From a8e64a63f87718582e7d93ffb73d9bdb927af0b2 Mon Sep 17 00:00:00 2001 From: Archer Bowen Date: Fri, 14 Mar 2025 14:06:03 +0000 Subject: [PATCH 1/6] #3110 Final user guide comments. --- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 152 +++++++++++++++--- .../notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb | 4 +- 2 files changed, 132 insertions(+), 24 deletions(-) diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index cd3c2f8f..2710893b 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -34,7 +34,10 @@ "outputs": [], "source": [ "import yaml\n", + "from prettytable import PrettyTable\n", "from primaite.session.environment import PrimaiteGymEnv\n", + "from primaite.game.agent.scripted_agents.random_agent import PeriodicAgent\n", + "from primaite.game.agent.interface import ProxyAgent\n", "from primaite.simulator.network.hardware.nodes.host.computer import Computer\n", "from primaite.simulator.network.hardware.nodes.host.server import Server\n", "from primaite.simulator.network.hardware.nodes.network.router import Router\n", @@ -546,7 +549,7 @@ "\n", "Additionally, `database-client` green agents are *Periodic* meaning they will attempt to use the database based on game time-steps. Specifically, these agents will begin on the time-step given in their `start_step` setting and will then will reattempt on each subsequence timestep based on the `Frequency` setting. These settings are then randomised using the remaining `start_variance` and `variance` options (also given in timesteps). These values are used to *±* their respective base settings to ensure the green agents achieve a moderate amount of domain randomisation in each PrimAITE episode.\n", "\n", - "For example, take a *Periodic* green agent set with a `start_step` of 4 and a `frequency` of **4** with a `start_variance` and a `variance` of **4** will cause a green agent to make it's first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" + "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make it's first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" ] }, { @@ -616,9 +619,9 @@ "source": [ "### AGENTS | Red Agents\n", "\n", - "For UC7, two new red agents have been developed which introduce a much more complex and realistic attacks in comparison to UC2's [data manipulation red agent](./Data-Manipulation-Customising-Red-Agent.ipynb) for the blue agent to defend against. These new red agents, or more commonly referred to `Threat Actor Profiles` (*TAPS*), utilise a series of different green, blue and red actions to simulate the different steps of a real-world attack.\n", + "For UC7, two new red agents have been developed which introduce much more complex and realistic attacks in comparison to UC2's [data manipulation red agent](./Data-Manipulation-Customising-Red-Agent.ipynb) for the blue agent to defend against. These new red agents, or more commonly referred to `Threat Actor Profiles` (*TAPS*), utilise a series of different green, blue and red actions to simulate the different steps of a real-world attack.\n", "\n", - "This notebook does not cover the red agents in much detail, hence it is highly recommended that readers should check out the respective TAP notebooks for a much more in-depth look at each TAP and their impacts.\n" + "This notebook does not cover the red agents in much detail, hence its highly recommended that readers should check out the respective TAP notebooks for a much more in-depth look at each TAP and their impacts.\n" ] }, { @@ -690,7 +693,7 @@ "\n", "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages it's pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage it's ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", "\n", - "The table below is a brief summary of the malicious acls added by `TAP003`\n", + "The table below is a brief summary of the malicious ACLs added by `TAP003`\n", "\n", "|Target Router | Impact |\n", "|----------------------|--------|\n", @@ -1280,7 +1283,7 @@ "\n", "|Action Num | Action Type | Options|\n", "|:---------:|:-----------:|:------:|\n", - "|0|**donothing**|*n/a*|\n", + "|0|**do-nothing**|*n/a*|\n", "|1|**node-os-scan**|*node_name: ST_PROJ-A-PRV-PC-1*|\n", "|2|**node-shutdown**|*node_name: ST_PROJ-A-PRV-PC-1*|\n", "|3|**node-startup**|*node_name: ST_PROJ-A-PRV-PC-1*|\n" @@ -1355,7 +1358,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "Set by the `node_scan_duration` option in the simulation `defaults` section, it takes **8** timesteps before the results of `node-os-scan` impact the blue agent's observation space." + "Set by the `node_scan_duration` option in the simulation `defaults` section, the results of `node-os-scan` take **8** timesteps before it impacts the blue agent's observation space." ] }, { @@ -1471,14 +1474,14 @@ " reward_function:\n", " reward_components:\n", " - type: database-file-integrity\n", - " weight: *HIGH_WEIGHT_IMPACT\n", + " weight: *HIGH_WEIGHT_IMPACT # Equal to 0.95 (Reward Anchors defined at lines 960 - 980 in the uc7_config.yaml)\n", " options: \n", " node_hostname: ST_DATA-PRV-SRV-DB \n", " folder_name: database\n", " file_name: database.db\n", "```\n", "\n", - "The blue agent's remaining reward function is comprised of **32** different ``shared-reward`` components. These rewards will grant the blue agent a positive or negative reward based on the current reward of the **32** green agents. The next code snippets The code snippets below demonstrate how the blue agent's reward is affected by simulation state." + "The blue agent's remaining reward function is comprised of **32** different ``shared-reward`` components. These rewards will grant the blue agent a positive or negative reward based on the current reward of the **32** green agents. " ] }, { @@ -1487,11 +1490,128 @@ "metadata": {}, "outputs": [], "source": [ + "table = PrettyTable()\n", + "table.field_names = [\"Reward Type\", \"Reward Option\", \"Reward Weight\"]\n", "for i in range(len(defender.reward_function.reward_components)):\n", + " reward_type = defender.reward_function.reward_components[i][0].config.type\n", " try:\n", - " print(f\"Simulation State Reward: {defender.reward_function.reward_components[i][0].location_in_state}\")\n", + " reward_option = defender.reward_function.reward_components[i][0].config.file_name\n", " except:\n", - " print(f\"Green Agent Shared Reward: {defender.reward_function.reward_components[i][0].config.agent_name}\")\n" + " reward_option = defender.reward_function.reward_components[i][0].config.agent_name\n", + " reward_weight = defender.reward_function.reward_components[i][1]\n", + " table.add_row(row=[reward_type, reward_option, reward_weight])\n", + "print(table)\n" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "By default, each of the `shared-reward` component is configured with a equal reward `weight` of `0.03125` which totals a blue agent reward weight of `1`. \n", + "\n", + "It's worth noting that `shared-reward` components are **not** required to have a equal weight or total a weight value under `1`. \n", + "\n", + "Users are recommended to alter the `weights` of these rewards when creating their own scenarios.\n", + "\n", + "```yaml\n", + "\n", + "# UC7 Shared Reward Component Green Agents (32 Green Agents each contributing 0.03125 of blue reward)\n", + "\n", + "# Blue Shared Reward | HOME_WORKER-1-DB\n", + "- type: shared-reward\n", + " weight: 0.03125\n", + " options:\n", + " agent_name: HOME_WORKER-1-DB\n", + "\n", + "# Green Agent HOME_WORKER-1-DB's reward function:\n", + " reward_function:\n", + " reward_components:\n", + " - type: green-admin-database-unreachable-penalty\n", + " weight: *MEDIUM_WEIGHT_IMPACT # Equal to 0.5 (Reward Anchors defined at lines 960 - 980 in the uc7_config.yaml)\n", + " options:\n", + " node_hostname: HOME-PUB-PC-1\n", + "\n", + "```\n", + "\n", + "The `weight` option in a `shared-reward` reward acts a multiplier to the reward of agent given in `agent_name`:\n", + "\n", + "$\\text{shared\\_reward} = \\text{agent\\_reward} \\times \\text{shared\\_reward\\_weight}$\n", + "\n", + "\n", + "This can a little difficult to understand intuitively so the following code snippets demonstrates how one of these rewards are calculated during a live episode." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "# Readers running this notebook natively can use edit this to test out different reward weight combinations\n", + "BLUE_AGENT_SHARED_REWARD_WEIGHT = 5" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "For example, if a user wished to configure the blue agent to place more value on the head office green agents such as the `CEO` then the blue agent's `shared-reward` components could be altered to reflect this by increasing the `weight` of the `shared-reward` configured to the `CEO` green agent." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [ + "# Reloads the UC7 config and removes all of other reward-components. \n", + "BLUE_AGENT_INDEX = 33\n", + "with open(_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", + " cfg = yaml.safe_load(uc7_config)\n", + "\n", + " # Removing all the other blue agent rewards and adding a custom blue reward\n", + " blue_shared_reward_ceo = {'type': 'shared-reward', 'weight': BLUE_AGENT_SHARED_REWARD_WEIGHT, 'options': {'agent_name': 'CEO'}}\n", + "\n", + " # Add the new custom blue agent shared rewards\n", + " blue_shared_reward_home_worker = cfg['agents'][BLUE_AGENT_INDEX]['reward_function']['reward_components'].pop(1)\n", + " cfg['agents'][BLUE_AGENT_INDEX]['reward_function']['reward_components'].clear() # Remove all blue agent rewards\n", + " cfg['agents'][BLUE_AGENT_INDEX]['reward_function']['reward_components'].append(blue_shared_reward_ceo) \n", + " cfg['agents'][BLUE_AGENT_INDEX]['reward_function']['reward_components'].append(blue_shared_reward_home_worker) \n", + "\n", + "\n", + "env = PrimaiteGymEnv(env_config=cfg)\n", + "env.reset()\n", + "\n", + "# Run the episode 10 times and record the results\n", + "table = PrettyTable()\n", + "table.field_names = [\"Time Step\", \"Home Worker Reward\", \"CEO Reward\", \"Blue Agent Total Reward\"]\n", + "for _ in range(10):\n", + " env.step(0)\n", + " home_worker = env.game.agents.get('HOME_WORKER-1-DB')\n", + " ceo = env.game.agents.get('CEO')\n", + " defender = env.game.agents.get(\"defender\")\n", + " table.add_row([env.game.step_counter,home_worker.reward_function.current_reward, ceo.reward_function.current_reward, defender.reward_function.current_reward])\n", + "print(table)\n" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "As you can see from the table above, because we increased the `shared-reward` weightings the blue agent's reward is nearly all comprised of the CEO's reward - `4.75`:\n", + "\n", + "$\\text{ceo\\_reward\\_contribution} = 0.95 \\times 5$ \n", + "\n", + "We can see that the remote worker agent only contributes `0.015625` to the blue agent's total reward:\n", + "\n", + "$\\text{remote\\_worker\\_reward\\_contribution} = 0.5 \\times 0.03125$\n" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "Lastly, the final few code snippets demonstrate how the default UC7 blue agent's reward is affected by simulation state within an episode." ] }, { @@ -1612,18 +1732,6 @@ "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" - }, - "language_info": { - "codemirror_mode": { - "name": "ipython", - "version": 3 - }, - "file_extension": ".py", - "mimetype": "text/x-python", - "name": "python", - "nbconvert_exporter": "python", - "pygments_lexer": "ipython3", - "version": "3.10.12" } }, "nbformat": 4, diff --git a/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb b/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb index 0827228d..f2baf310 100644 --- a/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb +++ b/src/primaite/notebooks/UC7-TAP003-Kill-Chain-E2E.ipynb @@ -1547,7 +1547,7 @@ "|probability|Action Probability - The chance of successfully carrying out this stage in the kill_chain.|str|_Required_|\n", "|malicious_acls|The configurable ACL that the TAP003 agent adds to the target node.|dict|_Required_|\n", "\n", - "The malicious ACL is configured identically to the other ACLs. except from the target router/firewall. \n", + "The malicious ACL is configured identically to the other ACLs except from the target router/firewall. \n", "This option is set to the TAP003's configured target host automatically.\n", "\n", "TAP003 intends to leverage these ACL's for malicious purposes. The default configuration is to deny all traffic from and towards the 0.0.0.255 subnet. \n", @@ -1640,7 +1640,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "Unlike the blue agent, TAP003 does not need to use it's action space options for indexing different options, meaning that ACL's are a lot easier to configure.\n", + "Unlike the blue agent, TAP003 does not need to use its action space options for indexing different options, meaning that ACLs are a lot easier to configure.\n", "\n", "The sandbox below can be used to try out different configuration options and their impact on the simulation." ] From b5a2234a246647b962190a710654d6fee1f90439 Mon Sep 17 00:00:00 2001 From: Archer Bowen Date: Fri, 14 Mar 2025 14:38:39 +0000 Subject: [PATCH 2/6] Apply suggestions from code review --- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index 2710893b..82069a7c 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -1538,7 +1538,7 @@ "$\\text{shared\\_reward} = \\text{agent\\_reward} \\times \\text{shared\\_reward\\_weight}$\n", "\n", "\n", - "This can a little difficult to understand intuitively so the following code snippets demonstrates how one of these rewards are calculated during a live episode." + "This can be a little difficult to understand intuitively so the following code snippets demonstrate how one of these rewards are calculated during a live episode." ] }, { From 67814893e11758c4fa960aca02d2283155e8cdf7 Mon Sep 17 00:00:00 2001 From: Charlie Crane Date: Fri, 14 Mar 2025 14:57:33 +0000 Subject: [PATCH 3/6] Updates to Licence table in primaite-dependencies.rst --- docs/source/primaite-dependencies.rst | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/source/primaite-dependencies.rst b/docs/source/primaite-dependencies.rst index ce2087ca..4d9ac07e 100644 --- a/docs/source/primaite-dependencies.rst +++ b/docs/source/primaite-dependencies.rst @@ -13,7 +13,9 @@ +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | kaleido | ==0.2.1 | 0.2.1 | MIT | Static image export for web-based visualization libraries with zero dependencies | https://github.com/plotly/Kaleido | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ -| matplotlib | >=3.7.1 | 3.7.1 | Python Software Foundation License | Python plotting package | https://matplotlib.org | +| matplotlib | >=3.7.1 | 3.10.1 | Python Software Foundation License | Python plotting package | https://matplotlib.org | ++-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ +| matplotlib-inline | >=0.1.7 | 0.1.7 | BSD License | Matplotlib Inline Back-end for IPython and Jupyter | https://github.com/ipython/matplotlib-inline | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | networkx | 3.1 | 3.1 | BSD License | Python package for creating and manipulating graphs and networks | https://networkx.org/ | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ @@ -29,7 +31,7 @@ +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | pydantic | 2.7.0 | 2.7.0 | MIT License | Data validation using Python type hints | https://github.com/pydantic/pydantic | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ -| PyYAML | >=6.0 | 6.0 | MIT License | YAML parser and emitter for Python | https://pyyaml.org/ | +| PyYAML | >=6.0 | 6.0.2 | MIT License | YAML parser and emitter for Python | https://pyyaml.org/ | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | ray | >=2.20, <2.33 | 2.32.0 | Apache 2.0 | Ray provides a simple, universal API for building distributed applications. | https://github.com/ray-project/ray | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ @@ -37,9 +39,9 @@ +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | tensorflow | ~=2.12 | 2.12.0 | Apache Software License | TensorFlow is an open source machine learning framework for everyone. | https://www.tensorflow.org/ | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ -| typer | >=0.9 | 0.9.0 | MIT License | Typer, build great CLIs. Easy to code. Based on Python type hints. | https://github.com/tiangolo/typer | +| typer | >=0.9 | 0.15.2 | MIT License | Typer, build great CLIs. Easy to code. Based on Python type hints. | https://github.com/tiangolo/typer | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ -| Deepdiff | 8.0.1 | 8.0.1 | MIT License | Deep difference of dictionaries, iterables, strings, and any other object objects. | https://github.com/seperman/deepdiff | +| Deepdiff | >=8.0.1 | 8.3.0 | MIT License | Deep difference of dictionaries, iterables, strings, and any other object objects. | https://github.com/seperman/deepdiff | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ | sb3_contrib | 2.1.0 | 2.1.0 | MIT License | Contrib package for Stable-Baselines3 - Experimental reinforcement learning (RL) code (Action Masking) | https://github.com/Stable-Baselines-Team/stable-baselines3-contrib | +-------------------+---------------------+---------------+--------------------------------------+--------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------+ From 42512a2fc23ee6958835f7dc322ad0dd929c36ed Mon Sep 17 00:00:00 2001 From: Charlie Crane Date: Fri, 14 Mar 2025 16:00:30 +0000 Subject: [PATCH 4/6] Formatting changes to correct issues with sphinx rendering of documentation --- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 1560 ++++++++++++++++++++- 1 file changed, 1500 insertions(+), 60 deletions(-) diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index 82069a7c..c2ed1c22 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -22,7 +22,28 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\notebooks\\example_notebooks\\UC7-E2E-Demo.ipynb\n" + ] + }, + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:11,067: Performing the PrimAITE first-time setup...