#2887 - Resolve conflicts from merge
This commit is contained in:
@@ -69,8 +69,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -96,490 +96,423 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH"
|
||||
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH"
|
||||
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
19:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
20:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
21:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
22:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
23:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
24:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
25:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
26: # old action num: 18
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
27:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
28:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
29:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
30:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
31:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
32:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
33:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
34:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
35:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
36:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
37:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
38:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
39: # old action num: 19 # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
40: # old action num: 20
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
41: # old action num: 21
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
42:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
43:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
44:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
45:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
|
||||
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
48: # old action num: 24 # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
49: # old action num: 25 # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
50: # old action num: 26
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
51: # old action num: 27
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
52: # old action num: 28
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 0
|
||||
53: # old action num: 29
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 1
|
||||
54: # old action num: 30
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 2
|
||||
55: # old action num: 31
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 3
|
||||
56: # old action num: 32
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 4
|
||||
57: # old action num: 33
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 5
|
||||
58: # old action num: 34
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 6
|
||||
59: # old action num: 35
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 7
|
||||
60: # old action num: 36
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 8
|
||||
61: # old action num: 37
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_nodename: router_1
|
||||
target_router: router_1
|
||||
position: 9
|
||||
62: # old action num: 38
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
63: # old action num: 39
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
64: # old action num: 40
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
65: # old action num: 41
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
66: # old action num: 42
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
67: # old action num: 43
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
68: # old action num: 44
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
69: # old action num: 45
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
70: # old action num: 46
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
71: # old action num: 47
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
72: # old action num: 48
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
73: # old action num: 49
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
74: # old action num: 50
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
75: # old action num: 51
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
76: # old action num: 52
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
77: # old action num: 53
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -13,60 +13,19 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_nics_per_node: 2
|
||||
max_acl_rules: 10
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
action_probabilities:
|
||||
0: 1.0
|
||||
|
||||
- ref: data_manipulation_attacker
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_CORRUPT
|
||||
- type: NODE_OS_SCAN
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1,]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -115,8 +74,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -142,381 +101,327 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH"
|
||||
action: "node_file_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH"
|
||||
action: "node_folder_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
19: # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
20:
|
||||
action: "NODE_STARTUP"
|
||||
action: "node_startup"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
21:
|
||||
action: "NODE_RESET"
|
||||
action: "node_reset"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
24: # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
25: # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
26:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
27:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
28:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
29:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
30:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
31:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
32:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
33:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
34:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
35:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
36:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
37:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
38:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
39:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
40:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
41:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
42:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
43:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
44:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
45:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
46:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
47:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
48:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
49:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
50:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
51:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
52:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
53:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
- node_name: database_server
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -27,39 +27,22 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
action_probabilities:
|
||||
0: 0.4
|
||||
1: 0.6
|
||||
|
||||
simulation:
|
||||
network:
|
||||
|
||||
@@ -30,41 +30,26 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
|
||||
|
||||
action_probabilities:
|
||||
0: 0.4
|
||||
1: 0.6
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -103,8 +88,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -122,28 +107,10 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
options:
|
||||
nodes:
|
||||
- node_name: switch
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
- node_name: client_3
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.23
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -30,35 +30,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_2
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -79,35 +66,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -127,34 +101,12 @@ agents:
|
||||
- ref: data_manipulation_attacker
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1, client_2]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -187,7 +139,7 @@ agents:
|
||||
num_files: 1
|
||||
num_nics: 2
|
||||
include_num_access: false
|
||||
include_nmne: true
|
||||
include_nmne: true
|
||||
monitored_traffic:
|
||||
icmp:
|
||||
- NONE
|
||||
@@ -208,8 +160,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -235,490 +187,423 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
19:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
20:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
21:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
22:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
23:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
24:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
25:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
26: # old action num: 18
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
27:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
28:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
29:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
30:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
31:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
32:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
33:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
34:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
35:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
36:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
37:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
38:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
39: # old action num: 19 # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
40: # old action num: 20
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
41: # old action num: 21
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
42:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
43:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
44:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
45:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
|
||||
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
48: # old action num: 24 # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
49: # old action num: 25 # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
50: # old action num: 26
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
51: # old action num: 27
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
52: # old action num: 28
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
53: # old action num: 29
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
54: # old action num: 30
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
55: # old action num: 31
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
56: # old action num: 32
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
57: # old action num: 33
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
58: # old action num: 34
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
59: # old action num: 35
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
60: # old action num: 36
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
61: # old action num: 37
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
62: # old action num: 38
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
63: # old action num: 39
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
64: # old action num: 40
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
65: # old action num: 41
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
66: # old action num: 42
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
67: # old action num: 43
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
68: # old action num: 44
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
69: # old action num: 45
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
70: # old action num: 46
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
71: # old action num: 47
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
72: # old action num: 48
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
73: # old action num: 49
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
74: # old action num: 50
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
75: # old action num: 51
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
76: # old action num: 52
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
77: # old action num: 53
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -52,39 +52,22 @@ agents:
|
||||
- ref: client_1_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
action_probabilities:
|
||||
0: 0.4
|
||||
1: 0.6
|
||||
|
||||
|
||||
simulation:
|
||||
|
||||
@@ -13,72 +13,47 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_nics_per_node: 2
|
||||
max_acl_rules: 10
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
action_probabilities:
|
||||
0: 1.0
|
||||
|
||||
- ref: data_manipulation_attacker
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_CORRUPT
|
||||
- type: NODE_OS_SCAN
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
node_name: client_1
|
||||
application_name: DataManipulationBot
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1,]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -127,8 +102,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -154,381 +129,327 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH"
|
||||
action: "node_file_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH"
|
||||
action: "node_folder_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 1
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
19: # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
20:
|
||||
action: "NODE_STARTUP"
|
||||
action: "node_startup"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
21:
|
||||
action: "NODE_RESET"
|
||||
action: "node_reset"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
24: # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
25: # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
26:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
27:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
28:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
29:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
30:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
31:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
32:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
33:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
34:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
35:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
36:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
37:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
38:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
39:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
40:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
41:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
42:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
43:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
44:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
45:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
46:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
47:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
48:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
49:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
50:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
51:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
52:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
53:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
- node_name: database_server
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -30,35 +30,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_2
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -79,35 +66,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_1
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -128,33 +102,12 @@ agents:
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1, client_2]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -208,8 +161,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -235,491 +188,426 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_file_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_folder_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
19:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
20:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
21:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
22:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
23:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
24:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
25:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
26: # old action num: 18
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
27:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
28:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
29:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
30:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
31:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
32:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
33:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
34:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
35:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
36:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
37:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
38:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
39: # old action num: 19 # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
40: # old action num: 20
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
41: # old action num: 21
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
42:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
43:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
44:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
45:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
|
||||
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
48: # old action num: 24 # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
49: # old action num: 25 # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
50: # old action num: 26
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
51: # old action num: 27
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
52: # old action num: 28
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
53: # old action num: 29
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
54: # old action num: 30
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
55: # old action num: 31
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
56: # old action num: 32
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
57: # old action num: 33
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
58: # old action num: 34
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
59: # old action num: 35
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
60: # old action num: 36
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
61: # old action num: 37
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
62: # old action num: 38
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
63: # old action num: 39
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
64: # old action num: 40
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
65: # old action num: 41
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
66: # old action num: 42
