oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#2925 General Config fixes and node-os-scan bug fix implemented in the UC7-E2E-Demo notebook.

Browse Source
This commit is contained in:
Archer Bowen
2025-02-26 15:13:01 +00:00
committed by Marek Wolan
parent da60833abd
commit 43d58a7ca6
4 changed files with 17 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/primaite/config/_package_data/uc7_config.yaml
View File

@@ -268,7 +268,7 @@ simulation:
external_inbound_acl:
1:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
1:
action: PERMIT
@@ -347,7 +347,7 @@ simulation:
external_inbound_acl:
5:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
5:
action: PERMIT
routes:
@@ -995,7 +995,7 @@ PROBABILISTIC_CONFIG_40_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_40
1: 0.4
# Probabilistic Green Agent | 60% NODE_APPLICATION_EXECUTE | 40% do-nothing #
PROBABILISTIC_CONFIG_20_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
PROBABILISTIC_CONFIG_60_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
action_probabilities:
0: 0.4
1: 0.6
@@ -1062,7 +1062,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["HOME-PUB-PC-1"]
target_application: "database-client"
@@ -1156,7 +1155,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-1"]
target_application: "database-client"
@@ -1199,7 +1197,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-2"]
target_application: "database-client"
@@ -1254,7 +1251,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"]
target_application: "database-client"
@@ -1297,7 +1293,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"]
target_application: "database-client"
@@ -1340,7 +1335,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"]
target_application: "database-client"
@@ -1394,7 +1388,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"]
target_application: "database-client"
@@ -1532,7 +1525,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"]
target_application: "database-client"
@@ -1617,7 +1609,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"]
target_application: "database-client"

20
src/primaite/config/_package_data/uc7_config_tap003.yaml
View File

@@ -14,7 +14,8 @@ io_settings:
save_agent_actions: false
save_step_metadata: false
save_pcap_logs: false
save_sys_logs: True
save_sys_logs: false
save_agent_logs: false
# save_sys_logs: true
write_sys_log_to_terminal: false
@@ -268,7 +269,7 @@ simulation:
external_inbound_acl:
1:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
1:
action: PERMIT
@@ -347,7 +348,7 @@ simulation:
external_inbound_acl:
5:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
5:
action: PERMIT
routes:
@@ -995,7 +996,7 @@ PROBABILISTIC_CONFIG_40_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_40
1: 0.4
# Probabilistic Green Agent | 60% NODE_APPLICATION_EXECUTE | 40% do-nothing #
PROBABILISTIC_CONFIG_20_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
PROBABILISTIC_CONFIG_60_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
action_probabilities:
0: 0.4
1: 0.6
@@ -1062,7 +1063,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["HOME-PUB-PC-1"]
target_application: "database-client"
@@ -1156,7 +1156,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-1"]
target_application: "database-client"
@@ -1199,7 +1198,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-2"]
target_application: "database-client"
@@ -1254,7 +1252,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"]
target_application: "database-client"
@@ -1297,7 +1294,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"]
target_application: "database-client"
@@ -1340,7 +1336,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"]
target_application: "database-client"
@@ -1394,7 +1389,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"]
target_application: "database-client"
@@ -1532,7 +1526,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"]
target_application: "database-client"
@@ -1617,7 +1610,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"]
target_application: "database-client"
@@ -1946,6 +1938,7 @@ agents:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:
@@ -1959,6 +1952,7 @@ agents:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:

17
src/primaite/config/_package_data/uc7_multiple_attack_variants/uc7_config_no_red.yaml
View File

@@ -268,7 +268,7 @@ simulation:
external_inbound_acl:
1:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
1:
action: PERMIT
@@ -347,7 +347,7 @@ simulation:
external_inbound_acl:
5:
action: PERMIT
external_inbound_acl:
external_outbound_acl:
5:
action: PERMIT
routes:
@@ -994,7 +994,7 @@ PROBABILISTIC_CONFIG_40_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_40
1: 0.4
# Probabilistic Green Agent | 60% NODE_APPLICATION_EXECUTE | 40% do-nothing #
PROBABILISTIC_CONFIG_20_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
PROBABILISTIC_CONFIG_60_PERCENTAGE_PROBABILITY: &GREEN_PROBABILISTIC_60
action_probabilities:
0: 0.4
1: 0.6
@@ -1061,7 +1061,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["HOME-PUB-PC-1"]
target_application: "database-client"
@@ -1155,7 +1154,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-1"]
target_application: "database-client"
@@ -1198,7 +1196,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["REM-PUB-PC-2"]
target_application: "database-client"
@@ -1253,7 +1250,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-1"]
target_application: "database-client"
@@ -1296,7 +1292,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-2"]
target_application: "database-client"
@@ -1339,7 +1334,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-A-PRV-PC-3"]
target_application: "database-client"
@@ -1393,7 +1387,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-B-PRV-PC-1"]
target_application: "database-client"
@@ -1531,7 +1524,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-1"]
target_application: "database-client"
@@ -1616,7 +1608,6 @@ agents:
team: GREEN
type: periodic-agent
observation_space: {}
observation_space: {}
agent_settings:
possible_start_nodes: ["ST_PROJ-C-PRV-PC-3"]
target_application: "database-client"
@@ -1852,6 +1843,7 @@ agents:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:
@@ -1865,6 +1857,7 @@ agents:
- service_name: ftp-client
applications:
- application_name: ransomware-script
- application_name: database-client
folders:
- folder_name: downloads
files:

6
src/primaite/notebooks/UC7-E2E-Demo.ipynb
View File

@@ -63,7 +63,6 @@
"with open(file=_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n",
" cfg = yaml.safe_load(uc7_config)\n",
" cfg['io_settings']['save_sys_logs'] = True # Saving syslogs\n",
" cfg['io_settings']['save_agent_actions'] = True # Saving agent actions\n",
" cfg['io_settings']['save_agent_logs'] = True # Save agent logs\n",
"env = PrimaiteGymEnv(env_config=use_case_7_config)"
]
@@ -1326,8 +1325,6 @@
"source": [
"`1: NODE_OS_SCAN`:\n",
"\n",
"### TODO: Currently bugged OBS - Return after migration\n",
"\n",
"The first actual action that the blue agent can perform is scanning action. A variety of different scanning type actions (such as `NODE_APPLICATION_SCAN` or `NODE_FILE/FOLDER_SCAN`) which can be used to by the blue agent to gain a deeper understanding of the simulation state. Specifically, these actions will cause the blue agent's observations to update to the \"true\" `HEALTH_STATUS` of a simulation component. The `NODE_OS_SCAN` acts a combined version of all these scan type actions.\n",
"\n",
"For example, if a red agent corrupts and alters the health status of a file, the blue agent's observation space will not reflect this until the agent performs a `NODE_FILE_SCAN` on the newly corrupted file. It's worth noting that blue agents can be configured to see the true `HEALTH_STATUS` of software and files without needing to scan in the yaml. Although this may make it easier for an train and create an effective blue agent it could be seen as reducing the fidelity of the simulation.\n",
@@ -1372,9 +1369,10 @@
"metadata": {},
"outputs": [],
"source": [
"print(f'Node OS Scan time step duration: {cfg[\"simulation\"][\"defaults\"][\"node_scan_duration\"]}')\n",
"env.step(1)\n",
"print(defender.history[2])\n",
"for _ in range(7):\n",
"for _ in range(9):\n",
" obs, reward, term, trunc, info = env.step(0)\n",
"\n",
"print(f\"Current Simulation Time Step: {env.game.step_counter}\")\n",