\n", + "2025-03-14 15:51:11,068: Building the PrimAITE app directories...\n", + "2025-03-14 15:51:11,068: Building primaite_config.yaml...\n", + "2025-03-14 15:51:11,068: Rebuilding the demo notebooks...\n", + "2025-03-14 15:51:11,096: Reset example notebook: C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\notebooks\\example_notebooks\\UC7-E2E-Demo.ipynb\n", + "2025-03-14 15:51:11,165: Rebuilding the example notebooks...\n", + "2025-03-14 15:51:11,183: PrimAITE setup complete!\n" + ] + } + ], "source": [ "!primaite setup" ] @@ -56,7 +77,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:19,583: PrimaiteGymEnv RNG seed = None\n" + ] + } + ], "source": [ "use_case_7_config = load(_EXAMPLE_CFG/\"uc7_config.yaml\")\n", "with open(file=_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", @@ -112,7 +141,162 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+------------------------------------------------------+\n", + "| Nodes |\n", + "+-------------------------+----------+-----------------+\n", + "| Node | Type | Operating State |\n", + "+-------------------------+----------+-----------------+\n", + "| HOME-PUB-RT-DR | router | ON |\n", + "| HOME-PUB-SW-AS | switch | ON |\n", + "| HOME-PUB-PC-1 | computer | ON |\n", + "| HOME-PUB-PC-2 | computer | ON |\n", + "| HOME-PUB-SRV | server | ON |\n", + "| ISP-PUB-RT-BR | router | ON |\n", + "| ISP-PUB-SRV-DNS | server | ON |\n", + "| REM-PUB-FW | firewall | ON |\n", + "| REM-PUB-RT-DR | router | ON |\n", + "| REM-PUB-SW-AS | switch | ON |\n", + "| REM-PUB-PC-1 | computer | ON |\n", + "| REM-PUB-PC-2 | computer | ON |\n", + "| REM-PUB-SRV | server | ON |\n", + "| ST_PUB-FW | firewall | ON |\n", + "| ST_DMZ-PUB-SRV-WEB | server | ON |\n", + "| ST_INTRA-PRV-RT-CR | router | ON |\n", + "| ST_INTRA-PRV-RT-DR-1 | router | ON |\n", + "| ST_INTRA-PRV-RT-DR-2 | router | ON |\n", + "| ST_HO-PRV-SW-AS | switch | ON |\n", + "| ST_HO-PRV-PC-1 | computer | ON |\n", + "| ST_HO-PRV-PC-2 | computer | ON |\n", + "| ST_HO-PRV-PC-3 | computer | ON |\n", + "| ST_HR-PRV-SW-AS | switch | ON |\n", + "| ST_HR-PRV-PC-1 | computer | ON |\n", + "| ST_HR-PRV-PC-2 | computer | ON |\n", + "| ST_HR-PRV-PC-3 | computer | ON |\n", + "| ST_DATA-PRV-SW-AS | switch | ON |\n", + "| ST_DATA-PRV-SRV-STORAGE | server | ON |\n", + "| ST_DATA-PRV-SRV-DB | server | ON |\n", + "| ST_PROJ-A-PRV-SW-AS | switch | ON |\n", + "| ST_PROJ-A-PRV-PC-1 | computer | ON |\n", + "| ST_PROJ-A-PRV-PC-2 | computer | ON |\n", + "| ST_PROJ-A-PRV-PC-3 | computer | ON |\n", + "| ST_PROJ-B-PRV-SW-AS | switch | ON |\n", + "| ST_PROJ-B-PRV-PC-1 | computer | ON |\n", + "| ST_PROJ-B-PRV-PC-2 | computer | ON |\n", + "| ST_PROJ-B-PRV-PC-3 | computer | ON |\n", + "| ST_PROJ-C-PRV-SW-AS | switch | ON |\n", + "| ST_PROJ-C-PRV-PC-1 | computer | ON |\n", + "| ST_PROJ-C-PRV-PC-2 | computer | ON |\n", + "| ST_PROJ-C-PRV-PC-3 | computer | ON |\n", + "+-------------------------+----------+-----------------+\n", + "+----------------------------------------------------------------------------------------+\n", + "| IP Addresses |\n", + "+-------------------------+----------+---------------+-----------------+-----------------+\n", + "| Node | Port | IP Address | Subnet Mask | Default Gateway |\n", + "+-------------------------+----------+---------------+-----------------+-----------------+\n", + "| HOME-PUB-RT-DR | 1 | 192.168.1.1 | 255.255.255.0 | 10.1.0.1 |\n", + "| HOME-PUB-RT-DR | 2 | 10.1.0.2 | 255.255.255.252 | 10.1.0.1 |\n", + "| HOME-PUB-PC-1 | 1 | 192.168.1.2 | 255.255.255.0 | 192.168.1.1 |\n", + "| HOME-PUB-PC-2 | 1 | 192.168.1.3 | 255.255.255.0 | 192.168.1.1 |\n", + "| HOME-PUB-SRV | 1 | 192.168.1.4 | 255.255.255.0 | 192.168.1.1 |\n", + "| ISP-PUB-RT-BR | 1 | 10.1.0.1 | 255.255.255.252 | None |\n", + "| ISP-PUB-RT-BR | 2 | 8.8.8.1 | 255.255.255.240 | None |\n", + "| ISP-PUB-RT-BR | 3 | 10.1.10.1 | 255.255.255.252 | None |\n", + "| ISP-PUB-RT-BR | 4 | 10.1.100.1 | 255.255.255.252 | None |\n", + "| ISP-PUB-SRV-DNS | 1 | 8.8.8.8 | 255.255.255.240 | 8.8.8.1 |\n", + "| REM-PUB-FW | external | 10.1.10.2 | 255.255.255.252 | None |\n", + "| REM-PUB-FW | internal | 192.168.10.1 | 255.255.255.252 | None |\n", + "| REM-PUB-RT-DR | 1 | 192.168.10.2 | 255.255.255.252 | 192.168.10.1 |\n", + "| REM-PUB-RT-DR | 2 | 192.168.20.1 | 255.255.255.240 | 192.168.10.1 |\n", + "| REM-PUB-PC-1 | 1 | 192.168.20.2 | 255.255.255.0 | 192.168.20.1 |\n", + "| REM-PUB-PC-2 | 1 | 192.168.20.3 | 255.255.255.0 | 192.168.20.1 |\n", + "| REM-PUB-SRV | 1 | 192.168.20.4 | 255.255.255.0 | 192.168.20.1 |\n", + "| ST_PUB-FW | external | 10.1.100.2 | 255.255.255.252 | None |\n", + "| ST_PUB-FW | internal | 192.168.150.1 | 255.255.255.240 | None |\n", + "| ST_PUB-FW | dmz | 192.168.100.1 | 255.255.255.252 | None |\n", + "| ST_DMZ-PUB-SRV-WEB | 1 | 192.168.100.2 | 255.255.255.252 | 192.168.100.1 |\n", + "| ST_INTRA-PRV-RT-CR | 1 | 192.168.150.2 | 255.255.255.240 | None |\n", + "| ST_INTRA-PRV-RT-CR | 2 | 192.168.160.1 | 255.255.255.252 | None |\n", + "| ST_INTRA-PRV-RT-CR | 3 | 192.168.170.1 | 255.255.255.252 | None |\n", + "| ST_INTRA-PRV-RT-CR | 4 | 192.168.220.1 | 255.255.255.248 | None |\n", + "| ST_INTRA-PRV-RT-DR-1 | 1 | 192.168.160.2 | 255.255.255.252 | None |\n", + "| ST_INTRA-PRV-RT-DR-1 | 2 | 192.168.230.1 | 255.255.255.248 | None |\n", + "| ST_INTRA-PRV-RT-DR-1 | 3 | 192.168.240.1 | 255.255.255.248 | None |\n", + "| ST_INTRA-PRV-RT-DR-1 | 4 | 192.168.250.1 | 255.255.255.248 | None |\n", + "| ST_INTRA-PRV-RT-DR-2 | 1 | 192.168.170.2 | 255.255.255.252 | 192.168.170.1 |\n", + "| ST_INTRA-PRV-RT-DR-2 | 2 | 192.168.200.1 | 255.255.255.248 | 192.168.170.1 |\n", + "| ST_INTRA-PRV-RT-DR-2 | 3 | 192.168.210.1 | 255.255.255.248 | 192.168.170.1 |\n", + "| ST_HO-PRV-PC-1 | 1 | 192.168.200.2 | 255.255.255.0 | 192.168.200.1 |\n", + "| ST_HO-PRV-PC-2 | 1 | 192.168.200.3 | 255.255.255.0 | 192.168.200.1 |\n", + "| ST_HO-PRV-PC-3 | 1 | 192.168.200.4 | 255.255.255.0 | 192.168.200.1 |\n", + "| ST_HR-PRV-PC-1 | 1 | 192.168.210.2 | 255.255.255.0 | 192.168.210.1 |\n", + "| ST_HR-PRV-PC-2 | 1 | 192.168.210.3 | 255.255.255.0 | 192.168.210.1 |\n", + "| ST_HR-PRV-PC-3 | 1 | 192.168.210.4 | 255.255.255.0 | 192.168.210.1 |\n", + "| ST_DATA-PRV-SRV-STORAGE | 1 | 192.168.220.2 | 255.255.255.248 | 192.168.220.1 |\n", + "| ST_DATA-PRV-SRV-DB | 1 | 192.168.220.3 | 255.255.255.248 | 192.168.220.1 |\n", + "| ST_PROJ-A-PRV-PC-1 | 1 | 192.168.230.2 | 255.255.255.0 | 192.168.230.1 |\n", + "| ST_PROJ-A-PRV-PC-2 | 1 | 192.168.230.3 | 255.255.255.0 | 192.168.230.1 |\n", + "| ST_PROJ-A-PRV-PC-3 | 1 | 192.168.230.4 | 255.255.255.0 | 192.168.230.1 |\n", + "| ST_PROJ-B-PRV-PC-1 | 1 | 192.168.240.2 | 255.255.255.0 | 192.168.240.1 |\n", + "| ST_PROJ-B-PRV-PC-2 | 1 | 192.168.240.3 | 255.255.255.0 | 192.168.240.1 |\n", + "| ST_PROJ-B-PRV-PC-3 | 1 | 192.168.240.4 | 255.255.255.0 | 192.168.240.1 |\n", + "| ST_PROJ-C-PRV-PC-1 | 1 | 192.168.250.2 | 255.255.255.0 | 192.168.250.1 |\n", + "| ST_PROJ-C-PRV-PC-2 | 1 | 192.168.250.3 | 255.255.255.0 | 192.168.250.1 |\n", + "| ST_PROJ-C-PRV-PC-3 | 1 | 192.168.250.4 | 255.255.255.0 | 192.168.250.1 |\n", + "+-------------------------+----------+---------------+-----------------+-----------------+\n", + "+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n", + "| Links |\n", + "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n", + "| Endpoint A | A Port | Endpoint B | B Port | is Up | Bandwidth (MBits) | Current Load |\n", + "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n", + "| ISP-PUB-RT-BR | Port 1: d7:b4:9c:39:f4:ad/10.1.0.1 | HOME-PUB-RT-DR | Port 2: 4b:63:a4:02:f9:65/10.1.0.2 | True | 100.0 | 0.00000% |\n", + "| HOME-PUB-SW-AS | Port 1: f6:81:57:6b:d1:9d | HOME-PUB-RT-DR | Port 1: ab:f3:ac:f5:bd:41/192.168.1.1 | True | 100.0 | 0.00035% |\n", + "| HOME-PUB-SW-AS | Port 4: 97:18:1e:fa:c1:05 | HOME-PUB-SRV | Port 1: 78:d6:95:27:52:9e/192.168.1.4 | True | 100.0 | 0.00012% |\n", + "| HOME-PUB-SW-AS | Port 3: 9a:dc:d0:23:ee:9c | HOME-PUB-PC-2 | Port 1: 04:ba:93:0c:b8:d5/192.168.1.3 | True | 100.0 | 0.00012% |\n", + "| HOME-PUB-SW-AS | Port 2: f1:38:b6:ea:dd:3c | HOME-PUB-PC-1 | Port 1: 13:a8:71:2e:2d:72/192.168.1.2 | True | 100.0 | 0.00012% |\n", + "| ISP-PUB-RT-BR | Port 4: 6c:f9:ee:e2:5d:ed/10.1.100.1 | ST_PUB-FW | Port external: 4e:48:cf:7f:ce:04/10.1.100.2 | True | 100.0 | 0.00000% |\n", + "| ISP-PUB-RT-BR | Port 3: 26:21:39:3f:68:f7/10.1.10.1 | REM-PUB-FW | Port external: 64:b1:9d:6c:8d:4a/10.1.10.2 | True | 100.0 | 0.00000% |\n", + "| ISP-PUB-RT-BR | Port 2: bb:7a:21:ce:33:ff/8.8.8.1 | ISP-PUB-SRV-DNS | Port 1: b2:e0:0f:68:3e:e0/8.8.8.8 | True | 100.0 | 0.00011% |\n", + "| REM-PUB-FW | Port internal: b0:0d:54:f3:9f:22/192.168.10.1 | REM-PUB-RT-DR | Port 1: d9:b7:22:23:4f:b1/192.168.10.2 | True | 100.0 | 0.00000% |\n", + "| REM-PUB-RT-DR | Port 2: bc:6f:a5:26:a6:5e/192.168.20.1 | REM-PUB-SW-AS | Port 1: 26:7a:d6:0d:3a:df | True | 100.0 | 0.00036% |\n", + "| REM-PUB-SW-AS | Port 4: 6a:4f:3e:ce:61:66 | REM-PUB-SRV | Port 1: 88:70:1e:a0:e6:a5/192.168.20.4 | True | 100.0 | 0.00012% |\n", + "| REM-PUB-SW-AS | Port 3: 0d:9b:3e:5a:e4:8f | REM-PUB-PC-2 | Port 1: dc:3a:c0:5c:0d:ac/192.168.20.3 | True | 100.0 | 0.00012% |\n", + "| REM-PUB-SW-AS | Port 2: 9e:a3:02:6e:41:5e | REM-PUB-PC-1 | Port 1: b5:2b:76:7a:a5:df/192.168.20.2 | True | 100.0 | 0.00012% |\n", + "| ST_INTRA-PRV-RT-CR | Port 1: 09:b6:73:e4:e6:39/192.168.150.2 | ST_PUB-FW | Port internal: 87:24:56:ab:86:e1/192.168.150.1 | True | 100.0 | 0.00000% |\n", + "| ST_PUB-FW | Port dmz: d6:f3:5f:da:60:52/192.168.100.1 | ST_DMZ-PUB-SRV-WEB | Port 1: c2:7b:17:d0:23:01/192.168.100.2 | True | 100.0 | 0.00012% |\n", + "| ST_INTRA-PRV-RT-CR | Port 4: aa:fa:7d:b2:6b:a1/192.168.220.1 | ST_DATA-PRV-SW-AS | Port 1: ae:09:1b:36:7e:4b | True | 100.0 | 0.00024% |\n", + "| ST_INTRA-PRV-RT-CR | Port 3: 48:0a:27:50:4a:a3/192.168.170.1 | ST_INTRA-PRV-RT-DR-2 | Port 1: 86:9c:c0:a1:d8:1e/192.168.170.2 | True | 100.0 | 0.00000% |\n", + "| ST_INTRA-PRV-RT-CR | Port 2: 69:c6:0d:ea:db:51/192.168.160.1 | ST_INTRA-PRV-RT-DR-1 | Port 1: 7d:17:87:b5:d4:5f/192.168.160.2 | True | 100.0 | 0.00000% |\n", + "| ST_INTRA-PRV-RT-DR-1 | Port 4: 7a:81:27:29:3c:dd/192.168.250.1 | ST_PROJ-C-PRV-SW-AS | Port 1: 38:4b:9e:19:50:77 | True | 100.0 | 0.00036% |\n", + "| ST_INTRA-PRV-RT-DR-1 | Port 3: c0:96:9b:5b:6b:0a/192.168.240.1 | ST_PROJ-B-PRV-SW-AS | Port 1: 4b:1e:36:3d:d1:d2 | True | 100.0 | 0.00036% |\n", + "| ST_INTRA-PRV-RT-DR-1 | Port 2: c8:93:9b:f4:62:95/192.168.230.1 | ST_PROJ-A-PRV-SW-AS | Port 1: 72:95:9b:5b:9b:34 | True | 100.0 | 0.00036% |\n", + "| ST_HR-PRV-SW-AS | Port 1: 47:68:3b:ee:5b:be | ST_INTRA-PRV-RT-DR-2 | Port 3: ed:7a:60:b4:ac:3e/192.168.210.1 | True | 100.0 | 0.00036% |\n", + "| ST_HO-PRV-SW-AS | Port 1: c9:f0:97:31:e6:03 | ST_INTRA-PRV-RT-DR-2 | Port 2: 33:52:b1:75:18:fe/192.168.200.1 | True | 100.0 | 0.00036% |\n", + "| ST_HO-PRV-SW-AS | Port 4: 6f:7a:46:e1:85:8c | ST_HO-PRV-PC-3 | Port 1: d3:21:6d:50:fa:9d/192.168.200.4 | True | 100.0 | 0.00012% |\n", + "| ST_HO-PRV-SW-AS | Port 3: 97:7f:7d:92:10:8e | ST_HO-PRV-PC-2 | Port 1: 38:0e:49:07:60:d1/192.168.200.3 | True | 100.0 | 0.00012% |\n", + "| ST_HO-PRV-SW-AS | Port 2: 03:94:58:bb:b2:a9 | ST_HO-PRV-PC-1 | Port 1: 67:0d:2a:ab:77:12/192.168.200.2 | True | 100.0 | 0.00012% |\n", + "| ST_HR-PRV-SW-AS | Port 4: e6:56:16:77:10:ba | ST_HR-PRV-PC-3 | Port 1: 86:ad:fa:b0:41:39/192.168.210.4 | True | 100.0 | 0.00012% |\n", + "| ST_HR-PRV-SW-AS | Port 3: da:ff:7d:75:8e:a3 | ST_HR-PRV-PC-2 | Port 1: 04:30:2a:0d:8f:bc/192.168.210.3 | True | 100.0 | 0.00012% |\n", + "| ST_HR-PRV-SW-AS | Port 2: fb:6c:11:a7:18:67 | ST_HR-PRV-PC-1 | Port 1: 32:25:dd:cc:44:e3/192.168.210.2 | True | 100.0 | 0.00012% |\n", + "| ST_DATA-PRV-SW-AS | Port 3: fa:d4:3c:93:f3:b1 | ST_DATA-PRV-SRV-DB | Port 1: ff:d8:1a:37:fd:22/192.168.220.3 | True | 100.0 | 0.00012% |\n", + "| ST_DATA-PRV-SW-AS | Port 2: 9d:36:ca:e8:69:06 | ST_DATA-PRV-SRV-STORAGE | Port 1: 19:97:81:ed:73:11/192.168.220.2 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-A-PRV-SW-AS | Port 4: 50:c1:ae:51:11:05 | ST_PROJ-A-PRV-PC-3 | Port 1: 9c:e5:84:5a:ad:de/192.168.230.4 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-A-PRV-SW-AS | Port 3: 49:5c:31:ef:45:f1 | ST_PROJ-A-PRV-PC-2 | Port 1: af:75:c4:b8:0b:b6/192.168.230.3 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-A-PRV-SW-AS | Port 2: 32:bd:71:c2:74:d5 | ST_PROJ-A-PRV-PC-1 | Port 1: 1c:91:0d:9f:54:4a/192.168.230.2 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-B-PRV-SW-AS | Port 4: e5:38:0f:bc:8b:50 | ST_PROJ-B-PRV-PC-3 | Port 1: d2:45:15:16:de:f2/192.168.240.4 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-B-PRV-SW-AS | Port 3: 20:69:5f:ef:10:04 | ST_PROJ-B-PRV-PC-2 | Port 1: 27:2a:b8:3a:fc:14/192.168.240.3 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-B-PRV-SW-AS | Port 2: a7:1d:0c:7d:54:a6 | ST_PROJ-B-PRV-PC-1 | Port 1: 61:73:00:68:7c:fe/192.168.240.2 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-C-PRV-SW-AS | Port 4: e1:6f:a8:62:83:68 | ST_PROJ-C-PRV-PC-3 | Port 1: 02:2d:fc:f7:40:ad/192.168.250.4 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-C-PRV-SW-AS | Port 3: 12:b5:1b:fe:22:49 | ST_PROJ-C-PRV-PC-2 | Port 1: 3f:5c:93:fb:44:29/192.168.250.3 | True | 100.0 | 0.00012% |\n", + "| ST_PROJ-C-PRV-SW-AS | Port 2: c5:78:34:eb:bb:aa | ST_PROJ-C-PRV-PC-1 | Port 1: 13:da:7b:6f:9d:9c/192.168.250.2 | True | 100.0 | 0.00012% |\n", + "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n" + ] + } + ], "source": [ "uc7_network = env.game.simulation.network\n", "uc7_network.show()" @@ -159,7 +343,51 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------+\n", + "| HOME-PUB-PC-1 Network Interface Cards |\n", + "+------+------+-------------------+----------------+-------+---------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+------+-------------------+----------------+-------+---------+------+\n", + "| 1 | NIC | 13:a8:71:2e:2d:72 | 192.168.1.2/24 | 100.0 | Enabled | {} |\n", + "+------+------+-------------------+----------------+-------+---------+------+\n", + "+--------------------------+\n", + "| HOME-PUB-PC-1 Open Ports |\n", + "+--------------------------+\n", + "| Port |\n", + "+--------------------------+\n", + "| 21 |\n", + "| 22 |\n", + "| 53 |\n", + "| 80 |\n", + "| 123 |\n", + "| 219 |\n", + "| 5432 |\n", + "+--------------------------+\n", + "+---------------------------------------------------------------------------------------+\n", + "| HOME-PUB-PC-1 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "# Home Office PC 1 (HOME-PUB-PC-1)\n", "home_pub_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-PC-1\")\n", @@ -171,7 +399,43 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| HOME-PUB-RT-DR Network Interface Cards |\n", + "+------+-----------------+-------------------+----------------+-------+----------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+-----------------+-------------------+----------------+-------+----------+------+\n", + "| 1 | RouterInterface | ab:f3:ac:f5:bd:41 | 192.168.1.1/24 | 100.0 | Enabled | {} |\n", + "| 2 | RouterInterface | 4b:63:a4:02:f9:65 | 10.1.0.2/30 | 100.0 | Enabled | {} |\n", + "| 3 | RouterInterface | 72:46:1d:93:f2:2d | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", + "| 4 | RouterInterface | cf:ea:2d:1f:24:0e | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", + "| 5 | RouterInterface | 21:66:ea:ed:d0:fe | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", + "+------+-----------------+-------------------+----------------+-------+----------+------+\n", + "+---------------------------+\n", + "| HOME-PUB-RT-DR Open Ports |\n", + "+---------------------------+\n", + "| Port |\n", + "+---------------------------+\n", + "| 22 |\n", + "| 219 |\n", + "+---------------------------+\n", + "+-----------------------------------------------------------------------------------------------------------+\n", + "| HOME-PUB-RT-DR Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "# Home Office Router (HOME-PUB-RT-DR)\n", "home_pub_rt_dr: Router = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-RT-DR\")\n", @@ -196,7 +460,43 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+--------------------------------------------------------------------------------------+\n", + "| ISP-PUB-RT-BR Network Interface Cards |\n", + "+------+-----------------+-------------------+---------------+-------+----------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+-----------------+-------------------+---------------+-------+----------+------+\n", + "| 1 | RouterInterface | d7:b4:9c:39:f4:ad | 10.1.0.1/30 | 100.0 | Enabled | {} |\n", + "| 2 | RouterInterface | bb:7a:21:ce:33:ff | 8.8.8.1/28 | 100.0 | Enabled | {} |\n", + "| 3 | RouterInterface | 26:21:39:3f:68:f7 | 10.1.10.1/30 | 100.0 | Enabled | {} |\n", + "| 4 | RouterInterface | 6c:f9:ee:e2:5d:ed | 10.1.100.1/30 | 100.0 | Enabled | {} |\n", + "| 5 | RouterInterface | 28:b3:d8:14:01:30 | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", + "+------+-----------------+-------------------+---------------+-------+----------+------+\n", + "+--------------------------+\n", + "| ISP-PUB-RT-BR Open Ports |\n", + "+--------------------------+\n", + "| Port |\n", + "+--------------------------+\n", + "| 22 |\n", + "| 219 |\n", + "+--------------------------+\n", + "+-----------------------------------------------------------------------------------------------------------+\n", + "| ISP-PUB-RT-BR Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "isp_pub_rt_br: Router = env.game.simulation.network.get_node_by_hostname(\"ISP-PUB-RT-BR\")\n", "isp_pub_rt_br.show_nic()\n", @@ -208,7 +508,28 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------------------------------------------------+\n", + "| ISP-PUB-SRV-DNS Network Interface Cards |\n", + "+------+------+-------------------+------------+-------+---------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+------+-------------------+------------+-------+---------+------+\n", + "| 1 | NIC | b2:e0:0f:68:3e:e0 | 8.8.8.8/28 | 100.0 | Enabled | {} |\n", + "+------+------+-------------------+------------+-------+---------+------+\n", + "+----------------------------------+\n", + "| ISP-PUB-SRV-DNS DNS Lookup table |\n", + "+----------------+-----------------+\n", + "| Domain Name | IP Address |\n", + "+----------------+-----------------+\n", + "| some_tech.com | 192.168.100.2 |\n", + "+----------------+-----------------+\n" + ] + } + ], "source": [ "isp_pub_srv_dns: Server = env.game.simulation.network.get_node_by_hostname(\"ISP-PUB-SRV-DNS\")\n", "isp_pub_srv_dns.show_nic()\n", @@ -235,7 +556,23 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+----------------------------------------------------------------------------------------+\n", + "| REM-PUB-FW Network Interface Cards |\n", + "+------+-----------------+-------------------+-----------------+-------+----------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+-----------------+-------------------+-----------------+-------+----------+------+\n", + "| 1 | RouterInterface | 64:b1:9d:6c:8d:4a | 10.1.10.2/30 | 100.0 | Enabled | {} |\n", + "| 2 | RouterInterface | b0:0d:54:f3:9f:22 | 192.168.10.1/30 | 100.0 | Enabled | {} |\n", + "| 3 | RouterInterface | d9:a6:cf:b1:70:a9 | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", + "+------+-----------------+-------------------+-----------------+-------+----------+------+\n" + ] + } + ], "source": [ "rem_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"REM-PUB-FW\")\n", "rem_pub_fw.show_nic()" @@ -245,7 +582,23 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------------------------------------------------------------------------------------+\n", + "| REM-PUB-FW Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "# By default all of the `REM_PUB_FW` acls are configured to permit all traffic\n", "rem_pub_fw.acl.show()" @@ -264,7 +617,23 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+----------------------------------------------------------------------------------------+\n", + "| ST_PUB-FW Network Interface Cards |\n", + "+------+-----------------+-------------------+------------------+-------+---------+------+\n", + "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", + "+------+-----------------+-------------------+------------------+-------+---------+------+\n", + "| 1 | RouterInterface | 4e:48:cf:7f:ce:04 | 10.1.100.2/30 | 100.0 | Enabled | {} |\n", + "| 2 | RouterInterface | 87:24:56:ab:86:e1 | 192.168.150.1/28 | 100.0 | Enabled | {} |\n", + "| 3 | RouterInterface | d6:f3:5f:da:60:52 | 192.168.100.1/30 | 100.0 | Enabled | {} |\n", + "+------+-----------------+-------------------+------------------+-------+---------+------+\n" + ] + } + ], "source": [ "# ST DMZ Public Firewall (Permits all traffic by default)\n", "st_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"ST_PUB-FW\")\n", @@ -275,7 +644,30 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_DMZ-PUB-SRV-WEB Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| web-server | Service | RUNNING | GOOD | 80 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "# ST DMZ Public web-server\n", "st_dmz_pub_srv_web: Server = uc7_network.get_node_by_hostname(hostname=\"ST_DMZ-PUB-SRV-WEB\")\n", @@ -310,7 +702,25 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------+\n", + "| ST_INTRA-PRV-RT-CR Route Table |\n", + "+-------+------------------+---------------+--------+\n", + "| Index | Address | Next Hop | Metric |\n", + "+-------+------------------+---------------+--------+\n", + "| 0 | 192.168.200.0/29 | 192.168.170.2 | 0.0 |\n", + "| 1 | 192.168.210.0/29 | 192.168.170.2 | 0.0 |\n", + "| 2 | 192.168.230.0/29 | 192.168.160.2 | 0.0 |\n", + "| 3 | 192.168.240.0/29 | 192.168.160.2 | 0.0 |\n", + "| 4 | 192.168.250.0/29 | 192.168.160.2 | 0.0 |\n", + "+-------+------------------+---------------+--------+\n" + ] + } + ], "source": [ "st_intra_prv_rt_cr: Router = uc7_network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.route_table.show()" @@ -347,7 +757,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_HO-PRV-PC-1 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_head_office_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_HO-PRV-PC-1\")\n", "st_head_office_private_pc_1.software_manager.show()" @@ -366,7 +800,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_HR-PRV-PC-2 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_human_resources_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_HR-PRV-PC-2\")\n", "st_human_resources_private_pc_2.software_manager.show()" @@ -390,7 +848,49 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_DATA-PRV-SRV-DB Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-service | Service | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "+----------------------------------------------------------------------------------+\n", + "| ST_DATA-PRV-SRV-DB File System |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n", + "| File Path | Size | Health status | Visible health status | Deleted |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n", + "| database/database.db | 4.77 MB | GOOD | NONE | False |\n", + "| root | 0 B | GOOD | NONE | False |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n" + ] + }, + { + "data": { + "text/plain": [ + "IPv4Address('192.168.220.2')" + ] + }, + "execution_count": 18, + "metadata": {}, + "output_type": "execute_result" + } + ], "source": [ "st_data_private_server_database: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "st_data_private_server_database_service: DatabaseService = st_data_private_server_database.software_manager.software[\"database-service\"]\n", @@ -403,7 +903,30 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_DATA-PRV-SRV-STORAGE Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-server | Service | RUNNING | GOOD | 21 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_data_private_server_storage: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-STORAGE\")\n", "st_data_private_server_storage.software_manager.show()" @@ -422,7 +945,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_project_a_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.show()" @@ -439,7 +986,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_PROJ-B-PRV-PC-2 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_project_b_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-2\")\n", "st_project_b_private_pc_2.software_manager.show()" @@ -456,7 +1027,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_PROJ-C-PRV-PC-3 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_project_c_private_pc_3: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-3\")\n", "st_project_c_private_pc_3.software_manager.show()" @@ -549,14 +1144,38 @@ "\n", "Additionally, `database-client` green agents are *Periodic* meaning they will attempt to use the database based on game time-steps. Specifically, these agents will begin on the time-step given in their `start_step` setting and will then will reattempt on each subsequence timestep based on the `Frequency` setting. These settings are then randomised using the remaining `start_variance` and `variance` options (also given in timesteps). These values are used to *±* their respective base settings to ensure the green agents achieve a moderate amount of domain randomisation in each PrimAITE episode.\n", "\n", - "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make it's first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" + "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make its first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:20,234: Resetting environment, episode 0, avg. reward: 0.0\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "timestep=0 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=1 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=2 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=3 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=4 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=5 action='node-application-execute' parameters={'node_name': 'HOME-PUB-PC-1', 'application_name': 'database-client'} request=['network', 'node', 'HOME-PUB-PC-1', 'application', 'database-client', 'execute'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'success'} observation=0\n", + "timestep=6 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=7 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=8 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", + "timestep=9 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n" + ] + } + ], "source": [ "env.reset() # Resetting the simulation\n", "home_pub_pc_1_database_green_agent = env.game.agents.get(\"HOME_WORKER-1-DB\")\n", @@ -570,7 +1189,26 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------+\n", + "| HOME-PUB-PC-1 Sys Log |\n", + "+-----------+-------+---------+\n", + "| Timestamp | Level | Message |\n", + "+-----------+-------+---------+\n", + "+-----------+-------+---------+\n", + "+-----------------------------+\n", + "| ST_DATA-PRV-SRV-DB Sys Log |\n", + "+-----------+-------+---------+\n", + "| Timestamp | Level | Message |\n", + "+-----------+-------+---------+\n", + "+-----------+-------+---------+\n" + ] + } + ], "source": [ "home_pub_pc_1.software_manager.software[\"database-client\"].sys_log.show(last_n=10)\n", "st_data_private_server_database.software_manager.software[\"database-service\"].sys_log.show(last_n=5)" @@ -584,14 +1222,38 @@ "\n", "Unlike the `database-client` green agents, the `web-browser` green agents are *probabilistic*. These agents are quite simple; on every timestep a probability roll is made to determine whenever the agent acts. On a successful outcome the agent will attempt to execute the `web-browser` application which will then attempt to connect to the `ST-DMZ-PUB-SRV-WEB` host. On a unsuccessful outcome then the green agent will simply perform not action on this timestep.\n", "\n", - "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning it's host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " + "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning its host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:22,320: Resetting environment, episode 1, avg. reward: 12.410937500000006\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "timestep=0 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=1 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=2 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=3 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=4 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=5 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=6 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=7 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=8 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", + "timestep=9 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n" + ] + } + ], "source": [ "env.reset() # Resetting the simulation\n", "home_pub_pc_1_web_browser_green_agent = env.game.agents.get(\"HOME_WORKER-1-WEB\")\n", @@ -605,7 +1267,26 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------+\n", + "| HOME_WORKER-1-WEB Behaviour Log |\n", + "+------------+-------+------------+\n", + "| Time Step | Level | Message |\n", + "+------------+-------+------------+\n", + "+------------+-------+------------+\n", + "+-----------------------------+\n", + "| HOME-PUB-PC-1 Sys Log |\n", + "+-----------+-------+---------+\n", + "| Timestamp | Level | Message |\n", + "+-----------+-------+---------+\n", + "+-----------+-------+---------+\n" + ] + } + ], "source": [ "home_pub_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-PC-1\")\n", "home_pub_pc_1_web_browser_green_agent.logger.show()\n", @@ -630,18 +1311,38 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 001 (`TAP001`)\n", "\n", - "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to it's [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", + "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to its [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", "\n", - "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking it's connection to the target or it's `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", + "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking its connection to the target or its `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", "\n", - "For more information on `TAP001` and it's impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " + "For more information on `TAP001` and its impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:23,476: Resetting environment, episode 2, avg. reward: 12.396875000000001\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------+\n", + "| attacker Behaviour Log |\n", + "+-----------+-------+---------+\n", + "| Time Step | Level | Message |\n", + "+-----------+-------+---------+\n", + "+-----------+-------+---------+\n" + ] + } + ], "source": [ "# By default the `uc7_config.yaml` is setup to use TAP001\n", "env.reset()\n", @@ -656,7 +1357,33 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", + "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", + "| ransomware-script | Application | RUNNING | GOOD | None | none |\n", + "| c2-beacon | Application | RUNNING | GOOD | None | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "# TAP001 starting host\n", "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", @@ -667,7 +1394,29 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+----------------------------------------------------------------------------------------+\n", + "| ST_PROJ-A-PRV-PC-1 File System |\n", + "+-------------------------------+------+---------------+-----------------------+---------+\n", + "| File Path | Size | Health status | Visible health status | Deleted |\n", + "+-------------------------------+------+---------------+-----------------------+---------+\n", + "| downloads/malware_dropper.ps1 | 0 B | GOOD | NONE | False |\n", + "| root | 0 B | GOOD | NONE | False |\n", + "+-------------------------------+------+---------------+-----------------------+---------+\n", + "+--------------------------------------------------------------------+\n", + "| ISP-PUB-SRV-DNS File System |\n", + "+-----------+------+---------------+-----------------------+---------+\n", + "| File Path | Size | Health status | Visible health status | Deleted |\n", + "+-----------+------+---------------+-----------------------+---------+\n", + "| root | 0 B | GOOD | NONE | False |\n", + "+-----------+------+---------------+-----------------------+---------+\n" + ] + } + ], "source": [ "st_project_a_private_pc_1.file_system.show(full=True)\n", "isp_pub_srv_dns: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ISP-PUB-SRV-DNS\")\n", @@ -678,7 +1427,22 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+----------------------------------------------------------------------------------+\n", + "| ST_DATA-PRV-SRV-DB File System |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n", + "| File Path | Size | Health status | Visible health status | Deleted |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n", + "| database/database.db | 4.77 MB | GOOD | NONE | False |\n", + "| root | 0 B | GOOD | NONE | False |\n", + "+----------------------+---------+---------------+-----------------------+---------+\n" + ] + } + ], "source": [ "# Database Impact \n", "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ST_DATA-PRV-SRV-DB\")\n", @@ -691,7 +1455,7 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 003 (`TAP003`)\n", "\n", - "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages it's pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage it's ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", + "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages its pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage its ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", "\n", "The table below is a brief summary of the malicious ACLs added by `TAP003`\n", "\n", @@ -701,14 +1465,22 @@ "|`ST_INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST_INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the web-server (`ST-DMZ-PUB-SRV-WEB`)|\n", "|`REM-PUB-RT-DR`| Blocks all `DNS` traffic that arrives at the `REM-PUB-RT-DR` router. This rule prevents any remote site works from accessing the DNS Server (`ISP-PUB-SRV-DNS`).|\n", "\n", - "Lastly, it's highly recommended that users refer to the [TAP003 E2E notebook](./UC7-TAP003-Kill-Chain-E2E.ipynb) for further information or for the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) demonstration of TAP003 defence." + "Lastly, its highly recommended that users refer to the [TAP003 E2E notebook](./UC7-TAP003-Kill-Chain-E2E.ipynb) for further information or for the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) demonstration of TAP003 defence." ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:34,604: PrimaiteGymEnv RNG seed = None\n" + ] + } + ], "source": [ "# Loading up the TAP003 UC7 config variant\n", "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as uc7_config:\n", @@ -724,7 +1496,37 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:34,632: Resetting environment, episode 0, avg. reward: 0.0\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+----------------------------------------------------------------------------------+\n", + "| attacker Behaviour Log |\n", + "+-----------+-------+--------------------------------------------------------------+\n", + "| Time Step | Level | Message |\n", + "+-----------+-------+--------------------------------------------------------------+\n", + "| 28 | INFO | Manipulation complete. Progressing to exploit... |\n", + "| 31 | INFO | Logging into ST_INTRA-PRV-RT-DR-1 in order to add ACL rules. |\n", + "| 34 | INFO | Adding ACL rule to ST_INTRA-PRV-RT-DR-1 |\n", + "| 37 | INFO | Logging into ST_INTRA-PRV-RT-CR in order to add ACL rules. |\n", + "| 40 | INFO | Adding ACL rule to ST_INTRA-PRV-RT-CR |\n", + "| 43 | INFO | Logging into REM-PUB-RT-DR in order to add ACL rules. |\n", + "| 46 | INFO | Adding ACL rule to REM-PUB-RT-DR |\n", + "| 46 | INFO | Finished adding ACL rules. |\n", + "| 49 | INFO | attacker has successfully carried out the kill chain. |\n", + "| 49 | INFO | attacker has opted to forgo any further attacks. |\n", + "+-----------+-------+--------------------------------------------------------------+\n" + ] + } + ], "source": [ "# By default the `uc7_config.yaml` is setup to use TAP001\n", "env.reset()\n", @@ -739,7 +1541,25 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------------------------------------------------------------------------------------+\n", + "| ST_INTRA-PRV-RT-DR-1 Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 1 | DENY | tcp | ANY | 0.0.255.255 | 5432 | ANY | 0.0.255.255 | 5432 | 214 |\n", + "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 625 |\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()" ] @@ -748,7 +1568,25 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------------------------------------------------------------------------------------+\n", + "| ST_INTRA-PRV-RT-CR Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 1 | DENY | tcp | ANY | 0.0.255.255 | 80 | ANY | 0.0.255.255 | 80 | 526 |\n", + "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 967 |\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()" ] @@ -757,7 +1595,25 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------------------------------------------------------------------------------------------------------+\n", + "| REM-PUB-RT-DR Access Control List |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", + "| 1 | DENY | tcp | ANY | 0.0.255.255 | 53 | ANY | 0.0.255.255 | 53 | 0 |\n", + "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 253 |\n", + "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", + "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", + "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" + ] + } + ], "source": [ "env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\").acl.show() " ] @@ -794,7 +1650,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:41,131: Resetting environment, episode 1, avg. reward: 116.84999999999965\n" + ] + } + ], "source": [ "env.reset() # Resetting the env\n", "defender = env.game.agents.get(\"defender\")" @@ -902,7 +1766,61 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:41,892: Resetting environment, episode 2, avg. reward: 0.0\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "1 {'PROTOCOLS': {'ALL': 1}}\n", + "2 {'PROTOCOLS': {'ALL': 0}}\n", + "3 {'PROTOCOLS': {'ALL': 0}}\n", + "4 {'PROTOCOLS': {'ALL': 0}}\n", + "5 {'PROTOCOLS': {'ALL': 1}}\n", + "6 {'PROTOCOLS': {'ALL': 1}}\n", + "7 {'PROTOCOLS': {'ALL': 0}}\n", + "8 {'PROTOCOLS': {'ALL': 0}}\n", + "9 {'PROTOCOLS': {'ALL': 0}}\n", + "10 {'PROTOCOLS': {'ALL': 0}}\n", + "11 {'PROTOCOLS': {'ALL': 0}}\n", + "12 {'PROTOCOLS': {'ALL': 0}}\n", + "13 {'PROTOCOLS': {'ALL': 1}}\n", + "14 {'PROTOCOLS': {'ALL': 1}}\n", + "15 {'PROTOCOLS': {'ALL': 1}}\n", + "16 {'PROTOCOLS': {'ALL': 1}}\n", + "17 {'PROTOCOLS': {'ALL': 1}}\n", + "18 {'PROTOCOLS': {'ALL': 1}}\n", + "19 {'PROTOCOLS': {'ALL': 1}}\n", + "20 {'PROTOCOLS': {'ALL': 1}}\n", + "21 {'PROTOCOLS': {'ALL': 1}}\n", + "22 {'PROTOCOLS': {'ALL': 1}}\n", + "23 {'PROTOCOLS': {'ALL': 1}}\n", + "24 {'PROTOCOLS': {'ALL': 0}}\n", + "25 {'PROTOCOLS': {'ALL': 1}}\n", + "26 {'PROTOCOLS': {'ALL': 1}}\n", + "27 {'PROTOCOLS': {'ALL': 4}}\n", + "28 {'PROTOCOLS': {'ALL': 4}}\n", + "29 {'PROTOCOLS': {'ALL': 1}}\n", + "30 {'PROTOCOLS': {'ALL': 0}}\n", + "31 {'PROTOCOLS': {'ALL': 0}}\n", + "32 {'PROTOCOLS': {'ALL': 0}}\n", + "33 {'PROTOCOLS': {'ALL': 1}}\n", + "34 {'PROTOCOLS': {'ALL': 0}}\n", + "35 {'PROTOCOLS': {'ALL': 0}}\n", + "36 {'PROTOCOLS': {'ALL': 0}}\n", + "37 {'PROTOCOLS': {'ALL': 0}}\n", + "38 {'PROTOCOLS': {'ALL': 0}}\n", + "39 {'PROTOCOLS': {'ALL': 0}}\n", + "40 {'PROTOCOLS': {'ALL': 0}}\n" + ] + } + ], "source": [ "env.reset()\n", "\n", @@ -950,7 +1868,109 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:42,606: Resetting environment, episode 3, avg. reward: 1.1140625000000002\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "HOST0\n", + "{'APPLICATIONS': {1: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 0},\n", + " 2: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 1}},\n", + " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0},\n", + " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0}},\n", + " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", + " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", + " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", + " 5432: {'inbound': 0, 'outbound': 0}}},\n", + " 'nic_status': 1}},\n", + " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", + " 2: {'health_status': 0, 'operating_status': 0}},\n", + " 'num_file_creations': 0,\n", + " 'num_file_deletions': 0,\n", + " 'operating_status': 1,\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", + "HOST1\n", + "{'APPLICATIONS': {1: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 0},\n", + " 2: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 1}},\n", + " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0},\n", + " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0}},\n", + " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", + " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", + " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", + " 5432: {'inbound': 0, 'outbound': 0}}},\n", + " 'nic_status': 1}},\n", + " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", + " 2: {'health_status': 0, 'operating_status': 0}},\n", + " 'num_file_creations': 0,\n", + " 'num_file_deletions': 0,\n", + " 'operating_status': 1,\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", + "HOST2\n", + "{'APPLICATIONS': {1: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 0},\n", + " 2: {'health_status': 0,\n", + " 'num_executions': 1,\n", + " 'operating_status': 1}},\n", + " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0},\n", + " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0}},\n", + " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", + " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", + " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", + " 5432: {'inbound': 1, 'outbound': 1}}},\n", + " 'nic_status': 1}},\n", + " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", + " 2: {'health_status': 0, 'operating_status': 0}},\n", + " 'num_file_creations': 0,\n", + " 'num_file_deletions': 0,\n", + " 'operating_status': 1,\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", + "HOST3\n", + "{'APPLICATIONS': {1: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 0},\n", + " 2: {'health_status': 0,\n", + " 'num_executions': 0,\n", + " 'operating_status': 0}},\n", + " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0},\n", + " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", + " 'health_status': 0}},\n", + " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", + " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", + " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", + " 5432: {'inbound': 1, 'outbound': 1}}},\n", + " 'nic_status': 1}},\n", + " 'SERVICES': {1: {'health_status': 0, 'operating_status': 0},\n", + " 2: {'health_status': 0, 'operating_status': 0}},\n", + " 'num_file_creations': 0,\n", + " 'num_file_deletions': 0,\n", + " 'operating_status': 1,\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n" + ] + } + ], "source": [ "env.reset()\n", "\n", @@ -1223,7 +2243,170 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "ROUTER0\n", + "{'ACL': {0: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 0,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 1: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 1,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 2: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 2,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 3: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 3,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 4: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 4,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0}},\n", + " 'PORTS': {1: {'operating_status': 1},\n", + " 2: {'operating_status': 1},\n", + " 3: {'operating_status': 1},\n", + " 4: {'operating_status': 1},\n", + " 5: {'operating_status': 2}},\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", + "ROUTER1\n", + "{'ACL': {0: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 0,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 1: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 1,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 2: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 2,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 3: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 3,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 4: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 4,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0}},\n", + " 'PORTS': {1: {'operating_status': 1},\n", + " 2: {'operating_status': 1},\n", + " 3: {'operating_status': 1},\n", + " 4: {'operating_status': 1},\n", + " 5: {'operating_status': 2}},\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", + "ROUTER2\n", + "{'ACL': {0: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 0,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 1: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 1,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 2: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 2,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 3: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 3,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0},\n", + " 4: {'dest_ip_id': 0,\n", + " 'dest_port_id': 0,\n", + " 'dest_wildcard_id': 0,\n", + " 'permission': 0,\n", + " 'position': 4,\n", + " 'protocol_id': 0,\n", + " 'source_ip_id': 0,\n", + " 'source_port_id': 0,\n", + " 'source_wildcard_id': 0}},\n", + " 'PORTS': {1: {'operating_status': 1},\n", + " 2: {'operating_status': 1},\n", + " 3: {'operating_status': 2},\n", + " 4: {'operating_status': 2},\n", + " 5: {'operating_status': 2}},\n", + " 'users': {'local_login': 0, 'remote_sessions': 0}}\n" + ] + } + ], "source": [ "obs, reward, _,_,info = env.step(0)\n", "for node_id, node_obs in obs['NODES'].items():\n", @@ -1310,7 +2493,27 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:43,512: Resetting environment, episode 4, avg. reward: 2.225\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Actions for 'defender':\n", + "+------+------------+--------+----------+---------------+\n", + "| Step | Action | Params | Response | Response Data |\n", + "+------+------------+--------+----------+---------------+\n", + "| 0 | do-nothing | | success | |\n", + "+------+------------+--------+----------+---------------+\n" + ] + } + ], "source": [ "env.reset()\n", "env.step(0)\n", @@ -1335,7 +2538,16 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "ftp-client (Prior Scan) OBS: {'operating_status': 2, 'health_status': 0}\n", + "database-client (Prior Scan) OBS: {'operating_status': 1, 'health_status': 0, 'num_executions': 1}\n" + ] + } + ], "source": [ "obs, reward, term, trunc, info = env.step(0)\n", "print(f\"ftp-client (Prior Scan) OBS: {defender.observation_manager.current_observation['NODES']['HOST0']['SERVICES'][1]}\")\n", @@ -1346,7 +2558,31 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+---------------------------------------------------------------------------------------+\n", + "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| Name | Type | Operating State | Health State | Port | Protocol |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n", + "| arp | Service | RUNNING | GOOD | 219 | udp |\n", + "| icmp | Service | RUNNING | GOOD | None | icmp |\n", + "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", + "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", + "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", + "| nmap | Application | RUNNING | GOOD | None | none |\n", + "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", + "| user-manager | Service | RUNNING | GOOD | None | none |\n", + "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", + "| ftp-client | Service | RUNNING | COMPROMISED | 21 | tcp |\n", + "| database-client | Application | RUNNING | COMPROMISED | 5432 | tcp |\n", + "+----------------------+-------------+-----------------+--------------+------+----------+\n" + ] + } + ], "source": [ "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.software[\"ftp-client\"].set_health_state(SoftwareHealthState.COMPROMISED)\n", @@ -1365,7 +2601,26 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Node OS Scan time step duration: 8\n", + "Actions for 'defender':\n", + "+------+--------------+-------------------------------+----------+---------------+\n", + "| Step | Action | Params | Response | Response Data |\n", + "+------+--------------+-------------------------------+----------+---------------+\n", + "| 2 | node-os-scan | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", + "| | | | | |\n", + "+------+--------------+-------------------------------+----------+---------------+\n", + "None\n", + "Current Simulation Time Step: 12\n", + "ftp-client (Post Scan) OBS: {'operating_status': 2, 'health_status': 3}\n", + "database-client (Post Scan) OBS: {'operating_status': 1, 'health_status': 3, 'num_executions': 1}\n" + ] + } + ], "source": [ "print(f'Node OS Scan time step duration: {cfg[\"simulation\"][\"defaults\"][\"node_scan_duration\"]}')\n", "env.step(1)\n", @@ -1391,7 +2646,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "ST_PROJ-A-PRV-PC-1's (prior `node-shutdown`) operating state: 1\n" + ] + } + ], "source": [ "# `1` is equal to 'ON' in this case.\n", "obs, reward, term, trunc, info = env.step(0)\n", @@ -1421,7 +2684,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "ST_PROJ-A-PRV-PC-1's (post `node-shutdown`) operating state: 2\n" + ] + } + ], "source": [ "obs, reward, term, trunc, info = env.step(0)\n", "print(f\"ST_PROJ-A-PRV-PC-1's (post `node-shutdown`) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" @@ -1440,7 +2711,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "ST_PROJ-A-PRV-PC-1's (post `node-startup`) operating state: 1\n" + ] + } + ], "source": [ "obs, reward, term, trunc, info = env.step(3)\n", "\n", @@ -1455,7 +2734,26 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Actions for 'defender':\n", + "+------+---------------+-------------------------------+----------+---------------+\n", + "| Step | Action | Params | Response | Response Data |\n", + "+------+---------------+-------------------------------+----------+---------------+\n", + "| 2 | node-os-scan | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", + "| | | | | |\n", + "| 13 | node-shutdown | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", + "| | | | | |\n", + "| 18 | node-startup | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", + "| | | | | |\n", + "+------+---------------+-------------------------------+----------+---------------+\n", + "None\n" + ] + } + ], "source": [ "print(defender.show_history())" ] @@ -1488,7 +2786,51 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-------------------------+-------------------------+---------------+\n", + "| Reward Type | Reward Option | Reward Weight |\n", + "+-------------------------+-------------------------+---------------+\n", + "| database-file-integrity | database.db | 0.95 |\n", + "| shared-reward | HOME_WORKER-1-DB | 0.03125 |\n", + "| shared-reward | HOME_WORKER-1-WEB | 0.03125 |\n", + "| shared-reward | HOME_WORKER-2-DB | 0.03125 |\n", + "| shared-reward | HOME_WORKER-2-WEB | 0.03125 |\n", + "| shared-reward | REMOTE_WORKER-1-DB | 0.03125 |\n", + "| shared-reward | REMOTE_WORKER-1-WEB | 0.03125 |\n", + "| shared-reward | REMOTE_WORKER-2-DB | 0.03125 |\n", + "| shared-reward | REMOTE_WORKER-2-WEB | 0.03125 |\n", + "| shared-reward | PROJ_A-SENIOR-DEV-DB | 0.03125 |\n", + "| shared-reward | PROJ_A-SENIOR-DEV-WEB | 0.03125 |\n", + "| shared-reward | PROJ_A-JUNIOR-DEV-1-DB | 0.03125 |\n", + "| shared-reward | PROJ_A-JUNIOR-DEV-1-WEB | 0.03125 |\n", + "| shared-reward | PROJ_A-JUNIOR-DEV-2-DB | 0.03125 |\n", + "| shared-reward | PROJ_A-JUNIOR-DEV-2-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-SENIOR-DEV-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-SENIOR-DEV-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-1-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-1-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-2-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-2-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-SENIOR-DEV-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-SENIOR-DEV-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-1-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-1-WEB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-2-DB | 0.03125 |\n", + "| shared-reward | PROJ_B-JUNIOR-DEV-2-WEB | 0.03125 |\n", + "| shared-reward | CEO | 0.03125 |\n", + "| shared-reward | CFO | 0.03125 |\n", + "| shared-reward | CTO | 0.03125 |\n", + "| shared-reward | SENIOR_HR | 0.03125 |\n", + "| shared-reward | JUNIOR_HR-1 | 0.03125 |\n", + "| shared-reward | JUNIOR_HR-2 | 0.03125 |\n", + "+-------------------------+-------------------------+---------------+\n" + ] + } + ], "source": [ "table = PrettyTable()\n", "table.field_names = [\"Reward Type\", \"Reward Option\", \"Reward Weight\"]\n", @@ -1535,7 +2877,7 @@ "\n", "The `weight` option in a `shared-reward` reward acts a multiplier to the reward of agent given in `agent_name`:\n", "\n", - "$\\text{shared\\_reward} = \\text{agent\\_reward} \\times \\text{shared\\_reward\\_weight}$\n", + "shared_reward = agent_reward x shared_reward_weight\n", "\n", "\n", "This can be a little difficult to understand intuitively so the following code snippets demonstrate how one of these rewards are calculated during a live episode." @@ -1562,7 +2904,36 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:47,022: PrimaiteGymEnv RNG seed = None\n", + "2025-03-14 15:51:47,025: Resetting environment, episode 0, avg. reward: 0.0\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "+-----------+--------------------+------------+-------------------------+\n", + "| Time Step | Home Worker Reward | CEO Reward | Blue Agent Total Reward |\n", + "+-----------+--------------------+------------+-------------------------+\n", + "| 1 | 0.0 | 0.0 | 0.0 |\n", + "| 2 | 0.0 | 0.95 | 4.75 |\n", + "| 3 | 0.0 | 0.95 | 4.75 |\n", + "| 4 | 0.0 | 0.95 | 4.75 |\n", + "| 5 | 0.5 | 0.95 | 4.765625 |\n", + "| 6 | 0.5 | 0.95 | 4.765625 |\n", + "| 7 | 0.5 | 0.95 | 4.765625 |\n", + "| 8 | 0.5 | 0.95 | 4.765625 |\n", + "| 9 | 0.5 | 0.95 | 4.765625 |\n", + "| 10 | 0.5 | 0.95 | 4.765625 |\n", + "+-----------+--------------------+------------+-------------------------+\n" + ] + } + ], "source": [ "# Reloads the UC7 config and removes all of other reward-components. \n", "BLUE_AGENT_INDEX = 33\n", @@ -1600,11 +2971,11 @@ "source": [ "As you can see from the table above, because we increased the `shared-reward` weightings the blue agent's reward is nearly all comprised of the CEO's reward - `4.75`:\n", "\n", - "$\\text{ceo\\_reward\\_contribution} = 0.95 \\times 5$ \n", + "ceo_reward_contribution = 0.95 x 5\n", "\n", "We can see that the remote worker agent only contributes `0.015625` to the blue agent's total reward:\n", "\n", - "$\\text{remote\\_worker\\_reward\\_contribution} = 0.5 \\times 0.03125$\n" + "remote_work_reward_contribution = 0.5 x 0.03125\n" ] }, { @@ -1625,7 +2996,26 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:49,242: PrimaiteGymEnv RNG seed = None\n", + "2025-03-14 15:51:49,244: Resetting environment, episode 0, avg. reward: 0.0\n" + ] + }, + { + "data": { + "text/plain": [ + "170.8687499999996" + ] + }, + "execution_count": 52, + "metadata": {}, + "output_type": "execute_result" + } + ], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -1649,7 +3039,23 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:51:57,812: PrimaiteGymEnv RNG seed = None\n", + "2025-03-14 15:51:57,816: Resetting environment, episode 0, avg. reward: 0.0\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Successful TAP001 & Blue Agent Reward: 140.27031249999996\n" + ] + } + ], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -1672,7 +3078,24 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:52:10,712: PrimaiteGymEnv RNG seed = None\n", + "2025-03-14 15:52:10,715: Resetting environment, episode 0, avg. reward: 0.0\n", + "2025-03-14 15:52:10,719: Saving agent action log to C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\sessions\\2025-03-14\\15-51-12\\agent_actions\\episode_0.json\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Successful TAP003 & Blue Agent Reward: 116.40624999999962\n" + ] + } + ], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -1699,7 +3122,24 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "2025-03-14 15:52:17,859: PrimaiteGymEnv RNG seed = None\n", + "2025-03-14 15:52:17,860: Resetting environment, episode 0, avg. reward: 0.0\n", + "2025-03-14 15:52:17,863: Saving agent action log to C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\sessions\\2025-03-14\\15-51-12\\agent_actions\\episode_0.json\n" + ] + }, + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Worst Case Episode Blue Agent Reward: -170.5046874999996\n" + ] + } + ], "source": [ "env = PrimaiteGymEnv(env_config=cfg)\n", "env.reset()\n", From e94d7b0b3f7e96454d51e0bef46b133c79a16af8 Mon Sep 17 00:00:00 2001 From: Charlie Crane Date: Fri, 14 Mar 2025 16:01:55 +0000 Subject: [PATCH 5/6] Revert "Formatting changes to correct issues with sphinx rendering of documentation" This reverts commit 42512a2fc23ee6958835f7dc322ad0dd929c36ed. --- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 1560 +-------------------- 1 file changed, 60 insertions(+), 1500 deletions(-) diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index c2ed1c22..82069a7c 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -22,28 +22,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\notebooks\\example_notebooks\\UC7-E2E-Demo.ipynb\n" - ] - }, - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:11,067: Performing the PrimAITE first-time setup...\n", - "2025-03-14 15:51:11,068: Building the PrimAITE app directories...\n", - "2025-03-14 15:51:11,068: Building primaite_config.yaml...\n", - "2025-03-14 15:51:11,068: Rebuilding the demo notebooks...\n", - "2025-03-14 15:51:11,096: Reset example notebook: C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\notebooks\\example_notebooks\\UC7-E2E-Demo.ipynb\n", - "2025-03-14 15:51:11,165: Rebuilding the example notebooks...\n", - "2025-03-14 15:51:11,183: PrimAITE setup complete!\n" - ] - } - ], + "outputs": [], "source": [ "!primaite setup" ] @@ -77,15 +56,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:19,583: PrimaiteGymEnv RNG seed = None\n" - ] - } - ], + "outputs": [], "source": [ "use_case_7_config = load(_EXAMPLE_CFG/\"uc7_config.yaml\")\n", "with open(file=_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", @@ -141,162 +112,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+------------------------------------------------------+\n", - "| Nodes |\n", - "+-------------------------+----------+-----------------+\n", - "| Node | Type | Operating State |\n", - "+-------------------------+----------+-----------------+\n", - "| HOME-PUB-RT-DR | router | ON |\n", - "| HOME-PUB-SW-AS | switch | ON |\n", - "| HOME-PUB-PC-1 | computer | ON |\n", - "| HOME-PUB-PC-2 | computer | ON |\n", - "| HOME-PUB-SRV | server | ON |\n", - "| ISP-PUB-RT-BR | router | ON |\n", - "| ISP-PUB-SRV-DNS | server | ON |\n", - "| REM-PUB-FW | firewall | ON |\n", - "| REM-PUB-RT-DR | router | ON |\n", - "| REM-PUB-SW-AS | switch | ON |\n", - "| REM-PUB-PC-1 | computer | ON |\n", - "| REM-PUB-PC-2 | computer | ON |\n", - "| REM-PUB-SRV | server | ON |\n", - "| ST_PUB-FW | firewall | ON |\n", - "| ST_DMZ-PUB-SRV-WEB | server | ON |\n", - "| ST_INTRA-PRV-RT-CR | router | ON |\n", - "| ST_INTRA-PRV-RT-DR-1 | router | ON |\n", - "| ST_INTRA-PRV-RT-DR-2 | router | ON |\n", - "| ST_HO-PRV-SW-AS | switch | ON |\n", - "| ST_HO-PRV-PC-1 | computer | ON |\n", - "| ST_HO-PRV-PC-2 | computer | ON |\n", - "| ST_HO-PRV-PC-3 | computer | ON |\n", - "| ST_HR-PRV-SW-AS | switch | ON |\n", - "| ST_HR-PRV-PC-1 | computer | ON |\n", - "| ST_HR-PRV-PC-2 | computer | ON |\n", - "| ST_HR-PRV-PC-3 | computer | ON |\n", - "| ST_DATA-PRV-SW-AS | switch | ON |\n", - "| ST_DATA-PRV-SRV-STORAGE | server | ON |\n", - "| ST_DATA-PRV-SRV-DB | server | ON |\n", - "| ST_PROJ-A-PRV-SW-AS | switch | ON |\n", - "| ST_PROJ-A-PRV-PC-1 | computer | ON |\n", - "| ST_PROJ-A-PRV-PC-2 | computer | ON |\n", - "| ST_PROJ-A-PRV-PC-3 | computer | ON |\n", - "| ST_PROJ-B-PRV-SW-AS | switch | ON |\n", - "| ST_PROJ-B-PRV-PC-1 | computer | ON |\n", - "| ST_PROJ-B-PRV-PC-2 | computer | ON |\n", - "| ST_PROJ-B-PRV-PC-3 | computer | ON |\n", - "| ST_PROJ-C-PRV-SW-AS | switch | ON |\n", - "| ST_PROJ-C-PRV-PC-1 | computer | ON |\n", - "| ST_PROJ-C-PRV-PC-2 | computer | ON |\n", - "| ST_PROJ-C-PRV-PC-3 | computer | ON |\n", - "+-------------------------+----------+-----------------+\n", - "+----------------------------------------------------------------------------------------+\n", - "| IP Addresses |\n", - "+-------------------------+----------+---------------+-----------------+-----------------+\n", - "| Node | Port | IP Address | Subnet Mask | Default Gateway |\n", - "+-------------------------+----------+---------------+-----------------+-----------------+\n", - "| HOME-PUB-RT-DR | 1 | 192.168.1.1 | 255.255.255.0 | 10.1.0.1 |\n", - "| HOME-PUB-RT-DR | 2 | 10.1.0.2 | 255.255.255.252 | 10.1.0.1 |\n", - "| HOME-PUB-PC-1 | 1 | 192.168.1.2 | 255.255.255.0 | 192.168.1.1 |\n", - "| HOME-PUB-PC-2 | 1 | 192.168.1.3 | 255.255.255.0 | 192.168.1.1 |\n", - "| HOME-PUB-SRV | 1 | 192.168.1.4 | 255.255.255.0 | 192.168.1.1 |\n", - "| ISP-PUB-RT-BR | 1 | 10.1.0.1 | 255.255.255.252 | None |\n", - "| ISP-PUB-RT-BR | 2 | 8.8.8.1 | 255.255.255.240 | None |\n", - "| ISP-PUB-RT-BR | 3 | 10.1.10.1 | 255.255.255.252 | None |\n", - "| ISP-PUB-RT-BR | 4 | 10.1.100.1 | 255.255.255.252 | None |\n", - "| ISP-PUB-SRV-DNS | 1 | 8.8.8.8 | 255.255.255.240 | 8.8.8.1 |\n", - "| REM-PUB-FW | external | 10.1.10.2 | 255.255.255.252 | None |\n", - "| REM-PUB-FW | internal | 192.168.10.1 | 255.255.255.252 | None |\n", - "| REM-PUB-RT-DR | 1 | 192.168.10.2 | 255.255.255.252 | 192.168.10.1 |\n", - "| REM-PUB-RT-DR | 2 | 192.168.20.1 | 255.255.255.240 | 192.168.10.1 |\n", - "| REM-PUB-PC-1 | 1 | 192.168.20.2 | 255.255.255.0 | 192.168.20.1 |\n", - "| REM-PUB-PC-2 | 1 | 192.168.20.3 | 255.255.255.0 | 192.168.20.1 |\n", - "| REM-PUB-SRV | 1 | 192.168.20.4 | 255.255.255.0 | 192.168.20.1 |\n", - "| ST_PUB-FW | external | 10.1.100.2 | 255.255.255.252 | None |\n", - "| ST_PUB-FW | internal | 192.168.150.1 | 255.255.255.240 | None |\n", - "| ST_PUB-FW | dmz | 192.168.100.1 | 255.255.255.252 | None |\n", - "| ST_DMZ-PUB-SRV-WEB | 1 | 192.168.100.2 | 255.255.255.252 | 192.168.100.1 |\n", - "| ST_INTRA-PRV-RT-CR | 1 | 192.168.150.2 | 255.255.255.240 | None |\n", - "| ST_INTRA-PRV-RT-CR | 2 | 192.168.160.1 | 255.255.255.252 | None |\n", - "| ST_INTRA-PRV-RT-CR | 3 | 192.168.170.1 | 255.255.255.252 | None |\n", - "| ST_INTRA-PRV-RT-CR | 4 | 192.168.220.1 | 255.255.255.248 | None |\n", - "| ST_INTRA-PRV-RT-DR-1 | 1 | 192.168.160.2 | 255.255.255.252 | None |\n", - "| ST_INTRA-PRV-RT-DR-1 | 2 | 192.168.230.1 | 255.255.255.248 | None |\n", - "| ST_INTRA-PRV-RT-DR-1 | 3 | 192.168.240.1 | 255.255.255.248 | None |\n", - "| ST_INTRA-PRV-RT-DR-1 | 4 | 192.168.250.1 | 255.255.255.248 | None |\n", - "| ST_INTRA-PRV-RT-DR-2 | 1 | 192.168.170.2 | 255.255.255.252 | 192.168.170.1 |\n", - "| ST_INTRA-PRV-RT-DR-2 | 2 | 192.168.200.1 | 255.255.255.248 | 192.168.170.1 |\n", - "| ST_INTRA-PRV-RT-DR-2 | 3 | 192.168.210.1 | 255.255.255.248 | 192.168.170.1 |\n", - "| ST_HO-PRV-PC-1 | 1 | 192.168.200.2 | 255.255.255.0 | 192.168.200.1 |\n", - "| ST_HO-PRV-PC-2 | 1 | 192.168.200.3 | 255.255.255.0 | 192.168.200.1 |\n", - "| ST_HO-PRV-PC-3 | 1 | 192.168.200.4 | 255.255.255.0 | 192.168.200.1 |\n", - "| ST_HR-PRV-PC-1 | 1 | 192.168.210.2 | 255.255.255.0 | 192.168.210.1 |\n", - "| ST_HR-PRV-PC-2 | 1 | 192.168.210.3 | 255.255.255.0 | 192.168.210.1 |\n", - "| ST_HR-PRV-PC-3 | 1 | 192.168.210.4 | 255.255.255.0 | 192.168.210.1 |\n", - "| ST_DATA-PRV-SRV-STORAGE | 1 | 192.168.220.2 | 255.255.255.248 | 192.168.220.1 |\n", - "| ST_DATA-PRV-SRV-DB | 1 | 192.168.220.3 | 255.255.255.248 | 192.168.220.1 |\n", - "| ST_PROJ-A-PRV-PC-1 | 1 | 192.168.230.2 | 255.255.255.0 | 192.168.230.1 |\n", - "| ST_PROJ-A-PRV-PC-2 | 1 | 192.168.230.3 | 255.255.255.0 | 192.168.230.1 |\n", - "| ST_PROJ-A-PRV-PC-3 | 1 | 192.168.230.4 | 255.255.255.0 | 192.168.230.1 |\n", - "| ST_PROJ-B-PRV-PC-1 | 1 | 192.168.240.2 | 255.255.255.0 | 192.168.240.1 |\n", - "| ST_PROJ-B-PRV-PC-2 | 1 | 192.168.240.3 | 255.255.255.0 | 192.168.240.1 |\n", - "| ST_PROJ-B-PRV-PC-3 | 1 | 192.168.240.4 | 255.255.255.0 | 192.168.240.1 |\n", - "| ST_PROJ-C-PRV-PC-1 | 1 | 192.168.250.2 | 255.255.255.0 | 192.168.250.1 |\n", - "| ST_PROJ-C-PRV-PC-2 | 1 | 192.168.250.3 | 255.255.255.0 | 192.168.250.1 |\n", - "| ST_PROJ-C-PRV-PC-3 | 1 | 192.168.250.4 | 255.255.255.0 | 192.168.250.1 |\n", - "+-------------------------+----------+---------------+-----------------+-----------------+\n", - "+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n", - "| Links |\n", - "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n", - "| Endpoint A | A Port | Endpoint B | B Port | is Up | Bandwidth (MBits) | Current Load |\n", - "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n", - "| ISP-PUB-RT-BR | Port 1: d7:b4:9c:39:f4:ad/10.1.0.1 | HOME-PUB-RT-DR | Port 2: 4b:63:a4:02:f9:65/10.1.0.2 | True | 100.0 | 0.00000% |\n", - "| HOME-PUB-SW-AS | Port 1: f6:81:57:6b:d1:9d | HOME-PUB-RT-DR | Port 1: ab:f3:ac:f5:bd:41/192.168.1.1 | True | 100.0 | 0.00035% |\n", - "| HOME-PUB-SW-AS | Port 4: 97:18:1e:fa:c1:05 | HOME-PUB-SRV | Port 1: 78:d6:95:27:52:9e/192.168.1.4 | True | 100.0 | 0.00012% |\n", - "| HOME-PUB-SW-AS | Port 3: 9a:dc:d0:23:ee:9c | HOME-PUB-PC-2 | Port 1: 04:ba:93:0c:b8:d5/192.168.1.3 | True | 100.0 | 0.00012% |\n", - "| HOME-PUB-SW-AS | Port 2: f1:38:b6:ea:dd:3c | HOME-PUB-PC-1 | Port 1: 13:a8:71:2e:2d:72/192.168.1.2 | True | 100.0 | 0.00012% |\n", - "| ISP-PUB-RT-BR | Port 4: 6c:f9:ee:e2:5d:ed/10.1.100.1 | ST_PUB-FW | Port external: 4e:48:cf:7f:ce:04/10.1.100.2 | True | 100.0 | 0.00000% |\n", - "| ISP-PUB-RT-BR | Port 3: 26:21:39:3f:68:f7/10.1.10.1 | REM-PUB-FW | Port external: 64:b1:9d:6c:8d:4a/10.1.10.2 | True | 100.0 | 0.00000% |\n", - "| ISP-PUB-RT-BR | Port 2: bb:7a:21:ce:33:ff/8.8.8.1 | ISP-PUB-SRV-DNS | Port 1: b2:e0:0f:68:3e:e0/8.8.8.8 | True | 100.0 | 0.00011% |\n", - "| REM-PUB-FW | Port internal: b0:0d:54:f3:9f:22/192.168.10.1 | REM-PUB-RT-DR | Port 1: d9:b7:22:23:4f:b1/192.168.10.2 | True | 100.0 | 0.00000% |\n", - "| REM-PUB-RT-DR | Port 2: bc:6f:a5:26:a6:5e/192.168.20.1 | REM-PUB-SW-AS | Port 1: 26:7a:d6:0d:3a:df | True | 100.0 | 0.00036% |\n", - "| REM-PUB-SW-AS | Port 4: 6a:4f:3e:ce:61:66 | REM-PUB-SRV | Port 1: 88:70:1e:a0:e6:a5/192.168.20.4 | True | 100.0 | 0.00012% |\n", - "| REM-PUB-SW-AS | Port 3: 0d:9b:3e:5a:e4:8f | REM-PUB-PC-2 | Port 1: dc:3a:c0:5c:0d:ac/192.168.20.3 | True | 100.0 | 0.00012% |\n", - "| REM-PUB-SW-AS | Port 2: 9e:a3:02:6e:41:5e | REM-PUB-PC-1 | Port 1: b5:2b:76:7a:a5:df/192.168.20.2 | True | 100.0 | 0.00012% |\n", - "| ST_INTRA-PRV-RT-CR | Port 1: 09:b6:73:e4:e6:39/192.168.150.2 | ST_PUB-FW | Port internal: 87:24:56:ab:86:e1/192.168.150.1 | True | 100.0 | 0.00000% |\n", - "| ST_PUB-FW | Port dmz: d6:f3:5f:da:60:52/192.168.100.1 | ST_DMZ-PUB-SRV-WEB | Port 1: c2:7b:17:d0:23:01/192.168.100.2 | True | 100.0 | 0.00012% |\n", - "| ST_INTRA-PRV-RT-CR | Port 4: aa:fa:7d:b2:6b:a1/192.168.220.1 | ST_DATA-PRV-SW-AS | Port 1: ae:09:1b:36:7e:4b | True | 100.0 | 0.00024% |\n", - "| ST_INTRA-PRV-RT-CR | Port 3: 48:0a:27:50:4a:a3/192.168.170.1 | ST_INTRA-PRV-RT-DR-2 | Port 1: 86:9c:c0:a1:d8:1e/192.168.170.2 | True | 100.0 | 0.00000% |\n", - "| ST_INTRA-PRV-RT-CR | Port 2: 69:c6:0d:ea:db:51/192.168.160.1 | ST_INTRA-PRV-RT-DR-1 | Port 1: 7d:17:87:b5:d4:5f/192.168.160.2 | True | 100.0 | 0.00000% |\n", - "| ST_INTRA-PRV-RT-DR-1 | Port 4: 7a:81:27:29:3c:dd/192.168.250.1 | ST_PROJ-C-PRV-SW-AS | Port 1: 38:4b:9e:19:50:77 | True | 100.0 | 0.00036% |\n", - "| ST_INTRA-PRV-RT-DR-1 | Port 3: c0:96:9b:5b:6b:0a/192.168.240.1 | ST_PROJ-B-PRV-SW-AS | Port 1: 4b:1e:36:3d:d1:d2 | True | 100.0 | 0.00036% |\n", - "| ST_INTRA-PRV-RT-DR-1 | Port 2: c8:93:9b:f4:62:95/192.168.230.1 | ST_PROJ-A-PRV-SW-AS | Port 1: 72:95:9b:5b:9b:34 | True | 100.0 | 0.00036% |\n", - "| ST_HR-PRV-SW-AS | Port 1: 47:68:3b:ee:5b:be | ST_INTRA-PRV-RT-DR-2 | Port 3: ed:7a:60:b4:ac:3e/192.168.210.1 | True | 100.0 | 0.00036% |\n", - "| ST_HO-PRV-SW-AS | Port 1: c9:f0:97:31:e6:03 | ST_INTRA-PRV-RT-DR-2 | Port 2: 33:52:b1:75:18:fe/192.168.200.1 | True | 100.0 | 0.00036% |\n", - "| ST_HO-PRV-SW-AS | Port 4: 6f:7a:46:e1:85:8c | ST_HO-PRV-PC-3 | Port 1: d3:21:6d:50:fa:9d/192.168.200.4 | True | 100.0 | 0.00012% |\n", - "| ST_HO-PRV-SW-AS | Port 3: 97:7f:7d:92:10:8e | ST_HO-PRV-PC-2 | Port 1: 38:0e:49:07:60:d1/192.168.200.3 | True | 100.0 | 0.00012% |\n", - "| ST_HO-PRV-SW-AS | Port 2: 03:94:58:bb:b2:a9 | ST_HO-PRV-PC-1 | Port 1: 67:0d:2a:ab:77:12/192.168.200.2 | True | 100.0 | 0.00012% |\n", - "| ST_HR-PRV-SW-AS | Port 4: e6:56:16:77:10:ba | ST_HR-PRV-PC-3 | Port 1: 86:ad:fa:b0:41:39/192.168.210.4 | True | 100.0 | 0.00012% |\n", - "| ST_HR-PRV-SW-AS | Port 3: da:ff:7d:75:8e:a3 | ST_HR-PRV-PC-2 | Port 1: 04:30:2a:0d:8f:bc/192.168.210.3 | True | 100.0 | 0.00012% |\n", - "| ST_HR-PRV-SW-AS | Port 2: fb:6c:11:a7:18:67 | ST_HR-PRV-PC-1 | Port 1: 32:25:dd:cc:44:e3/192.168.210.2 | True | 100.0 | 0.00012% |\n", - "| ST_DATA-PRV-SW-AS | Port 3: fa:d4:3c:93:f3:b1 | ST_DATA-PRV-SRV-DB | Port 1: ff:d8:1a:37:fd:22/192.168.220.3 | True | 100.0 | 0.00012% |\n", - "| ST_DATA-PRV-SW-AS | Port 2: 9d:36:ca:e8:69:06 | ST_DATA-PRV-SRV-STORAGE | Port 1: 19:97:81:ed:73:11/192.168.220.2 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-A-PRV-SW-AS | Port 4: 50:c1:ae:51:11:05 | ST_PROJ-A-PRV-PC-3 | Port 1: 9c:e5:84:5a:ad:de/192.168.230.4 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-A-PRV-SW-AS | Port 3: 49:5c:31:ef:45:f1 | ST_PROJ-A-PRV-PC-2 | Port 1: af:75:c4:b8:0b:b6/192.168.230.3 