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
67: # old action num: 43
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
68: # old action num: 44
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
69: # old action num: 45
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
70: # old action num: 46
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
71: # old action num: 47
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
72: # old action num: 48
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
73: # old action num: 49
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
74: # old action num: 50
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
75: # old action num: 51
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
76: # old action num: 52
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
77: # old action num: 53
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DATABASE_FILE_INTEGRITY
|
||||
|
||||
@@ -77,8 +77,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -95,181 +95,156 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: FIREWALL_ACL_ADDRULE
|
||||
- type: FIREWALL_ACL_REMOVERULE
|
||||
- type: NETWORK_PORT_DISABLE
|
||||
- type: NETWORK_PORT_ENABLE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
type: firewall_acl_add_rule
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: internal
|
||||
firewall_port_direction: inbound
|
||||
position: 1
|
||||
permission: 1
|
||||
source_ip_id: 2 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: PERMIT
|
||||
src_ip: 192.168.0.10
|
||||
dst_ip: ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
2:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: internal
|
||||
firewall_port_direction: inbound
|
||||
position: 1
|
||||
3:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: internal
|
||||
firewall_port_direction: outbound
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 2 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 2
|
||||
dest_port_id: 3
|
||||
protocol_id: 2
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.0.10 # client 1
|
||||
dst_ip: ALL
|
||||
src_port: ARP
|
||||
dst_port: DNS
|
||||
protocol_name: ICMP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
4:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: internal
|
||||
firewall_port_direction: outbound
|
||||
position: 1
|
||||
5:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: dmz
|
||||
firewall_port_direction: inbound
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 3 # dmz_server
|
||||
dest_ip_id: 2 # client_1
|
||||
source_port_id: 4
|
||||
dest_port_id: 4
|
||||
protocol_id: 4
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.10 # dmz_server
|
||||
dst_ip: 192.168.0.10 # client_1
|
||||
src_port: HTTP
|
||||
dst_port: HTTP
|
||||
protocol_name: UDP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
6:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: dmz
|
||||
firewall_port_direction: inbound
|
||||
position: 1
|
||||
7:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: dmz
|
||||
firewall_port_direction: outbound
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 3 # dmz_server
|
||||
dest_ip_id: 2 # client_1
|
||||
source_port_id: 4
|
||||
dest_port_id: 4
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.10 # dmz_server
|
||||
dst_ip: 192.168.0.10 # client_1
|
||||
src_port: HTTP
|
||||
dst_port: HTTP
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
8:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: dmz
|
||||
firewall_port_direction: outbound
|
||||
position: 2
|
||||
9:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: external
|
||||
firewall_port_direction: inbound
|
||||
position: 10
|
||||
permission: 2
|
||||
source_ip_id: 4 # external_computer
|
||||
dest_ip_id: 3 # dmz
|
||||
source_port_id: 5
|
||||
dest_port_id: 5
|
||||
protocol_id: 2
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.20.10 # external_computer
|
||||
dst_ip: 192.168.10.10 # dmz
|
||||
src_port: POSTGRES_SERVER
|
||||
dst_port: POSTGRES_SERVER
|
||||
protocol_name: ICMP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
10:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: external
|
||||
firewall_port_direction: inbound
|
||||
position: 10
|
||||
11:
|
||||
action: FIREWALL_ACL_ADDRULE
|
||||
action: firewall_acl_add_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: external
|
||||
firewall_port_direction: outbound
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 4 # external_computer
|
||||
dest_ip_id: 2 # client_1
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.20.10 # external_computer
|
||||
dst_ip: 192.168.0.10 # client_1
|
||||
src_port: NONE
|
||||
dst_port: NONE
|
||||
protocol_name: none
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
12:
|
||||
action: FIREWALL_ACL_REMOVERULE
|
||||
action: firewall_acl_remove_rule
|
||||
options:
|
||||
target_firewall_nodename: firewall
|
||||
firewall_port_name: external
|
||||
firewall_port_direction: outbound
|
||||
position: 1
|
||||
13:
|
||||
action: NETWORK_PORT_DISABLE
|
||||
action: network_port_disable
|
||||
options:
|
||||
type: network_port_disable
|
||||
target_nodename: firewall
|
||||
port_id: 3
|
||||
port_num: 3
|
||||
14:
|
||||
action: NETWORK_PORT_ENABLE
|
||||
action: network_port_enable
|
||||
options:
|
||||
type: network_port_enable
|
||||
target_nodename: firewall
|
||||
port_id: 3
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
- node_name: dmz_server
|
||||
- node_name: external_computer
|
||||
ip_list:
|
||||
- 192.168.0.10
|
||||
- 192.168.10.10
|
||||
- 192.168.20.10
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
port_num: 3
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -27,40 +27,21 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
|
||||
action_probabilities:
|
||||
0: 0.4
|
||||
1: 0.6
|
||||
|
||||
|
||||
- ref: defender
|
||||
@@ -100,8 +81,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -119,28 +100,10 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
options:
|
||||
nodes:
|
||||
- node_name: switch
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
- node_name: client_3
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.23
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -185,7 +148,7 @@ simulation:
|
||||
options:
|
||||
db_server_ip: 192.168.1.10
|
||||
server_password: arcd
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: DataManipulationBot
|
||||
options:
|
||||
port_scan_p_of_success: 0.8
|
||||
@@ -206,7 +169,7 @@ simulation:
|
||||
arcd.com: 192.168.1.10
|
||||
- type: DatabaseService
|
||||
options:
|
||||
fix_duration: 5
|
||||
fixing_duration: 5
|
||||
backup_server_ip: 192.168.1.10
|
||||
- type: WebServer
|
||||
- type: FTPClient
|
||||
@@ -18,80 +18,63 @@ agents:
|
||||
team: BLUE
|
||||
type: ProxyAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_INSTALL
|
||||
- type: CONFIGURE_DATABASE_CLIENT
|
||||
- type: CONFIGURE_DOSBOT
|
||||
- type: CONFIGURE_RANSOMWARE_SCRIPT
|
||||
- type: NODE_APPLICATION_REMOVE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_INSTALL
|
||||
action: node_application_install
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: client_1
|
||||
application_name: DatabaseClient
|
||||
2:
|
||||
action: NODE_APPLICATION_INSTALL
|
||||
action: node_application_install
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: client_2
|
||||
application_name: RansomwareScript
|
||||
3:
|
||||
action: NODE_APPLICATION_INSTALL
|
||||
action: node_application_install
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: client_3
|
||||
application_name: DoSBot
|
||||
4:
|
||||
action: CONFIGURE_DATABASE_CLIENT
|
||||
action: configure_database_client
|
||||
options:
|
||||
node_id: 0
|
||||
config:
|
||||
server_ip_address: 10.0.0.5
|
||||
node_name: client_1
|
||||
server_ip_address: 10.0.0.5
|
||||
5:
|
||||
action: CONFIGURE_DATABASE_CLIENT
|
||||
action: configure_database_client
|
||||
options:
|
||||
node_id: 0
|
||||
config:
|
||||
server_password: correct_password
|
||||
node_name: client_1
|
||||
server_password: correct_password
|
||||
6:
|
||||
action: CONFIGURE_RANSOMWARE_SCRIPT
|
||||
action: configure_ransomware_script
|
||||
options:
|
||||
node_id: 1
|
||||
config:
|
||||
server_ip_address: 10.0.0.5
|
||||
server_password: correct_password
|
||||
payload: ENCRYPT
|
||||
node_name: client_2
|
||||
server_ip_address: 10.0.0.5
|
||||
server_password: correct_password
|
||||
payload: ENCRYPT
|
||||
7:
|
||||
action: CONFIGURE_DOSBOT
|
||||
action: configure_dos_bot
|
||||
options:
|
||||
node_id: 2
|
||||
config:
|
||||
target_ip_address: 10.0.0.5
|
||||
target_port: POSTGRES_SERVER
|
||||
payload: DELETE
|
||||
repeat: true
|
||||
port_scan_p_of_success: 1.0
|
||||
dos_intensity: 1.0
|
||||
max_sessions: 1000
|
||||
node_name: client_3
|
||||
target_ip_address: 10.0.0.5
|
||||
target_port: POSTGRES_SERVER
|
||||
payload: DELETE
|
||||
repeat: true
|
||||
port_scan_p_of_success: 1.0
|
||||
dos_intensity: 1.0
|
||||
max_sessions: 1000
|
||||
8:
|
||||
action: NODE_APPLICATION_INSTALL
|
||||
action: node_application_install
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: client_2
|
||||
application_name: DatabaseClient
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
- node_name: client_3
|
||||
ip_list: []
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
agent_settings:
|
||||
flatten_obs: True
|
||||
action_masking: False
|
||||
|
||||
simulation:
|
||||
network:
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -22,32 +22,17 @@ agents:
|
||||
- ref: client_1_red_nmap
|
||||
team: RED
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: NMAP
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
action_list:
|
||||
- type: NODE_NMAP_NETWORK_SERVICE_RECON
|
||||
action_map:
|
||||
0:
|
||||
action: NODE_NMAP_NETWORK_SERVICE_RECON
|
||||
action: node_network_service_recon
|
||||
options:
|
||||
source_node: client_1
|
||||
target_ip_address: 192.168.10.0/24
|
||||
target_port: 80
|
||||
target_protocol: tcp
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
show: false
|
||||
agent_settings:
|
||||
action_probabilities:
|
||||
0: 1.0
|
||||
|
||||
@@ -22,29 +22,15 @@ agents:
|
||||
- ref: client_1_red_nmap
|
||||
team: RED
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: NMAP
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
action_list:
|
||||
- type: NODE_NMAP_PING_SCAN
|
||||
action_map:
|
||||
0:
|
||||
action: NODE_NMAP_PING_SCAN
|
||||
action: node_nmap_ping_scan
|
||||
options:
|
||||
source_node: client_1
|
||||
target_ip_address: 192.168.1.0/24
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
show: False
|
||||
|
||||
agent_settings:
|
||||
action_probabilities:
|
||||
|
||||
@@ -22,22 +22,11 @@ agents:
|
||||
- ref: client_1_red_nmap
|
||||
team: RED
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: NMAP
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
action_list:
|
||||
- type: NODE_NMAP_PORT_SCAN
|
||||
action_map:
|
||||
0:
|
||||
action: NODE_NMAP_PORT_SCAN
|
||||
action: node_nmap_port_scan
|
||||
options:
|
||||
source_node: client_1
|
||||
target_ip_address: 192.168.10.0/24
|
||||
@@ -47,10 +36,7 @@ agents:
|
||||
- 80
|
||||
- 123
|
||||
- 219
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
show: false
|
||||
|
||||
agent_settings:
|
||||
action_probabilities:
|
||||
|
||||
@@ -6,25 +6,17 @@ agents: &greens
|
||||
action_probabilities:
|
||||
0: 0.2
|
||||
1: 0.8
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -6,25 +6,17 @@ agents: &greens
|
||||
action_probabilities:
|
||||
0: 0.95
|
||||
1: 0.05
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -3,24 +3,9 @@ reds: &reds
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 10
|
||||
frequency: 10
|
||||
variance: 0
|
||||
possible_start_nodes: [client,]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 10
|
||||
frequency: 10
|
||||
variance: 0
|
||||
|
||||
@@ -2,25 +2,9 @@ reds: &reds
|
||||
- ref: red_B
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 3
|
||||
frequency: 2
|
||||
variance: 1
|
||||
possible_start_nodes: [client_1,]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 3
|
||||
frequency: 2
|
||||
variance: 1
|
||||
|
||||
@@ -54,65 +54,46 @@ agents:
|
||||
- server:eth-1<->switch_1:eth-2
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_SHUTDOWN
|
||||
action: node_shutdown
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: client
|
||||
2:
|
||||
action: NODE_SHUTDOWN
|
||||
action: node_shutdown
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: server
|
||||
3:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: client
|
||||
4:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: server
|
||||
5:
|
||||
action: HOST_NIC_DISABLE
|
||||
action: host_nic_disable
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: client
|
||||
nic_num: 1
|
||||
6:
|
||||
action: HOST_NIC_DISABLE
|
||||
action: host_nic_disable
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: server
|
||||
nic_num: 1
|
||||
7:
|
||||
action: HOST_NIC_ENABLE
|
||||
action: host_nic_enable
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: client
|
||||
nic_num: 1
|
||||
8:
|
||||
action: HOST_NIC_ENABLE
|
||||
action: host_nic_enable
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client
|
||||
- node_name: server
|
||||
|
||||
max_folders_per_node: 0
|
||||
max_files_per_folder: 0
|
||||
max_services_per_node: 0
|
||||
max_nics_per_node: 1
|
||||
max_acl_rules: 0
|
||||
ip_list:
|
||||
- 192.168.1.2
|
||||
- 192.168.1.3
|
||||
node_name: server
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -29,35 +29,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_2
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -78,35 +65,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_1
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -123,33 +97,12 @@ agents:
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1, client_2]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -198,8 +151,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -225,490 +178,423 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH"
|
||||
action: "node_file_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH"
|
||||
action: "node_folder_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
19:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
20:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
21:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
22:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
23:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
24:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
25:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
26: # old action num: 18
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
27:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
28:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
29:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
30:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
31:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
32:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
33:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
34:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
35:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
36:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
37:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
38:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
39: # old action num: 19 # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
40: # old action num: 20
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
41: # old action num: 21
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
42:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
43:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
44:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
45:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
|
||||
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
48: # old action num: 24 # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
49: # old action num: 25 # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
50: # old action num: 26
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
51: # old action num: 27
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
52: # old action num: 28
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
53: # old action num: 29
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
54: # old action num: 30
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
55: # old action num: 31
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
56: # old action num: 32
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
57: # old action num: 33
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
58: # old action num: 34
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
59: # old action num: 35
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
60: # old action num: 36
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
61: # old action num: 37
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
62: # old action num: 38
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
63: # old action num: 39
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
64: # old action num: 40
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
65: # old action num: 41
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
66: # old action num: 42
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
67: # old action num: 43
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
68: # old action num: 44
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
69: # old action num: 45
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
70: # old action num: 46
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
71: # old action num: 47
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
72: # old action num: 48
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
73: # old action num: 49
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
74: # old action num: 50
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
75: # old action num: 51
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
76: # old action num: 52
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
77: # old action num: 53
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -27,40 +27,21 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
agent_settings:
|
||||
start_settings:
|
||||
start_step: 5
|
||||
frequency: 4
|
||||
variance: 3
|
||||
|
||||
action_probabilities:
|
||||
0: 0.4
|
||||
1: 0.6
|
||||
|
||||
|
||||
- ref: defender
|
||||
@@ -100,8 +81,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -119,28 +100,10 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
options:
|
||||
nodes:
|
||||
- node_name: switch
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
- node_name: client_3
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.23
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -179,19 +142,19 @@ simulation:
|
||||
applications:
|
||||
- type: NMAP
|
||||
options:
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: RansomwareScript
|
||||
options:
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: WebBrowser
|
||||
options:
|
||||
target_url: http://arcd.com/users/
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: DatabaseClient
|
||||
options:
|
||||
db_server_ip: 192.168.1.10
|
||||
server_password: arcd
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: DataManipulationBot
|
||||
options:
|
||||
port_scan_p_of_success: 0.8
|
||||
@@ -199,43 +162,44 @@ simulation:
|
||||
payload: "DELETE"
|
||||
server_ip: 192.168.1.21
|
||||
server_password: arcd
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
- type: DoSBot
|
||||
options:
|
||||
target_ip_address: 192.168.10.21
|
||||
payload: SPOOF DATA
|
||||
