaws | \n",
" Injection flaws | \n",
" 0.0 | \n",
" 1.0 | \n",
" 3.0 | \n",
"
\n",
" \n",
" Permissions, privileges, and access control | \n",
" Permissions, privileges, and access control | \n",
" 12.0 | \n",
" 49.0 | \n",
" 182.0 | \n",
"
\n",
" \n",
" Pointer issues | \n",
" Pointer issues | \n",
" 2.0 | \n",
" 16.0 | \n",
" 39.0 | \n",
"
\n",
" \n",
" Security features | \n",
" Security features | \n",
" 1.0 | \n",
" 27.0 | \n",
" 17.0 | \n",
"
\n",
" \n",
" Time and state | \n",
" Time and state | \n",
" 6.0 | \n",
" 11.0 | \n",
" 35.0 | \n",
"
\n",
" \n",
" Weaknesses that affect files or directories | \n",
" Weaknesses that affect files or directories | \n",
" 0.0 | \n",
" 5.0 | \n",
" 1.0 | \n",
"
\n",
" \n",
" Weaknesses that affect the memory | \n",
" Weaknesses that affect the memory | \n",
" 7.0 | \n",
" 60.0 | \n",
" 142.0 | \n",
"
\n",
" \n",
"
\n",
"
"
],
"text/plain": [
"Severity Root Parent \\\n",
"Root Parent \n",
"Behavioral problems Behavioral problems \n",
"Data handling Data handling \n",
"Improper Fulfillment of API Contract Improper Fulfillment of API Contract \n",
"Improper check or handling of exceptional condi... Improper check or handling of exceptional cond... \n",
"Improper input validation Improper input validation \n",
"Indicator of poor quality code Indicator of poor quality code \n",
"Initialization and cleanup errors Initialization and cleanup errors \n",
"Injection flaws Injection flaws \n",
"Permissions, privileges, and access control Permissions, privileges, and access control \n",
"Pointer issues Pointer issues \n",
"Security features Security features \n",
"Time and state Time and state \n",
"Weaknesses that affect files or directories Weaknesses that affect files or directories \n",
"Weaknesses that affect the memory Weaknesses that affect the memory \n",
"\n",
"Severity LOW MEDIUM HIGH \n",
"Root Parent \n",
"Behavioral problems 0.0 8.0 9.0 \n",
"Data handling 23.0 45.0 66.0 \n",
"Improper Fulfillment of API Contract 0.0 1.0 3.0 \n",
"Improper check or handling of exceptional condi... 0.0 28.0 66.0 \n",
"Improper input validation 0.0 28.0 52.0 \n",
"Indicator of poor quality code 7.0 13.0 48.0 \n",
"Initialization and cleanup errors 5.0 20.0 28.0 \n",
"Injection flaws 0.0 1.0 3.0 \n",
"Permissions, privileges, and access control 12.0 49.0 182.0 \n",
"Pointer issues 2.0 16.0 39.0 \n",
"Security features 1.0 27.0 17.0 \n",
"Time and state 6.0 11.0 35.0 \n",
"Weaknesses that affect files or directories 0.0 5.0 1.0 \n",
"Weaknesses that affect the memory 7.0 60.0 142.0 "
]
},
"execution_count": 107,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"#dfResult = dfResult.xs('one', level='second', axis=1)\n",
"dfResult[\"Root Parent\"] = types\n",
"reindexiado = dfResult.reindex(columns=[\"Root Parent\", \"LOW\", \"MEDIUM\", \"HIGH\"])\n",
"reindexiado"
]
},
{
"cell_type": "code",
"execution_count": 110,
"metadata": {},
"outputs": [],
"source": [
"reindexiado.to_csv(path_or_buf=\"vtbacmaEMSE.csv\", index=False)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.6.3"
}
},
"nbformat": 4,
"nbformat_minor": 2
}