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-A-PRV-SW-AS | Port 2: 32:bd:71:c2:74:d5 | ST_PROJ-A-PRV-PC-1 | Port 1: 1c:91:0d:9f:54:4a/192.168.230.2 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-B-PRV-SW-AS | Port 4: e5:38:0f:bc:8b:50 | ST_PROJ-B-PRV-PC-3 | Port 1: d2:45:15:16:de:f2/192.168.240.4 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-B-PRV-SW-AS | Port 3: 20:69:5f:ef:10:04 | ST_PROJ-B-PRV-PC-2 | Port 1: 27:2a:b8:3a:fc:14/192.168.240.3 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-B-PRV-SW-AS | Port 2: a7:1d:0c:7d:54:a6 | ST_PROJ-B-PRV-PC-1 | Port 1: 61:73:00:68:7c:fe/192.168.240.2 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-C-PRV-SW-AS | Port 4: e1:6f:a8:62:83:68 | ST_PROJ-C-PRV-PC-3 | Port 1: 02:2d:fc:f7:40:ad/192.168.250.4 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-C-PRV-SW-AS | Port 3: 12:b5:1b:fe:22:49 | ST_PROJ-C-PRV-PC-2 | Port 1: 3f:5c:93:fb:44:29/192.168.250.3 | True | 100.0 | 0.00012% |\n", - "| ST_PROJ-C-PRV-SW-AS | Port 2: c5:78:34:eb:bb:aa | ST_PROJ-C-PRV-PC-1 | Port 1: 13:da:7b:6f:9d:9c/192.168.250.2 | True | 100.0 | 0.00012% |\n", - "+----------------------+-----------------------------------------------+-------------------------+------------------------------------------------+-------+-------------------+--------------+\n" - ] - } - ], + "outputs": [], "source": [ "uc7_network = env.game.simulation.network\n", "uc7_network.show()" @@ -343,51 +159,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------+\n", - "| HOME-PUB-PC-1 Network Interface Cards |\n", - "+------+------+-------------------+----------------+-------+---------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+------+-------------------+----------------+-------+---------+------+\n", - "| 1 | NIC | 13:a8:71:2e:2d:72 | 192.168.1.2/24 | 100.0 | Enabled | {} |\n", - "+------+------+-------------------+----------------+-------+---------+------+\n", - "+--------------------------+\n", - "| HOME-PUB-PC-1 Open Ports |\n", - "+--------------------------+\n", - "| Port |\n", - "+--------------------------+\n", - "| 21 |\n", - "| 22 |\n", - "| 53 |\n", - "| 80 |\n", - "| 123 |\n", - "| 219 |\n", - "| 5432 |\n", - "+--------------------------+\n", - "+---------------------------------------------------------------------------------------+\n", - "| HOME-PUB-PC-1 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "# Home Office PC 1 (HOME-PUB-PC-1)\n", "home_pub_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-PC-1\")\n", @@ -399,43 +171,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| HOME-PUB-RT-DR Network Interface Cards |\n", - "+------+-----------------+-------------------+----------------+-------+----------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+-----------------+-------------------+----------------+-------+----------+------+\n", - "| 1 | RouterInterface | ab:f3:ac:f5:bd:41 | 192.168.1.1/24 | 100.0 | Enabled | {} |\n", - "| 2 | RouterInterface | 4b:63:a4:02:f9:65 | 10.1.0.2/30 | 100.0 | Enabled | {} |\n", - "| 3 | RouterInterface | 72:46:1d:93:f2:2d | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", - "| 4 | RouterInterface | cf:ea:2d:1f:24:0e | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", - "| 5 | RouterInterface | 21:66:ea:ed:d0:fe | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", - "+------+-----------------+-------------------+----------------+-------+----------+------+\n", - "+---------------------------+\n", - "| HOME-PUB-RT-DR Open Ports |\n", - "+---------------------------+\n", - "| Port |\n", - "+---------------------------+\n", - "| 22 |\n", - "| 219 |\n", - "+---------------------------+\n", - "+-----------------------------------------------------------------------------------------------------------+\n", - "| HOME-PUB-RT-DR Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "# Home Office Router (HOME-PUB-RT-DR)\n", "home_pub_rt_dr: Router = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-RT-DR\")\n", @@ -460,43 +196,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+--------------------------------------------------------------------------------------+\n", - "| ISP-PUB-RT-BR Network Interface Cards |\n", - "+------+-----------------+-------------------+---------------+-------+----------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+-----------------+-------------------+---------------+-------+----------+------+\n", - "| 1 | RouterInterface | d7:b4:9c:39:f4:ad | 10.1.0.1/30 | 100.0 | Enabled | {} |\n", - "| 2 | RouterInterface | bb:7a:21:ce:33:ff | 8.8.8.1/28 | 100.0 | Enabled | {} |\n", - "| 3 | RouterInterface | 26:21:39:3f:68:f7 | 10.1.10.1/30 | 100.0 | Enabled | {} |\n", - "| 4 | RouterInterface | 6c:f9:ee:e2:5d:ed | 10.1.100.1/30 | 100.0 | Enabled | {} |\n", - "| 5 | RouterInterface | 28:b3:d8:14:01:30 | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", - "+------+-----------------+-------------------+---------------+-------+----------+------+\n", - "+--------------------------+\n", - "| ISP-PUB-RT-BR Open Ports |\n", - "+--------------------------+\n", - "| Port |\n", - "+--------------------------+\n", - "| 22 |\n", - "| 219 |\n", - "+--------------------------+\n", - "+-----------------------------------------------------------------------------------------------------------+\n", - "| ISP-PUB-RT-BR Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "isp_pub_rt_br: Router = env.game.simulation.network.get_node_by_hostname(\"ISP-PUB-RT-BR\")\n", "isp_pub_rt_br.show_nic()\n", @@ -508,28 +208,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------------------------------------------------+\n", - "| ISP-PUB-SRV-DNS Network Interface Cards |\n", - "+------+------+-------------------+------------+-------+---------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+------+-------------------+------------+-------+---------+------+\n", - "| 1 | NIC | b2:e0:0f:68:3e:e0 | 8.8.8.8/28 | 100.0 | Enabled | {} |\n", - "+------+------+-------------------+------------+-------+---------+------+\n", - "+----------------------------------+\n", - "| ISP-PUB-SRV-DNS DNS Lookup table |\n", - "+----------------+-----------------+\n", - "| Domain Name | IP Address |\n", - "+----------------+-----------------+\n", - "| some_tech.com | 192.168.100.2 |\n", - "+----------------+-----------------+\n" - ] - } - ], + "outputs": [], "source": [ "isp_pub_srv_dns: Server = env.game.simulation.network.get_node_by_hostname(\"ISP-PUB-SRV-DNS\")\n", "isp_pub_srv_dns.show_nic()\n", @@ -556,23 +235,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+----------------------------------------------------------------------------------------+\n", - "| REM-PUB-FW Network Interface Cards |\n", - "+------+-----------------+-------------------+-----------------+-------+----------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+-----------------+-------------------+-----------------+-------+----------+------+\n", - "| 1 | RouterInterface | 64:b1:9d:6c:8d:4a | 10.1.10.2/30 | 100.0 | Enabled | {} |\n", - "| 2 | RouterInterface | b0:0d:54:f3:9f:22 | 192.168.10.1/30 | 100.0 | Enabled | {} |\n", - "| 3 | RouterInterface | d9:a6:cf:b1:70:a9 | 127.0.0.1/8 | 100.0 | Disabled | {} |\n", - "+------+-----------------+-------------------+-----------------+-------+----------+------+\n" - ] - } - ], + "outputs": [], "source": [ "rem_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"REM-PUB-FW\")\n", "rem_pub_fw.show_nic()" @@ -582,23 +245,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------------------------------------------------------------------------------------+\n", - "| REM-PUB-FW Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "# By default all of the `REM_PUB_FW` acls are configured to permit all traffic\n", "rem_pub_fw.acl.show()" @@ -617,23 +264,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+----------------------------------------------------------------------------------------+\n", - "| ST_PUB-FW Network Interface Cards |\n", - "+------+-----------------+-------------------+------------------+-------+---------+------+\n", - "| Port | Type | MAC Address | Address | Speed | Status | NMNE |\n", - "+------+-----------------+-------------------+------------------+-------+---------+------+\n", - "| 1 | RouterInterface | 4e:48:cf:7f:ce:04 | 10.1.100.2/30 | 100.0 | Enabled | {} |\n", - "| 2 | RouterInterface | 87:24:56:ab:86:e1 | 192.168.150.1/28 | 100.0 | Enabled | {} |\n", - "| 3 | RouterInterface | d6:f3:5f:da:60:52 | 192.168.100.1/30 | 100.0 | Enabled | {} |\n", - "+------+-----------------+-------------------+------------------+-------+---------+------+\n" - ] - } - ], + "outputs": [], "source": [ "# ST DMZ Public Firewall (Permits all traffic by default)\n", "st_pub_fw: Firewall = uc7_network.get_node_by_hostname(hostname=\"ST_PUB-FW\")\n", @@ -644,30 +275,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_DMZ-PUB-SRV-WEB Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| web-server | Service | RUNNING | GOOD | 80 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "# ST DMZ Public web-server\n", "st_dmz_pub_srv_web: Server = uc7_network.get_node_by_hostname(hostname=\"ST_DMZ-PUB-SRV-WEB\")\n", @@ -702,25 +310,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------+\n", - "| ST_INTRA-PRV-RT-CR Route Table |\n", - "+-------+------------------+---------------+--------+\n", - "| Index | Address | Next Hop | Metric |\n", - "+-------+------------------+---------------+--------+\n", - "| 0 | 192.168.200.0/29 | 192.168.170.2 | 0.0 |\n", - "| 1 | 192.168.210.0/29 | 192.168.170.2 | 0.0 |\n", - "| 2 | 192.168.230.0/29 | 192.168.160.2 | 0.0 |\n", - "| 3 | 192.168.240.0/29 | 192.168.160.2 | 0.0 |\n", - "| 4 | 192.168.250.0/29 | 192.168.160.2 | 0.0 |\n", - "+-------+------------------+---------------+--------+\n" - ] - } - ], + "outputs": [], "source": [ "st_intra_prv_rt_cr: Router = uc7_network.get_node_by_hostname(hostname=\"ST_INTRA-PRV-RT-CR\")\n", "st_intra_prv_rt_cr.route_table.show()" @@ -757,31 +347,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_HO-PRV-PC-1 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_head_office_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_HO-PRV-PC-1\")\n", "st_head_office_private_pc_1.software_manager.show()" @@ -800,31 +366,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_HR-PRV-PC-2 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_human_resources_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_HR-PRV-PC-2\")\n", "st_human_resources_private_pc_2.software_manager.show()" @@ -848,49 +390,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_DATA-PRV-SRV-DB Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-service | Service | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "+----------------------------------------------------------------------------------+\n", - "| ST_DATA-PRV-SRV-DB File System |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n", - "| File Path | Size | Health status | Visible health status | Deleted |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n", - "| database/database.db | 4.77 MB | GOOD | NONE | False |\n", - "| root | 0 B | GOOD | NONE | False |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n" - ] - }, - { - "data": { - "text/plain": [ - "IPv4Address('192.168.220.2')" - ] - }, - "execution_count": 18, - "metadata": {}, - "output_type": "execute_result" - } - ], + "outputs": [], "source": [ "st_data_private_server_database: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-DB\")\n", "st_data_private_server_database_service: DatabaseService = st_data_private_server_database.software_manager.software[\"database-service\"]\n", @@ -903,30 +403,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_DATA-PRV-SRV-STORAGE Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-server | Service | RUNNING | GOOD | 21 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_data_private_server_storage: Server = uc7_network.get_node_by_hostname(\"ST_DATA-PRV-SRV-STORAGE\")\n", "st_data_private_server_storage.software_manager.show()" @@ -945,31 +422,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_project_a_private_pc_1: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.show()" @@ -986,31 +439,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_PROJ-B-PRV-PC-2 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_project_b_private_pc_2: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-B-PRV-PC-2\")\n", "st_project_b_private_pc_2.software_manager.show()" @@ -1027,31 +456,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_PROJ-C-PRV-PC-3 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_project_c_private_pc_3: Computer = uc7_network.get_node_by_hostname(\"ST_PROJ-C-PRV-PC-3\")\n", "st_project_c_private_pc_3.software_manager.show()" @@ -1144,38 +549,14 @@ "\n", "Additionally, `database-client` green agents are *Periodic* meaning they will attempt to use the database based on game time-steps. Specifically, these agents will begin on the time-step given in their `start_step` setting and will then will reattempt on each subsequence timestep based on the `Frequency` setting. These settings are then randomised using the remaining `start_variance` and `variance` options (also given in timesteps). These values are used to *±* their respective base settings to ensure the green agents achieve a moderate amount of domain randomisation in each PrimAITE episode.\n", "\n", - "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make its first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" + "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make it's first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:20,234: Resetting environment, episode 0, avg. reward: 0.0\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "timestep=0 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=1 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=2 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=3 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=4 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=5 action='node-application-execute' parameters={'node_name': 'HOME-PUB-PC-1', 'application_name': 'database-client'} request=['network', 'node', 'HOME-PUB-PC-1', 'application', 'database-client', 'execute'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'success'} observation=0\n", - "timestep=6 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=7 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=8 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n", - "timestep=9 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.5 reward_info={'connection_attempt_status': 'n/a'} observation=0\n" - ] - } - ], + "outputs": [], "source": [ "env.reset() # Resetting the simulation\n", "home_pub_pc_1_database_green_agent = env.game.agents.get(\"HOME_WORKER-1-DB\")\n", @@ -1189,26 +570,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------+\n", - "| HOME-PUB-PC-1 Sys Log |\n", - "+-----------+-------+---------+\n", - "| Timestamp | Level | Message |\n", - "+-----------+-------+---------+\n", - "+-----------+-------+---------+\n", - "+-----------------------------+\n", - "| ST_DATA-PRV-SRV-DB Sys Log |\n", - "+-----------+-------+---------+\n", - "| Timestamp | Level | Message |\n", - "+-----------+-------+---------+\n", - "+-----------+-------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "home_pub_pc_1.software_manager.software[\"database-client\"].sys_log.show(last_n=10)\n", "st_data_private_server_database.software_manager.software[\"database-service\"].sys_log.show(last_n=5)" @@ -1222,38 +584,14 @@ "\n", "Unlike the `database-client` green agents, the `web-browser` green agents are *probabilistic*. These agents are quite simple; on every timestep a probability roll is made to determine whenever the agent acts. On a successful outcome the agent will attempt to execute the `web-browser` application which will then attempt to connect to the `ST-DMZ-PUB-SRV-WEB` host. On a unsuccessful outcome then the green agent will simply perform not action on this timestep.