diff --git a/docs/source/action_masking.rst b/docs/source/action_masking.rst index dad6a484..c6e4ca59 100644 --- a/docs/source/action_masking.rst +++ b/docs/source/action_masking.rst @@ -20,6 +20,11 @@ Masking Logic ============= The following logic is applied: + +..only:: comment + + TODO: update table + +------------------------------------------+---------------------------------------------------------------------+ | Action | Action Mask Logic | +==========================================+=====================================================================+ @@ -119,9 +124,9 @@ The following logic is applied: +------------------------------------------+---------------------------------------------------------------------+ | **CONFIGURE_DATABASE_CLIENT** | Node is on. | +------------------------------------------+---------------------------------------------------------------------+ -| **CONFIGURE_RANSOMWARE_SCRIPT** | Node is on. | +| **c2_server_ransomware_configure** | Node is on. | +------------------------------------------+---------------------------------------------------------------------+ -| **CONFIGURE_DOSBOT** | Node is on. | +| **configure_dos_bot** | Node is on. | +------------------------------------------+---------------------------------------------------------------------+ | **CONFIGURE_C2_BEACON** | Node is on. | +------------------------------------------+---------------------------------------------------------------------+ diff --git a/docs/source/how_to_guides/extensible_agents.rst b/docs/source/how_to_guides/extensible_agents.rst index 169af094..4b6f8598 100644 --- a/docs/source/how_to_guides/extensible_agents.rst +++ b/docs/source/how_to_guides/extensible_agents.rst @@ -47,7 +47,7 @@ The core features that should be implemented in any new agent are detailed below - ref: example_green_agent team: GREEN type: ExampleAgent - observation_space: null + action_space: action_map: 0: diff --git a/src/primaite/config/_package_data/data_manipulation.yaml b/src/primaite/config/_package_data/data_manipulation.yaml index 4869d5d1..2f6e24b3 100644 --- a/src/primaite/config/_package_data/data_manipulation.yaml +++ b/src/primaite/config/_package_data/data_manipulation.yaml @@ -30,22 +30,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -66,22 +66,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: WebBrowser reward_function: reward_components: @@ -102,17 +102,9 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: possible_start_nodes: [client_1, client_2] - starting_application_name: DataManipulationBot + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -198,421 +190,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 diff --git a/src/primaite/config/_package_data/data_manipulation_marl.yaml b/src/primaite/config/_package_data/data_manipulation_marl.yaml index 512afc64..53ff0634 100644 --- a/src/primaite/config/_package_data/data_manipulation_marl.yaml +++ b/src/primaite/config/_package_data/data_manipulation_marl.yaml @@ -26,22 +26,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -62,22 +62,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: WebBrowser reward_function: reward_components: @@ -98,17 +98,10 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY agent_settings: possible_start_nodes: [client_1, client_2] - starting_application_name: DataManipulationBot + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -189,421 +182,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: @@ -704,421 +697,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 diff --git a/src/primaite/config/_package_data/mini_scenario_with_simulation_variation/base_scenario.yaml b/src/primaite/config/_package_data/mini_scenario_with_simulation_variation/base_scenario.yaml index e461eccc..e18de191 100644 --- a/src/primaite/config/_package_data/mini_scenario_with_simulation_variation/base_scenario.yaml +++ b/src/primaite/config/_package_data/mini_scenario_with_simulation_variation/base_scenario.yaml @@ -6,50 +6,48 @@ game: agents: - ref: RL_Agent type: ProxyAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_SHUTDOWN + action: node_shutdown options: - node_id: 0 + node_name: client_1 2: - action: NODE_SHUTDOWN + action: node_shutdown options: - node_id: 1 + node_name: server 3: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: client_1 4: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: server 5: - action: HOST_NIC_DISABLE + action: host_nic_disable options: - node_id: 0 - nic_id: 0 + node_name: client_1 + nic_num: 1 6: - action: HOST_NIC_DISABLE + action: host_nic_disable options: - node_id: 1 - nic_id: 0 + node_name: server + nic_num: 1 7: - action: HOST_NIC_ENABLE + action: host_nic_enable options: - node_id: 0 - nic_id: 0 + node_name: client_1 + nic_num: 1 8: - action: HOST_NIC_ENABLE + action: host_nic_enable options: - node_id: 1 - nic_id: 0 - reward_function: - reward_components: [] + node_name: server + nic_num: 1 simulation: network: diff --git a/src/primaite/config/_package_data/scenario_with_placeholders/greens_1.yaml b/src/primaite/config/_package_data/scenario_with_placeholders/greens_1.yaml index ce670f5f..677cd5a5 100644 --- a/src/primaite/config/_package_data/scenario_with_placeholders/greens_1.yaml +++ b/src/primaite/config/_package_data/scenario_with_placeholders/greens_1.yaml @@ -6,17 +6,17 @@ agents: &greens action_probabilities: 0: 0.2 1: 0.8 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client + application_name: DatabaseClient reward_function: reward_components: diff --git a/src/primaite/config/_package_data/scenario_with_placeholders/greens_2.yaml b/src/primaite/config/_package_data/scenario_with_placeholders/greens_2.yaml index 9ff099dd..eb7823f8 100644 --- a/src/primaite/config/_package_data/scenario_with_placeholders/greens_2.yaml +++ b/src/primaite/config/_package_data/scenario_with_placeholders/greens_2.yaml @@ -6,17 +6,17 @@ agents: &greens action_probabilities: 0: 0.95 1: 0.05 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client + application_name: DatabaseClient reward_function: reward_components: diff --git a/src/primaite/config/_package_data/scenario_with_placeholders/reds_1.yaml b/src/primaite/config/_package_data/scenario_with_placeholders/reds_1.yaml index b7e7560d..0170143f 100644 --- a/src/primaite/config/_package_data/scenario_with_placeholders/reds_1.yaml +++ b/src/primaite/config/_package_data/scenario_with_placeholders/reds_1.yaml @@ -3,15 +3,9 @@ reds: &reds team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: + possible_start_nodes: [client,] + target_application: DataManipulationBot start_step: 10 frequency: 10 variance: 0 diff --git a/src/primaite/config/_package_data/scenario_with_placeholders/reds_2.yaml b/src/primaite/config/_package_data/scenario_with_placeholders/reds_2.yaml index 1d9012d7..55bee3fb 100644 --- a/src/primaite/config/_package_data/scenario_with_placeholders/reds_2.yaml +++ b/src/primaite/config/_package_data/scenario_with_placeholders/reds_2.yaml @@ -3,15 +3,9 @@ reds: &reds team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: + possible_start_nodes: [client_1] + target_application: DataManipulationBot start_step: 3 frequency: 2 variance: 1 diff --git a/src/primaite/notebooks/Command-and-Control-E2E-Demonstration.ipynb b/src/primaite/notebooks/Command-and-Control-E2E-Demonstration.ipynb index 1a5c8b87..278fb3dc 100644 --- a/src/primaite/notebooks/Command-and-Control-E2E-Demonstration.ipynb +++ b/src/primaite/notebooks/Command-and-Control-E2E-Demonstration.ipynb @@ -51,7 +51,7 @@ " - ref: CustomC2Agent\n", " team: RED\n", " type: ProxyAgent\n", - " observation_space: null\n", + "\n", " action_space:\n", " options:\n", " nodes:\n", @@ -73,15 +73,15 @@ " - 0.0.0.1\n", " action_map:\n", " 0:\n", - " action: DONOTHING\n", + " action: do_nothing\n", " options: {}\n", " 1:\n", - " action: NODE_APPLICATION_INSTALL\n", + " action: node_application_install\n", " options:\n", " node_id: 0\n", " application_name: C2Beacon\n", " 2:\n", - " action: CONFIGURE_C2_BEACON\n", + " action: configure_c2_beacon\n", " options:\n", " node_id: 0\n", " config:\n", @@ -90,7 +90,7 @@ " masquerade_protocol:\n", " masquerade_port:\n", " 3:\n", - " action: NODE_APPLICATION_EXECUTE\n", + " action: node_application_execute\n", " options:\n", " node_id: 0\n", " application_id: 0\n", @@ -109,14 +109,14 @@ " - install\n", " - RansomwareScript\n", " 5:\n", - " action: C2_SERVER_RANSOMWARE_CONFIGURE\n", + " action: c2_server_ransomware_configure\n", " options:\n", " node_id: 1\n", " config:\n", " server_ip_address: 192.168.1.14\n", " payload: ENCRYPT\n", " 6:\n", - " action: C2_SERVER_DATA_EXFILTRATE\n", + " action: c2_server_data_exfiltrate\n", " options:\n", " node_id: 1\n", " target_file_name: \"database.db\"\n", @@ -128,11 +128,11 @@ " password: admin\n", "\n", " 7:\n", - " action: C2_SERVER_RANSOMWARE_LAUNCH\n", + " action: c2_server_ransomware_launch\n", " options:\n", " node_id: 1\n", " 8:\n", - " action: CONFIGURE_C2_BEACON\n", + " action: configure_c2_beacon\n", " options:\n", " node_id: 0\n", " config:\n", @@ -141,7 +141,7 @@ " masquerade_protocol: TCP\n", " masquerade_port: DNS\n", " 9:\n", - " action: CONFIGURE_C2_BEACON\n", + " action: configure_c2_beacon\n", " options:\n", " node_id: 0\n", " config:\n", @@ -213,7 +213,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Beacon Actions | NODE_APPLICATION_INSTALL\n", + "### **Command and Control** | C2 Beacon Actions | node_application_install\n", "\n", "The custom proxy red agent defined at the start of this notebook has been configured to install the C2 Beacon as action ``1`` in it's action map. \n", "\n", @@ -230,7 +230,7 @@ " ...\n", " action_map:\n", " 1:\n", - " action: NODE_APPLICATION_INSTALL \n", + " action: node_application_install \n", " options:\n", " node_id: 0 # Index 0 at the node list.\n", " application_name: C2Beacon\n", @@ -252,7 +252,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Beacon Actions | CONFIGURE_C2_BEACON \n", + "### **Command and Control** | C2 Beacon Actions | configure_c2_beacon \n", "\n", "The custom proxy red agent defined at the start of this notebook can configure the C2 Beacon via action ``2`` in it's action map. \n", "\n", @@ -268,7 +268,7 @@ " action_map:\n", " ...\n", " 2:\n", - " action: CONFIGURE_C2_BEACON\n", + " action: configure_c2_beacon\n", " options:\n", " node_id: 0 # Node Index\n", " config: # Further information about these config options can be found at the bottom of this notebook.\n", @@ -295,9 +295,9 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Beacon Actions | NODE_APPLICATION_EXECUTE\n", + "### **Command and Control** | C2 Beacon Actions | node_application_execute\n", "\n", - "The final action is ``NODE_APPLICATION_EXECUTE`` which is used to establish a connection for the C2 application. This action can be called by the Red Agent via action ``3`` in it's action map. \n", + "The final action is ``node_application_execute`` which is used to establish a connection for the C2 application. This action can be called by the Red Agent via action ``3`` in it's action map. \n", "\n", "The yaml snippet below shows all the relevant agent options for this action:\n", "\n", @@ -313,7 +313,7 @@ " action_map:\n", " ...\n", " 3:\n", - " action: NODE_APPLICATION_EXECUTE\n", + " action: node_application_execute\n", " options:\n", " node_id: 0\n", " application_id: 0\n", @@ -416,7 +416,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Server Actions | C2_SERVER_RANSOMWARE_CONFIGURE\n", + "### **Command and Control** | C2 Server Actions | c2_server_ransomware_configure\n", "\n", "Another action the C2 Server grants is the ability for a Red Agent to configure the RansomwareScript via the C2 Server rather than the note directly.\n", "\n", @@ -435,7 +435,7 @@ " ...\n", " action_map:\n", " 5:\n", - " action: C2_SERVER_RANSOMWARE_CONFIG\n", + " action: c2_server_ransomware_configure\n", " options:\n", " node_id: 1\n", " config:\n", @@ -468,9 +468,9 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Server Actions | C2_SERVER_DATA_EXFILTRATE\n", + "### **Command and Control** | C2 Server Actions | c2_server_data_exfiltrate\n", "\n", - "The second to last action available is the ``C2_SERVER_DATA_EXFILTRATE`` which is indexed as action ``6`` in the action map.\n", + "The second to last action available is the ``c2_server_data_exfiltrate`` which is indexed as action ``6`` in the action map.