port_scan_p_of_success: 0.8
|
||||
fix_duration: 1
|
||||
fixing_duration: 1
|
||||
services:
|
||||
- type: DNSClient
|
||||
options:
|
||||
fix_duration: 3
|
||||
dns_server: 192.168.1.10
|
||||
fixing_duration: 3
|
||||
- type: DNSServer
|
||||
options:
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
domain_mapping:
|
||||
arcd.com: 192.168.1.10
|
||||
- type: DatabaseService
|
||||
options:
|
||||
backup_server_ip: 192.168.1.10
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- type: WebServer
|
||||
options:
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- type: FTPClient
|
||||
options:
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- type: FTPServer
|
||||
options:
|
||||
server_password: arcd
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- type: NTPClient
|
||||
options:
|
||||
ntp_server_ip: 192.168.1.10
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- type: NTPServer
|
||||
options:
|
||||
fix_duration: 3
|
||||
fixing_duration: 3
|
||||
- hostname: client_2
|
||||
type: computer
|
||||
ip_address: 192.168.10.22
|
||||
@@ -29,35 +29,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_2
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_2
|
||||
application_name: DatabaseClient
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -78,35 +65,22 @@ agents:
|
||||
0: 0.3
|
||||
1: 0.6
|
||||
2: 0.1
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: WebBrowser
|
||||
- application_name: DatabaseClient
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_applications_per_node: 2
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
2:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 1
|
||||
node_name: client_1
|
||||
application_name: WebBrowser
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
@@ -127,33 +101,12 @@ agents:
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
- node_name: client_2
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1, client_2]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -202,8 +155,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -229,524 +182,449 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
- type: NODE_APPLICATION_INSTALL
|
||||
- type: NODE_APPLICATION_REMOVE
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
- type: CONFIGURE_DOSBOT
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
19:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
20:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
21:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
22:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
23:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
24:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
25:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 1
|
||||
node_name: web_server
|
||||
26: # old action num: 18
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
27:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
28:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
29:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
30:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
31:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
32:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
33:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 3
|
||||
node_name: backup_server
|
||||
34:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
35:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
36:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
37:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 4
|
||||
node_name: security_suite
|
||||
38:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
39: # old action num: 19 # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
40: # old action num: 20
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
41: # old action num: 21
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
42:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
43:
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
44:
|
||||
action: NODE_STARTUP
|
||||
action: node_startup
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
45:
|
||||
action: NODE_RESET
|
||||
action: node_reset
|
||||
options:
|
||||
node_id: 6
|
||||
node_name: client_2
|
||||
|
||||
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
48: # old action num: 24 # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
49: # old action num: 25 # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
50: # old action num: 26
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
51: # old action num: 27
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
52: # old action num: 28
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 0
|
||||
53: # old action num: 29
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 1
|
||||
54: # old action num: 30
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 2
|
||||
55: # old action num: 31
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 3
|
||||
56: # old action num: 32
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 4
|
||||
57: # old action num: 33
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 5
|
||||
58: # old action num: 34
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 6
|
||||
59: # old action num: 35
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 7
|
||||
60: # old action num: 36
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 8
|
||||
61: # old action num: 37
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router_hostname: router_1
|
||||
target_router: router_1
|
||||
position: 9
|
||||
62: # old action num: 38
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
63: # old action num: 39
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
64: # old action num: 40
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
65: # old action num: 41
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
66: # old action num: 42
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
67: # old action num: 43
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
68: # old action num: 44
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
69: # old action num: 45
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
70: # old action num: 46
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
71: # old action num: 47
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
72: # old action num: 48
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
73: # old action num: 49
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
74: # old action num: 50
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
75: # old action num: 51
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
76: # old action num: 52
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
77: # old action num: 53
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
78:
|
||||
action: NODE_APPLICATION_INSTALL
|
||||
action: node_application_install
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
application_name: DoSBot
|
||||
79:
|
||||
action: NODE_APPLICATION_REMOVE
|
||||
action: node_application_remove
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
application_name: DoSBot
|
||||
80:
|
||||
action: NODE_APPLICATION_REMOVE
|
||||
action: node_application_remove
|
||||
options:
|
||||
node_id: 0
|
||||
node_name: domain_controller
|
||||
application_name: WebBrowser
|
||||
81:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
node_name: domain_controller
|
||||
application_name: DoSBot
|
||||
82:
|
||||
action: CONFIGURE_DOSBOT
|
||||
action: configure_dos_bot
|
||||
options:
|
||||
node_id: 0
|
||||
config:
|
||||
target_ip_address: 192.168.1.14
|
||||
target_port: POSTGRES_SERVER
|
||||
|
||||
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
applications:
|
||||
- application_name: DoSBot
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
|
||||
node_name: domain_controller
|
||||
target_ip_address: 192.168.1.14
|
||||
target_port: POSTGRES_SERVER
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -21,73 +21,40 @@ agents:
|
||||
- ref: client_2_green_user
|
||||
team: GREEN
|
||||
type: ProbabilisticAgent
|
||||
observation_space: null
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_2
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
max_nics_per_node: 2
|
||||
max_acl_rules: 10
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
action_probabilities:
|
||||
0: 1.0
|
||||
|
||||
- ref: data_manipulation_attacker
|
||||
team: RED
|
||||
type: RedDatabaseCorruptingAgent
|
||||
|
||||
observation_space: null
|
||||
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_APPLICATION_EXECUTE
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_CORRUPT
|
||||
- type: NODE_OS_SCAN
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
1:
|
||||
action: NODE_APPLICATION_EXECUTE
|
||||
action: node_application_execute
|
||||
options:
|
||||
node_id: 0
|
||||
application_id: 0
|
||||
options:
|
||||
nodes:
|
||||
- node_name: client_1
|
||||
applications:
|
||||
- application_name: DataManipulationBot
|
||||
max_folders_per_node: 1
|
||||
max_files_per_folder: 1
|
||||
max_services_per_node: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
- type: DUMMY
|
||||
node_name: client_1
|
||||
application_name: DataManipulationBot
|
||||
|
||||
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
|
||||
start_settings:
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
possible_start_nodes: [client_1,]
|
||||
target_application: DataManipulationBot
|
||||
start_step: 25
|
||||
frequency: 20
|
||||
variance: 5
|
||||
|
||||
- ref: defender
|
||||
team: BLUE
|
||||
@@ -136,8 +103,8 @@ agents:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -163,391 +130,326 @@ agents:
|
||||
options: {}
|
||||
|
||||
action_space:
|
||||
action_list:
|
||||
- type: DONOTHING
|
||||
- type: NODE_SERVICE_SCAN
|
||||
- type: NODE_SERVICE_STOP
|
||||
- type: NODE_SERVICE_START
|
||||
- type: NODE_SERVICE_PAUSE
|
||||
- type: NODE_SERVICE_RESUME
|
||||
- type: NODE_SERVICE_RESTART
|
||||
- type: NODE_SERVICE_DISABLE
|
||||
- type: NODE_SERVICE_ENABLE
|
||||
- type: NODE_SERVICE_FIX
|
||||
- type: NODE_FILE_SCAN
|
||||
- type: NODE_FILE_CHECKHASH
|
||||
- type: NODE_FILE_DELETE
|
||||
- type: NODE_FILE_REPAIR
|
||||
- type: NODE_FILE_RESTORE
|
||||
- type: NODE_FOLDER_SCAN
|
||||
- type: NODE_FOLDER_CHECKHASH
|
||||
- type: NODE_FOLDER_REPAIR
|
||||
- type: NODE_FOLDER_RESTORE
|
||||
- type: NODE_OS_SCAN
|
||||
- type: NODE_SHUTDOWN
|
||||
- type: NODE_STARTUP
|
||||
- type: NODE_RESET
|
||||
- type: ROUTER_ACL_ADDRULE
|
||||
- type: ROUTER_ACL_REMOVERULE
|
||||
- type: HOST_NIC_ENABLE
|
||||
- type: HOST_NIC_DISABLE
|
||||
|
||||
action_map:
|
||||
0:
|
||||
action: DONOTHING
|
||||
action: do_nothing
|
||||
options: {}
|
||||
# scan webapp service
|
||||
1:
|
||||
action: NODE_SERVICE_SCAN
|
||||
action: node_service_scan
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# stop webapp service
|
||||
2:
|
||||
action: NODE_SERVICE_STOP
|
||||
action: node_service_stop
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
# start webapp service
|
||||
3:
|
||||
action: "NODE_SERVICE_START"
|
||||
action: "node_service_start"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
4:
|
||||
action: "NODE_SERVICE_PAUSE"
|
||||
action: "node_service_pause"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
5:
|
||||
action: "NODE_SERVICE_RESUME"
|
||||
action: "node_service_resume"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
6:
|
||||
action: "NODE_SERVICE_RESTART"
|
||||
action: "node_service_restart"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
7:
|
||||
action: "NODE_SERVICE_DISABLE"
|
||||
action: "node_service_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
8:
|
||||
action: "NODE_SERVICE_ENABLE"
|
||||
action: "node_service_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
service_id: 0
|
||||
node_name: web_server
|
||||
service_name: WebServer
|
||||
9: # check database.db file
|
||||
action: "NODE_FILE_SCAN"
|
||||
action: "node_file_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
10:
|
||||
action: "NODE_FILE_CHECKHASH"
|
||||
action: "node_file_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
11:
|
||||
action: "NODE_FILE_DELETE"
|
||||
action: "node_file_delete"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
12:
|
||||
action: "NODE_FILE_REPAIR"
|
||||
action: "node_file_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
file_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
file_name: database.db
|
||||
13:
|
||||
action: "NODE_SERVICE_FIX"
|
||||
action: "node_service_fix"
|
||||
options:
|
||||
node_id: 2
|
||||
service_id: 0
|
||||
node_name: database_server
|
||||
service_name: DatabaseService
|
||||
14:
|
||||
action: "NODE_FOLDER_SCAN"
|
||||
action: "node_folder_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
15:
|
||||
action: "NODE_FOLDER_CHECKHASH"
|
||||
action: "node_folder_checkhash"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
16:
|
||||
action: "NODE_FOLDER_REPAIR"
|
||||
action: "node_folder_repair"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
17:
|
||||
action: "NODE_FOLDER_RESTORE"
|
||||
action: "node_folder_restore"
|
||||
options:
|
||||
node_id: 2
|
||||
folder_id: 0
|
||||
node_name: database_server
|
||||
folder_name: database
|
||||
18:
|
||||
action: "NODE_OS_SCAN"
|
||||
action: "node_os_scan"
|
||||
options:
|
||||
node_id: 2
|
||||
node_name: database_server
|
||||
19: # shutdown client 1
|
||||
action: "NODE_SHUTDOWN"
|
||||
action: "node_shutdown"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
20:
|
||||
action: "NODE_STARTUP"
|
||||
action: "node_startup"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
21:
|
||||
action: "NODE_RESET"
|
||||
action: "node_reset"
|
||||
options:
|
||||
node_id: 5
|
||||
node_name: client_1
|
||||
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 1 # ALL
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 1
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: ALL # ALL
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: ALL
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
24: # block tcp traffic from client 1 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
25: # block tcp traffic from client 2 to web app
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 3 # web server
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.12 # web server
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
26:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
permission: 2
|
||||
source_ip_id: 7 # client 1
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.21 # client 1
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
27:
|
||||
action: "ROUTER_ACL_ADDRULE"
|
||||
action: "router_acl_add_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
permission: 2
|
||||
source_ip_id: 8 # client 2
|
||||
dest_ip_id: 4 # database
|
||||
source_port_id: 1
|
||||
dest_port_id: 1
|
||||
protocol_id: 3
|
||||
source_wildcard_id: 0
|
||||
dest_wildcard_id: 0
|
||||
permission: DENY
|
||||
src_ip: 192.168.10.22 # client 2
|
||||
dst_ip: 192.168.1.14 # database
|
||||
src_port: ALL
|
||||
dst_port: ALL
|
||||
protocol_name: TCP
|
||||
src_wildcard: NONE
|
||||
dst_wildcard: NONE
|
||||
28:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 0
|
||||
29:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 1
|
||||
30:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 2
|
||||
31:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 3
|
||||
32:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 4
|
||||
33:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 5
|
||||
34:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 6
|
||||
35:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 7
|
||||
36:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 8
|
||||
37:
|
||||
action: "ROUTER_ACL_REMOVERULE"
|
||||
action: "router_acl_remove_rule"
|
||||
options:
|
||||
target_router: router_1
|
||||
position: 9
|
||||
38:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
39:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 0
|
||||
nic_id: 0
|
||||
node_name: domain_controller
|
||||
nic_num: 1
|
||||
40:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
41:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 1
|
||||
nic_id: 0
|
||||
node_name: web_server
|
||||
nic_num: 1
|
||||
42:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
43:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 2
|
||||
nic_id: 0
|
||||
node_name: database_server
|
||||
nic_num: 1
|
||||
44:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
45:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 3
|
||||
nic_id: 0
|
||||
node_name: backup_server
|
||||
nic_num: 1
|
||||
46:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
47:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 0
|
||||
node_name: security_suite
|
||||
nic_num: 1
|
||||
48:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
49:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 4
|
||||
nic_id: 1
|
||||
node_name: security_suite
|
||||
nic_num: 2
|
||||
50:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
51:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 5
|
||||
nic_id: 0
|
||||
node_name: client_1
|
||||
nic_num: 1
|
||||
52:
|
||||
action: "HOST_NIC_DISABLE"
|
||||
action: "host_nic_disable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
53:
|
||||
action: "HOST_NIC_ENABLE"
|
||||
action: "host_nic_enable"
|
||||
options:
|
||||
node_id: 6
|
||||
nic_id: 0
|
||||
|
||||
|
||||
options:
|
||||
nodes:
|
||||
- node_name: domain_controller
|
||||
- node_name: web_server
|
||||
applications:
|
||||
- application_name: DatabaseClient
|
||||
services:
|
||||
- service_name: WebServer
|
||||
- node_name: database_server
|
||||
folders:
|
||||
- folder_name: database
|
||||
files:
|
||||
- file_name: database.db
|
||||
services:
|
||||
- service_name: DatabaseService
|
||||
- node_name: backup_server
|
||||
- node_name: security_suite
|
||||
- node_name: client_1
|
||||
- node_name: client_2
|
||||
|
||||
max_folders_per_node: 2
|
||||
max_files_per_folder: 2
|
||||
max_services_per_node: 2
|
||||
max_nics_per_node: 8
|
||||
max_acl_rules: 10
|
||||
ip_list:
|
||||
- 192.168.1.10
|
||||
- 192.168.1.12
|
||||
- 192.168.1.14
|
||||
- 192.168.1.16
|
||||
- 192.168.1.110
|
||||
- 192.168.10.21
|
||||
- 192.168.10.22
|
||||
- 192.168.10.110
|
||||
node_name: client_2
|
||||
nic_num: 1
|
||||
|
||||
reward_function:
|
||||
reward_components:
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
# © Crown-owned copyright 2025, Defence Science and Technology Laboratory UK
|
||||
from typing import Any, Dict, Tuple
|
||||
from typing import Any, Dict, Optional, Tuple
|
||||
|
||||
import pytest
|
||||
import yaml
|
||||
from pydantic import Field
|
||||
from ray import init as rayinit
|
||||
|
||||
from primaite import getLogger, PRIMAITE_PATHS
|
||||
@@ -10,6 +11,7 @@ from primaite.game.agent.actions import ActionManager
|
||||
from primaite.game.agent.interface import AbstractAgent
|
||||
from primaite.game.agent.observations.observation_manager import NestedObservation, ObservationManager
|
||||
from primaite.game.agent.rewards import RewardFunction
|
||||
from primaite.game.agent.scripted_agents.probabilistic_agent import ProbabilisticAgent
|
||||
from primaite.game.game import PrimaiteGame
|
||||
from primaite.simulator.file_system.file_system import FileSystem
|
||||
from primaite.simulator.network.container import Network
|
||||
@@ -37,9 +39,16 @@ ACTION_SPACE_NODE_ACTION_VALUES = 1
|
||||
_LOGGER = getLogger(__name__)
|
||||
|
||||
|
||||
class DummyService(Service):
|
||||
class DummyService(Service, identifier="DummyService"):
|
||||
"""Test Service class"""
|
||||
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSchema for DummyService."""
