typedb · SullivanDaly · Jun 28, 2023 · Jun 29, 2023 · Jun 30, 2023 · Jun 30, 2023
@@ -30,6 +30,13 @@ Read the [README](commerce/bookstore/README.md) file for instructions. Check [th
 or the initial [dataset](commerce/bookstore/python/data) for additional information. All logic accessible in the script
 files in the [python](commerce/bookstore/python) directory.
 
+### [Cybersecurity: Cyber Threat Intellingence](cybersecurity/cyber_threat_intelligence)
+
+The Cyber Threat Intelligence example uses Spring Boot to showcase usage of CTI dataset into TypeDB and executing queries on this data.
+In this project, we use TypeDB to represent a queryable database of relevant CTI data about some threat actors and their targets.
+We can query the database either with a REST API or a GraphQL API through the dedicated web interface.
+
+
 ### [Finance: Fraud Detection](finance/fraud_detection)
 
 The Fraud Detection example uses Quarkus, the Supersonic Subatomic Java Framework in order to let us present results with GraphQL.

@@ -0,0 +1,129 @@
+# Fraud Detection TypeDB Example
+
+This project utilizes Spring Boot and GraphQL to access a TypeDB database filled with Cyber Threat Intelligence (CTI) related dataset. 
+The application provides a GraphQL API to interact with the CTI data stored in the TypeDB database.
+
+
+## Introduction
+
+We have a MITRE ATTACK dataset and our application implements some research functions:
+
+- Search entities
+- Search relations
+- Search schema
+
+
+We are demonstrating sub-typing, powerful rules and rule combination in our schema.
+####
+We can also see how easy it is to create complex queries using query composition.
+####
+We are using the DAO design pattern, we have the following components on which our design depends:
+
+- The model which is transferred from one layer to the other.
+- The interfaces which provide a flexible design.
+- The interface implementation which is a concrete implementation of the persistence logic.
+
+The query composition can be observed in all DAOs.
+```java
+String search = "$ta has " + type + " = " + name + ";";
+String getQueryStr = "match " + ATTRIBUTED_TO_MATCH + search + "group $id;";
+```
+
+## Running the application in dev mode
+
+1. Checkout this repository: `git clone https://github.com/vaticle/typedb-driver-examples && cd typedb-driver-examples/cybersecurity/cyber_threat_intelligence`.
+2. Start the [TypeDB Server](http://docs.vaticle.com/docs/running-typedb/install-and-run#start-the-typedb-server). Check that it's listening to address: `0.0.0.0:1729`.
+3. You can run your application in dev mode that enables live coding using (you will need at least Java19):
+```shell script
+mvn clean install
+```
+4. Run the Spring Boot application: 
+```
+mvn spring-boot:run.
+```
+5. The GraphQL API will be available at http://localhost:8080/graphiql.
+6. The REST API will be available at ```{{base_url}}```
+7. You can now use the chosen interface to query the database.
+
+## TypeDB Description
+
+### Schema
+
+The schema is stored in the `schema_CTI.tql` file under [src/main/resources/](src/main/resources/schema_CTI.tql).
+
+#### Entities
+
+The schema has the following entities:
+
+- stix_core_object
+  - stix_sub_object
+    - kill_chain_phase
+  - stix_cyber_observable_object
+    - file
+  - stix_domain_object
+    - identity
+      - class
+      - group
+      - idUnknown
+      - individual
+      - system
+    - indicator
+    - malware
+    - threat_actor
+
+#### Relations
+
+The schema has the following relations:
+- stix_core_relationship
+  - attributed_to
+  - created_by
+  - hashes
+  - impersonates
+  - indicates
+  - kill_chain_phases
+  - sightings
+  - targets
+  - uses
+
+#### Rules
+
+The fraudDetection schema has three rules to demonstrate rules usability.
+
+The first one is here to create a transitive uses relation between three stix_domain_object linked by uses relations.
+
+```
+rule transitive_use:
+    when {
+        $x isa stix_domain_object, has name $name1;
+        $y isa stix_domain_object, has name $name2;
+        $z isa stix_domain_object, has name $name3;
+        $use1 (used_by: $x, used: $y) isa uses;
+        $use2 (used_by: $y, used: $z) isa uses;
+    } then {
+        (used_by: $x, used: $z) isa uses;
+    };
+```
+The second one works to create a uses relation between two stix_domain_object that are linked by an attributed_to relation and a uses relation.