\n", "\n", "This action can be used to exfiltrate a target file on a remote node to the C2 Beacon and the C2 Server's host file system via the ``FTP`` services.\n", "\n", @@ -487,7 +487,7 @@ " ...\n", " action_map:\n", " 6:\n", - " action: C2_SERVER_DATA_EXFILTRATE\n", + " action: c2_server_data_exfiltrate\n", " options:\n", " node_id: 1\n", " target_file_name: \"database.db\"\n", @@ -534,9 +534,9 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "### **Command and Control** | C2 Server Actions | C2_SERVER_RANSOMWARE_LAUNCH\n", + "### **Command and Control** | C2 Server Actions | c2_server_ransomware_launch\n", "\n", - "Finally, the last available action is for the C2_SERVER_RANSOMWARE_LAUNCH to start the ransomware script installed on the same node as the C2 beacon.\n", + "Finally, the last available action is for the c2_server_ransomware_launch to start the ransomware script installed on the same node as the C2 beacon.\n", "\n", "This action is indexed as action ``7``.\n", "\n", @@ -553,7 +553,7 @@ " ...\n", " action_map:\n", " 7:\n", - " action: C2_SERVER_RANSOMWARE_LAUNCH\n", + " action: c2_server_ransomware_launch\n", " options:\n", " node_id: 1\n", "```\n" @@ -682,19 +682,19 @@ " action_space:\n", " action_map:\n", " 0:\n", - " action: DONOTHING\n", + " action: do_nothing\n", " options: {}\n", " 1:\n", - " action: NODE_APPLICATION_REMOVE\n", + " action: node_application_remove\n", " options:\n", " node_id: 0\n", " application_name: C2Beacon\n", " 2:\n", - " action: NODE_SHUTDOWN\n", + " action: node_shutdown\n", " options:\n", " node_id: 0\n", " 3:\n", - " action: ROUTER_ACL_ADDRULE\n", + " action: router_acl_add_rule\n", " options:\n", " target_router: router_1\n", " position: 1\n", @@ -1079,7 +1079,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "The code cell below uses the custom blue agent defined at the start of this section perform a NODE_APPLICATION_REMOVE on the C2 beacon:" + "The code cell below uses the custom blue agent defined at the start of this section perform a node_application_remove on the C2 beacon:" ] }, { @@ -1088,7 +1088,7 @@ "metadata": {}, "outputs": [], "source": [ - "# Using CAOS ACTION: NODE_APPLICATION_REMOVE & capturing the OBS\n", + "# Using CAOS ACTION: node_application_remove & capturing the OBS\n", "post_blue_action_obs, _, _, _, _ = blue_env.step(1)" ] }, @@ -1174,7 +1174,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "The code cell below uses the custom blue agent defined at the start of this section to perform a ``NODE_SHUT_DOWN`` action on the web server." + "The code cell below uses the custom blue agent defined at the start of this section to perform a ``node_shut_down`` action on the web server." ] }, { @@ -1183,7 +1183,7 @@ "metadata": {}, "outputs": [], "source": [ - "# Using CAOS ACTION: NODE_SHUT_DOWN & capturing the OBS\n", + "# Using CAOS ACTION: node_shut_down & capturing the OBS\n", "post_blue_action_obs, _, _, _, _ = blue_env.step(2)" ] }, @@ -1264,7 +1264,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "The code cell below uses the custom blue agent defined at the start of this section to perform a ROUTER_ACL_ADDRULE on router 1." + "The code cell below uses the custom blue agent defined at the start of this section to perform a router_acl_add_rule on router 1." ] }, { @@ -1273,7 +1273,7 @@ "metadata": {}, "outputs": [], "source": [ - "# Using CAOS ACTION: ROUTER_ACL_ADDRULE & capturing the OBS\n", + "# Using CAOS ACTION: router_acl_add_rule & capturing the OBS\n", "post_blue_action_obs, _, _, _, _ = blue_env.step(3)" ] }, @@ -1387,11 +1387,11 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "As demonstrated earlier, red agents can use the ``CONFIGURE_C2_BEACON`` action to configure these settings mid episode through the configuration options:\n", + "As demonstrated earlier, red agents can use the ``configure_c2_beacon`` action to configure these settings mid episode through the configuration options:\n", "\n", "``` YAML\n", "...\n", - " action: CONFIGURE_C2_BEACON\n", + " action: configure_c2_beacon\n", " options:\n", " node_id: 0\n", " config:\n", diff --git a/src/primaite/notebooks/Data-Manipulation-Customising-Red-Agent.ipynb b/src/primaite/notebooks/Data-Manipulation-Customising-Red-Agent.ipynb index 50bfa59f..d1154b54 100644 --- a/src/primaite/notebooks/Data-Manipulation-Customising-Red-Agent.ipynb +++ b/src/primaite/notebooks/Data-Manipulation-Customising-Red-Agent.ipynb @@ -67,9 +67,9 @@ " # parse the info dict form step output and write out what the red agent is doing\n", " red_info : AgentHistoryItem = info['agent_actions']['data_manipulation_attacker']\n", " red_action = red_info.action\n", - " if red_action == 'DONOTHING':\n", + " if red_action == 'do_nothing':\n", " red_str = 'DO NOTHING'\n", - " elif red_action == 'NODE_APPLICATION_EXECUTE':\n", + " elif red_action == 'node_application_execute':\n", " client = \"client 1\" if red_info.parameters['node_id'] == 0 else \"client 2\"\n", " red_str = f\"ATTACK from {client}\"\n", " return red_str" diff --git a/src/primaite/notebooks/Data-Manipulation-E2E-Demonstration.ipynb b/src/primaite/notebooks/Data-Manipulation-E2E-Demonstration.ipynb index 89620215..143bbe09 100644 --- a/src/primaite/notebooks/Data-Manipulation-E2E-Demonstration.ipynb +++ b/src/primaite/notebooks/Data-Manipulation-E2E-Demonstration.ipynb @@ -449,9 +449,9 @@ " # parse the info dict form step output and write out what the red agent is doing\n", " red_info : AgentHistoryItem = info['agent_actions']['data_manipulation_attacker']\n", " red_action = red_info.action\n", - " if red_action == 'DONOTHING':\n", + " if red_action == 'do_nothing':\n", " red_str = 'DO NOTHING'\n", - " elif red_action == 'NODE_APPLICATION_EXECUTE':\n", + " elif red_action == 'node_application_execute':\n", " client = \"client 1\" if red_info.parameters['node_id'] == 0 else \"client 2\"\n", " red_str = f\"ATTACK from {client}\"\n", " return red_str" @@ -547,7 +547,7 @@ "\n", "The reward will increase slightly as soon as the file finishes restoring. Then, the reward will increase to 0.9 when both green agents make successful requests.\n", "\n", - "Run the following cell until the green action is `NODE_APPLICATION_EXECUTE` for application 0, then the reward should increase. If you run it enough times, another red attack will happen and the reward will drop again." + "Run the following cell until the green action is `node_application_execute` for application 0, then the reward should increase. If you run it enough times, another red attack will happen and the reward will drop again." ] }, { diff --git a/src/primaite/notebooks/Using-Episode-Schedules.ipynb b/src/primaite/notebooks/Using-Episode-Schedules.ipynb index cb06e0f9..d08ca67b 100644 --- a/src/primaite/notebooks/Using-Episode-Schedules.ipynb +++ b/src/primaite/notebooks/Using-Episode-Schedules.ipynb @@ -238,7 +238,7 @@ "### Episode 2\n", "When we reset the environment again, it moves onto episode 2, where it will bring in greens_1 and reds_1 for green and red agent definitions. Let's verify the agent names and that they take actions at the defined frequency.\n", "\n", - "Most green actions will be `NODE_APPLICATION_EXECUTE` while red will `DONOTHING` except at steps 10 and 20." + "Most green actions will be `node_application_execute` while red will `DONOTHING` except at steps 10 and 20." ] }, { @@ -269,7 +269,7 @@ "### Episode 3\n", "When we reset the environment again, it moves onto episode 3, where it will bring in greens_2 and reds_2 for green and red agent definitions. Let's verify the agent names and that they take actions at the defined frequency.\n", "\n", - "Now, green will perform `NODE_APPLICATION_EXECUTE` only 5% of the time, while red will perform `NODE_APPLICATION_EXECUTE` more frequently than before." + "Now, green will perform `node_application_execute` only 5% of the time, while red will perform `node_application_execute` more frequently than before." ] }, { diff --git a/src/primaite/simulator/file_system/file.py b/src/primaite/simulator/file_system/file.py index 57d01ec9..bad26a0a 100644 --- a/src/primaite/simulator/file_system/file.py +++ b/src/primaite/simulator/file_system/file.py @@ -130,8 +130,8 @@ class File(FileSystemItemABC): Return False if corruption is detected, otherwise True """ - warnings.warn("NODE_FILE_CHECKHASH is currently not implemented.") - self.sys_log.warning("NODE_FILE_CHECKHASH is currently not implemented.") + warnings.warn("node_file_checkhash is currently not implemented.") + self.sys_log.warning("node_file_checkhash is currently not implemented.") return False if self.deleted: diff --git a/src/primaite/simulator/file_system/folder.py b/src/primaite/simulator/file_system/folder.py index ee0f3d01..78dba4e6 100644 --- a/src/primaite/simulator/file_system/folder.py +++ b/src/primaite/simulator/file_system/folder.py @@ -387,8 +387,8 @@ class Folder(FileSystemItemABC): Return False if corruption is detected, otherwise True """ - warnings.warn("NODE_FOLDER_CHECKHASH is currently not implemented.") - self.sys_log.error("NODE_FOLDER_CHECKHASH is currently not implemented.") + warnings.warn("node_folder_checkhash is currently not implemented.") + self.sys_log.error("node_folder_checkhash is currently not implemented.") return False if self.deleted: diff --git a/tests/assets/configs/action_penalty.yaml b/tests/assets/configs/action_penalty.yaml index 2ebe1963..2828b5aa 100644 --- a/tests/assets/configs/action_penalty.yaml +++ b/tests/assets/configs/action_penalty.yaml @@ -98,421 +98,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_nodename: router_1 + target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router_nodename: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: diff --git a/tests/assets/configs/bad_primaite_session.yaml b/tests/assets/configs/bad_primaite_session.yaml index 9f3e6da5..1cd0883c 100644 --- a/tests/assets/configs/bad_primaite_session.yaml +++ b/tests/assets/configs/bad_primaite_session.yaml @@ -13,31 +13,16 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) - start_step: 25 - frequency: 20 - variance: 5 + action_probabilities: + 0: 1.0 - ref: data_manipulation_attacker team: RED type: RedDatabaseCorruptingAgent - - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1,] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -119,324 +104,324 @@ agents: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" + action: "node_file_checkhash" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" + action: "node_folder_checkhash" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 19: # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 20: - action: "NODE_STARTUP" + action: "node_startup" options: - node_id: 5 + node_name: client_1 21: - action: "NODE_RESET" + action: "node_reset" options: - node_id: 5 + node_name: client_1 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 24: # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 25: # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 26: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 27: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 28: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 0 29: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 1 30: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 2 31: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 3 32: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 4 33: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 5 34: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 6 35: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 7 36: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 8 37: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 9 38: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 39: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 40: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 41: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 42: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 43: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 44: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 45: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 46: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 47: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 48: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 49: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 50: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 51: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 