|
||||
|
||||
type: str = "DummyService"
|
||||
|
||||
config: "DummyService.ConfigSchema" = Field(default_factory=lambda: DummyService.ConfigSchema())
|
||||
|
||||
def describe_state(self) -> Dict:
|
||||
return super().describe_state()
|
||||
|
||||
@@ -56,6 +65,13 @@ class DummyService(Service):
|
||||
class DummyApplication(Application, identifier="DummyApplication"):
|
||||
"""Test Application class"""
|
||||
|
||||
class ConfigSchema(Application.ConfigSchema):
|
||||
"""ConfigSchema for DummyApplication."""
|
||||
|
||||
type: str = "DummyApplication"
|
||||
|
||||
config: "DummyApplication.ConfigSchema" = Field(default_factory=lambda: DummyApplication.ConfigSchema())
|
||||
|
||||
def __init__(self, **kwargs):
|
||||
kwargs["name"] = "DummyApplication"
|
||||
kwargs["port"] = PORT_LOOKUP["HTTP"]
|
||||
@@ -196,7 +212,7 @@ def example_network() -> Network:
|
||||
|
||||
# Router 1
|
||||
|
||||
router_1_cfg = {"hostname":"router_1", "type":"router"}
|
||||
router_1_cfg = {"hostname": "router_1", "type": "router"}
|
||||
|
||||
# router_1 = Router(hostname="router_1", start_up_duration=0)
|
||||
router_1 = Router.from_config(config=router_1_cfg)
|
||||
@@ -226,27 +242,30 @@ def example_network() -> Network:
|
||||
|
||||
# # Client 1
|
||||
|
||||
client_1_cfg = {"type": "computer",
|
||||
"hostname": "client_1",
|
||||
"ip_address": "192.168.10.21",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.10.1",
|
||||
"start_up_duration": 0}
|
||||
client_1_cfg = {
|
||||
"type": "computer",
|
||||
"hostname": "client_1",
|
||||
"ip_address": "192.168.10.21",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.10.1",
|
||||
"start_up_duration": 0,
|
||||
}
|
||||
|
||||
client_1=Computer.from_config(config=client_1_cfg)
|
||||
client_1 = Computer.from_config(config=client_1_cfg)
|
||||
|
||||
client_1.power_on()
|
||||
network.connect(endpoint_b=client_1.network_interface[1], endpoint_a=switch_2.network_interface[1])
|
||||
|
||||
# # Client 2
|
||||
|
||||
client_2_cfg = {"type": "computer",
|
||||
"hostname": "client_2",
|
||||
"ip_address": "192.168.10.22",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.10.1",
|
||||
"start_up_duration": 0,
|
||||
}
|
||||
client_2_cfg = {
|
||||
"type": "computer",
|
||||
"hostname": "client_2",
|
||||
"ip_address": "192.168.10.22",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.10.1",
|
||||
"start_up_duration": 0,
|
||||
}
|
||||
|
||||
client_2 = Computer.from_config(config=client_2_cfg)
|
||||
|
||||
@@ -255,13 +274,14 @@ def example_network() -> Network:
|
||||
|
||||
# # Server 1
|
||||
|
||||
server_1_cfg = {"type": "server",
|
||||
"hostname": "server_1",
|
||||
"ip_address":"192.168.1.10",
|
||||
"subnet_mask":"255.255.255.0",
|
||||
"default_gateway":"192.168.1.1",
|
||||
"start_up_duration":0,
|
||||
}
|
||||
server_1_cfg = {
|
||||
"type": "server",
|
||||
"hostname": "server_1",
|
||||
"ip_address": "192.168.1.10",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.1.1",
|
||||
"start_up_duration": 0,
|
||||
}
|
||||
|
||||
server_1 = Server.from_config(config=server_1_cfg)
|
||||
|
||||
@@ -270,12 +290,13 @@ def example_network() -> Network:
|
||||
|
||||
# # DServer 2
|
||||
|
||||
server_2_cfg = {"type": "server",
|
||||
"hostname": "server_2",
|
||||
"ip_address":"192.168.1.14",
|
||||
"subnet_mask":"255.255.255.0",
|
||||
"default_gateway":"192.168.1.1",
|
||||
"start_up_duration":0,
|
||||
server_2_cfg = {
|
||||
"type": "server",
|
||||
"hostname": "server_2",
|
||||
"ip_address": "192.168.1.14",
|
||||
"subnet_mask": "255.255.255.0",
|
||||
"default_gateway": "192.168.1.1",
|
||||
"start_up_duration": 0,
|
||||
}
|
||||
|
||||
server_2 = Server.from_config(config=server_2_cfg)
|
||||
@@ -292,23 +313,16 @@ def example_network() -> Network:
|
||||
return network
|
||||
|
||||
|
||||
class ControlledAgent(AbstractAgent):
|
||||
class ControlledAgent(AbstractAgent, identifier="ControlledAgent"):
|
||||
"""Agent that can be controlled by the tests."""
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
agent_name: str,
|
||||
action_space: ActionManager,
|
||||
observation_space: ObservationManager,
|
||||
reward_function: RewardFunction,
|
||||
) -> None:
|
||||
super().__init__(
|
||||
agent_name=agent_name,
|
||||
action_space=action_space,
|
||||
observation_space=observation_space,
|
||||
reward_function=reward_function,
|
||||
)
|
||||
self.most_recent_action: Tuple[str, Dict]
|
||||
config: "ControlledAgent.ConfigSchema" = Field(default_factory=lambda: ControlledAgent.ConfigSchema())
|
||||
most_recent_action: Optional[Tuple[str, Dict]] = None
|
||||
|
||||
class ConfigSchema(AbstractAgent.ConfigSchema):
|
||||
"""Configuration Schema for Abstract Agent used in tests."""
|
||||
|
||||
type: str = "ControlledAgent"
|
||||
|
||||
def get_action(self, obs: None, timestep: int = 0) -> Tuple[str, Dict]:
|
||||
"""Return the agent's most recent action, formatted in CAOS format."""
|
||||
@@ -403,6 +417,7 @@ def install_stuff_to_sim(sim: Simulation):
|
||||
# 5: Assert that the simulation starts off in the state that we expect
|
||||
assert len(sim.network.nodes) == 6
|
||||
assert len(sim.network.links) == 5
|
||||
|
||||
# 5.1: Assert the router is correctly configured
|
||||
r = sim.network.router_nodes[0]
|
||||
for i, acl_rule in enumerate(r.acl.acl):
|
||||
@@ -446,97 +461,13 @@ def game_and_agent():
|
||||
sim = game.simulation
|
||||
install_stuff_to_sim(sim)
|
||||
|
||||
actions = [
|
||||
{"type": "DONOTHING"},
|
||||
{"type": "NODE_SERVICE_SCAN"},
|
||||
{"type": "NODE_SERVICE_STOP"},
|
||||
{"type": "NODE_SERVICE_START"},
|
||||
{"type": "NODE_SERVICE_PAUSE"},
|
||||
{"type": "NODE_SERVICE_RESUME"},
|
||||
{"type": "NODE_SERVICE_RESTART"},
|
||||
{"type": "NODE_SERVICE_DISABLE"},
|
||||
{"type": "NODE_SERVICE_ENABLE"},
|
||||
{"type": "NODE_SERVICE_FIX"},
|
||||
{"type": "NODE_APPLICATION_EXECUTE"},
|
||||
{"type": "NODE_APPLICATION_SCAN"},
|
||||
{"type": "NODE_APPLICATION_CLOSE"},
|
||||
{"type": "NODE_APPLICATION_FIX"},
|
||||
{"type": "NODE_APPLICATION_INSTALL"},
|
||||
{"type": "NODE_APPLICATION_REMOVE"},
|
||||
{"type": "NODE_FILE_CREATE"},
|
||||
{"type": "NODE_FILE_SCAN"},
|
||||
{"type": "NODE_FILE_CHECKHASH"},
|
||||
{"type": "NODE_FILE_DELETE"},
|
||||
{"type": "NODE_FILE_REPAIR"},
|
||||
{"type": "NODE_FILE_RESTORE"},
|
||||
{"type": "NODE_FILE_CORRUPT"},
|
||||
{"type": "NODE_FILE_ACCESS"},
|
||||
{"type": "NODE_FOLDER_CREATE"},
|
||||
{"type": "NODE_FOLDER_SCAN"},
|
||||
{"type": "NODE_FOLDER_CHECKHASH"},
|
||||
{"type": "NODE_FOLDER_REPAIR"},
|
||||
{"type": "NODE_FOLDER_RESTORE"},
|
||||
{"type": "NODE_OS_SCAN"},
|
||||
{"type": "NODE_SHUTDOWN"},
|
||||
{"type": "NODE_STARTUP"},
|
||||
{"type": "NODE_RESET"},
|
||||
{"type": "ROUTER_ACL_ADDRULE"},
|
||||
{"type": "ROUTER_ACL_REMOVERULE"},
|
||||
{"type": "HOST_NIC_ENABLE"},
|
||||
{"type": "HOST_NIC_DISABLE"},
|
||||
{"type": "NETWORK_PORT_ENABLE"},
|
||||
{"type": "NETWORK_PORT_DISABLE"},
|
||||
{"type": "CONFIGURE_C2_BEACON"},
|
||||
{"type": "C2_SERVER_RANSOMWARE_LAUNCH"},
|
||||
{"type": "C2_SERVER_RANSOMWARE_CONFIGURE"},
|
||||
{"type": "C2_SERVER_TERMINAL_COMMAND"},
|
||||
{"type": "C2_SERVER_DATA_EXFILTRATE"},
|
||||
{"type": "NODE_ACCOUNTS_CHANGE_PASSWORD"},
|
||||
{"type": "SSH_TO_REMOTE"},
|
||||
{"type": "SESSIONS_REMOTE_LOGOFF"},
|
||||
{"type": "NODE_SEND_REMOTE_COMMAND"},
|
||||
]
|
||||
config = {
|
||||
"type": "ControlledAgent",
|
||||
"ref": "test_agent",
|
||||
"team": "BLUE",
|
||||
}
|
||||
|
||||
action_space = ActionManager(
|
||||
actions=actions, # ALL POSSIBLE ACTIONS
|
||||
nodes=[
|
||||
{
|
||||
"node_name": "client_1",
|
||||
"applications": [
|
||||
{"application_name": "WebBrowser"},
|
||||
{"application_name": "DoSBot"},
|
||||
{"application_name": "C2Server"},
|
||||
],
|
||||
"folders": [{"folder_name": "downloads", "files": [{"file_name": "cat.png"}]}],
|
||||
},
|
||||
{
|
||||
"node_name": "server_1",
|
||||
"services": [{"service_name": "DNSServer"}],
|
||||
"applications": [{"application_name": "C2Beacon"}],
|
||||
},
|
||||
{"node_name": "server_2", "services": [{"service_name": "WebServer"}]},
|
||||
{"node_name": "router"},
|
||||
],
|
||||
max_folders_per_node=2,
|
||||
max_files_per_folder=2,
|
||||
max_services_per_node=2,
|
||||
max_applications_per_node=3,
|
||||
max_nics_per_node=2,
|
||||
max_acl_rules=10,
|
||||
protocols=["TCP", "UDP", "ICMP"],
|
||||
ports=["HTTP", "DNS", "ARP"],
|
||||
ip_list=["10.0.1.1", "10.0.1.2", "10.0.2.1", "10.0.2.2", "10.0.2.3"],
|
||||
act_map={},
|
||||
)
|
||||
observation_space = ObservationManager(NestedObservation(components={}))
|
||||
reward_function = RewardFunction()
|
||||
|
||||
test_agent = ControlledAgent(
|
||||
agent_name="test_agent",
|
||||
action_space=action_space,
|
||||
observation_space=observation_space,
|
||||
reward_function=reward_function,
|
||||
)
|
||||
test_agent = ControlledAgent(config=config)
|
||||
|
||||
game.agents["test_agent"] = test_agent
|
||||
|
||||
|
||||
@@ -49,7 +49,7 @@ def test_application_install_uninstall_on_uc2():
|
||||
cfg = yaml.safe_load(f)
|
||||
|
||||
env = PrimaiteGymEnv(env_config=cfg)
|
||||
env.agent.flatten_obs = False
|
||||
env.agent.config.agent_settings.flatten_obs = False
|
||||
env.reset()
|
||||
|
||||
_, _, _, _, _ = env.step(0)
|
||||
|
||||
@@ -13,8 +13,8 @@ from primaite.simulator.system.services.database.database_service import Databas
|
||||
from primaite.simulator.system.services.dns.dns_client import DNSClient
|
||||
from tests import TEST_ASSETS_ROOT
|
||||
|
||||
TEST_CONFIG = TEST_ASSETS_ROOT / "configs/software_fix_duration.yaml"
|
||||
ONE_ITEM_CONFIG = TEST_ASSETS_ROOT / "configs/fix_duration_one_item.yaml"
|
||||
TEST_CONFIG = TEST_ASSETS_ROOT / "configs/software_fixing_duration.yaml"
|
||||
ONE_ITEM_CONFIG = TEST_ASSETS_ROOT / "configs/fixing_duration_one_item.yaml"
|
||||
|
||||
TestApplications = ["DummyApplication", "BroadcastTestClient"]
|
||||
|
||||
@@ -27,27 +27,27 @@ def load_config(config_path: Union[str, Path]) -> PrimaiteGame:
|
||||
return PrimaiteGame.from_config(cfg)
|
||||
|
||||
|
||||
def test_default_fix_duration():
|
||||
"""Test that software with no defined fix duration in config uses the default fix duration of 2."""
