2023-11-15 16:04:16 +00:00
|
|
|
training_config:
|
|
|
|
|
rl_framework: SB3
|
|
|
|
|
rl_algorithm: PPO
|
|
|
|
|
seed: 333
|
2023-11-16 15:11:03 +00:00
|
|
|
n_learn_episodes: 10
|
2023-11-15 16:04:16 +00:00
|
|
|
n_eval_episodes: 5
|
|
|
|
|
max_steps_per_episode: 128
|
|
|
|
|
deterministic_eval: false
|
|
|
|
|
n_agents: 1
|
|
|
|
|
agent_references:
|
|
|
|
|
- defender
|
|
|
|
|
|
2023-11-16 16:14:50 +00:00
|
|
|
io_settings:
|
2024-03-15 12:19:56 +00:00
|
|
|
save_agent_actions: true
|
|
|
|
|
save_step_metadata: true
|
|
|
|
|
save_pcap_logs: true
|
|
|
|
|
save_sys_logs: true
|
|
|
|
|
|
2023-11-16 16:14:50 +00:00
|
|
|
|
2023-11-15 16:04:16 +00:00
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
game:
|
2023-11-15 16:04:16 +00:00
|
|
|
ports:
|
|
|
|
|
- ARP
|
|
|
|
|
- DNS
|
|
|
|
|
- HTTP
|
|
|
|
|
- POSTGRES_SERVER
|
|
|
|
|
protocols:
|
|
|
|
|
- ICMP
|
|
|
|
|
- TCP
|
|
|
|
|
- UDP
|
|
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
agents:
|
2024-01-25 12:04:09 +00:00
|
|
|
- ref: client_2_green_user
|
2023-11-26 23:29:14 +00:00
|
|
|
team: GREEN
|
2024-03-04 09:58:57 +00:00
|
|
|
type: ProbabilisticAgent
|
2023-11-26 23:29:14 +00:00
|
|
|
observation_space:
|
|
|
|
|
type: UC2GreenObservation
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 1
|
|
|
|
|
max_files_per_folder: 1
|
|
|
|
|
max_services_per_node: 1
|
|
|
|
|
max_nics_per_node: 2
|
|
|
|
|
max_acl_rules: 10
|
|
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DUMMY
|
|
|
|
|
|
|
|
|
|
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
|
|
|
|
start_settings:
|
|
|
|
|
start_step: 25
|
|
|
|
|
frequency: 20
|
|
|
|
|
variance: 5
|
|
|
|
|
|
2024-02-08 09:19:18 +00:00
|
|
|
- ref: data_manipulation_attacker
|
2023-11-26 23:29:14 +00:00
|
|
|
team: RED
|
|
|
|
|
type: RedDatabaseCorruptingAgent
|
|
|
|
|
|
|
|
|
|
observation_space:
|
|
|
|
|
type: UC2RedObservation
|
|
|
|
|
options:
|
|
|
|
|
nodes: {}
|
|
|
|
|
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
- type: NODE_APPLICATION_EXECUTE
|
|
|
|
|
- type: NODE_FILE_DELETE
|
|
|
|
|
- type: NODE_FILE_CORRUPT
|
|
|
|
|
- type: NODE_OS_SCAN
|
|
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_1
|
2023-11-26 23:29:14 +00:00
|
|
|
applications:
|
2024-01-31 11:44:56 +00:00
|
|
|
- application_name: DataManipulationBot
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 1
|
|
|
|
|
max_files_per_folder: 1
|
|
|
|
|
max_services_per_node: 1
|
|
|
|
|
|
|
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DUMMY
|
|
|
|
|
|
|
|
|
|
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
|
|
|
|
start_settings:
|
|
|
|
|
start_step: 25
|
|
|
|
|
frequency: 20
|
|
|
|
|
variance: 5
|
|
|
|
|
|
|
|
|
|
- ref: defender
|
|
|
|
|
team: BLUE
|
|
|
|
|
type: ProxyAgent
|
|
|
|
|
|
|
|
|
|
observation_space:
|
|
|
|
|
type: UC2BlueObservation
|
|
|
|
|
options:
|
|
|
|
|
num_services_per_node: 1
|
|
|
|
|
num_folders_per_node: 1
|
|
|
|
|
num_files_per_folder: 1
|
|
|
|
|
num_nics_per_node: 2
|
|
|
|
|
nodes:
|
2023-12-14 14:04:43 +00:00
|
|
|
- node_hostname: domain_controller
|
2023-11-26 23:29:14 +00:00
|
|
|
services:
|
2023-12-14 14:04:43 +00:00
|
|
|
- service_name: domain_controller_dns_server
|
|
|
|
|
- node_hostname: web_server
|
2023-11-26 23:29:14 +00:00
|
|
|
services:
|
2023-12-14 14:04:43 +00:00
|
|
|
- service_name: web_server_database_client
|
|
|
|
|
- node_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
services:
|
2023-12-14 14:04:43 +00:00
|
|
|
- service_name: database_service
|
2023-11-26 23:29:14 +00:00
|
|
|
folders:
|
|
|
|
|
- folder_name: database