52: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 53: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: diff --git a/tests/assets/configs/basic_firewall.yaml b/tests/assets/configs/basic_firewall.yaml index 09e070d5..154956d3 100644 --- a/tests/assets/configs/basic_firewall.yaml +++ b/tests/assets/configs/basic_firewall.yaml @@ -27,26 +27,23 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser reward_function: reward_components: - type: DUMMY agent_settings: - start_step: 5 - frequency: 4 - variance: 3 action_probabilities: 0: 0.4 1: 0.6 diff --git a/tests/assets/configs/basic_switched_network.yaml b/tests/assets/configs/basic_switched_network.yaml index 453db4b0..e74a6a4e 100644 --- a/tests/assets/configs/basic_switched_network.yaml +++ b/tests/assets/configs/basic_switched_network.yaml @@ -30,26 +30,23 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser reward_function: reward_components: - type: DUMMY agent_settings: - start_step: 5 - frequency: 4 - variance: 3 action_probabilities: 0: 0.4 1: 0.6 @@ -115,7 +112,7 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} reward_function: diff --git a/tests/assets/configs/data_manipulation.yaml b/tests/assets/configs/data_manipulation.yaml index 90d8f806..5e12f1c6 100644 --- a/tests/assets/configs/data_manipulation.yaml +++ b/tests/assets/configs/data_manipulation.yaml @@ -30,22 +30,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -66,22 +66,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: WebBrowser reward_function: reward_components: @@ -101,16 +101,9 @@ agents: - ref: data_manipulation_attacker team: RED type: RedDatabaseCorruptingAgent - - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1, client_2] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -200,417 +193,417 @@ agents: options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: diff --git a/tests/assets/configs/dmz_network.yaml b/tests/assets/configs/dmz_network.yaml index b0876768..6cdae6a5 100644 --- a/tests/assets/configs/dmz_network.yaml +++ b/tests/assets/configs/dmz_network.yaml @@ -52,26 +52,19 @@ agents: - ref: client_1_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 - - reward_function: - reward_components: - - type: DUMMY + node_name: client_1 + application_id: WebBrowser agent_settings: - start_step: 5 - frequency: 4 - variance: 3 action_probabilities: 0: 0.4 1: 0.6 diff --git a/tests/assets/configs/eval_only_primaite_session.yaml b/tests/assets/configs/eval_only_primaite_session.yaml index 73930e7f..e277a881 100644 --- a/tests/assets/configs/eval_only_primaite_session.yaml +++ b/tests/assets/configs/eval_only_primaite_session.yaml @@ -13,11 +13,11 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} reward_function: @@ -25,31 +25,32 @@ agents: - type: DUMMY agent_settings: # options specific to this particular agent type, basically args of __init__(self) - start_step: 25 - frequency: 20 - variance: 5 + action_probabilities: + 0: 1.0 - ref: data_manipulation_attacker team: RED type: RedDatabaseCorruptingAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: DataManipulationBot reward_function: reward_components: - type: DUMMY agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1,] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -131,324 +132,324 @@ agents: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" + action: "node_file_checkhash" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 1 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" + action: "node_folder_checkhash" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 1 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 19: # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 20: - action: "NODE_STARTUP" + action: "node_startup" options: - node_id: 5 + node_name: client_1 21: - action: "NODE_RESET" + action: "node_reset" options: - node_id: 5 + node_name: client_1 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 24: # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 25: # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 26: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 27: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 28: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 0 29: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 1 30: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 2 31: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 3 32: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 4 33: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 5 34: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 6 35: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 7 36: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 8 37: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 9 38: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 39: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 40: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 41: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 42: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 43: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 44: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 45: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 46: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 47: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 48: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 49: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 50: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 51: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 52: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 53: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: diff --git a/tests/assets/configs/extended_config.yaml b/tests/assets/configs/extended_config.yaml index f8e86d31..97d9299a 100644 --- a/tests/assets/configs/extended_config.yaml +++ b/tests/assets/configs/extended_config.yaml @@ -30,22 +30,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -66,22 +66,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: DatabaseClient reward_function: reward_components: @@ -102,15 +102,9 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1, client_2] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -196,420 +190,420 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_checkhash" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_checkhash" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 + node_name: domain_controller nic_id: 0 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 + node_name: domain_controller nic_id: 0 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 + node_name: web_server nic_id: 0 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 + node_name: web_server nic_id: 0 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 + node_name: database_server nic_id: 0 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 + node_name: database_server nic_id: 0 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 + node_name: backup_server nic_id: 0 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 + node_name: backup_server nic_id: 0 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 + node_name: security_suite nic_id: 0 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 + node_name: security_suite nic_id: 0 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 + node_name: security_suite nic_id: 1 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 + node_name: security_suite nic_id: 1 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 + node_name: client_1 nic_id: 0 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 + node_name: client_1 nic_id: 0 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 + node_name: client_2 nic_id: 0 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 + node_name: client_2 nic_id: 0 diff --git a/tests/assets/configs/firewall_actions_network.yaml b/tests/assets/configs/firewall_actions_network.yaml index ceb9c924..41b856fc 100644 --- a/tests/assets/configs/firewall_actions_network.yaml +++ b/tests/assets/configs/firewall_actions_network.yaml @@ -244,10 +244,6 @@ agents: type: network_port_enable target_nodename: firewall port_id: 3 - reward_function: - reward_components: - - type: DUMMY - agent_settings: start_step: 5 frequency: 4 diff --git a/tests/assets/configs/fix_duration_one_item.yaml b/tests/assets/configs/fix_duration_one_item.yaml index 26ee574a..6444e9e8 100644 --- a/tests/assets/configs/fix_duration_one_item.yaml +++ b/tests/assets/configs/fix_duration_one_item.yaml @@ -27,26 +27,18 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 - - reward_function: - reward_components: - - type: DUMMY - + node_name: client_1 + application_name: WebBrowser agent_settings: - start_step: 5 - frequency: 4 - variance: 3 action_probabilities: 0: 0.4 1: 0.6 @@ -110,7 +102,7 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} reward_function: diff --git a/tests/assets/configs/install_and_configure_apps.yaml b/tests/assets/configs/install_and_configure_apps.yaml index efe4428a..e4b8805e 100644 --- a/tests/assets/configs/install_and_configure_apps.yaml +++ b/tests/assets/configs/install_and_configure_apps.yaml @@ -18,51 +18,51 @@ agents: team: BLUE type: ProxyAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_INSTALL + action: node_application_install options: - node_id: 0 + node_name: client_1 application_name: DatabaseClient 2: - action: NODE_APPLICATION_INSTALL + action: node_application_install options: - node_id: 1 + node_name: client_2 application_name: RansomwareScript 3: - action: NODE_APPLICATION_INSTALL + action: node_application_install options: - node_id: 2 + node_name: client_3 application_name: DoSBot 4: - action: CONFIGURE_DATABASE_CLIENT + action: configure_database_client options: - node_id: 0 + node_name: client_1 config: server_ip_address: 10.0.0.5 5: - action: CONFIGURE_DATABASE_CLIENT + action: configure_database_client options: - node_id: 0 + node_name: client_1 config: server_password: correct_password 6: - action: CONFIGURE_RANSOMWARE_SCRIPT + action: c2_server_ransomware_configure options: - node_id: 1 + node_name: client_2 config: server_ip_address: 10.0.0.5 server_password: correct_password payload: ENCRYPT 7: - action: CONFIGURE_DOSBOT + action: configure_dos_bot options: - node_id: 2 + node_name: client_3 config: target_ip_address: 10.0.0.5 target_port: POSTGRES_SERVER @@ -72,13 +72,10 @@ agents: dos_intensity: 1.0 max_sessions: 1000 8: - action: NODE_APPLICATION_INSTALL + action: node_application_install options: - node_id: 1 + node_name: client_2 application_name: DatabaseClient - reward_function: - reward_components: - - type: DUMMY agent_settings: flatten_obs: True action_masking: False diff --git a/tests/assets/configs/multi_agent_session.yaml b/tests/assets/configs/multi_agent_session.yaml index 9f2cbd84..bc1f1b69 100644 --- a/tests/assets/configs/multi_agent_session.yaml +++ b/tests/assets/configs/multi_agent_session.yaml @@ -26,22 +26,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -62,22 +62,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: WebBrowser reward_function: reward_components: @@ -98,14 +98,9 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1, client_2] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -186,421 +181,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: @@ -700,421 +695,421 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: - target_router: router_1 + target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: diff --git a/tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml b/tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml index a4deff6f..c2f79144 100644 --- a/tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml +++ b/tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml @@ -22,7 +22,7 @@ agents: - ref: client_1_red_nmap team: RED type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: @@ -33,11 +33,6 @@ agents: target_port: 80 target_protocol: tcp show: false - - reward_function: - reward_components: - - type: DUMMY - agent_settings: action_probabilities: 0: 1.0 diff --git a/tests/assets/configs/nmap_ping_scan_red_agent_config.yaml b/tests/assets/configs/nmap_ping_scan_red_agent_config.yaml index ee6de2c5..cd485ced 100644 --- a/tests/assets/configs/nmap_ping_scan_red_agent_config.yaml +++ b/tests/assets/configs/nmap_ping_scan_red_agent_config.yaml @@ -22,7 +22,7 @@ agents: - ref: client_1_red_nmap team: RED