|
||||
def test_default_fixing_duration():
|
||||
"""Test that software with no defined fixing duration in config uses the default fixing duration of 2."""
|
||||
game = load_config(TEST_CONFIG)
|
||||
client_2: Computer = game.simulation.network.get_node_by_hostname("client_2")
|
||||
|
||||
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
|
||||
assert database_client.fixing_duration == 2
|
||||
assert database_client.config.fixing_duration == 2
|
||||
|
||||
dns_client: DNSClient = client_2.software_manager.software.get("DNSClient")
|
||||
assert dns_client.fixing_duration == 2
|
||||
assert dns_client.config.fixing_duration == 2
|
||||
|
||||
|
||||
def test_fix_duration_set_from_config():
|
||||
"""Test to check that the fix duration set for applications and services works as intended."""
|
||||
def test_fixing_duration_set_from_config():
|
||||
"""Test to check that the fixing duration set for applications and services works as intended."""
|
||||
game = load_config(TEST_CONFIG)
|
||||
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
|
||||
|
||||
# in config - services take 3 timesteps to fix
|
||||
for service in ["DNSClient", "DNSServer", "DatabaseService", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
|
||||
assert client_1.software_manager.software.get(service) is not None
|
||||
assert client_1.software_manager.software.get(service).fixing_duration == 3
|
||||
assert client_1.software_manager.software.get(service).config.fixing_duration == 3
|
||||
|
||||
# in config - applications take 1 timestep to fix
|
||||
# remove test applications from list
|
||||
@@ -55,27 +55,27 @@ def test_fix_duration_set_from_config():
|
||||
|
||||
for application in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot", "DatabaseClient"]:
|
||||
assert client_1.software_manager.software.get(application) is not None
|
||||
assert client_1.software_manager.software.get(application).fixing_duration == 1
|
||||
assert client_1.software_manager.software.get(application).config.fixing_duration == 1
|
||||
|
||||
|
||||
def test_fix_duration_for_one_item():
|
||||
"""Test that setting fix duration for one application does not affect other components."""
|
||||
def test_fixing_duration_for_one_item():
|
||||
"""Test that setting fixing duration for one application does not affect other components."""
|
||||
game = load_config(ONE_ITEM_CONFIG)
|
||||
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
|
||||
|
||||
# in config - services take 3 timesteps to fix
|
||||
for service in ["DNSClient", "DNSServer", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
|
||||
assert client_1.software_manager.software.get(service) is not None
|
||||
assert client_1.software_manager.software.get(service).fixing_duration == 2
|
||||
assert client_1.software_manager.software.get(service).config.fixing_duration == 2
|
||||
|
||||
# in config - applications take 1 timestep to fix
|
||||
# remove test applications from list
|
||||
for applications in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot"]:
|
||||
assert client_1.software_manager.software.get(applications) is not None
|
||||
assert client_1.software_manager.software.get(applications).fixing_duration == 2
|
||||
assert client_1.software_manager.software.get(applications).config.fixing_duration == 2
|
||||
|
||||
database_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
|
||||
assert database_client.fixing_duration == 1
|
||||
assert database_client.config.fixing_duration == 1
|
||||
|
||||
database_service: DatabaseService = client_1.software_manager.software.get("DatabaseService")
|
||||
assert database_service.fixing_duration == 5
|
||||
assert database_service.config.fixing_duration == 5
|
||||
@@ -4,7 +4,7 @@ from ipaddress import IPv4Address
|
||||
from typing import Dict, List, Optional
|
||||
from urllib.parse import urlparse
|
||||
|
||||
from pydantic import BaseModel, ConfigDict
|
||||
from pydantic import BaseModel, ConfigDict, Field
|
||||
|
||||
from primaite import getLogger
|
||||
from primaite.interface.request import RequestResponse
|
||||
@@ -31,6 +31,14 @@ class ExtendedApplication(Application, identifier="ExtendedApplication"):
|
||||
The application requests and loads web pages using its domain name and requesting IP addresses using DNS.
|
||||
"""
|
||||
|
||||
class ConfigSchema(Application.ConfigSchema):
|
||||
"""ConfigSchema for ExtendedApplication."""
|
||||
|
||||
type: str = "ExtendedApplication"
|
||||
target_url: Optional[str] = None
|
||||
|
||||
config: "ExtendedApplication.ConfigSchema" = Field(default_factory=lambda: ExtendedApplication.ConfigSchema())
|
||||
|
||||
target_url: Optional[str] = None
|
||||
|
||||
domain_name_ip_address: Optional[IPv4Address] = None
|
||||
@@ -50,6 +58,7 @@ class ExtendedApplication(Application, identifier="ExtendedApplication"):
|
||||
kwargs["port"] = PORT_LOOKUP["HTTP"]
|
||||
|
||||
super().__init__(**kwargs)
|
||||
self.target_url = self.config.target_url
|
||||
self.run()
|
||||
|
||||
def _init_request_manager(self) -> RequestManager:
|
||||
|
||||
@@ -3,6 +3,8 @@ from ipaddress import IPv4Address
|
||||
from typing import Any, Dict, List, Literal, Optional, Union
|
||||
from uuid import uuid4
|
||||
|
||||
from pydantic import Field
|
||||
|
||||
from primaite import getLogger
|
||||
from primaite.simulator.file_system.file_system import File
|
||||
from primaite.simulator.file_system.file_system_item_abc import FileSystemItemHealthStatus
|
||||
@@ -17,13 +19,20 @@ from primaite.utils.validation.port import PORT_LOOKUP
|
||||
_LOGGER = getLogger(__name__)
|
||||
|
||||
|
||||
class ExtendedService(Service, identifier="extendedservice"):
|
||||
class ExtendedService(Service, identifier="ExtendedService"):
|
||||
"""
|
||||
A copy of DatabaseService that uses the extension framework instead of being part of PrimAITE.
|
||||
|
||||
This class inherits from the `Service` class and provides methods to simulate a SQL database.
|
||||
"""
|
||||
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSchema for ExtendedService."""
|
||||
|
||||
type: str = "ExtendedService"
|
||||
|
||||
config: "ExtendedService.ConfigSchema" = Field(default_factory=lambda: ExtendedService.ConfigSchema())
|
||||
|
||||
password: Optional[str] = None
|
||||
"""Password that needs to be provided by clients if they want to connect to the DatabaseService."""
|
||||
|
||||
|
||||
@@ -33,22 +33,22 @@ def test_application_cannot_perform_actions_unless_running(game_and_agent_fixtur
|
||||
browser.close()
|
||||
assert browser.operating_state == ApplicationOperatingState.CLOSED
|
||||
|
||||
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
|
||||
action = ("node_application_scan", {"node_name": "client_1", "application_name": "WebBrowser"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.operating_state == ApplicationOperatingState.CLOSED
|
||||
|
||||
action = ("NODE_APPLICATION_CLOSE", {"node_id": 0, "application_id": 0})
|
||||
action = ("node_application_close", {"node_name": "client_1", "application_name": "WebBrowser"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.operating_state == ApplicationOperatingState.CLOSED
|
||||
|
||||
action = ("NODE_APPLICATION_FIX", {"node_id": 0, "application_id": 0})
|
||||
action = ("node_application_fix", {"node_name": "client_1", "application_name": "WebBrowser"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.operating_state == ApplicationOperatingState.CLOSED
|
||||
|
||||
action = ("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0})
|
||||
action = ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.operating_state == ApplicationOperatingState.CLOSED
|
||||
|
||||
@@ -46,23 +46,21 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
|
||||
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
|
||||
|
||||
action = (
|
||||
"NODE_APPLICATION_INSTALL",
|
||||
{"node_id": 1, "application_name": "C2Beacon"},
|
||||
"node_application_install",
|
||||
{"node_name": "server_1", "application_name": "C2Beacon"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert agent.history[-1].response.status == "success"
|
||||
|
||||
action = (
|
||||
"CONFIGURE_C2_BEACON",
|
||||
"configure_c2_beacon",
|
||||
{
|
||||
"node_id": 1,
|
||||
"config": {
|
||||
"c2_server_ip_address": "10.0.1.2",
|
||||
"keep_alive_frequency": 5,
|
||||
"masquerade_protocol": "TCP",
|
||||
"masquerade_port": "HTTP",
|
||||
},
|
||||
"node_name": "server_1",
|
||||
"c2_server_ip_address": "10.0.1.2",
|
||||
"keep_alive_frequency": 5,
|
||||
"masquerade_protocol": "TCP",
|
||||
"masquerade_port": "HTTP",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -70,8 +68,8 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
|
||||
assert agent.history[-1].response.status == "success"
|
||||
|
||||
action = (
|
||||
"NODE_APPLICATION_EXECUTE",
|
||||
{"node_id": 1, "application_id": 0},
|
||||
"node_application_execute",
|
||||
{"node_name": "server_1", "application_name": "C2Beacon"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -103,14 +101,12 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
|
||||
# C2 Action 1: Installing the RansomwareScript & Database client via Terminal
|
||||
|
||||
action = (
|
||||
"C2_SERVER_TERMINAL_COMMAND",
|
||||
"c2_server_terminal_command",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"ip_address": None,
|
||||
"account": {
|
||||
"username": "admin",
|
||||
"password": "admin",
|
||||
},
|
||||
"username": "admin",
|
||||
"password": "admin",
|
||||
"commands": [
|
||||
["software_manager", "application", "install", "RansomwareScript"],
|
||||
["software_manager", "application", "install", "DatabaseClient"],
|
||||
@@ -122,10 +118,11 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
|
||||
assert agent.history[-1].response.status == "success"
|
||||
|
||||
action = (
|
||||
"C2_SERVER_RANSOMWARE_CONFIGURE",
|
||||
"c2_server_ransomware_configure",
|
||||
{
|
||||
"node_id": 0,
|
||||
"config": {"server_ip_address": "10.0.2.3", "payload": "ENCRYPT"},
|
||||
"node_name": "client_1",
|
||||
"server_ip_address": "10.0.2.3",
|
||||
"payload": "ENCRYPT",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -134,16 +131,16 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