\n", "\n", - "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning its host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " + "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning it's host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:22,320: Resetting environment, episode 1, avg. reward: 12.410937500000006\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "timestep=0 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=1 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=2 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=3 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=4 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=5 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=6 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=7 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=8 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n", - "timestep=9 action='do-nothing' parameters={} request=['do-nothing'] response=RequestResponse(status='success', data={}) reward=0.0 reward_info={} observation=0\n" - ] - } - ], + "outputs": [], "source": [ "env.reset() # Resetting the simulation\n", "home_pub_pc_1_web_browser_green_agent = env.game.agents.get(\"HOME_WORKER-1-WEB\")\n", @@ -1267,26 +605,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------+\n", - "| HOME_WORKER-1-WEB Behaviour Log |\n", - "+------------+-------+------------+\n", - "| Time Step | Level | Message |\n", - "+------------+-------+------------+\n", - "+------------+-------+------------+\n", - "+-----------------------------+\n", - "| HOME-PUB-PC-1 Sys Log |\n", - "+-----------+-------+---------+\n", - "| Timestamp | Level | Message |\n", - "+-----------+-------+---------+\n", - "+-----------+-------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "home_pub_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"HOME-PUB-PC-1\")\n", "home_pub_pc_1_web_browser_green_agent.logger.show()\n", @@ -1311,38 +630,18 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 001 (`TAP001`)\n", "\n", - "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to its [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", + "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to it's [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", "\n", - "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking its connection to the target or its `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", + "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking it's connection to the target or it's `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", "\n", - "For more information on `TAP001` and its impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " + "For more information on `TAP001` and it's impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:23,476: Resetting environment, episode 2, avg. reward: 12.396875000000001\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------+\n", - "| attacker Behaviour Log |\n", - "+-----------+-------+---------+\n", - "| Time Step | Level | Message |\n", - "+-----------+-------+---------+\n", - "+-----------+-------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "# By default the `uc7_config.yaml` is setup to use TAP001\n", "env.reset()\n", @@ -1357,33 +656,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | GOOD | 21 | tcp |\n", - "| database-client | Application | RUNNING | GOOD | 5432 | tcp |\n", - "| ransomware-script | Application | RUNNING | GOOD | None | none |\n", - "| c2-beacon | Application | RUNNING | GOOD | None | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "# TAP001 starting host\n", "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", @@ -1394,29 +667,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+----------------------------------------------------------------------------------------+\n", - "| ST_PROJ-A-PRV-PC-1 File System |\n", - "+-------------------------------+------+---------------+-----------------------+---------+\n", - "| File Path | Size | Health status | Visible health status | Deleted |\n", - "+-------------------------------+------+---------------+-----------------------+---------+\n", - "| downloads/malware_dropper.ps1 | 0 B | GOOD | NONE | False |\n", - "| root | 0 B | GOOD | NONE | False |\n", - "+-------------------------------+------+---------------+-----------------------+---------+\n", - "+--------------------------------------------------------------------+\n", - "| ISP-PUB-SRV-DNS File System |\n", - "+-----------+------+---------------+-----------------------+---------+\n", - "| File Path | Size | Health status | Visible health status | Deleted |\n", - "+-----------+------+---------------+-----------------------+---------+\n", - "| root | 0 B | GOOD | NONE | False |\n", - "+-----------+------+---------------+-----------------------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "st_project_a_private_pc_1.file_system.show(full=True)\n", "isp_pub_srv_dns: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ISP-PUB-SRV-DNS\")\n", @@ -1427,22 +678,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+----------------------------------------------------------------------------------+\n", - "| ST_DATA-PRV-SRV-DB File System |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n", - "| File Path | Size | Health status | Visible health status | Deleted |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n", - "| database/database.db | 4.77 MB | GOOD | NONE | False |\n", - "| root | 0 B | GOOD | NONE | False |\n", - "+----------------------+---------+---------------+-----------------------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "# Database Impact \n", "st_data_private_server_database: Server = env.game.simulation.network.get_node_by_hostname(hostname=\"ST_DATA-PRV-SRV-DB\")\n", @@ -1455,7 +691,7 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 003 (`TAP003`)\n", "\n", - "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages its pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage its ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", + "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages it's pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage it's ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", "\n", "The table below is a brief summary of the malicious ACLs added by `TAP003`\n", "\n", @@ -1465,22 +701,14 @@ "|`ST_INTRA-PRV-RT-CR`| Blocks all `HTTP` traffic that arrives at the`ST_INTRA-PRV-RT-CR` router. This rule will prevent all SOME_TECH hosts from accessing the web-server (`ST-DMZ-PUB-SRV-WEB`)|\n", "|`REM-PUB-RT-DR`| Blocks all `DNS` traffic that arrives at the `REM-PUB-RT-DR` router. This rule prevents any remote site works from accessing the DNS Server (`ISP-PUB-SRV-DNS`).|\n", "\n", - "Lastly, its highly recommended that users refer to the [TAP003 E2E notebook](./UC7-TAP003-Kill-Chain-E2E.ipynb) for further information or for the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) demonstration of TAP003 defence." + "Lastly, it's highly recommended that users refer to the [TAP003 E2E notebook](./UC7-TAP003-Kill-Chain-E2E.ipynb) for further information or for the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) demonstration of TAP003 defence." ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:34,604: PrimaiteGymEnv RNG seed = None\n" - ] - } - ], + "outputs": [], "source": [ "# Loading up the TAP003 UC7 config variant\n", "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as uc7_config:\n", @@ -1496,37 +724,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:34,632: Resetting environment, episode 0, avg. reward: 0.0\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+----------------------------------------------------------------------------------+\n", - "| attacker Behaviour Log |\n", - "+-----------+-------+--------------------------------------------------------------+\n", - "| Time Step | Level | Message |\n", - "+-----------+-------+--------------------------------------------------------------+\n", - "| 28 | INFO | Manipulation complete. Progressing to exploit... |\n", - "| 31 | INFO | Logging into ST_INTRA-PRV-RT-DR-1 in order to add ACL rules. |\n", - "| 34 | INFO | Adding ACL rule to ST_INTRA-PRV-RT-DR-1 |\n", - "| 37 | INFO | Logging into ST_INTRA-PRV-RT-CR in order to add ACL rules. |\n", - "| 40 | INFO | Adding ACL rule to ST_INTRA-PRV-RT-CR |\n", - "| 43 | INFO | Logging into REM-PUB-RT-DR in order to add ACL rules. |\n", - "| 46 | INFO | Adding ACL rule to REM-PUB-RT-DR |\n", - "| 46 | INFO | Finished adding ACL rules. |\n", - "| 49 | INFO | attacker has successfully carried out the kill chain. |\n", - "| 49 | INFO | attacker has opted to forgo any further attacks. |\n", - "+-----------+-------+--------------------------------------------------------------+\n" - ] - } - ], + "outputs": [], "source": [ "# By default the `uc7_config.yaml` is setup to use TAP001\n", "env.reset()\n", @@ -1541,25 +739,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------------------------------------------------------------------------------------+\n", - "| ST_INTRA-PRV-RT-DR-1 Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 1 | DENY | tcp | ANY | 0.0.255.255 | 5432 | ANY | 0.0.255.255 | 5432 | 214 |\n", - "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 625 |\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-DR-1\").acl.show()" ] @@ -1568,25 +748,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------------------------------------------------------------------------------------+\n", - "| ST_INTRA-PRV-RT-CR Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 1 | DENY | tcp | ANY | 0.0.255.255 | 80 | ANY | 0.0.255.255 | 80 | 526 |\n", - "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 967 |\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "env.game.simulation.network.get_node_by_hostname(\"ST_INTRA-PRV-RT-CR\").acl.show()" ] @@ -1595,25 +757,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------------------------------------------------------------------------------------------------------+\n", - "| REM-PUB-RT-DR Access Control List |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| Index | Action | Protocol | Src IP | Src Wildcard | Src Port | Dst IP | Dst Wildcard | Dst Port | Matched |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n", - "| 1 | DENY | tcp | ANY | 0.0.255.255 | 53 | ANY | 0.0.255.255 | 53 | 0 |\n", - "| 5 | PERMIT | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 253 |\n", - "| 22 | PERMIT | ANY | ANY | ANY | 219 | ANY | ANY | 219 | 0 |\n", - "| 23 | PERMIT | icmp | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "| 24 | DENY | ANY | ANY | ANY | ANY | ANY | ANY | ANY | 0 |\n", - "+-------+--------+----------+--------+--------------+----------+--------+--------------+----------+---------+\n" - ] - } - ], + "outputs": [], "source": [ "env.game.simulation.network.get_node_by_hostname(\"REM-PUB-RT-DR\").acl.show() " ] @@ -1650,15 +794,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:41,131: Resetting environment, episode 1, avg. reward: 116.84999999999965\n" - ] - } - ], + "outputs": [], "source": [ "env.reset() # Resetting the env\n", "defender = env.game.agents.get(\"defender\")" @@ -1766,61 +902,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:41,892: Resetting environment, episode 2, avg. reward: 0.0\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "1 {'PROTOCOLS': {'ALL': 1}}\n", - "2 {'PROTOCOLS': {'ALL': 0}}\n", - "3 {'PROTOCOLS': {'ALL': 0}}\n", - "4 {'PROTOCOLS': {'ALL': 0}}\n", - "5 {'PROTOCOLS': {'ALL': 1}}\n", - "6 {'PROTOCOLS': {'ALL': 1}}\n", - "7 {'PROTOCOLS': {'ALL': 0}}\n", - "8 {'PROTOCOLS': {'ALL': 0}}\n", - "9 {'PROTOCOLS': {'ALL': 0}}\n", - "10 {'PROTOCOLS': {'ALL': 0}}\n", - "11 {'PROTOCOLS': {'ALL': 0}}\n", - "12 {'PROTOCOLS': {'ALL': 0}}\n", - "13 {'PROTOCOLS': {'ALL': 1}}\n", - "14 {'PROTOCOLS': {'ALL': 1}}\n", - "15 {'PROTOCOLS': {'ALL': 1}}\n", - "16 {'PROTOCOLS': {'ALL': 1}}\n", - "17 {'PROTOCOLS': {'ALL': 1}}\n", - "18 {'PROTOCOLS': {'ALL': 1}}\n", - "19 {'PROTOCOLS': {'ALL': 1}}\n", - "20 {'PROTOCOLS': {'ALL': 1}}\n", - "21 {'PROTOCOLS': {'ALL': 1}}\n", - "22 {'PROTOCOLS': {'ALL': 1}}\n", - "23 {'PROTOCOLS': {'ALL': 1}}\n", - "24 {'PROTOCOLS': {'ALL': 0}}\n", - "25 {'PROTOCOLS': {'ALL': 1}}\n", - "26 {'PROTOCOLS': {'ALL': 1}}\n", - "27 {'PROTOCOLS': {'ALL': 4}}\n", - "28 {'PROTOCOLS': {'ALL': 4}}\n", - "29 {'PROTOCOLS': {'ALL': 1}}\n", - "30 {'PROTOCOLS': {'ALL': 0}}\n", - "31 {'PROTOCOLS': {'ALL': 0}}\n", - "32 {'PROTOCOLS': {'ALL': 0}}\n", - "33 {'PROTOCOLS': {'ALL': 1}}\n", - "34 {'PROTOCOLS': {'ALL': 0}}\n", - "35 {'PROTOCOLS': {'ALL': 0}}\n", - "36 {'PROTOCOLS': {'ALL': 0}}\n", - "37 {'PROTOCOLS': {'ALL': 0}}\n", - "38 {'PROTOCOLS': {'ALL': 0}}\n", - "39 {'PROTOCOLS': {'ALL': 0}}\n", - "40 {'PROTOCOLS': {'ALL': 0}}\n" - ] - } - ], + "outputs": [], "source": [ "env.reset()\n", "\n", @@ -1868,109 +950,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:42,606: Resetting environment, episode 3, avg. reward: 1.1140625000000002\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "HOST0\n", - "{'APPLICATIONS': {1: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 0},\n", - " 2: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 1}},\n", - " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0},\n", - " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0}},\n", - " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", - " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", - " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", - " 5432: {'inbound': 0, 'outbound': 0}}},\n", - " 'nic_status': 1}},\n", - " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", - " 2: {'health_status': 0, 'operating_status': 0}},\n", - " 'num_file_creations': 0,\n", - " 'num_file_deletions': 0,\n", - " 'operating_status': 1,\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", - "HOST1\n", - "{'APPLICATIONS': {1: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 0},\n", - " 2: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 1}},\n", - " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0},\n", - " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0}},\n", - " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", - " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", - " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", - " 5432: {'inbound': 0, 'outbound': 0}}},\n", - " 'nic_status': 1}},\n", - " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", - " 2: {'health_status': 0, 'operating_status': 0}},\n", - " 'num_file_creations': 0,\n", - " 'num_file_deletions': 0,\n", - " 'operating_status': 1,\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", - "HOST2\n", - "{'APPLICATIONS': {1: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 0},\n", - " 2: {'health_status': 0,\n", - " 'num_executions': 1,\n", - " 'operating_status': 1}},\n", - " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0},\n", - " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0}},\n", - " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", - " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", - " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", - " 5432: {'inbound': 1, 'outbound': 1}}},\n", - " 'nic_status': 1}},\n", - " 'SERVICES': {1: {'health_status': 0, 'operating_status': 2},\n", - " 2: {'health_status': 0, 'operating_status': 0}},\n", - " 'num_file_creations': 0,\n", - " 'num_file_deletions': 0,\n", - " 'operating_status': 1,\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", - "HOST3\n", - "{'APPLICATIONS': {1: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 0},\n", - " 2: {'health_status': 0,\n", - " 'num_executions': 0,\n", - " 'operating_status': 0}},\n", - " 'FOLDERS': {1: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0},\n", - " 2: {'FILES': {1: {'health_status': 0, 'num_access': 0}},\n", - " 'health_status': 0}},\n", - " 'NICS': {1: {'NMNE': {'inbound': 0, 'outbound': 0},\n", - " 'TRAFFIC': {'icmp': {'inbound': 0, 'outbound': 0},\n", - " 'tcp': {80: {'inbound': 0, 'outbound': 0},\n", - " 5432: {'inbound': 1, 'outbound': 1}}},\n", - " 'nic_status': 1}},\n", - " 'SERVICES': {1: {'health_status': 0, 'operating_status': 0},\n", - " 2: {'health_status': 0, 'operating_status': 0}},\n", - " 'num_file_creations': 0,\n", - " 'num_file_deletions': 0,\n", - " 'operating_status': 1,\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n" - ] - } - ], + "outputs": [], "source": [ "env.reset()\n", "\n", @@ -2243,170 +1223,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ROUTER0\n", - "{'ACL': {0: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 0,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 1: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 1,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 2: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 2,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 3: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 3,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 4: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 4,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0}},\n", - " 'PORTS': {1: {'operating_status': 1},\n", - " 2: {'operating_status': 1},\n", - " 3: {'operating_status': 1},\n", - " 4: {'operating_status': 1},\n", - " 5: {'operating_status': 2}},\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", - "ROUTER1\n", - "{'ACL': {0: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 0,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 1: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 1,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 2: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 2,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 3: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 3,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 4: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 4,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0}},\n", - " 'PORTS': {1: {'operating_status': 1},\n", - " 2: {'operating_status': 1},\n", - " 3: {'operating_status': 1},\n", - " 4: {'operating_status': 1},\n", - " 5: {'operating_status': 2}},\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n", - "ROUTER2\n", - "{'ACL': {0: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 0,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 1: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 1,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 2: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 2,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 3: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 3,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0},\n", - " 4: {'dest_ip_id': 0,\n", - " 'dest_port_id': 0,\n", - " 'dest_wildcard_id': 0,\n", - " 'permission': 0,\n", - " 'position': 4,\n", - " 'protocol_id': 0,\n", - " 'source_ip_id': 0,\n", - " 'source_port_id': 0,\n", - " 'source_wildcard_id': 0}},\n", - " 'PORTS': {1: {'operating_status': 1},\n", - " 2: {'operating_status': 1},\n", - " 3: {'operating_status': 2},\n", - " 4: {'operating_status': 2},\n", - " 5: {'operating_status': 2}},\n", - " 'users': {'local_login': 0, 'remote_sessions': 0}}\n" - ] - } - ], + "outputs": [], "source": [ "obs, reward, _,_,info = env.step(0)\n", "for node_id, node_obs in obs['NODES'].items():\n", @@ -2493,27 +1310,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:43,512: Resetting