|
|
|
|
|
files:
|
|
|
|
|
- file_name: database.db
|
2023-12-14 14:04:43 +00:00
|
|
|
- node_hostname: backup_server
|
2023-11-26 23:29:14 +00:00
|
|
|
# services:
|
2023-12-14 14:04:43 +00:00
|
|
|
# - service_name: backup_service
|
|
|
|
|
- node_hostname: security_suite
|
|
|
|
|
- node_hostname: client_1
|
|
|
|
|
- node_hostname: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
links:
|
|
|
|
|
- link_ref: router_1___switch_1
|
|
|
|
|
- link_ref: router_1___switch_2
|
|
|
|
|
- link_ref: switch_1___domain_controller
|
|
|
|
|
- link_ref: switch_1___web_server
|
|
|
|
|
- link_ref: switch_1___database_server
|
|
|
|
|
- link_ref: switch_1___backup_server
|
|
|
|
|
- link_ref: switch_1___security_suite
|
|
|
|
|
- link_ref: switch_2___client_1
|
|
|
|
|
- link_ref: switch_2___client_2
|
|
|
|
|
- link_ref: switch_2___security_suite
|
|
|
|
|
acl:
|
|
|
|
|
options:
|
|
|
|
|
max_acl_rules: 10
|
2023-12-14 14:04:43 +00:00
|
|
|
router_hostname: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
ip_address_order:
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: domain_controller
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: web_server
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: backup_server
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: security_suite
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: client_1
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 1
|
2023-12-21 09:25:54 +00:00
|
|
|
- node_hostname: security_suite
|
2023-11-26 23:29:14 +00:00
|
|
|
nic_num: 2
|
|
|
|
|
ics: null
|
|
|
|
|
|
|
|
|
|
action_space:
|
|
|
|
|
action_list:
|
|
|
|
|
- type: DONOTHING
|
|
|
|
|
- type: NODE_SERVICE_SCAN
|
|
|
|
|
- type: NODE_SERVICE_STOP
|
|
|
|
|
- type: NODE_SERVICE_START
|
|
|
|
|
- type: NODE_SERVICE_PAUSE
|
|
|
|
|
- type: NODE_SERVICE_RESUME
|
|
|
|
|
- type: NODE_SERVICE_RESTART
|
|
|
|
|
- type: NODE_SERVICE_DISABLE
|
|
|
|
|
- type: NODE_SERVICE_ENABLE
|
2024-03-26 10:51:33 +00:00
|
|
|
- type: NODE_SERVICE_FIX
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: NODE_FILE_SCAN
|
|
|
|
|
- type: NODE_FILE_CHECKHASH
|
|
|
|
|
- type: NODE_FILE_DELETE
|
|
|
|
|
- type: NODE_FILE_REPAIR
|
|
|
|
|
- type: NODE_FILE_RESTORE
|
|
|
|
|
- type: NODE_FOLDER_SCAN
|
|
|
|
|
- type: NODE_FOLDER_CHECKHASH
|
|
|
|
|
- type: NODE_FOLDER_REPAIR
|
|
|
|
|
- type: NODE_FOLDER_RESTORE
|
|
|
|
|
- type: NODE_OS_SCAN
|
|
|
|
|
- type: NODE_SHUTDOWN
|
|
|
|
|
- type: NODE_STARTUP
|
|
|
|
|
- type: NODE_RESET
|
|
|
|
|
- type: NETWORK_ACL_ADDRULE
|
|
|
|
|
options:
|
2023-12-21 09:25:54 +00:00
|
|
|
target_router_hostname: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: NETWORK_ACL_REMOVERULE
|
|
|
|
|
options:
|
2023-12-21 09:25:54 +00:00
|
|
|
target_router_hostname: router_1
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: NETWORK_NIC_ENABLE
|
|
|
|
|
- type: NETWORK_NIC_DISABLE
|
|
|
|
|
|
|
|
|
|
action_map:
|
|
|
|
|
0:
|
|
|
|
|
action: DONOTHING
|
|
|
|
|
options: {}
|
|
|
|
|
# scan webapp service
|
|
|
|
|
1:
|
|
|
|
|
action: NODE_SERVICE_SCAN
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# stop webapp service
|
|
|
|
|
2:
|
|
|
|
|
action: NODE_SERVICE_STOP
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
# start webapp service
|
|
|
|
|
3:
|
|
|
|
|
action: "NODE_SERVICE_START"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
4:
|
|
|
|
|
action: "NODE_SERVICE_PAUSE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
5:
|
|
|
|
|
action: "NODE_SERVICE_RESUME"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
6:
|
|
|
|
|