|
||||
|
||||
# Stepping a few timesteps to allow for the RansowmareScript to finish installing.
|
||||
|
||||
action = ("DONOTHING", {})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
game.step()
|
||||
game.step()
|
||||
|
||||
action = (
|
||||
"C2_SERVER_RANSOMWARE_LAUNCH",
|
||||
"c2_server_ransomware_launch",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -181,17 +178,15 @@ def test_c2_server_data_exfiltration(game_and_agent_fixture: Tuple[PrimaiteGame,
|
||||
# C2 Action: Data exfiltrate.
|
||||
|
||||
action = (
|
||||
"C2_SERVER_DATA_EXFILTRATE",
|
||||
"c2_server_data_exfiltrate",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"target_file_name": "database.db",
|
||||
"target_folder_name": "database",
|
||||
"exfiltration_folder_name": "spoils",
|
||||
"target_ip_address": "10.0.2.3",
|
||||
"account": {
|
||||
"username": "admin",
|
||||
"password": "admin",
|
||||
},
|
||||
"username": "admin",
|
||||
"password": "admin",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
|
||||
@@ -4,7 +4,7 @@ from ipaddress import IPv4Address
|
||||
import pytest
|
||||
from pydantic import ValidationError
|
||||
|
||||
from primaite.game.agent.actions import (
|
||||
from primaite.game.agent.actions.software import (
|
||||
ConfigureDatabaseClientAction,
|
||||
ConfigureDoSBotAction,
|
||||
ConfigureRansomwareScriptAction,
|
||||
@@ -27,7 +27,6 @@ class TestConfigureDatabaseAction:
|
||||
def test_configure_ip_password(self, game_and_agent):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
|
||||
|
||||
# make sure there is a database client on this node
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
@@ -35,13 +34,11 @@ class TestConfigureDatabaseAction:
|
||||
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
|
||||
|
||||
action = (
|
||||
"CONFIGURE_DATABASE_CLIENT",
|
||||
"configure_database_client",
|
||||
{
|
||||
"node_id": 0,
|
||||
"config": {
|
||||
"server_ip_address": "192.168.1.99",
|
||||
"server_password": "admin123",
|
||||
},
|
||||
"node_name": "client_1",
|
||||
"server_ip_address": "192.168.1.99",
|
||||
"server_password": "admin123",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -53,7 +50,6 @@ class TestConfigureDatabaseAction:
|
||||
def test_configure_ip(self, game_and_agent):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
|
||||
|
||||
# make sure there is a database client on this node
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
@@ -61,12 +57,10 @@ class TestConfigureDatabaseAction:
|
||||
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
|
||||
|
||||
action = (
|
||||
"CONFIGURE_DATABASE_CLIENT",
|
||||
"configure_database_client",
|
||||
{
|
||||
"node_id": 0,
|
||||
"config": {
|
||||
"server_ip_address": "192.168.1.99",
|
||||
},
|
||||
"node_name": "client_1",
|
||||
"server_ip_address": "192.168.1.99",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -78,7 +72,6 @@ class TestConfigureDatabaseAction:
|
||||
def test_configure_password(self, game_and_agent):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
|
||||
|
||||
# make sure there is a database client on this node
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
@@ -87,12 +80,10 @@ class TestConfigureDatabaseAction:
|
||||
old_ip = db_client.server_ip_address
|
||||
|
||||
action = (
|
||||
"CONFIGURE_DATABASE_CLIENT",
|
||||
"configure_database_client",
|
||||
{
|
||||
"node_id": 0,
|
||||
"config": {
|
||||
"server_password": "admin123",
|
||||
},
|
||||
"node_name": "client_1",
|
||||
"server_password": "admin123",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -120,9 +111,6 @@ class TestConfigureRansomwareScriptAction:
|
||||
def test_configure_ip_password(self, game_and_agent, config):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction(
|
||||
agent.action_manager
|
||||
)
|
||||
|
||||
# make sure there is a database client on this node
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
@@ -134,8 +122,8 @@ class TestConfigureRansomwareScriptAction:
|
||||
old_payload = ransomware_script.payload
|
||||
|
||||
action = (
|
||||
"CONFIGURE_RANSOMWARE_SCRIPT",
|
||||
{"node_id": 0, "config": config},
|
||||
"configure_ransomware_script",
|
||||
{"node_name": "client_1", **config},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -151,18 +139,15 @@ class TestConfigureRansomwareScriptAction:
|
||||
def test_invalid_config(self, game_and_agent):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction(
|
||||
agent.action_manager
|
||||
)
|
||||
|
||||
# make sure there is a database client on this node
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
client_1.software_manager.install(RansomwareScript)
|
||||
ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"]
|
||||
action = (
|
||||
"CONFIGURE_RANSOMWARE_SCRIPT",
|
||||
"configure_ransomware_script",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"config": {"server_password": "admin123", "bad_option": 70},
|
||||
},
|
||||
)
|
||||
@@ -172,28 +157,25 @@ class TestConfigureRansomwareScriptAction:
|
||||
|
||||
|
||||
class TestConfigureDoSBot:
|
||||
def test_configure_DoSBot(self, game_and_agent):
|
||||
def test_configure_dos_bot(self, game_and_agent):
|
||||
game, agent = game_and_agent
|
||||
agent: ControlledAgent
|
||||
agent.action_manager.actions["CONFIGURE_DOSBOT"] = ConfigureDoSBotAction(agent.action_manager)
|
||||
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
client_1.software_manager.install(DoSBot)
|
||||
dos_bot: DoSBot = client_1.software_manager.software["DoSBot"]
|
||||
|
||||
action = (
|
||||
"CONFIGURE_DOSBOT",
|
||||
"configure_dos_bot",
|
||||
{
|
||||
"node_id": 0,
|
||||
"config": {
|
||||
"target_ip_address": "192.168.1.99",
|
||||
"target_port": "POSTGRES_SERVER",
|
||||
"payload": "HACC",
|
||||
"repeat": False,
|
||||
"port_scan_p_of_success": 0.875,
|
||||
"dos_intensity": 0.75,
|
||||
"max_sessions": 50,
|
||||
},
|
||||
"node_name": "client_1",
|
||||
"target_ip_address": "192.168.1.99",
|
||||
"target_port": "POSTGRES_SERVER",
|
||||
"payload": "HACC",
|
||||
"repeat": False,
|
||||
"port_scan_p_of_success": 0.875,
|
||||
"dos_intensity": 0.75,
|
||||
"max_sessions": 50,
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -239,7 +221,7 @@ class TestConfigureYAML:
|
||||
assert db_client.server_password == "correct_password"
|
||||
assert db_client.connect()
|
||||
|
||||
def test_configure_ransomware_script(self):
|
||||
def test_c2_server_ransomware_configure(self):
|
||||
env = PrimaiteGymEnv(env_config=APP_CONFIG_YAML)
|
||||
client_2 = env.game.simulation.network.get_node_by_hostname("client_2")
|
||||
assert client_2.software_manager.software.get("RansomwareScript") is None
|
||||
|
||||
@@ -33,8 +33,8 @@ def test_create_file(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
assert client_1.file_system.get_file(folder_name=random_folder, file_name=random_file) is None
|
||||
|
||||
action = (
|
||||
"NODE_FILE_CREATE",
|
||||
{"node_id": 0, "folder_name": random_folder, "file_name": random_file},
|
||||
"node_file_create",
|
||||
{"node_name": "client_1", "folder_name": random_folder, "file_name": random_file},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -51,8 +51,8 @@ def test_file_delete_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
|
||||
assert file.deleted is False
|
||||
|
||||
action = (
|
||||
"NODE_FILE_DELETE",
|
||||
{"node_id": 0, "folder_id": 0, "file_id": 0},
|
||||
"node_file_delete",
|
||||
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -69,11 +69,11 @@ def test_file_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent
|
||||
|
||||
file.corrupt()
|
||||
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
action = (
|
||||
"NODE_FILE_SCAN",
|
||||
{"node_id": 0, "folder_id": 0, "file_id": 0},
|
||||
"node_file_scan",
|
||||
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -93,8 +93,8 @@ def test_file_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
|
||||
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
action = (
|
||||
"NODE_FILE_REPAIR",
|
||||
{"node_id": 0, "folder_id": 0, "file_id": 0},
|
||||
"node_file_repair",
|
||||
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -113,8 +113,8 @@ def test_file_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
|
||||
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
action = (
|
||||
"NODE_FILE_RESTORE",
|
||||
{"node_id": 0, "folder_id": 0, "file_id": 0},
|
||||
"node_file_restore",
|
||||
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -132,8 +132,8 @@ def test_file_corrupt_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
|
||||
assert file.health_status == FileSystemItemHealthStatus.GOOD
|
||||
|
||||
action = (
|
||||
"NODE_FILE_CORRUPT",
|
||||
{"node_id": 0, "folder_id": 0, "file_id": 0},
|
||||
"node_file_corrupt",
|
||||
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
@@ -150,8 +150,8 @@ def test_file_access_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
|
||||
assert file.num_access == 0
|
||||
|
||||
action = (
|
||||
"NODE_FILE_ACCESS",
|
||||
{"node_id": 0, "folder_name": file.folder_name, "file_name": file.name},
|
||||
"node_file_access",
|
||||
{"node_name": "client_1", "folder_name": file.folder_name, "file_name": file.name},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -32,9 +32,9 @@ def test_create_folder(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
assert client_1.file_system.get_folder(folder_name=random_folder) is None
|
||||
|
||||
action = (
|
||||
"NODE_FOLDER_CREATE",
|
||||
"node_folder_create",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"folder_name": random_folder,
|
||||
},
|
||||
)
|
||||
@@ -52,18 +52,18 @@ def test_folder_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
|
||||
|
||||
folder = client_1.file_system.get_folder(folder_name="downloads")
|
||||
assert folder.health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
folder.corrupt()
|
||||
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
action = (
|
||||
"NODE_FOLDER_SCAN",
|
||||
"node_folder_scan",
|
||||
{
|
||||
"node_id": 0, # client_1,
|
||||
"folder_id": 0, # downloads
|
||||
"node_name": "client_1", # client_1,
|
||||
"folder_name": "downloads", # downloads
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -87,10 +87,10 @@ def test_folder_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
action = (
|
||||
"NODE_FOLDER_REPAIR",
|
||||
"node_folder_repair",
|
||||
{
|
||||
"node_id": 0, # client_1,
|
||||
"folder_id": 0, # downloads
|
||||
"node_name": "client_1", # client_1,
|
||||
"folder_name": "downloads", # downloads
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -111,10 +111,10 @@ def test_folder_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
action = (
|
||||
"NODE_FOLDER_RESTORE",
|
||||
"node_folder_restore",
|
||||
{
|
||||
"node_id": 0, # client_1,
|
||||
"folder_id": 0, # downloads
|
||||
"node_name": "client_1", # client_1,
|
||||
"folder_name": "downloads", # downloads
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
|
||||
@@ -29,10 +29,10 @@ def test_nic_cannot_be_turned_off_if_not_on(game_and_agent_fixture: Tuple[Primai
|
||||
assert nic.enabled is False
|
||||
|
||||
action = (
|
||||
"HOST_NIC_DISABLE",
|
||||
"host_nic_disable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -50,10 +50,10 @@ def test_nic_cannot_be_turned_on_if_already_on(game_and_agent_fixture: Tuple[Pri
|
||||
assert nic.enabled
|
||||
|
||||
action = (
|
||||
"HOST_NIC_ENABLE",
|
||||
"host_nic_enable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -71,10 +71,10 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
|
||||
assert nic.enabled
|
||||
|
||||
action = (
|
||||
"HOST_NIC_DISABLE",
|
||||
"host_nic_disable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -83,10 +83,10 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
|
||||
assert nic.enabled is False
|
||||
|
||||
action = (
|
||||
"HOST_NIC_ENABLE",
|
||||
"host_nic_enable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
|
||||