type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: @@ -32,10 +32,6 @@ agents: target_ip_address: 192.168.1.0/24 show: False - reward_function: - reward_components: - - type: DUMMY - agent_settings: action_probabilities: 0: 1.0 diff --git a/tests/assets/configs/nmap_port_scan_red_agent_config.yaml b/tests/assets/configs/nmap_port_scan_red_agent_config.yaml index 47d34e52..09e88a76 100644 --- a/tests/assets/configs/nmap_port_scan_red_agent_config.yaml +++ b/tests/assets/configs/nmap_port_scan_red_agent_config.yaml @@ -22,7 +22,7 @@ agents: - ref: client_1_red_nmap team: RED type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: @@ -39,10 +39,6 @@ agents: - 219 show: false - reward_function: - reward_components: - - type: DUMMY - agent_settings: action_probabilities: 0: 1.0 diff --git a/tests/assets/configs/scenario_with_placeholders/greens_1.yaml b/tests/assets/configs/scenario_with_placeholders/greens_1.yaml index ce670f5f..677cd5a5 100644 --- a/tests/assets/configs/scenario_with_placeholders/greens_1.yaml +++ b/tests/assets/configs/scenario_with_placeholders/greens_1.yaml @@ -6,17 +6,17 @@ agents: &greens action_probabilities: 0: 0.2 1: 0.8 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client + application_name: DatabaseClient reward_function: reward_components: diff --git a/tests/assets/configs/scenario_with_placeholders/greens_2.yaml b/tests/assets/configs/scenario_with_placeholders/greens_2.yaml index 9ff099dd..eb7823f8 100644 --- a/tests/assets/configs/scenario_with_placeholders/greens_2.yaml +++ b/tests/assets/configs/scenario_with_placeholders/greens_2.yaml @@ -6,17 +6,17 @@ agents: &greens action_probabilities: 0: 0.95 1: 0.05 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client + application_name: DatabaseClient reward_function: reward_components: diff --git a/tests/assets/configs/scenario_with_placeholders/reds_1.yaml b/tests/assets/configs/scenario_with_placeholders/reds_1.yaml index b7e7560d..0170143f 100644 --- a/tests/assets/configs/scenario_with_placeholders/reds_1.yaml +++ b/tests/assets/configs/scenario_with_placeholders/reds_1.yaml @@ -3,15 +3,9 @@ reds: &reds team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: + possible_start_nodes: [client,] + target_application: DataManipulationBot start_step: 10 frequency: 10 variance: 0 diff --git a/tests/assets/configs/scenario_with_placeholders/reds_2.yaml b/tests/assets/configs/scenario_with_placeholders/reds_2.yaml index 1d9012d7..e14eaa43 100644 --- a/tests/assets/configs/scenario_with_placeholders/reds_2.yaml +++ b/tests/assets/configs/scenario_with_placeholders/reds_2.yaml @@ -2,16 +2,9 @@ reds: &reds - ref: red_B team: RED type: RedDatabaseCorruptingAgent - - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: + possible_start_nodes: [client_1,] + target_application: DataManipulationBot start_step: 3 frequency: 2 variance: 1 diff --git a/tests/assets/configs/scenario_with_placeholders/scenario.yaml b/tests/assets/configs/scenario_with_placeholders/scenario.yaml index a61af830..7ea0145a 100644 --- a/tests/assets/configs/scenario_with_placeholders/scenario.yaml +++ b/tests/assets/configs/scenario_with_placeholders/scenario.yaml @@ -56,44 +56,44 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_SHUTDOWN + action: node_shutdown options: - node_id: 0 + node_name: client 2: - action: NODE_SHUTDOWN + action: node_shutdown options: - node_id: 1 + node_name: server 3: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: client 4: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: server 5: - action: HOST_NIC_DISABLE + action: host_nic_disable options: - node_id: 0 - nic_id: 0 + node_name: client + nic_num: 1 6: - action: HOST_NIC_DISABLE + action: host_nic_disable options: - node_id: 1 - nic_id: 0 + node_name: server + nic_num: 1 7: - action: HOST_NIC_ENABLE + action: host_nic_enable options: - node_id: 0 - nic_id: 0 + node_name: client + nic_num: 1 8: - action: HOST_NIC_ENABLE + action: host_nic_enable options: - node_id: 1 - nic_id: 0 + node_name: server + nic_num: 1 reward_function: reward_components: diff --git a/tests/assets/configs/shared_rewards.yaml b/tests/assets/configs/shared_rewards.yaml index 60e22366..96dada07 100644 --- a/tests/assets/configs/shared_rewards.yaml +++ b/tests/assets/configs/shared_rewards.yaml @@ -29,22 +29,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -65,22 +65,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: DatabaseClient reward_function: reward_components: @@ -97,15 +97,9 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1, client_2] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -186,420 +180,420 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" + action: "node_file_checkhash" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" + action: "node_folder_checkhash" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 + node_name: domain_controller nic_id: 0 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 + node_name: domain_controller nic_id: 0 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 + node_name: web_server nic_id: 0 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 + node_name: web_server nic_id: 0 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 + node_name: database_server nic_id: 0 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 + node_name: database_server nic_id: 0 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 + node_name: backup_server nic_id: 0 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 + node_name: backup_server nic_id: 0 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 + node_name: security_suite nic_id: 0 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 + node_name: security_suite nic_id: 0 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 + node_name: security_suite nic_id: 1 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 + node_name: security_suite nic_id: 1 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 + node_name: client_1 nic_id: 0 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 + node_name: client_1 nic_id: 0 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 + node_name: client_2 nic_id: 0 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 + node_name: client_2 nic_id: 0 reward_function: diff --git a/tests/assets/configs/software_fix_duration.yaml b/tests/assets/configs/software_fix_duration.yaml index 006328ba..0059d18a 100644 --- a/tests/assets/configs/software_fix_duration.yaml +++ b/tests/assets/configs/software_fix_duration.yaml @@ -27,26 +27,18 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 - - reward_function: - reward_components: - - type: DUMMY - + node_name: client_2 + application_name: WebBrowser agent_settings: - start_step: 5 - frequency: 4 - variance: 3 action_probabilities: 0: 0.4 1: 0.6 @@ -110,7 +102,7 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} reward_function: diff --git a/tests/assets/configs/test_application_install.yaml b/tests/assets/configs/test_application_install.yaml index c085fd63..55c4afd3 100644 --- a/tests/assets/configs/test_application_install.yaml +++ b/tests/assets/configs/test_application_install.yaml @@ -29,32 +29,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: - options: - nodes: - - node_name: client_2 - applications: - - application_name: WebBrowser - - application_name: DatabaseClient - max_folders_per_node: 1 - max_files_per_folder: 1 - max_services_per_node: 1 - max_applications_per_node: 2 action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_2 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_2 + application_name: DatabaseClient reward_function: reward_components: @@ -75,32 +65,22 @@ agents: 0: 0.3 1: 0.6 2: 0.1 - observation_space: null + action_space: - options: - nodes: - - node_name: client_1 - applications: - - application_name: WebBrowser - - application_name: DatabaseClient - max_folders_per_node: 1 - max_files_per_folder: 1 - max_services_per_node: 1 - max_applications_per_node: 2 action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 + node_name: client_1 + application_name: WebBrowser 2: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 1 + node_name: client_1 + application_name: WebBrowser reward_function: reward_components: @@ -121,16 +101,9 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null - - action_space: - action_map: - - reward_function: - reward_components: - - type: DUMMY - agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1, client_2] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -211,445 +184,445 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. + action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context. options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 0 + node_name: domain_controller 19: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 0 + node_name: domain_controller 20: - action: NODE_STARTUP + action: node_startup options: - node_id: 0 + node_name: domain_controller 21: - action: NODE_RESET + action: node_reset options: - node_id: 0 + node_name: domain_controller 22: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 1 + node_name: web_server 23: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 1 + node_name: web_server 24: - action: NODE_STARTUP + action: node_startup options: - node_id: 1 + node_name: web_server 25: - action: NODE_RESET + action: node_reset options: - node_id: 1 + node_name: web_server 26: # old action num: 18 - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 27: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 2 + node_name: database_server 28: - action: NODE_STARTUP + action: node_startup options: - node_id: 2 + node_name: database_server 29: - action: NODE_RESET + action: node_reset options: - node_id: 2 + node_name: database_server 30: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 3 + node_name: backup_server 31: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 3 + node_name: backup_server 32: - action: NODE_STARTUP + action: node_startup options: - node_id: 3 + node_name: backup_server 33: - action: NODE_RESET + action: node_reset options: - node_id: 3 + node_name: backup_server 34: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 4 + node_name: security_suite 35: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 4 + node_name: security_suite 36: - action: NODE_STARTUP + action: node_startup options: - node_id: 4 + node_name: security_suite 37: - action: NODE_RESET + action: node_reset options: - node_id: 4 + node_name: security_suite 38: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 5 + node_name: client_1 39: # old action num: 19 # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 40: # old action num: 20 - action: NODE_STARTUP + action: node_startup options: - node_id: 5 + node_name: client_1 41: # old action num: 21 - action: NODE_RESET + action: node_reset options: - node_id: 5 + node_name: client_1 42: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 6 + node_name: client_2 43: - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 6 + node_name: client_2 44: - action: NODE_STARTUP + action: node_startup options: - node_id: 6 + node_name: client_2 45: - action: NODE_RESET + action: node_reset options: - node_id: 6 + node_name: client_2 46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2" - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 48: # old action num: 24 # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 49: # old action num: 25 # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 50: # old action num: 26 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 51: # old action num: 27 - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: - target_router_hostname: router_1 + target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 52: # old action num: 28 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 0 53: # old action num: 29 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 1 54: # old action num: 30 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 2 55: # old action num: 31 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 3 56: # old action num: 32 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 4 57: # old action num: 33 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 5 58: # old action num: 34 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 6 59: # old action num: 35 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 7 60: # old action num: 36 