action: "NODE_SERVICE_RESTART"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
7:
|
|
|
|
|
action: "NODE_SERVICE_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
8:
|
|
|
|
|
action: "NODE_SERVICE_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
service_id: 0
|
|
|
|
|
9: # check database.db file
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_FILE_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
10:
|
|
|
|
|
action: "NODE_FILE_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
11:
|
|
|
|
|
action: "NODE_FILE_DELETE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
12:
|
|
|
|
|
action: "NODE_FILE_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
file_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
13:
|
2024-03-26 10:51:33 +00:00
|
|
|
action: "NODE_SERVICE_FIX"
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
service_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
14:
|
|
|
|
|
action: "NODE_FOLDER_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
15:
|
|
|
|
|
action: "NODE_FOLDER_CHECKHASH"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
16:
|
|
|
|
|
action: "NODE_FOLDER_REPAIR"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
17:
|
|
|
|
|
action: "NODE_FOLDER_RESTORE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_id: 1
|
|
|
|
|
18:
|
|
|
|
|
action: "NODE_OS_SCAN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
19: # shutdown client 1
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NODE_SHUTDOWN"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
20:
|
|
|
|
|
action: "NODE_STARTUP"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
21:
|
|
|
|
|
action: "NODE_RESET"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 1
|
|
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 2
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 1 # ALL
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
24: # block tcp traffic from client 1 to web app
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 3
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
2024-01-31 10:48:40 +00:00
|
|
|
25: # block tcp traffic from client 2 to web app
|
2023-11-26 23:29:14 +00:00
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 4
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 3 # web server
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
|
|
|
|
26:
|
|
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 5
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 7 # client 1
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
|
|
|
|
27:
|
|
|
|
|
action: "NETWORK_ACL_ADDRULE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
position: 6
|
2023-11-26 23:29:14 +00:00
|
|
|
permission: 2
|
2024-01-31 10:48:40 +00:00
|
|
|
source_ip_id: 8 # client 2
|
|
|
|
|
dest_ip_id: 4 # database
|
2023-11-26 23:29:14 +00:00
|
|
|
source_port_id: 1
|
|
|
|
|
dest_port_id: 1
|
|
|
|
|
protocol_id: 3
|
|
|
|
|
28:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 0
|
|
|
|
|
29:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 1
|
|
|
|
|
30:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 2
|
|
|
|
|
31:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 3
|
|
|
|
|
32:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 4
|
|
|
|
|
33:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 5
|
|
|
|
|
34:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 6
|
|
|
|
|
35:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 7
|
|
|
|
|
36:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 8
|
|
|
|
|
37:
|
|
|
|
|
action: "NETWORK_ACL_REMOVERULE"