@@ -29,28 +29,28 @@ def test_node_startup_shutdown(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
|
||||
assert client_1.operating_state == NodeOperatingState.ON
|
||||
|
||||
# turn it off
|
||||
action = ("NODE_SHUTDOWN", {"node_id": 0})
|
||||
action = ("node_shutdown", {"node_name": "client_1"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
assert client_1.operating_state == NodeOperatingState.SHUTTING_DOWN
|
||||
|
||||
for i in range(client_1.shut_down_duration + 1):
|
||||
action = ("DONOTHING", {"node_id": 0})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
assert client_1.operating_state == NodeOperatingState.OFF
|
||||
|
||||
# turn it on
|
||||
action = ("NODE_STARTUP", {"node_id": 0})
|
||||
action = ("node_startup", {"node_name": "client_1"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
assert client_1.operating_state == NodeOperatingState.BOOTING
|
||||
|
||||
for i in range(client_1.start_up_duration + 1):
|
||||
action = ("DONOTHING", {"node_id": 0})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -65,7 +65,7 @@ def test_node_cannot_be_started_up_if_node_is_already_on(game_and_agent_fixture:
|
||||
assert client_1.operating_state == NodeOperatingState.ON
|
||||
|
||||
# turn it on
|
||||
action = ("NODE_STARTUP", {"node_id": 0})
|
||||
action = ("node_startup", {"node_name": "client_1"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -80,14 +80,14 @@ def test_node_cannot_be_shut_down_if_node_is_already_off(game_and_agent_fixture:
|
||||
client_1.power_off()
|
||||
|
||||
for i in range(client_1.shut_down_duration + 1):
|
||||
action = ("DONOTHING", {"node_id": 0})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
assert client_1.operating_state == NodeOperatingState.OFF
|
||||
|
||||
# turn it ff
|
||||
action = ("NODE_SHUTDOWN", {"node_id": 0})
|
||||
action = ("node_shutdown", {"node_name": "client_1"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
dns_server.pause()
|
||||
assert dns_server.operating_state == ServiceOperatingState.PAUSED
|
||||
|
||||
action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.PAUSED
|
||||
@@ -40,7 +40,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -54,7 +54,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
|
||||
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
|
||||
dns_server = server_1.software_manager.software.get("DNSServer")
|
||||
|
||||
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.RUNNING
|
||||
@@ -63,7 +63,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
|
||||
|
||||
assert dns_server.operating_state == ServiceOperatingState.PAUSED
|
||||
|
||||
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -80,27 +80,27 @@ def test_service_cannot_perform_actions_unless_running(game_and_agent_fixture: T
|
||||
dns_server.stop()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_PAUSE", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_pause", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_RESTART", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_restart", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
action = ("NODE_SERVICE_FIX", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert dns_server.operating_state == ServiceOperatingState.STOPPED
|
||||
|
||||
@@ -36,9 +36,9 @@ def test_remote_login(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
server_1_usm.add_user("user123", "password", is_admin=True)
|
||||
|
||||
action = (
|
||||
"SSH_TO_REMOTE",
|
||||
"node_session_remote_login",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"username": "user123",
|
||||
"password": "password",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
@@ -68,9 +68,9 @@ def test_remote_login_wrong_password(game_and_agent_fixture: Tuple[PrimaiteGame,
|
||||
server_1_usm.add_user("user123", "password", is_admin=True)
|
||||
|
||||
action = (
|
||||
"SSH_TO_REMOTE",
|
||||
"node_session_remote_login",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"username": "user123",
|
||||
"password": "wrong_password",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
@@ -100,12 +100,13 @@ def test_remote_login_change_password(game_and_agent_fixture: Tuple[PrimaiteGame
|
||||
server_1_um.add_user("user123", "password", is_admin=True)
|
||||
|
||||
action = (
|
||||
"NODE_ACCOUNTS_CHANGE_PASSWORD",
|
||||
"node_account_change_password",
|
||||
{
|
||||
"node_id": 1, # server_1
|
||||
"node_name": "server_1", # server_1
|
||||
"username": "user123",
|
||||
"current_password": "password",
|
||||
"new_password": "different_password",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -126,9 +127,9 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
|
||||
|
||||
# Log in remotely
|
||||
action = (
|
||||
"SSH_TO_REMOTE",
|
||||
"node_session_remote_login",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"username": "user123",
|
||||
"password": "password",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
@@ -139,12 +140,13 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
|
||||
|
||||
# Change password
|
||||
action = (
|
||||
"NODE_ACCOUNTS_CHANGE_PASSWORD",
|
||||
"node_account_change_password",
|
||||
{
|
||||
"node_id": 1, # server_1
|
||||
"node_name": "server_1", # server_1
|
||||
"username": "user123",
|
||||
"current_password": "password",
|
||||
"new_password": "different_password",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -152,9 +154,9 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
|
||||
|
||||
# Assert that the user cannot execute an action
|
||||
action = (
|
||||
"NODE_SEND_REMOTE_COMMAND",
|
||||
"node_send_remote_command",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"remote_ip": str(server_1.network_interface[1].ip_address),
|
||||
"command": ["file_system", "create", "file", "folder123", "doggo.pdf", False],
|
||||
},
|
||||
|
||||
@@ -32,11 +32,11 @@ def test_file_observation(simulation):
|
||||
assert dog_file_obs.space["health_status"] == spaces.Discrete(6)
|
||||
|
||||
observation_state = dog_file_obs.observe(simulation.describe_state())
|
||||
assert observation_state.get("health_status") == 1 # good initial
|
||||
assert observation_state.get("health_status") == 0 # initially unset
|
||||
|
||||
file.corrupt()
|
||||
observation_state = dog_file_obs.observe(simulation.describe_state())
|
||||
assert observation_state.get("health_status") == 1 # scan file so this changes
|
||||
assert observation_state.get("health_status") == 0 # still default unset value because no scan happened
|
||||
|
||||
file.scan()
|
||||
file.apply_timestep(0) # apply time step
|
||||
@@ -63,11 +63,11 @@ def test_folder_observation(simulation):
|
||||
|
||||
observation_state = root_folder_obs.observe(simulation.describe_state())
|
||||
assert observation_state.get("FILES") is not None
|
||||
assert observation_state.get("health_status") == 1
|
||||
assert observation_state.get("health_status") == 0 # initially unset
|
||||
|
||||
file.corrupt() # corrupt just the file
|
||||
observation_state = root_folder_obs.observe(simulation.describe_state())
|
||||
assert observation_state.get("health_status") == 1 # scan folder to change this
|
||||
assert observation_state.get("health_status") == 0 # still unset as no scan occurred yet
|
||||
|
||||
folder.scan()
|
||||
for i in range(folder.scan_duration + 1):
|
||||
|
||||
@@ -191,7 +191,7 @@ def test_nic_monitored_traffic(simulation):
|
||||
|
||||
# send a database query
|
||||
browser: WebBrowser = pc.software_manager.software.get("WebBrowser")
|
||||
browser.target_url = f"http://arcd.com/"
|
||||
browser.config.target_url = f"http://arcd.com/"
|
||||
browser.get_webpage()
|
||||
|
||||
traffic_obs = nic_obs.observe(simulation.describe_state()).get("TRAFFIC")
|
||||
|
||||
@@ -13,7 +13,7 @@ DATA_MANIPULATION_CONFIG = TEST_ASSETS_ROOT / "configs" / "data_manipulation.yam
|
||||
def env_with_ssh() -> PrimaiteGymEnv:
|
||||
"""Build data manipulation environment with SSH port open on router."""
|
||||
env = PrimaiteGymEnv(DATA_MANIPULATION_CONFIG)
|
||||
env.agent.flatten_obs = False
|
||||
env.agent.config.agent_settings.flatten_obs = False
|
||||
router: Router = env.game.simulation.network.get_node_by_hostname("router_1")
|
||||
router.acl.add_rule(ACLAction.PERMIT, src_port=PORT_LOOKUP["SSH"], dst_port=PORT_LOOKUP["SSH"], position=3)
|
||||
return env
|
||||
|
||||
@@ -24,12 +24,12 @@ def test_rng_seed_set(create_env):
|
||||
env.reset(seed=3)
|
||||
for i in range(100):
|
||||
env.step(0)
|
||||
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
|
||||
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
|
||||
|
||||
env.reset(seed=3)
|
||||
for i in range(100):
|
||||
env.step(0)
|
||||
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
|
||||
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
|
||||
|
||||
assert a == b
|
||||
|
||||
@@ -40,11 +40,11 @@ def test_rng_seed_unset(create_env):
|
||||
env.reset()
|
||||
for i in range(100):
|
||||
env.step(0)
|
||||
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
|
||||
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
|
||||
|
||||
env.reset()
|
||||
for i in range(100):
|
||||
env.step(0)
|
||||
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
|
||||
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
|
||||
|
||||
assert a != b
|
||||
|
||||
@@ -15,7 +15,6 @@ def test_mask_contents_correct():
|
||||
net = sim.network
|
||||
mask = game.action_mask("defender")
|
||||
agent = env.agent
|
||||
node_list = agent.action_manager.node_names
|
||||
action_map = agent.action_manager.action_map
|
||||
|
||||
# CHECK NIC ENABLE/DISABLE ACTIONS
|
||||
@@ -23,10 +22,10 @@ def test_mask_contents_correct():
|
||||
mask = game.action_mask("defender")
|
||||
act_type, act_params = action
|
||||
|
||||
if act_type == "NODE_NIC_ENABLE":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_nic_enable":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
nic_obj = node_obj.network_interface[act_params["nic_id"] + 1]
|
||||
nic_obj = node_obj.network_interface[act_params["nic_num"]]
|
||||
assert nic_obj.enabled
|
||||
assert not mask[action_num]
|
||||
nic_obj.disable()
|
||||
@@ -34,10 +33,10 @@ def test_mask_contents_correct():
|
||||
assert mask[action_num]
|
||||
nic_obj.enable()
|
||||
|
||||
if act_type == "NODE_NIC_DISABLE":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_nic_disable":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
nic_obj = node_obj.network_interface[act_params["nic_id"] + 1]
|
||||
nic_obj = node_obj.network_interface[act_params["nic_num"]]
|
||||
assert nic_obj.enabled
|
||||
assert mask[action_num]
|
||||
nic_obj.disable()
|
||||
@@ -45,14 +44,14 @@ def test_mask_contents_correct():
|
||||
assert not mask[action_num]
|
||||
nic_obj.enable()
|
||||
|
||||
if act_type == "ROUTER_ACL_ADDRULE":
|
||||
if act_type == "router_acl_add_rule":
|
||||
assert mask[action_num]
|
||||
|
||||
if act_type == "ROUTER_ACL_REMOVERULE":
|
||||
if act_type == "router_acl_remove_rule":
|
||||
assert mask[action_num]
|
||||
|
||||
if act_type == "NODE_RESET":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_reset":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
assert node_obj.operating_state is NodeOperatingState.ON
|
||||
assert mask[action_num]
|
||||
@@ -61,8 +60,8 @@ def test_mask_contents_correct():
|
||||
assert not mask[action_num]
|
||||
node_obj.operating_state = NodeOperatingState.ON
|
||||
|
||||
if act_type == "NODE_SHUTDOWN":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_shutdown":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
assert node_obj.operating_state is NodeOperatingState.ON
|
||||
assert mask[action_num]
|
||||
@@ -71,8 +70,8 @@ def test_mask_contents_correct():
|
||||
assert not mask[action_num]
|
||||
node_obj.operating_state = NodeOperatingState.ON
|
||||
|
||||
if act_type == "NODE_OS_SCAN":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_os_scan":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
assert node_obj.operating_state is NodeOperatingState.ON
|
||||
assert mask[action_num]
|
||||