+
+```
+rule attributed_to_when_using:
+    when {
+        (attributing: $x, attributed: $y) isa attributed_to;
+        (used_by: $y, used: $z) isa uses;
+    } then {
+        (used_by: $x, used: $z) isa uses;
+    };
+```
+
+
+The second one works to create a targets relation between two stix_domain_object that are linked by an attributed_to relation and a targets relation.
+```
+rule attributed_to_when_targeting:
+    when {
+        (attributing: $x, attributed: $y) isa attributed_to;
+        (targeting: $y, targeted: $z) isa targets;
+    } then {
+        (targeting: $x, targeted: $z) isa targets;
+    };
+```
+
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>3.0.6</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>com.example</groupId>
+	<artifactId>demo</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<name>demo</name>
+	<description>Demo project for Spring Boot</description>
+	<properties>
+		<java.version>20</java.version>
+	</properties>
+	<repositories>
+		<repository>
+			<id>repo.vaticle.com</id>
+			<url>https://repo.vaticle.com/repository/maven/</url>
+		</repository>
+	</repositories>
+	<dependencies>
+		<dependency>
+			<groupId>com.vaticle.typedb</groupId>
+			<artifactId>typedb-client</artifactId>
+			<version>2.17.1</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+			<version>2.6.3</version>
+		</dependency>
+		<dependency>
+			<groupId>com.fasterxml.jackson.dataformat</groupId>
+			<artifactId>jackson-dataformat-xml</artifactId>
+			<version>2.4.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-context</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>javax.inject</groupId>
+			<artifactId>javax.inject</artifactId>
+			<version>1</version>
+		</dependency>
+		<dependency>
+			<groupId>javax.enterprise</groupId>
+			<artifactId>cdi-api</artifactId>
+			<version>1.2</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<version>2.6.3</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.graphql-java</groupId>
+			<artifactId>graphql-spring-boot-starter</artifactId>
+			<version>3.9.2</version>
+		</dependency>
+		<dependency>
+			<groupId>com.graphql-java</groupId>
+			<artifactId>graphql-java-tools</artifactId>
+			<version>4.3.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-graphql</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.tailrocks.graphql</groupId>
+			<artifactId>graphql-datetime-spring-boot-starter</artifactId>
+			<version>6.0.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.graphql-java</groupId>
+			<artifactId>graphql-java-extended-scalars</artifactId>
+			<version>20.2</version>
+		</dependency>
+        <dependency>
+            <groupId>commons-collections</groupId>
+            <artifactId>commons-collections</artifactId>
+            <version>3.2.2</version>
+            <scope>compile</scope>
+        </dependency>
+    </dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2023 Vaticle
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package com.typedb.examples.cti;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+//@EnableConfigurationProperties(AppConfiguration.class)
+public class Main {
+    public static void main(String[] args) {
+        SpringApplication.run(Main.class, args);
+    }
+}
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2023 Vaticle
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package com.typedb.examples.cti.configuration;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class AppConfiguration {
+
+    @Value("${typedb.host}")
+    String address;
+
+    @Value("${typedb.port}")
+    String port;
+
+    @Value("${typedb.db}")
+    String database;
+
+    @Value("${typedb.schema}")
+    String schema;
+
+    @Value("${typedb.dataset}")
+    String dataset;
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public String getPort() {
+        return port;
+    }
+
+    public void setPort(String port) {
+        this.port = port;
+    }
+
+    public String getDatabase() {
+        return database;
+    }
+
+    public void setDatabase(String database) {
+        this.database = database;
+    }
+
+    public String getSchema() {
+        return schema;
+    }
+
+    public void setSchema(String schema) {
+        this.schema = schema;
+    }
+
+    public String getDataset() {
+        return dataset;
+    }
+
+    public void setDataset(String dataset) {
+        this.dataset = dataset;
+    }
+}