|
|
|
|
|
options:
|
|
|
|
|
position: 9
|
|
|
|
|
38:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 0
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
39:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 0
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
40:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
41:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 1
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
42:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
43:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 2
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
44:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 3
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
45:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 3
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
46:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
47:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
48:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 1
|
2023-11-26 23:29:14 +00:00
|
|
|
49:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 4
|
|
|
|
|
nic_id: 1
|
2023-11-26 23:29:14 +00:00
|
|
|
50:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
51:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 5
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
52:
|
|
|
|
|
action: "NETWORK_NIC_DISABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 6
|
|
|
|
|
nic_id: 0
|
2023-11-26 23:29:14 +00:00
|
|
|
53:
|
|
|
|
|
action: "NETWORK_NIC_ENABLE"
|
|
|
|
|
options:
|
2024-01-31 10:48:40 +00:00
|
|
|
node_id: 6
|
|
|
|
|
nic_id: 0
|
2023-11-15 16:04:16 +00:00
|
|
|
|
|
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
options:
|
|
|
|
|
nodes:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: domain_controller
|
|
|
|
|
- node_name: web_server
|
|
|
|
|
- node_name: database_server
|
|
|
|
|
- node_name: backup_server
|
|
|
|
|
- node_name: security_suite
|
|
|
|
|
- node_name: client_1
|
|
|
|
|
- node_name: client_2
|
2023-11-26 23:29:14 +00:00
|
|
|
max_folders_per_node: 2
|
|
|
|
|
max_files_per_folder: 2
|
|
|
|
|
max_services_per_node: 2
|
|
|
|
|
max_nics_per_node: 8
|
|
|
|
|
max_acl_rules: 10
|
2024-01-25 13:13:50 +00:00
|
|
|
ip_address_order:
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: domain_controller
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: web_server
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: database_server
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: backup_server
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: security_suite
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_1
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: client_2
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 1
|
2024-01-31 10:48:40 +00:00
|
|
|
- node_name: security_suite
|
2024-01-25 13:13:50 +00:00
|
|
|
nic_num: 2
|
2023-11-15 16:04:16 +00:00
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
reward_function:
|
|
|
|
|
reward_components:
|
|
|
|
|
- type: DATABASE_FILE_INTEGRITY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: database_server
|
2023-11-26 23:29:14 +00:00
|
|
|
folder_name: database
|
|
|
|
|
file_name: database.db
|
2023-11-15 16:04:16 +00:00
|
|
|
|
|
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
- type: WEB_SERVER_404_PENALTY
|
|
|
|
|
weight: 0.5
|
|
|
|
|
options:
|
2023-12-14 14:04:43 +00:00
|
|
|
node_hostname: web_server
|
|
|
|
|
service_name: web_server_web_service
|
2023-11-15 16:04:16 +00:00
|
|
|
|
|
|
|
|
|
2023-11-26 23:29:14 +00:00
|
|
|
agent_settings:
|
|
|
|
|
# ...
|
2023-11-15 16:04:16 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
simulation:
|
|
|
|
|
network:
|
|
|
|
|
nodes:
|
|
|
|
|
|
|
|
|
|
- ref: router_1
|
|
|
|
|
type: router
|
|
|
|
|
hostname: router_1
|
|
|
|
|
num_ports: 5
|
|
|
|
|
ports:
|
|
|
|
|
1:
|
|
|
|
|
ip_address: 192.168.1.1
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
2:
|
2023-11-26 23:29:14 +00:00
|
|
|
ip_address: 192.168.1.1
|
2023-11-15 16:04:16 +00:00
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
acl:
|
|
|
|
|
0:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: POSTGRES_SERVER
|
|
|
|
|
dst_port: POSTGRES_SERVER
|
|
|
|
|
1:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: DNS
|
|
|
|
|
dst_port: DNS
|
|
|
|
|
22:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
src_port: ARP
|
|
|
|
|
dst_port: ARP
|
|
|
|
|
23:
|
|
|
|
|
action: PERMIT
|
|
|
|
|
protocol: ICMP
|
|
|
|
|
|
|
|
|
|
- ref: switch_1
|
|
|
|
|
type: switch
|
|
|
|
|
hostname: switch_1
|
|
|
|
|
num_ports: 8
|
|
|
|
|
|
|
|
|
|
- ref: switch_2
|
|
|
|
|
type: switch
|
|
|
|
|
hostname: switch_2
|
|
|
|
|
num_ports: 8
|
|
|
|
|
|
|
|
|
|
- ref: domain_controller
|
|
|
|
|
type: server
|
|
|
|
|
hostname: domain_controller
|
|
|
|
|
ip_address: 192.168.1.10
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
services:
|
|
|
|
|
- ref: domain_controller_dns_server
|
|
|
|
|
type: DNSServer
|
|
|
|
|
options:
|
|
|
|
|
domain_mapping:
|
|
|
|
|
arcd.com: 192.168.1.12 # web server
|
|
|
|
|
|
|
|
|
|
- ref: web_server
|
|
|
|
|
type: server
|
|
|
|
|
hostname: web_server
|
|
|
|
|
ip_address: 192.168.1.12
|
|
|
|
|
subnet_mask: 255.255.255.0
|
2024-02-26 12:15:53 +00:00
|
|
|
default_gateway: 192.168.1.1
|
2023-11-15 16:04:16 +00:00
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
2024-02-26 12:15:53 +00:00
|
|
|
- ref: web_server_web_service
|
|
|
|
|
type: WebServer
|
|
|
|
|
applications:
|
2023-11-15 16:04:16 +00:00
|
|
|
- ref: web_server_database_client
|
|
|
|
|
type: DatabaseClient
|
|
|
|
|
options:
|
|
|
|
|
db_server_ip: 192.168.1.14
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- ref: database_server
|
|
|
|
|
type: server
|
|
|
|
|
hostname: database_server
|
|
|
|
|
ip_address: 192.168.1.14
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
|
|
|
|
- ref: database_service
|
|
|
|
|
type: DatabaseService
|
|
|
|
|
|
|
|
|
|
- ref: backup_server
|
|
|
|
|
type: server
|
|
|
|
|
hostname: backup_server
|
|
|
|
|
ip_address: 192.168.1.16
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
services:
|
|
|
|
|
- ref: backup_service
|
2024-02-26 12:15:53 +00:00
|
|
|
type: FTPServer
|
2023-11-15 16:04:16 +00:00
|
|
|
|
|
|
|
|
- ref: security_suite
|
|
|
|
|
type: server
|
|
|
|
|
hostname: security_suite
|
|
|
|
|
ip_address: 192.168.1.110
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.1.1
|
|
|
|
|
dns_server: 192.168.1.10
|
2024-02-05 08:44:10 +00:00
|
|
|
network_interfaces:
|
2023-11-15 16:04:16 +00:00
|
|
|
