https://github.com/facebookresearch/privacy_adversarial_framework

The Privacy Adversarial Framework (PAF) is a knowledge base of privacy-focused adversarial tactics and techniques. PAF is heavily inspired by MITRE ATT&CK®.
https://github.com/facebookresearch/privacy_adversarial_framework

Last synced: 2 days ago
JSON representation

The Privacy Adversarial Framework (PAF) is a knowledge base of privacy-focused adversarial tactics and techniques. PAF is heavily inspired by MITRE ATT&CK®.

• Host: GitHub
• URL: https://github.com/facebookresearch/privacy_adversarial_framework
• Owner: facebookresearch
• License: mit
• Created: 2023-07-24T15:00:42.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2023-08-10T18:44:45.000Z (about 1 year ago)
• Last Synced: 2024-11-05T01:34:34.657Z (4 days ago)
• Language: Dockerfile
• Homepage:
• Size: 91.8 KB
• Stars: 54
• Watchers: 6
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

• awesome-privacy-engineering - Privacy Adversarial Framework (PAF) - Developed by Facebook, the Privacy Adversarial Framework (PAF) is a knowledgebase of privacy-focused adversarial tactics and techniques that is heavily inspired by MITRE ATT&CK®. (Awesome Privacy Engineering [](https://awesome.re) / Privacy Threat Modeling)

README

        
# Privacy Adversarial Framework 

The Privacy Adversarial Framework (PAF) is a knowledge base of privacy-focused adversarial tactics and techniques. PAF is heavily inspired by MITRE ATT&CK®.

While traditional cyber security adversaries can have an impact on privacy, another type of adversary - privacy adversaries - are also prolific and problematic. Privacy adversaries include stalkers, doxxers, scrapers, unethical private or political intelligence firms, authoritarian regimes, and more.

PAF is a response to the observation that privacy adversaries are not generally equivalent to those seen in cyber security; they often differ in resources, methods, and intentions.

The main goal of PAF is to accurately model privacy adversaries for the purpose of improving the detection, measurement, mitigation, and emulation of privacy threats.

## What's in this repo?

```paf.csv``` is a standalone CSV capturing the full taxonomy. It may be a bit easier to work with for parsing and processing for bespoke systems.

```paf_navigator.json``` is a STIX file representing the Tactic and Techniques of PAF, compatible with MITRE ATT&CK® Navigator. 

```Dockerfile``` a docker file using Node as a base image. This is used in the quickstart instructions below, but is pinned to a particular version of Navigator, so it is not suitable for direct production use cases. 

## Quickstart - Viewing PAF Taxonomy with Navigator via Docker (not for production use cases)

1. `docker build -t paf_navigator .`

2. `docker run -p 80:80 paf_navigator`

3. Navigate to `http://localhost`, click the **Create New Layer** dropdown, then click the **Privacy Adversarial Framework (PAF)** entry.

## Usage with Navigator

1. Download and follow the instructions at: [https://github.com/mitre-attack/attack-navigator](https://github.com/mitre-attack/attack-navigator) to install Navigator.

2. Place ```paf.json``` in the ```nav-app/src/assets/``` directory within your Navigator installation.  

3. Modify the contents of ```/nav-app/src/assets/config.json``` under "domains" to include an entry for PAF: 

   ``` 

   {  

    "name": "Privacy Adversarial Framework",

    "identifier": "paf",

    "data": ["/nav-app/src/assets/paf.json"]

    }

    ```

 Make sure to replace the `` with the appropriate local path.

 

4. Run Navigator as usual and click on "Create New Layer", there should now be an option for a PAF layer.

## Contributing

See the [CONTRIBUTING](CONTRIBUTING.md) file for how to help out.

## License

The Privacy Adversarial Framework is [MIT](LICENSE) licensed, as found in the LICENSE file.