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 8 61: # old action num: 37 - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router_hostname: router_1 position: 9 62: # old action num: 38 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 63: # old action num: 39 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 64: # old action num: 40 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 65: # old action num: 41 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 66: # old action num: 42 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 67: # old action num: 43 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 68: # old action num: 44 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 69: # old action num: 45 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 70: # old action num: 46 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 71: # old action num: 47 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 72: # old action num: 48 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 73: # old action num: 49 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 74: # old action num: 50 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 75: # old action num: 51 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 76: # old action num: 52 - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 77: # old action num: 53 - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 78: - action: NODE_APPLICATION_INSTALL + action: node_application_install options: - node_id: 0 + node_name: domain_controller application_name: DoSBot 79: - action: NODE_APPLICATION_REMOVE + action: node_application_remove options: - node_id: 0 + node_name: domain_controller application_name: DoSBot 80: - action: NODE_APPLICATION_REMOVE + action: node_application_remove options: - node_id: 0 + node_name: domain_controller application_name: WebBrowser 81: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 + node_name: domain_controller application_id: 0 82: - action: CONFIGURE_DOSBOT + action: configure_dos_bot options: - node_id: 0 + node_name: domain_controller config: target_ip_address: 192.168.1.14 target_port: POSTGRES_SERVER diff --git a/tests/assets/configs/test_primaite_session.yaml b/tests/assets/configs/test_primaite_session.yaml index 8c22fbed..cd5d08d3 100644 --- a/tests/assets/configs/test_primaite_session.yaml +++ b/tests/assets/configs/test_primaite_session.yaml @@ -21,20 +21,14 @@ agents: - ref: client_2_green_user team: GREEN type: ProbabilisticAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} - reward_function: - reward_components: - - type: DUMMY agent_settings: # options specific to this particular agent type, basically args of __init__(self) - start_step: 25 - frequency: 20 - variance: 5 action_probabilities: 0: 1.0 @@ -42,24 +36,22 @@ agents: team: RED type: RedDatabaseCorruptingAgent - observation_space: null + action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} 1: - action: NODE_APPLICATION_EXECUTE + action: node_application_execute options: - node_id: 0 - application_id: 0 - - reward_function: - reward_components: - - type: DUMMY + node_name: client_1 + application_name: DataManipulationBot agent_settings: # options specific to this particular agent type, basically args of __init__(self) + possible_start_nodes: [client_1,] + target_application: DataManipulationBot start_step: 25 frequency: 20 variance: 5 @@ -140,324 +132,324 @@ agents: action_space: action_map: 0: - action: DONOTHING + action: do_nothing options: {} # scan webapp service 1: - action: NODE_SERVICE_SCAN + action: node_service_scan options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # stop webapp service 2: - action: NODE_SERVICE_STOP + action: node_service_stop options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer # start webapp service 3: - action: "NODE_SERVICE_START" + action: "node_service_start" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 4: - action: "NODE_SERVICE_PAUSE" + action: "node_service_pause" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 5: - action: "NODE_SERVICE_RESUME" + action: "node_service_resume" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 6: - action: "NODE_SERVICE_RESTART" + action: "node_service_restart" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 7: - action: "NODE_SERVICE_DISABLE" + action: "node_service_disable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 8: - action: "NODE_SERVICE_ENABLE" + action: "node_service_enable" options: - node_id: 1 - service_id: 0 + node_name: web_server + service_name: WebServer 9: # check database.db file - action: "NODE_FILE_SCAN" + action: "node_file_scan" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 10: - action: "NODE_FILE_CHECKHASH" + action: "node_file_checkhash" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 11: - action: "NODE_FILE_DELETE" + action: "node_file_delete" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 12: - action: "NODE_FILE_REPAIR" + action: "node_file_repair" options: - node_id: 2 - folder_id: 0 - file_id: 0 + node_name: database_server + folder_name: database + file_name: database.db 13: - action: "NODE_SERVICE_FIX" + action: "node_service_fix" options: - node_id: 2 - service_id: 0 + node_name: database_server + service_name: DatabaseService 14: - action: "NODE_FOLDER_SCAN" + action: "node_folder_scan" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 15: - action: "NODE_FOLDER_CHECKHASH" + action: "node_folder_checkhash" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 16: - action: "NODE_FOLDER_REPAIR" + action: "node_folder_repair" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 17: - action: "NODE_FOLDER_RESTORE" + action: "node_folder_restore" options: - node_id: 2 - folder_id: 0 + node_name: database_server + folder_name: database 18: - action: "NODE_OS_SCAN" + action: "node_os_scan" options: - node_id: 2 + node_name: database_server 19: # shutdown client 1 - action: "NODE_SHUTDOWN" + action: "node_shutdown" options: - node_id: 5 + node_name: client_1 20: - action: "NODE_STARTUP" + action: "node_startup" options: - node_id: 5 + node_name: client_1 21: - action: "NODE_RESET" + action: "node_reset" options: - node_id: 5 + node_name: client_1 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 1 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 2 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 1 # ALL - source_port_id: 1 - dest_port_id: 1 - protocol_id: 1 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: ALL # ALL + src_port: ALL + dst_port: ALL + protocol_name: ALL + src_wildcard: NONE + dst_wildcard: NONE 24: # block tcp traffic from client 1 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 3 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 25: # block tcp traffic from client 2 to web app - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 4 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 3 # web server - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.12 # web server + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 26: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 5 - permission: 2 - source_ip_id: 7 # client 1 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.21 # client 1 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 27: - action: "ROUTER_ACL_ADDRULE" + action: "router_acl_add_rule" options: target_router: router_1 position: 6 - permission: 2 - source_ip_id: 8 # client 2 - dest_ip_id: 4 # database - source_port_id: 1 - dest_port_id: 1 - protocol_id: 3 - source_wildcard_id: 0 - dest_wildcard_id: 0 + permission: DENY + src_ip: 192.168.10.22 # client 2 + dst_ip: 192.168.1.14 # database + src_port: ALL + dst_port: ALL + protocol_name: TCP + src_wildcard: NONE + dst_wildcard: NONE 28: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 0 29: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 1 30: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 2 31: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 3 32: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 4 33: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 5 34: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 6 35: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 7 36: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 8 37: - action: "ROUTER_ACL_REMOVERULE" + action: "router_acl_remove_rule" options: target_router: router_1 position: 9 38: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 39: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 0 - nic_id: 0 + node_name: domain_controller + nic_num: 1 40: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 41: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 1 - nic_id: 0 + node_name: web_server + nic_num: 1 42: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 43: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 2 - nic_id: 0 + node_name: database_server + nic_num: 1 44: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 45: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 3 - nic_id: 0 + node_name: backup_server + nic_num: 1 46: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 47: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 0 + node_name: security_suite + nic_num: 1 48: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 49: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 4 - nic_id: 1 + node_name: security_suite + nic_num: 2 50: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 51: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 5 - nic_id: 0 + node_name: client_1 + nic_num: 1 52: - action: "HOST_NIC_DISABLE" + action: "host_nic_disable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 53: - action: "HOST_NIC_ENABLE" + action: "host_nic_enable" options: - node_id: 6 - nic_id: 0 + node_name: client_2 + nic_num: 1 reward_function: reward_components: diff --git a/tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py b/tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py index 6c8393e2..4ca97a0e 100644 --- a/tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py +++ b/tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py @@ -49,7 +49,7 @@ def test_application_install_uninstall_on_uc2(): cfg = yaml.safe_load(f) env = PrimaiteGymEnv(env_config=cfg) - env.agent.config.flatten_obs = False + env.agent.config.agent_settings.flatten_obs = False env.reset() _, _, _, _, _ = env.step(0) diff --git a/tests/integration_tests/game_layer/actions/test_application_request_permission.py b/tests/integration_tests/game_layer/actions/test_application_request_permission.py index e90fa591..c0c039f6 100644 --- a/tests/integration_tests/game_layer/actions/test_application_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_application_request_permission.py @@ -33,22 +33,22 @@ def test_application_cannot_perform_actions_unless_running(game_and_agent_fixtur browser.close() assert browser.operating_state == ApplicationOperatingState.CLOSED - action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0}) + action = ("node_application_scan", {"node_id": 0, "application_id": 0}) agent.store_action(action) game.step() assert browser.operating_state == ApplicationOperatingState.CLOSED - action = ("NODE_APPLICATION_CLOSE", {"node_id": 0, "application_id": 0}) + action = ("node_application_close", {"node_id": 0, "application_id": 0}) agent.store_action(action) game.step() assert browser.operating_state == ApplicationOperatingState.CLOSED - action = ("NODE_APPLICATION_FIX", {"node_id": 0, "application_id": 0}) + action = ("node_application_fix", {"node_id": 0, "application_id": 0}) agent.store_action(action) game.step() assert browser.operating_state == ApplicationOperatingState.CLOSED - action = ("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}) + action = ("node_application_execute", {"node_id": 0, "application_id": 0}) agent.store_action(action) game.step() assert browser.operating_state == ApplicationOperatingState.CLOSED diff --git a/tests/integration_tests/game_layer/actions/test_c2_suite_actions.py b/tests/integration_tests/game_layer/actions/test_c2_suite_actions.py index 36fee9a0..2984429a 100644 --- a/tests/integration_tests/game_layer/actions/test_c2_suite_actions.py +++ b/tests/integration_tests/game_layer/actions/test_c2_suite_actions.py @@ -46,7 +46,7 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen server_1: Server = game.simulation.network.get_node_by_hostname("server_1") action = ( - "NODE_APPLICATION_INSTALL", + "node_application_install", {"node_id": 1, "application_name": "C2Beacon"}, ) agent.store_action(action) @@ -54,7 +54,7 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen assert agent.history[-1].response.status == "success" action = ( - "CONFIGURE_C2_BEACON", + "configure_c2_beacon", { "node_id": 1, "config": { @@ -70,7 +70,7 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen assert agent.history[-1].response.status == "success" action = ( - "NODE_APPLICATION_EXECUTE", + "node_application_execute", {"node_id": 1, "application_id": 0}, ) agent.store_action(action) @@ -122,7 +122,7 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA assert agent.history[-1].response.status == "success" action = ( - "C2_SERVER_RANSOMWARE_CONFIGURE", + "c2_server_ransomware_configure", { "node_id": 0, "config": {"server_ip_address": "10.0.2.3", "payload": "ENCRYPT"}, @@ -141,7 +141,7 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA game.step() action = ( - "C2_SERVER_RANSOMWARE_LAUNCH", + "c2_server_ransomware_launch", { "node_id": 0, }, @@ -181,7 +181,7 @@ def test_c2_server_data_exfiltration(game_and_agent_fixture: Tuple[PrimaiteGame, # C2 Action: Data exfiltrate. action = ( - "C2_SERVER_DATA_EXFILTRATE", + "c2_server_data_exfiltrate", { "node_id": 0, "target_file_name": "database.db", diff --git a/tests/integration_tests/game_layer/actions/test_configure_actions.py b/tests/integration_tests/game_layer/actions/test_configure_actions.py index 338bd049..0e1a4873 100644 --- a/tests/integration_tests/game_layer/actions/test_configure_actions.py +++ b/tests/integration_tests/game_layer/actions/test_configure_actions.py @@ -27,7 +27,7 @@ class TestConfigureDatabaseAction: def test_configure_ip_password(self, game_and_agent): game, agent = game_and_agent agent: ControlledAgent - agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager) + agent.action_manager.actions["configure_database_client"] = ConfigureDatabaseClientAction(agent.action_manager) # make sure there is a database client on this node client_1 = game.simulation.network.get_node_by_hostname("client_1") @@ -61,7 +61,7 @@ class TestConfigureDatabaseAction: db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"] action = ( - "CONFIGURE_DATABASE_CLIENT", + "configure_database_client", { "node_id": 0, "config": { @@ -78,7 +78,7 @@ class TestConfigureDatabaseAction: def test_configure_password(self, game_and_agent): game, agent = game_and_agent agent: ControlledAgent - agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager) + agent.action_manager.actions["configure_database_client"] = ConfigureDatabaseClientAction(agent.action_manager) # make sure there is a database client on this node client_1 = game.simulation.network.get_node_by_hostname("client_1") @@ -87,7 +87,7 @@ class TestConfigureDatabaseAction: old_ip = db_client.server_ip_address action = ( - "CONFIGURE_DATABASE_CLIENT", + "configure_database_client", { "node_id": 0, "config": { @@ -120,7 +120,7 @@ class TestConfigureRansomwareScriptAction: def test_configure_ip_password(self, game_and_agent, config): game, agent = game_and_agent agent: ControlledAgent - agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction( + agent.action_manager.actions["c2_server_ransomware_configure"] = ConfigureRansomwareScriptAction( agent.action_manager ) @@ -134,7 +134,7 @@ class TestConfigureRansomwareScriptAction: old_payload = ransomware_script.payload action = ( - "CONFIGURE_RANSOMWARE_SCRIPT", + "c2_server_ransomware_configure", {"node_id": 0, "config": config}, ) agent.store_action(action) @@ -151,7 +151,7 @@ class TestConfigureRansomwareScriptAction: def test_invalid_config(self, game_and_agent): game, agent = game_and_agent agent: ControlledAgent - agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction( + agent.action_manager.actions["c2_server_ransomware_configure"] = ConfigureRansomwareScriptAction( agent.action_manager ) @@ -160,7 +160,7 @@ class TestConfigureRansomwareScriptAction: client_1.software_manager.install(RansomwareScript) ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"] action = ( - "CONFIGURE_RANSOMWARE_SCRIPT", + "c2_server_ransomware_configure", { "node_id": 0, "config": {"server_password": "admin123", "bad_option": 70}, @@ -172,17 +172,17 @@ class TestConfigureRansomwareScriptAction: class TestConfigureDoSBot: - def test_configure_DoSBot(self, game_and_agent): + def test_configure_dos_bot(self, game_and_agent): game, agent = game_and_agent agent: ControlledAgent - agent.action_manager.actions["CONFIGURE_DOSBOT"] = ConfigureDoSBotAction(agent.action_manager) + agent.action_manager.actions["configure_dos_bot"] = ConfigureDoSBotAction(agent.action_manager) client_1 = game.simulation.network.get_node_by_hostname("client_1") client_1.software_manager.install(DoSBot) dos_bot: DoSBot = client_1.software_manager.software["DoSBot"] action = ( - "CONFIGURE_DOSBOT", + "configure_dos_bot", { "node_id": 0, "config": { @@ -239,7 +239,7 @@ class TestConfigureYAML: assert db_client.server_password == "correct_password" assert db_client.connect() - def test_configure_ransomware_script(self): + def test_c2_server_ransomware_configure(self): env = PrimaiteGymEnv(env_config=APP_CONFIG_YAML) client_2 = env.game.simulation.network.get_node_by_hostname("client_2") assert client_2.software_manager.software.get("RansomwareScript") is None diff --git a/tests/integration_tests/game_layer/actions/test_file_request_permission.py b/tests/integration_tests/game_layer/actions/test_file_request_permission.py index 91aa9fcd..2ed76063 100644 --- a/tests/integration_tests/game_layer/actions/test_file_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_file_request_permission.py @@ -33,7 +33,7 @@ def test_create_file(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]): assert client_1.file_system.get_file(folder_name=random_folder, file_name=random_file) is None action = ( - "NODE_FILE_CREATE", + "node_file_create", {"node_id": 0, "folder_name": random_folder, "file_name": random_file}, ) agent.store_action(action) @@ -51,7 +51,7 @@ def test_file_delete_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge assert file.deleted is False action = ( - "NODE_FILE_DELETE", + "node_file_delete", {"node_id": 0, "folder_id": 0, "file_id": 0}, ) agent.store_action(action) @@ -72,7 +72,7 @@ def test_file_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent assert file.visible_health_status == FileSystemItemHealthStatus.GOOD action = ( - "NODE_FILE_SCAN", + "node_file_scan", {"node_id": 0, "folder_id": 0, "file_id": 0}, ) agent.store_action(action) @@ -93,7 +93,7 @@ def test_file_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge assert file.health_status == FileSystemItemHealthStatus.CORRUPT action = ( - "NODE_FILE_REPAIR", + "node_file_repair", {"node_id": 0, "folder_id": 0, "file_id": 0}, ) agent.store_action(action) @@ -113,7 +113,7 @@ def test_file_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg assert file.health_status == FileSystemItemHealthStatus.CORRUPT action = ( - "NODE_FILE_RESTORE", + "node_file_restore", {"node_id": 0, "folder_id": 0, "file_id": 0}, ) agent.store_action(action) @@ -132,7 +132,7 @@ def test_file_corrupt_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg assert file.health_status == FileSystemItemHealthStatus.GOOD action = ( - "NODE_FILE_CORRUPT", + "node_file_corrupt", {"node_id": 0, "folder_id": 0, "file_id": 0}, ) agent.store_action(action) @@ -150,7 +150,7 @@ def test_file_access_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge assert file.num_access == 0 action = ( - "NODE_FILE_ACCESS", + "node_file_access", {"node_id": 0, "folder_name": file.folder_name, "file_name": file.name}, ) agent.store_action(action) diff --git a/tests/integration_tests/game_layer/actions/test_folder_request_permission.py b/tests/integration_tests/game_layer/actions/test_folder_request_permission.py index 56bbbd4e..1c3cca7b 100644 --- a/tests/integration_tests/game_layer/actions/test_folder_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_folder_request_permission.py @@ -32,7 +32,7 @@ def test_create_folder(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]): assert client_1.file_system.get_folder(folder_name=random_folder) is None action = ( - "NODE_FOLDER_CREATE", + "node_folder_create", { "node_id": 0, "folder_name": random_folder, @@ -60,7 +60,7 @@ def test_folder_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD action = ( - "NODE_FOLDER_SCAN", + "node_folder_scan", { "node_id": 0, # client_1, "folder_id": 0, # downloads @@ -87,7 +87,7 @@ def test_folder_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA assert folder.health_status == FileSystemItemHealthStatus.CORRUPT action = ( - "NODE_FOLDER_REPAIR", + "node_folder_repair", { "node_id": 0, # client_1, "folder_id": 0, # downloads @@ -111,7 +111,7 @@ def test_folder_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy assert folder.health_status == FileSystemItemHealthStatus.CORRUPT action = ( - "NODE_FOLDER_RESTORE", + "node_folder_restore", { "node_id": 0, # client_1, "folder_id": 0, # downloads diff --git a/tests/integration_tests/game_layer/actions/test_nic_request_permission.py b/tests/integration_tests/game_layer/actions/test_nic_request_permission.py index 8846809d..ac92205b 100644 --- a/tests/integration_tests/game_layer/actions/test_nic_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_nic_request_permission.py @@ -29,7 +29,7 @@ def test_nic_cannot_be_turned_off_if_not_on(game_and_agent_fixture: Tuple[Primai assert nic.enabled is False action = ( - "HOST_NIC_DISABLE", + "host_nic_disable", { "node_id": 0, # client_1 "nic_id": 0, # the only nic (eth-1) @@ -50,7 +50,7 @@ def test_nic_cannot_be_turned_on_if_already_on(game_and_agent_fixture: Tuple[Pri assert nic.enabled action = ( - "HOST_NIC_ENABLE", + "host_nic_enable", { "node_id": 0, # client_1 "nic_id": 0, # the only nic (eth-1) @@ -71,7 +71,7 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr assert nic.enabled action = ( - "HOST_NIC_DISABLE", + "host_nic_disable", { "node_id": 0, # client_1 "nic_id": 0, # the only nic (eth-1) @@ -83,7 +83,7 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr assert nic.enabled is False action = ( - "HOST_NIC_ENABLE", + "host_nic_enable", { "node_id": 0, # client_1 "nic_id": 0, # the only nic (eth-1) diff --git a/tests/integration_tests/game_layer/actions/test_node_request_permission.py b/tests/integration_tests/game_layer/actions/test_node_request_permission.py index 8fbbbd70..997a9282 100644 --- a/tests/integration_tests/game_layer/actions/test_node_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_node_request_permission.py @@ -29,7 +29,7 @@ def test_node_startup_shutdown(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy assert client_1.operating_state == NodeOperatingState.ON # turn it off - action = ("NODE_SHUTDOWN", {"node_id": 0}) + action = ("node_shutdown", {"node_id": 0}) agent.store_action(action) game.step() @@ -43,7 +43,7 @@ def test_node_startup_shutdown(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy assert client_1.operating_state == NodeOperatingState.OFF # turn it on - action = ("NODE_STARTUP", {"node_id": 0}) + action = ("node_startup", {"node_id": 0}) agent.store_action(action) game.step() @@ -65,7 +65,7 @@ def test_node_cannot_be_started_up_if_node_is_already_on(game_and_agent_fixture: assert client_1.operating_state == NodeOperatingState.ON # turn it on - action = ("NODE_STARTUP", {"node_id": 0}) + action = ("node_startup", {"node_id": 0}) agent.store_action(action) game.step() @@ -87,7 +87,7 @@ def test_node_cannot_be_shut_down_if_node_is_already_off(game_and_agent_fixture: assert client_1.operating_state == NodeOperatingState.OFF # turn it ff - action = ("NODE_SHUTDOWN", {"node_id": 0}) + action = ("node_shutdown", {"node_id": 0}) agent.store_action(action) game.step() diff --git a/tests/integration_tests/game_layer/actions/test_service_request_permission.py b/tests/integration_tests/game_layer/actions/test_service_request_permission.py index ebc9fd3b..dad67d10 100644 --- a/tests/integration_tests/game_layer/actions/test_service_request_permission.py +++ b/tests/integration_tests/game_layer/actions/test_service_request_permission.py @@ -31,7 +31,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]): dns_server.pause() assert dns_server.operating_state == ServiceOperatingState.PAUSED - action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0}) + action = ("node_service_start", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.PAUSED @@ -40,7 +40,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]): assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0}) + action = ("node_service_start", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() @@ -54,7 +54,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]) server_1: Server = game.simulation.network.get_node_by_hostname("server_1") dns_server = server_1.software_manager.software.get("DNSServer") - action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0}) + action = ("node_service_resume", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.RUNNING @@ -63,7 +63,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]) assert dns_server.operating_state == ServiceOperatingState.PAUSED - action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0}) + action = ("node_service_resume", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() @@ -80,27 +80,27 @@ def test_service_cannot_perform_actions_unless_running(game_and_agent_fixture: T dns_server.stop() assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0}) + action = ("node_service_scan", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_PAUSE", {"node_id": 1, "service_id": 0}) + action = ("node_service_pause", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0}) + action = ("node_service_resume", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_RESTART", {"node_id": 1, "service_id": 0}) + action = ("node_service_restart", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.STOPPED - action = ("NODE_SERVICE_FIX", {"node_id": 1, "service_id": 0}) + action = ("node_service_fix", {"node_id": 1, "service_id": 0}) agent.store_action(action) game.step() assert dns_server.operating_state == ServiceOperatingState.STOPPED diff --git a/tests/integration_tests/game_layer/actions/test_terminal_actions.py b/tests/integration_tests/game_layer/actions/test_terminal_actions.py index 96110656..beaec5da 100644 --- a/tests/integration_tests/game_layer/actions/test_terminal_actions.py +++ b/tests/integration_tests/game_layer/actions/test_terminal_actions.py @@ -100,7 +100,7 @@ def test_remote_login_change_password(game_and_agent_fixture: Tuple[PrimaiteGame server_1_um.add_user("user123", "password", is_admin=True) action = ( - "NODE_ACCOUNTS_CHANGE_PASSWORD", + "node_accounts_change_password", { "node_id": 1, # server_1 "username": "user123", @@ -139,7 +139,7 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam # Change password action = ( - "NODE_ACCOUNTS_CHANGE_PASSWORD", + "node_accounts_change_password", { "node_id": 1, # server_1 "username": "user123", @@ -152,7 +152,7 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam # Assert that the user cannot execute an action action = ( - "NODE_SEND_REMOTE_COMMAND", + "node_send_remote_command", { "node_id": 0, "remote_ip": str(server_1.network_interface[1].ip_address), diff --git a/tests/integration_tests/game_layer/test_action_mask.py b/tests/integration_tests/game_layer/test_action_mask.py index 22c00aa4..485ad138 100644 --- a/tests/integration_tests/game_layer/test_action_mask.py +++ b/tests/integration_tests/game_layer/test_action_mask.py @@ -15,7 +15,6 @@ def test_mask_contents_correct(): net = sim.network mask = game.action_mask("defender") agent = env.agent - node_list = agent.action_manager.node_names action_map = agent.action_manager.action_map # CHECK NIC ENABLE/DISABLE ACTIONS @@ -23,8 +22,8 @@ def test_mask_contents_correct(): mask = game.action_mask("defender") act_type, act_params = action - if act_type == "NODE_NIC_ENABLE": - node_name = node_list[act_params["node_id"]] + if act_type == "node_nic_enable": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) nic_obj = node_obj.network_interface[act_params["nic_id"] + 1] assert nic_obj.enabled @@ -34,8 +33,8 @@ def test_mask_contents_correct(): assert mask[action_num] nic_obj.enable() - if act_type == "NODE_NIC_DISABLE": - node_name = node_list[act_params["node_id"]] + if act_type == "node_nic_disable": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) nic_obj = node_obj.network_interface[act_params["nic_id"] + 1] assert nic_obj.enabled @@ -45,14 +44,14 @@ def test_mask_contents_correct(): assert not mask[action_num] nic_obj.enable() - if act_type == "ROUTER_ACL_ADDRULE": + if act_type == "router_acl_add_rule": assert mask[action_num] - if act_type == "ROUTER_ACL_REMOVERULE": + if act_type == "router_acl_remove_rule": assert mask[action_num] - if act_type == "NODE_RESET": - node_name = node_list[act_params["node_id"]] + if act_type == "node_reset": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) assert node_obj.operating_state is NodeOperatingState.ON assert mask[action_num] @@ -61,8 +60,8 @@ def test_mask_contents_correct(): assert not mask[action_num] node_obj.operating_state = NodeOperatingState.ON - if act_type == "NODE_SHUTDOWN": - node_name = node_list[act_params["node_id"]] + if act_type == "node_shutdown": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) assert node_obj.operating_state is NodeOperatingState.ON assert mask[action_num] @@ -71,8 +70,8 @@ def test_mask_contents_correct(): assert not mask[action_num] node_obj.operating_state = NodeOperatingState.ON - if act_type == "NODE_OS_SCAN": - node_name = node_list[act_params["node_id"]] + if act_type == "node_os_scan": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) assert node_obj.operating_state is NodeOperatingState.ON assert mask[action_num] @@ -81,8 +80,8 @@ def test_mask_contents_correct(): assert not mask[action_num] node_obj.operating_state = NodeOperatingState.ON - if act_type == "NODE_STARTUP": - node_name = node_list[act_params["node_id"]] + if act_type == "node_startup": + node_name = act_params["node_name"] node_obj = net.get_node_by_hostname(node_name) assert node_obj.operating_state is NodeOperatingState.ON assert not mask[action_num] @@ -94,12 +93,12 @@ def test_mask_contents_correct(): if act_type == "do_nothing": assert mask[action_num] - if act_type == "NODE_SERVICE_DISABLE": + if act_type == "node_service_disable": assert mask[action_num] - if act_type in ["NODE_SERVICE_SCAN", "NODE_SERVICE_STOP", "NODE_SERVICE_PAUSE"]: - node_name = node_list[act_params["node_id"]] - service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]] + if act_type in ["node_service_scan", "node_service_stop", "node_service_pause"]: + node_name = act_params["node_name"] + service_name = act_params["service_name"] node_obj = net.get_node_by_hostname(node_name) service_obj = node_obj.software_manager.software.get(service_name) assert service_obj.operating_state is ServiceOperatingState.RUNNING @@ -109,9 +108,9 @@ def test_mask_contents_correct(): assert not mask[action_num] service_obj.operating_state = ServiceOperatingState.RUNNING - if act_type == "NODE_SERVICE_RESUME": - node_name = node_list[act_params["node_id"]] - service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]] + if act_type == "node_service_resume": + node_name = act_params["node_name"] + service_name = act_params["service_name"] node_obj = net.get_node_by_hostname(node_name) service_obj = node_obj.software_manager.software.get(service_name) assert service_obj.operating_state is ServiceOperatingState.RUNNING @@ -121,9 +120,9 @@ def test_mask_contents_correct(): assert mask[action_num] service_obj.operating_state = ServiceOperatingState.RUNNING - if act_type == "NODE_SERVICE_START": - node_name = node_list[act_params["node_id"]] - service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]] + if act_type == "node_service_start": + node_name = act_params["node_name"] + service_name = act_params["service_name"] node_obj = net.get_node_by_hostname(node_name) service_obj = node_obj.software_manager.software.get(service_name) assert service_obj.operating_state is ServiceOperatingState.RUNNING @@ -133,9 +132,9 @@ def test_mask_contents_correct(): assert mask[action_num] service_obj.operating_state = ServiceOperatingState.RUNNING - if act_type == "NODE_SERVICE_ENABLE": - node_name = node_list[act_params["node_id"]] - service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]] + if act_type == "node_service_enable": + node_name = act_params["node_name"] + service_name = act_params["service_name"] node_obj = net.get_node_by_hostname(node_name) service_obj = node_obj.software_manager.software.get(service_name) assert service_obj.operating_state is ServiceOperatingState.RUNNING @@ -145,12 +144,10 @@ def test_mask_contents_correct(): assert mask[action_num] service_obj.operating_state = ServiceOperatingState.RUNNING - if act_type in ["NODE_FILE_SCAN", "NODE_FILE_CHECKHASH", "NODE_FILE_DELETE"]: - node_name = node_list[act_params["node_id"]] - folder_name = agent.action_manager.get_folder_name_by_idx(act_params["node_id"], act_params["folder_id"]) - file_name = agent.action_manager.get_file_name_by_idx( - act_params["node_id"], act_params["folder_id"], act_params["file_id"] - ) + if act_type in ["node_file_scan", "node_file_checkhash", "node_file_delete"]: + node_name = act_params["node_name"] + folder_name = act_params["folder_name"] + file_name = act_params["file_name"] node_obj = net.get_node_by_hostname(node_name) file_obj = node_obj.file_system.get_file(folder_name, file_name, include_deleted=True) assert not file_obj.deleted diff --git a/tests/integration_tests/game_layer/test_rewards.py b/tests/integration_tests/game_layer/test_rewards.py index 1648d685..3d360313 100644 --- a/tests/integration_tests/game_layer/test_rewards.py +++ b/tests/integration_tests/game_layer/test_rewards.py @@ -38,7 +38,7 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle assert agent.reward_function.current_reward == 0.0 # Check that successfully fetching the webpage yields a reward of 0.7 - agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0})) + agent.store_action(("node_application_execute", {"node_id": 0, "application_id": 0})) game.step() assert agent.reward_function.current_reward == 0.7 @@ -50,7 +50,7 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle src_port=PORT_LOOKUP["HTTP"], dst_port=PORT_LOOKUP["HTTP"], ) - agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0})) + agent.store_action(("node_application_execute", {"node_id": 0, "application_id": 0})) game.step() assert agent.reward_function.current_reward == -0.7 @@ -83,7 +83,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]): response = game.simulation.apply_request(request) state = game.get_sim_state() ahi = AgentHistoryItem( - timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response + timestep=0, action="node_application_execute", parameters={}, request=request, response=response ) reward_value = comp.calculate(state, last_action_response=ahi) assert reward_value == 1.0 @@ -94,7 +94,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]): response = game.simulation.apply_request(request) state = game.get_sim_state() ahi = AgentHistoryItem( - timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response + timestep=0, action="node_application_execute", parameters={}, request=request, response=response ) reward_value = comp.calculate( state, @@ -159,7 +159,7 @@ def test_action_penalty(): state={}, last_action_response=AgentHistoryItem( timestep=0, - action="NODE_APPLICATION_EXECUTE", + action="node_application_execute", parameters={"node_id": 0, "application_id": 1}, request=["execute"], response=RequestResponse.from_bool(True), @@ -197,7 +197,7 @@ def test_action_penalty_e2e(game_and_agent: tuple[PrimaiteGame, ControlledAgent] game.step() assert agent.reward_function.current_reward == 0.125 - action = ("NODE_FILE_SCAN", {"node_id": 0, "folder_id": 0, "file_id": 0}) + action = ("node_file_scan", {"node_id": 0, "folder_id": 0, "file_id": 0}) agent.store_action(action) game.step() assert agent.reward_function.current_reward == -0.75 diff --git a/tests/unit_tests/_primaite/_game/_agent/test_actions.py b/tests/unit_tests/_primaite/_game/_agent/test_actions.py index cb2bb7a2..dd8d5678 100644 --- a/tests/unit_tests/_primaite/_game/_agent/test_actions.py +++ b/tests/unit_tests/_primaite/_game/_agent/test_actions.py @@ -19,12 +19,7 @@ from primaite.game.agent.actions.service import ( def test_do_nothing_action_form_request(): """Test that the do_nothingAction can form a request and that it is correct.""" - manager = Mock() - - action = DoNothingAction(manager=manager) - - request = action.form_request() - + request = DoNothingAction.form_request(DoNothingAction.ConfigSchema()) assert request == ["do_nothing"] @@ -52,13 +47,9 @@ def test_do_nothing_action_form_request(): ) # flake8: noqa def test_service_action_form_request(node_name, service_name, expect_to_do_nothing, action_class, action_verb): """Test that the ServiceScanAction can form a request and that it is correct.""" - manager: ActionManager = Mock() - manager.get_node_name_by_idx.return_value = node_name - manager.get_service_name_by_idx.return_value = service_name - - action = action_class(manager=manager, num_nodes=1, num_services=1) - - request = action.form_request(node_id=0, service_id=0) + request = action_class.form_request( + config=action_class.ConfigSchema(node_name=node_name, service_name=service_name) + ) if expect_to_do_nothing: assert request == ["do_nothing"] @@ -77,13 +68,9 @@ def test_service_action_form_request(node_name, service_name, expect_to_do_nothi ) # flake8: noqa def test_service_scan_form_request(node_name, service_name, expect_to_do_nothing): """Test that the ServiceScanAction can form a request and that it is correct.""" - manager: ActionManager = Mock() - manager.get_node_name_by_idx.return_value = node_name - manager.get_service_name_by_idx.return_value = service_name - - action = NodeServiceScanAction(manager=manager, num_nodes=1, num_services=1) - - request = action.form_request(node_id=0, service_id=0) + request = NodeServiceScanAction.form_request( + NodeServiceScanAction.ConfigSchema(node_id=node_name, service_id=service_name) + ) if expect_to_do_nothing: assert request == ["do_nothing"] diff --git a/tests/unit_tests/_primaite/_game/_agent/test_observations.py b/tests/unit_tests/_primaite/_game/_agent/test_observations.py index bb3ad33c..1888e9c1 100644 --- a/tests/unit_tests/_primaite/_game/_agent/test_observations.py +++ b/tests/unit_tests/_primaite/_game/_agent/test_observations.py @@ -98,7 +98,7 @@ class TestFileSystemRequiresScan: """ cfg = yaml.safe_load(obs_cfg_yaml) - manager = ObservationManager.from_config(cfg) + manager = ObservationManager(cfg) hosts: List[HostObservation] = manager.obs.components["NODES"].hosts for i, host in enumerate(hosts): diff --git a/tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py b/tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py index 94a77a10..f55033fd 100644 --- a/tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py +++ b/tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py @@ -17,39 +17,39 @@ def test_probabilistic_agent(): """ N_TRIALS = 10_000 P_DO_NOTHING = 0.1 - P_NODE_APPLICATION_EXECUTE = 0.3 - P_NODE_FILE_DELETE = 0.6 + P_node_application_execute = 0.3 + P_node_file_delete = 0.6 MIN_DO_NOTHING = 850 MAX_DO_NOTHING = 1150 - MIN_NODE_APPLICATION_EXECUTE = 2800 - MAX_NODE_APPLICATION_EXECUTE = 3200 - MIN_NODE_FILE_DELETE = 5750 - MAX_NODE_FILE_DELETE = 6250 + MIN_node_application_execute = 2800 + MAX_node_application_execute = 3200 + MIN_node_file_delete = 5750 + MAX_node_file_delete = 6250 action_space_cfg = { - "act_map": { + "action_map": { 0: {"action": "do_nothing", "options": {}}, - 1: {"action": "node_application_execute", "options": {"node_id": 0, "application_id": 0}}, - 2: {"action": "node_file_delete", "options": {"node_id": 0, "folder_id": 0, "file_id": 0}}, + 1: { + "action": "node_application_execute", + "options": {"node_name": "client_1", "application_name": "WebBrowser"}, + }, + 2: { + "action": "node_file_delete", + "options": {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"}, + }, }, - "options": {}, } game = PrimaiteGame() game.options = PrimaiteGameOptions(ports=[], protocols=[]) - observation_space_cfg = None - - reward_function_cfg = {} - pa_config = { "type": "ProbabilisticAgent", - "game": game, + "ref": "ProbabilisticAgent", + "team": "BLUE", "action_space": action_space_cfg, - "observation_space": observation_space_cfg, - "reward_function": reward_function_cfg, "agent_settings": { - "action_probabilities": {0: P_DO_NOTHING, 1: P_NODE_APPLICATION_EXECUTE, 2: P_NODE_FILE_DELETE}, + "action_probabilities": {0: P_DO_NOTHING, 1: P_node_application_execute, 2: P_node_file_delete}, }, } @@ -70,5 +70,5 @@ def test_probabilistic_agent(): raise AssertionError("Probabilistic agent produced an unexpected action.") assert MIN_DO_NOTHING < do_nothing_count < MAX_DO_NOTHING - assert MIN_NODE_APPLICATION_EXECUTE < node_application_execute_count < MAX_NODE_APPLICATION_EXECUTE - assert MIN_NODE_FILE_DELETE < node_file_delete_count < MAX_NODE_FILE_DELETE + assert MIN_node_application_execute < node_application_execute_count < MAX_node_application_execute + assert MIN_node_file_delete < node_file_delete_count < MAX_node_file_delete diff --git a/tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py b/tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py index 91d5c607..289d3941 100644 --- a/tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py +++ b/tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py @@ -91,7 +91,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == 0 # agent did a successful fetch - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="success", data={}) @@ -104,7 +104,7 @@ class TestWebpageUnavailabilitySticky: # THE IMPORTANT BIT # agent did nothing, because reward is not sticky, it goes back to 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) browser_history = [] state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}} @@ -114,7 +114,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == 0.0 # agent fails to fetch, get a -1.0 reward - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="failure", data={}) @@ -126,7 +126,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == -1.0 # agent fails again to fetch, get a -1.0 reward again - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="failure", data={}) @@ -142,7 +142,7 @@ class TestWebpageUnavailabilitySticky: reward = WebpageUnavailablePenalty(config=schema) # no response codes yet, reward is 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) browser_history = [] state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}} @@ -152,7 +152,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == 0 # agent did a successful fetch - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="success", data={}) @@ -165,7 +165,7 @@ class TestWebpageUnavailabilitySticky: # THE IMPORTANT BIT # agent did nothing, because reward is sticky, it stays at 1.0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}} last_action_response = AgentHistoryItem( @@ -174,7 +174,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == 1.0 # agent fails to fetch, get a -1.0 reward - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="failure", data={}) @@ -186,7 +186,7 @@ class TestWebpageUnavailabilitySticky: assert reward.calculate(state, last_action_response) == -1.0 # agent fails again to fetch, get a -1.0 reward again - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "WebBrowser", "execute"] response = RequestResponse(status="failure", data={}) @@ -207,7 +207,7 @@ class TestGreenAdminDatabaseUnreachableSticky: reward = GreenAdminDatabaseUnreachablePenalty(config=schema) # no response codes yet, reward is 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}} last_action_response = AgentHistoryItem( @@ -216,7 +216,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == 0 # agent did a successful fetch - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="success", data={}) @@ -228,7 +228,7 @@ class TestGreenAdminDatabaseUnreachableSticky: # THE IMPORTANT BIT # agent did nothing, because reward is not sticky, it goes back to 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}} last_action_response = AgentHistoryItem( @@ -237,7 +237,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == 0.0 # agent fails to fetch, get a -1.0 reward - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="failure", data={}) @@ -248,7 +248,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == -1.0 # agent fails again to fetch, get a -1.0 reward again - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="failure", data={}) @@ -266,7 +266,7 @@ class TestGreenAdminDatabaseUnreachableSticky: reward = GreenAdminDatabaseUnreachablePenalty(config=schema) # no response codes yet, reward is 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}} last_action_response = AgentHistoryItem( @@ -275,7 +275,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == 0 # agent did a successful fetch - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="success", data={}) @@ -287,7 +287,7 @@ class TestGreenAdminDatabaseUnreachableSticky: # THE IMPORTANT BIT # agent did nothing, because reward is not sticky, it goes back to 0 - action, params, request = "DO_NOTHING", {}, ["do_nothing"] + action, params, request = "do_nothing", {}, ["do_nothing"] response = RequestResponse(status="success", data={}) state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}} last_action_response = AgentHistoryItem( @@ -296,7 +296,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == 1.0 # agent fails to fetch, get a -1.0 reward - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="failure", data={}) @@ -307,7 +307,7 @@ class TestGreenAdminDatabaseUnreachableSticky: assert reward.calculate(state, last_action_response) == -1.0 # agent fails again to fetch, get a -1.0 reward again - action = "NODE_APPLICATION_EXECUTE" + action = "node_application_execute" params = {"node_id": 0, "application_id": 0} request = ["network", "node", "computer", "application", "DatabaseClient", "execute"] response = RequestResponse(status="failure", data={}) diff --git a/tests/unit_tests/_primaite/_simulator/_file_system/test_file.py b/tests/unit_tests/_primaite/_simulator/_file_system/test_file.py index 6cbf93c8..9cacdccf 100644 --- a/tests/unit_tests/_primaite/_simulator/_file_system/test_file.py +++ b/tests/unit_tests/_primaite/_simulator/_file_system/test_file.py @@ -46,7 +46,7 @@ def test_file_reveal_to_red_scan(file_system): assert file.revealed_to_red is True -@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented") +@pytest.mark.skip(reason="node_file_checkhash not implemented") def test_simulated_file_check_hash(file_system): file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder") diff --git a/tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py b/tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py index 4ec1ec57..2729e5e4 100644 --- a/tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py +++ b/tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py @@ -32,7 +32,7 @@ def test_file_scan_request(populated_file_system): assert file.visible_health_status == FileSystemItemHealthStatus.CORRUPT -@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented") +@pytest.mark.skip(reason="node_file_checkhash not implemented") def test_file_checkhash_request(populated_file_system): """Test that an agent can request a file hash check.""" fs, folder, file = populated_file_system diff --git a/tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py b/tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py index 473e0db2..10393c6c 100644 --- a/tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py +++ b/tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py @@ -120,7 +120,7 @@ def test_folder_corrupt_repair(file_system): assert file.health_status == FileSystemItemHealthStatus.GOOD -@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented") +@pytest.mark.skip(reason="node_file_checkhash not implemented") def test_simulated_folder_check_hash(file_system): folder: Folder = file_system.create_folder(folder_name="test_folder") file_system.create_file(file_name="test_file.txt", folder_name="test_folder") diff --git a/tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py b/tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py index 609e29c4..07c1ec46 100644 --- a/tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py +++ b/tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py @@ -51,7 +51,7 @@ def test_folder_scan_request(populated_file_system): assert file2.visible_health_status == FileSystemItemHealthStatus.CORRUPT -@pytest.mark.skip(reason="NODE_FOLDER_CHECKHASH not implemented") +@pytest.mark.skip(reason="node_folder_checkhash not implemented") def test_folder_checkhash_request(populated_file_system): """Test that an agent can request a folder hash check.""" fs, folder, file = populated_file_system