2: # unfortunately this number is currently meaningless, they're just added in order and take up the next available slot
|
|
|
|
|
ip_address: 192.168.10.110
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
|
|
|
|
|
- ref: client_1
|
|
|
|
|
type: computer
|
|
|
|
|
hostname: client_1
|
|
|
|
|
ip_address: 192.168.10.21
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.10.1
|
|
|
|
|
dns_server: 192.168.1.10
|
2023-11-24 11:10:34 +00:00
|
|
|
applications:
|
2023-11-15 16:04:16 +00:00
|
|
|
- ref: data_manipulation_bot
|
|
|
|
|
type: DataManipulationBot
|
2023-11-24 11:10:34 +00:00
|
|
|
options:
|
|
|
|
|
port_scan_p_of_success: 0.1
|
|
|
|
|
data_manipulation_p_of_success: 0.1
|
|
|
|
|
payload: "DELETE"
|
|
|
|
|
server_ip: 192.168.1.14
|
|
|
|
|
services:
|
2023-11-15 16:04:16 +00:00
|
|
|
- ref: client_1_dns_client
|
|
|
|
|
type: DNSClient
|
|
|
|
|
|
|
|
|
|
- ref: client_2
|
|
|
|
|
type: computer
|
|
|
|
|
hostname: client_2
|
|
|
|
|
ip_address: 192.168.10.22
|
|
|
|
|
subnet_mask: 255.255.255.0
|
|
|
|
|
default_gateway: 192.168.10.1
|
|
|
|
|
dns_server: 192.168.1.10
|
|
|
|
|
applications:
|
|
|
|
|
- ref: client_2_web_browser
|
|
|
|
|
type: WebBrowser
|
|
|
|
|
services:
|
|
|
|
|
- ref: client_2_dns_client
|
|
|
|
|
type: DNSClient
|
|
|
|
|
|
|
|
|
|
links:
|
|
|
|
|
- ref: router_1___switch_1
|
|
|
|
|
endpoint_a_ref: router_1
|
|
|
|
|
endpoint_a_port: 1
|
|
|
|
|
endpoint_b_ref: switch_1
|
|
|
|
|
endpoint_b_port: 8
|
|
|
|
|
- ref: router_1___switch_2
|
|
|
|
|
endpoint_a_ref: router_1
|
|
|
|
|
endpoint_a_port: 2
|
|
|
|
|
endpoint_b_ref: switch_2
|
|
|
|
|
endpoint_b_port: 8
|
|
|
|
|
- ref: switch_1___domain_controller
|
|
|
|
|
endpoint_a_ref: switch_1
|
|
|
|
|
endpoint_a_port: 1
|
|
|
|
|
endpoint_b_ref: domain_controller
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_1___web_server
|
|
|
|
|
endpoint_a_ref: switch_1
|
|
|
|
|
endpoint_a_port: 2
|
|
|
|
|
endpoint_b_ref: web_server
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_1___database_server
|
|
|
|
|
endpoint_a_ref: switch_1
|
|
|
|
|
endpoint_a_port: 3
|
|
|
|
|
endpoint_b_ref: database_server
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_1___backup_server
|
|
|
|
|
endpoint_a_ref: switch_1
|
|
|
|
|
endpoint_a_port: 4
|
|
|
|
|
endpoint_b_ref: backup_server
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_1___security_suite
|
|
|
|
|
endpoint_a_ref: switch_1
|
|
|
|
|
endpoint_a_port: 7
|
|
|
|
|
endpoint_b_ref: security_suite
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_2___client_1
|
|
|
|
|
endpoint_a_ref: switch_2
|
|
|
|
|
endpoint_a_port: 1
|
|
|
|
|
endpoint_b_ref: client_1
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_2___client_2
|
|
|
|
|
endpoint_a_ref: switch_2
|
|
|
|
|
endpoint_a_port: 2
|
|
|
|
|
endpoint_b_ref: client_2
|
|
|
|
|
endpoint_b_port: 1
|
|
|
|
|
- ref: switch_2___security_suite
|
|
|
|
|
endpoint_a_ref: switch_2
|
|
|
|
|
endpoint_a_port: 7
|
|
|
|
|
endpoint_b_ref: security_suite
|
|
|
|
|
endpoint_b_port: 2
|