environment, episode 4, avg. reward: 2.225\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Actions for 'defender':\n", - "+------+------------+--------+----------+---------------+\n", - "| Step | Action | Params | Response | Response Data |\n", - "+------+------------+--------+----------+---------------+\n", - "| 0 | do-nothing | | success | |\n", - "+------+------------+--------+----------+---------------+\n" - ] - } - ], + "outputs": [], "source": [ "env.reset()\n", "env.step(0)\n", @@ -2538,16 +1335,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ftp-client (Prior Scan) OBS: {'operating_status': 2, 'health_status': 0}\n", - "database-client (Prior Scan) OBS: {'operating_status': 1, 'health_status': 0, 'num_executions': 1}\n" - ] - } - ], + "outputs": [], "source": [ "obs, reward, term, trunc, info = env.step(0)\n", "print(f\"ftp-client (Prior Scan) OBS: {defender.observation_manager.current_observation['NODES']['HOST0']['SERVICES'][1]}\")\n", @@ -2558,31 +1346,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+---------------------------------------------------------------------------------------+\n", - "| ST_PROJ-A-PRV-PC-1 Software Manager |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| Name | Type | Operating State | Health State | Port | Protocol |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n", - "| arp | Service | RUNNING | GOOD | 219 | udp |\n", - "| icmp | Service | RUNNING | GOOD | None | icmp |\n", - "| dns-client | Service | RUNNING | GOOD | 53 | tcp |\n", - "| ntp-client | Service | RUNNING | GOOD | 123 | udp |\n", - "| web-browser | Application | RUNNING | GOOD | 80 | tcp |\n", - "| nmap | Application | RUNNING | GOOD | None | none |\n", - "| user-session-manager | Service | RUNNING | GOOD | None | none |\n", - "| user-manager | Service | RUNNING | GOOD | None | none |\n", - "| terminal | Service | RUNNING | GOOD | 22 | tcp |\n", - "| ftp-client | Service | RUNNING | COMPROMISED | 21 | tcp |\n", - "| database-client | Application | RUNNING | COMPROMISED | 5432 | tcp |\n", - "+----------------------+-------------+-----------------+--------------+------+----------+\n" - ] - } - ], + "outputs": [], "source": [ "st_project_a_private_pc_1: Computer = env.game.simulation.network.get_node_by_hostname(\"ST_PROJ-A-PRV-PC-1\")\n", "st_project_a_private_pc_1.software_manager.software[\"ftp-client\"].set_health_state(SoftwareHealthState.COMPROMISED)\n", @@ -2601,26 +1365,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Node OS Scan time step duration: 8\n", - "Actions for 'defender':\n", - "+------+--------------+-------------------------------+----------+---------------+\n", - "| Step | Action | Params | Response | Response Data |\n", - "+------+--------------+-------------------------------+----------+---------------+\n", - "| 2 | node-os-scan | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", - "| | | | | |\n", - "+------+--------------+-------------------------------+----------+---------------+\n", - "None\n", - "Current Simulation Time Step: 12\n", - "ftp-client (Post Scan) OBS: {'operating_status': 2, 'health_status': 3}\n", - "database-client (Post Scan) OBS: {'operating_status': 1, 'health_status': 3, 'num_executions': 1}\n" - ] - } - ], + "outputs": [], "source": [ "print(f'Node OS Scan time step duration: {cfg[\"simulation\"][\"defaults\"][\"node_scan_duration\"]}')\n", "env.step(1)\n", @@ -2646,15 +1391,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ST_PROJ-A-PRV-PC-1's (prior `node-shutdown`) operating state: 1\n" - ] - } - ], + "outputs": [], "source": [ "# `1` is equal to 'ON' in this case.\n", "obs, reward, term, trunc, info = env.step(0)\n", @@ -2684,15 +1421,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ST_PROJ-A-PRV-PC-1's (post `node-shutdown`) operating state: 2\n" - ] - } - ], + "outputs": [], "source": [ "obs, reward, term, trunc, info = env.step(0)\n", "print(f\"ST_PROJ-A-PRV-PC-1's (post `node-shutdown`) operating state: {defender.observation_manager.current_observation['NODES']['HOST0']['operating_status']}\")" @@ -2711,15 +1440,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ST_PROJ-A-PRV-PC-1's (post `node-startup`) operating state: 1\n" - ] - } - ], + "outputs": [], "source": [ "obs, reward, term, trunc, info = env.step(3)\n", "\n", @@ -2734,26 +1455,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Actions for 'defender':\n", - "+------+---------------+-------------------------------+----------+---------------+\n", - "| Step | Action | Params | Response | Response Data |\n", - "+------+---------------+-------------------------------+----------+---------------+\n", - "| 2 | node-os-scan | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", - "| | | | | |\n", - "| 13 | node-shutdown | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", - "| | | | | |\n", - "| 18 | node-startup | node_name: ST_PROJ-A-PRV-PC-1 | success | |\n", - "| | | | | |\n", - "+------+---------------+-------------------------------+----------+---------------+\n", - "None\n" - ] - } - ], + "outputs": [], "source": [ "print(defender.show_history())" ] @@ -2786,51 +1488,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-------------------------+-------------------------+---------------+\n", - "| Reward Type | Reward Option | Reward Weight |\n", - "+-------------------------+-------------------------+---------------+\n", - "| database-file-integrity | database.db | 0.95 |\n", - "| shared-reward | HOME_WORKER-1-DB | 0.03125 |\n", - "| shared-reward | HOME_WORKER-1-WEB | 0.03125 |\n", - "| shared-reward | HOME_WORKER-2-DB | 0.03125 |\n", - "| shared-reward | HOME_WORKER-2-WEB | 0.03125 |\n", - "| shared-reward | REMOTE_WORKER-1-DB | 0.03125 |\n", - "| shared-reward | REMOTE_WORKER-1-WEB | 0.03125 |\n", - "| shared-reward | REMOTE_WORKER-2-DB | 0.03125 |\n", - "| shared-reward | REMOTE_WORKER-2-WEB | 0.03125 |\n", - "| shared-reward | PROJ_A-SENIOR-DEV-DB | 0.03125 |\n", - "| shared-reward | PROJ_A-SENIOR-DEV-WEB | 0.03125 |\n", - "| shared-reward | PROJ_A-JUNIOR-DEV-1-DB | 0.03125 |\n", - "| shared-reward | PROJ_A-JUNIOR-DEV-1-WEB | 0.03125 |\n", - "| shared-reward | PROJ_A-JUNIOR-DEV-2-DB | 0.03125 |\n", - "| shared-reward | PROJ_A-JUNIOR-DEV-2-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-SENIOR-DEV-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-SENIOR-DEV-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-1-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-1-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-2-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-2-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-SENIOR-DEV-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-SENIOR-DEV-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-1-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-1-WEB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-2-DB | 0.03125 |\n", - "| shared-reward | PROJ_B-JUNIOR-DEV-2-WEB | 0.03125 |\n", - "| shared-reward | CEO | 0.03125 |\n", - "| shared-reward | CFO | 0.03125 |\n", - "| shared-reward | CTO | 0.03125 |\n", - "| shared-reward | SENIOR_HR | 0.03125 |\n", - "| shared-reward | JUNIOR_HR-1 | 0.03125 |\n", - "| shared-reward | JUNIOR_HR-2 | 0.03125 |\n", - "+-------------------------+-------------------------+---------------+\n" - ] - } - ], + "outputs": [], "source": [ "table = PrettyTable()\n", "table.field_names = [\"Reward Type\", \"Reward Option\", \"Reward Weight\"]\n", @@ -2877,7 +1535,7 @@ "\n", "The `weight` option in a `shared-reward` reward acts a multiplier to the reward of agent given in `agent_name`:\n", "\n", - "shared_reward = agent_reward x shared_reward_weight\n", + "$\\text{shared\\_reward} = \\text{agent\\_reward} \\times \\text{shared\\_reward\\_weight}$\n", "\n", "\n", "This can be a little difficult to understand intuitively so the following code snippets demonstrate how one of these rewards are calculated during a live episode." @@ -2904,36 +1562,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:47,022: PrimaiteGymEnv RNG seed = None\n", - "2025-03-14 15:51:47,025: Resetting environment, episode 0, avg. reward: 0.0\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "+-----------+--------------------+------------+-------------------------+\n", - "| Time Step | Home Worker Reward | CEO Reward | Blue Agent Total Reward |\n", - "+-----------+--------------------+------------+-------------------------+\n", - "| 1 | 0.0 | 0.0 | 0.0 |\n", - "| 2 | 0.0 | 0.95 | 4.75 |\n", - "| 3 | 0.0 | 0.95 | 4.75 |\n", - "| 4 | 0.0 | 0.95 | 4.75 |\n", - "| 5 | 0.5 | 0.95 | 4.765625 |\n", - "| 6 | 0.5 | 0.95 | 4.765625 |\n", - "| 7 | 0.5 | 0.95 | 4.765625 |\n", - "| 8 | 0.5 | 0.95 | 4.765625 |\n", - "| 9 | 0.5 | 0.95 | 4.765625 |\n", - "| 10 | 0.5 | 0.95 | 4.765625 |\n", - "+-----------+--------------------+------------+-------------------------+\n" - ] - } - ], + "outputs": [], "source": [ "# Reloads the UC7 config and removes all of other reward-components. \n", "BLUE_AGENT_INDEX = 33\n", @@ -2971,11 +1600,11 @@ "source": [ "As you can see from the table above, because we increased the `shared-reward` weightings the blue agent's reward is nearly all comprised of the CEO's reward - `4.75`:\n", "\n", - "ceo_reward_contribution = 0.95 x 5\n", + "$\\text{ceo\\_reward\\_contribution} = 0.95 \\times 5$ \n", "\n", "We can see that the remote worker agent only contributes `0.015625` to the blue agent's total reward:\n", "\n", - "remote_work_reward_contribution = 0.5 x 0.03125\n" + "$\\text{remote\\_worker\\_reward\\_contribution} = 0.5 \\times 0.03125$\n" ] }, { @@ -2996,26 +1625,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:49,242: PrimaiteGymEnv RNG seed = None\n", - "2025-03-14 15:51:49,244: Resetting environment, episode 0, avg. reward: 0.0\n" - ] - }, - { - "data": { - "text/plain": [ - "170.8687499999996" - ] - }, - "execution_count": 52, - "metadata": {}, - "output_type": "execute_result" - } - ], + "outputs": [], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -3039,23 +1649,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:51:57,812: PrimaiteGymEnv RNG seed = None\n", - "2025-03-14 15:51:57,816: Resetting environment, episode 0, avg. reward: 0.0\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Successful TAP001 & Blue Agent Reward: 140.27031249999996\n" - ] - } - ], + "outputs": [], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -3078,24 +1672,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:52:10,712: PrimaiteGymEnv RNG seed = None\n", - "2025-03-14 15:52:10,715: Resetting environment, episode 0, avg. reward: 0.0\n", - "2025-03-14 15:52:10,719: Saving agent action log to C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\sessions\\2025-03-14\\15-51-12\\agent_actions\\episode_0.json\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Successful TAP003 & Blue Agent Reward: 116.40624999999962\n" - ] - } - ], + "outputs": [], "source": [ "with open(_EXAMPLE_CFG/\"uc7_config_tap003.yaml\", mode=\"r\") as uc7_config:\n", " cfg = yaml.safe_load(uc7_config)\n", @@ -3122,24 +1699,7 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "2025-03-14 15:52:17,859: PrimaiteGymEnv RNG seed = None\n", - "2025-03-14 15:52:17,860: Resetting environment, episode 0, avg. reward: 0.0\n", - "2025-03-14 15:52:17,863: Saving agent action log to C:\\Users\\CharlieCrane\\primaite\\4.0.0-dev\\sessions\\2025-03-14\\15-51-12\\agent_actions\\episode_0.json\n" - ] - }, - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Worst Case Episode Blue Agent Reward: -170.5046874999996\n" - ] - } - ], + "outputs": [], "source": [ "env = PrimaiteGymEnv(env_config=cfg)\n", "env.reset()\n", From e9e49ab5f9383d6014be8a4c065bef96c7801c31 Mon Sep 17 00:00:00 2001 From: Charlie Crane Date: Fri, 14 Mar 2025 16:07:08 +0000 Subject: [PATCH 6/6] Fix some issues with sphinx rendering text in jupyter notebooks --- src/primaite/notebooks/UC7-E2E-Demo.ipynb | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/primaite/notebooks/UC7-E2E-Demo.ipynb b/src/primaite/notebooks/UC7-E2E-Demo.ipynb index 82069a7c..9105da64 100644 --- a/src/primaite/notebooks/UC7-E2E-Demo.ipynb +++ b/src/primaite/notebooks/UC7-E2E-Demo.ipynb @@ -549,7 +549,7 @@ "\n", "Additionally, `database-client` green agents are *Periodic* meaning they will attempt to use the database based on game time-steps. Specifically, these agents will begin on the time-step given in their `start_step` setting and will then will reattempt on each subsequence timestep based on the `Frequency` setting. These settings are then randomised using the remaining `start_variance` and `variance` options (also given in timesteps). These values are used to *±* their respective base settings to ensure the green agents achieve a moderate amount of domain randomisation in each PrimAITE episode.\n", "\n", - "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make it's first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" + "For example, take a *Periodic* green agent set with a `start_step` of **4** and a `frequency` of **4** with a `start_variance` of **1** and a `variance` of **1** will cause a green agent to make its first action on timestep $4 \\pm 1$ and then any subsequent actions every $4 \\pm 1$ timesteps afterwards.\n" ] }, { @@ -584,7 +584,7 @@ "\n", "Unlike the `database-client` green agents, the `web-browser` green agents are *probabilistic*. These agents are quite simple; on every timestep a probability roll is made to determine whenever the agent acts. On a successful outcome the agent will attempt to execute the `web-browser` application which will then attempt to connect to the `ST-DMZ-PUB-SRV-WEB` host. On a unsuccessful outcome then the green agent will simply perform not action on this timestep.\n", "\n", - "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning it's host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " + "For example, a `web-browser` green agent with a `20%` chance has a $\\frac{1}{5}$ chance of actioning its host's `web-browser` to access the `ST-DMZ-PUB-SRV-WEB` web-server. " ] }, { @@ -630,11 +630,11 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 001 (`TAP001`)\n", "\n", - "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to it's [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", + "This TAP aims to exfiltrate and then encrypt the `database.db` file on `ST_DATA-PRV-SRV-DB` host, whilst leaving the functionality of the database intact. Configured by default to start on the `ST_PROJ-A-PRV-PC-1` host, `TAP001` must first embed itself on the host, locate the target (`ST_DATA-PRV-SRV-DB`) through a series of [`nmap`](/PrimAITE/docs/source/simulation_components/system/applications/nmap.rst) scans, establish a connection to its [`c2-server`](./Command-and-Control-E2E-Demonstration.ipynb)(`ISP-PUB-SRV-DNS` by default) and then finally attempt to exfiltrate and encrypt. \n", "\n", - "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking it's connection to the target or it's `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", + "If successful, the blue agent is configured to receive a serve negative reward and thus must prevent `TAP001` from ever reaching the target database. This could be through blocking its connection to the target or its `c2-server` via a carefully crafted ACL or perhaps through more a forceful approach such as shutting down the starting host.\n", "\n", - "For more information on `TAP001` and it's impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " + "For more information on `TAP001` and its impacts, [please refer to the TAP001 E2E notebook](./UC7-TAP001-Kill-Chain-E2E.ipynb) or for more blue agent involved demonstration refer to the [UC7 attack variants notebook](./UC7-attack-variants.ipynb) " ] }, { @@ -691,7 +691,7 @@ "source": [ "### AGENTS | RED AGENT | Threat Actor Profile 003 (`TAP003`)\n", "\n", - "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages it's pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage it's ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", + "Unlike `TAP001`'s more traditional representation of a threat actor, `TAP003` represents a malicious insider which leverages its pre-existing knowledge to covertly add malicious access control lists (ACLs) to three different routers each of which affecting green agent traffic in a different way causing the blue agent to receive negative rewards. Thus, the blue agent must learn to leverage its ability to remove rules and change credentials throughout the network to rectify the impacts of `TA003` and re-establish green POL and prevent `TAP003` from accessing additional routers.\n", "\n", "The table below is a brief summary of the malicious ACLs added by `TAP003`\n", "\n", @@ -1535,7 +1535,7 @@ "\n", "The `weight` option in a `shared-reward` reward acts a multiplier to the reward of agent given in `agent_name`:\n", "\n", - "$\\text{shared\\_reward} = \\text{agent\\_reward} \\times \\text{shared\\_reward\\_weight}$\n", + "shared_reward = agent_reward x shared_reward_weight\n", "\n", "\n", "This can be a little difficult to understand intuitively so the following code snippets demonstrate how one of these rewards are calculated during a live episode." @@ -1600,11 +1600,11 @@ "source": [ "As you can see from the table above, because we increased the `shared-reward` weightings the blue agent's reward is nearly all comprised of the CEO's reward - `4.75`:\n", "\n", - "$\\text{ceo\\_reward\\_contribution} = 0.95 \\times 5$ \n", + "ceo_reward_contribution = 0.95 x 5\n", "\n", "We can see that the remote worker agent only contributes `0.015625` to the blue agent's total reward:\n", "\n", - "$\\text{remote\\_worker\\_reward\\_contribution} = 0.5 \\times 0.03125$\n" + "remote_worked_shared_reward = 0.5 x 0.03125\n" ] }, {