@@ -81,8 +80,8 @@ def test_mask_contents_correct():
|
||||
assert not mask[action_num]
|
||||
node_obj.operating_state = NodeOperatingState.ON
|
||||
|
||||
if act_type == "NODE_STARTUP":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
if act_type == "node_startup":
|
||||
node_name = act_params["node_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
assert node_obj.operating_state is NodeOperatingState.ON
|
||||
assert not mask[action_num]
|
||||
@@ -91,15 +90,15 @@ def test_mask_contents_correct():
|
||||
assert mask[action_num]
|
||||
node_obj.operating_state = NodeOperatingState.ON
|
||||
|
||||
if act_type == "DONOTHING":
|
||||
if act_type == "do_nothing":
|
||||
assert mask[action_num]
|
||||
|
||||
if act_type == "NODE_SERVICE_DISABLE":
|
||||
if act_type == "node_service_disable":
|
||||
assert mask[action_num]
|
||||
|
||||
if act_type in ["NODE_SERVICE_SCAN", "NODE_SERVICE_STOP", "NODE_SERVICE_PAUSE"]:
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
|
||||
if act_type in ["node_service_scan", "node_service_stop", "node_service_pause"]:
|
||||
node_name = act_params["node_name"]
|
||||
service_name = act_params["service_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
service_obj = node_obj.software_manager.software.get(service_name)
|
||||
assert service_obj.operating_state is ServiceOperatingState.RUNNING
|
||||
@@ -109,9 +108,9 @@ def test_mask_contents_correct():
|
||||
assert not mask[action_num]
|
||||
service_obj.operating_state = ServiceOperatingState.RUNNING
|
||||
|
||||
if act_type == "NODE_SERVICE_RESUME":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
|
||||
if act_type == "node_service_resume":
|
||||
node_name = act_params["node_name"]
|
||||
service_name = act_params["service_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
service_obj = node_obj.software_manager.software.get(service_name)
|
||||
assert service_obj.operating_state is ServiceOperatingState.RUNNING
|
||||
@@ -121,9 +120,9 @@ def test_mask_contents_correct():
|
||||
assert mask[action_num]
|
||||
service_obj.operating_state = ServiceOperatingState.RUNNING
|
||||
|
||||
if act_type == "NODE_SERVICE_START":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
|
||||
if act_type == "node_service_start":
|
||||
node_name = act_params["node_name"]
|
||||
service_name = act_params["service_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
service_obj = node_obj.software_manager.software.get(service_name)
|
||||
assert service_obj.operating_state is ServiceOperatingState.RUNNING
|
||||
@@ -133,9 +132,9 @@ def test_mask_contents_correct():
|
||||
assert mask[action_num]
|
||||
service_obj.operating_state = ServiceOperatingState.RUNNING
|
||||
|
||||
if act_type == "NODE_SERVICE_ENABLE":
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
|
||||
if act_type == "node_service_enable":
|
||||
node_name = act_params["node_name"]
|
||||
service_name = act_params["service_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
service_obj = node_obj.software_manager.software.get(service_name)
|
||||
assert service_obj.operating_state is ServiceOperatingState.RUNNING
|
||||
@@ -145,12 +144,10 @@ def test_mask_contents_correct():
|
||||
assert mask[action_num]
|
||||
service_obj.operating_state = ServiceOperatingState.RUNNING
|
||||
|
||||
if act_type in ["NODE_FILE_SCAN", "NODE_FILE_CHECKHASH", "NODE_FILE_DELETE"]:
|
||||
node_name = node_list[act_params["node_id"]]
|
||||
folder_name = agent.action_manager.get_folder_name_by_idx(act_params["node_id"], act_params["folder_id"])
|
||||
file_name = agent.action_manager.get_file_name_by_idx(
|
||||
act_params["node_id"], act_params["folder_id"], act_params["file_id"]
|
||||
)
|
||||
if act_type in ["node_file_scan", "node_file_checkhash", "node_file_delete"]:
|
||||
node_name = act_params["node_name"]
|
||||
folder_name = act_params["folder_name"]
|
||||
file_name = act_params["file_name"]
|
||||
node_obj = net.get_node_by_hostname(node_name)
|
||||
file_obj = node_obj.file_system.get_file(folder_name, file_name, include_deleted=True)
|
||||
assert not file_obj.deleted
|
||||
|
||||
@@ -32,10 +32,10 @@ FIREWALL_ACTIONS_NETWORK = TEST_ASSETS_ROOT / "configs/firewall_actions_network.
|
||||
|
||||
|
||||
def test_do_nothing_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
"""Test that the DoNothingAction can form a request and that it is accepted by the simulation."""
|
||||
"""Test that the do_nothingAction can form a request and that it is accepted by the simulation."""
|
||||
game, agent = game_and_agent
|
||||
|
||||
action = ("DONOTHING", {})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -56,7 +56,7 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
|
||||
assert svc.health_state_visible == SoftwareHealthState.UNUSED
|
||||
|
||||
# 2: Scan and check that the visible state is now correct
|
||||
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert svc.health_state_actual == SoftwareHealthState.GOOD
|
||||
@@ -67,7 +67,7 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
|
||||
assert svc.health_state_visible == SoftwareHealthState.GOOD
|
||||
|
||||
# 4: Scan and check that the visible state is now correct
|
||||
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert svc.health_state_actual == SoftwareHealthState.COMPROMISED
|
||||
@@ -88,7 +88,7 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
|
||||
svc.health_state_actual = SoftwareHealthState.COMPROMISED
|
||||
|
||||
# 2: Apply a patch action
|
||||
action = ("NODE_SERVICE_FIX", {"node_id": 1, "service_id": 0})
|
||||
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -96,7 +96,7 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
|
||||
assert svc.health_state_actual == SoftwareHealthState.FIXING
|
||||
|
||||
# 4: perform a few do-nothing steps and check that the service is now in the good state
|
||||
action = ("DONOTHING", {})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert svc.health_state_actual == SoftwareHealthState.GOOD
|
||||
@@ -121,18 +121,18 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
|
||||
|
||||
# 2: Add a rule to block client 1 from reaching server 2 on router
|
||||
action = (
|
||||
"ROUTER_ACL_ADDRULE",
|
||||
"router_acl_add_rule",
|
||||
{
|
||||
"target_router": "router",
|
||||
"position": 4, # 4th rule
|
||||
"permission": 2, # DENY
|
||||
"source_ip_id": 3, # 10.0.1.2 (client_1)
|
||||
"dest_ip_id": 6, # 10.0.2.3 (server_2)
|
||||
"dest_port_id": 1, # ALL
|
||||
"source_port_id": 1, # ALL
|
||||
"protocol_id": 1, # ALL
|
||||
"source_wildcard_id": 0,
|
||||
"dest_wildcard_id": 0,
|
||||
"position": 4,
|
||||
"permission": "DENY",
|
||||
"src_ip": "10.0.1.2",
|
||||
"src_wildcard": "NONE",
|
||||
"src_port": "ALL",
|
||||
"dst_ip": "10.0.2.3",
|
||||
"dst_wildcard": "NONE",
|
||||
"dst_port": "ALL",
|
||||
"protocol_name": "icmp",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -148,24 +148,26 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
|
||||
|
||||
# 4: Add a rule to block server_1 from reaching server_2 on router (this should not affect comms as they are on same subnet)
|
||||
action = (
|
||||
"ROUTER_ACL_ADDRULE",
|
||||
"router_acl_add_rule",
|
||||
{
|
||||
"target_router": "router",
|
||||
"position": 5, # 5th rule
|
||||
"permission": 2, # DENY
|
||||
"source_ip_id": 5, # 10.0.2.2 (server_1)
|
||||
"dest_ip_id": 6, # 10.0.2.3 (server_2)
|
||||
"dest_port_id": 1, # ALL
|
||||
"source_port_id": 1, # ALL
|
||||
"protocol_id": 1, # ALL
|
||||
"source_wildcard_id": 0,
|
||||
"dest_wildcard_id": 0,
|
||||
"permission": "DENY", # DENY
|
||||
"src_ip": "10.0.2.2", # 10.0.2.2 (server_1)
|
||||
"src_wildcard": 0,
|
||||
"src_port": "ALL", # ALL
|
||||
"dst_ip": "10.0.2.3", # 10.0.2.3 (server_2)
|
||||
"dst_wildcard": 0,
|
||||
"dst_port": "ALL", # ALL
|
||||
"protocol_name": "ALL", # ALL
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
print(agent.most_recent_action)
|
||||
game.step()
|
||||
|
||||
print(agent.most_recent_action)
|
||||
# 5: Check that the ACL now has 6 rules, but that server_1 can still ping server_2
|
||||
print(router.acl.show())
|
||||
assert router.acl.num_rules == 6
|
||||
assert server_1.ping("10.0.2.3") # Can ping server_2
|
||||
|
||||
@@ -181,12 +183,12 @@ def test_router_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, P
|
||||
|
||||
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
|
||||
browser.run()
|
||||
browser.target_url = "http://www.example.com"
|
||||
browser.config.target_url = "http://www.example.com"
|
||||
assert browser.get_webpage() # check that the browser can access example.com before we block it
|
||||
|
||||
# 2: Remove rule that allows HTTP traffic across the network
|
||||
action = (
|
||||
"ROUTER_ACL_REMOVERULE",
|
||||
"router_acl_remove_rule",
|
||||
{
|
||||
"target_router": "router",
|
||||
"position": 3, # 4th rule
|
||||
@@ -214,15 +216,15 @@ def test_host_nic_disable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
|
||||
|
||||
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
|
||||
browser.run()
|
||||
browser.target_url = "http://www.example.com"
|
||||
browser.config.target_url = "http://www.example.com"
|
||||
assert browser.get_webpage() # check that the browser can access example.com before we block it
|
||||
|
||||
# 2: Disable the NIC on client_1
|
||||
action = (
|
||||
"HOST_NIC_DISABLE",
|
||||
"host_nic_disable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -250,10 +252,10 @@ def test_host_nic_enable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAg
|
||||
|
||||
# 2: Use action to enable nic
|
||||
action = (
|
||||
"HOST_NIC_ENABLE",
|
||||
"host_nic_enable",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"nic_id": 0, # the only nic (eth-1)
|
||||
"node_name": "client_1", # client_1
|
||||
"nic_num": 1, # the only nic (eth-1)
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -273,15 +275,15 @@ def test_node_file_scan_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAge
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
file = client_1.file_system.get_file("downloads", "cat.png")
|
||||
assert file.health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
# 2: perform a scan and make sure nothing has changed
|
||||
action = (
|
||||
"NODE_FILE_SCAN",
|
||||
"node_file_scan",
|
||||
{
|
||||
"node_id": 0, # client_1,
|
||||
"folder_id": 0, # downloads,
|
||||
"file_id": 0, # cat.png
|
||||
"node_name": "client_1", # client_1,
|
||||
"folder_name": "downloads", # downloads,
|
||||
"file_name": "cat.png", # cat.png
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -314,11 +316,11 @@ def test_node_file_delete_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
|
||||
|
||||
# 2: delete the file
|
||||
action = (
|
||||
"NODE_FILE_DELETE",
|
||||
"node_file_delete",
|
||||
{
|
||||
"node_id": 0, # client_1
|
||||
"folder_id": 0, # downloads
|
||||
"file_id": 0, # cat.png
|
||||
"node_name": "client_1", # client_1
|
||||
"folder_name": "downloads", # downloads
|
||||
"file_name": "cat.png", # cat.png
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -334,14 +336,15 @@ def test_node_file_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
"""Test that a file is created."""
|
||||
game, agent = game_and_agent
|
||||
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
|
||||
action = (
|
||||
"NODE_FILE_CREATE",
|
||||
"node_file_create",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"folder_name": "test",
|
||||
"file_name": "file.txt",
|
||||
"force": "False",
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -357,9 +360,9 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
|
||||
|
||||
action = (
|
||||
"NODE_FILE_CREATE",
|
||||
"node_file_create",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"folder_name": "test",
|
||||
"file_name": "file.txt",
|
||||
},
|
||||
@@ -370,9 +373,9 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
assert client_1.file_system.get_file(folder_name="test", file_name="file.txt").num_access == 0
|
||||
|
||||
action = (
|
||||
"NODE_FILE_ACCESS",
|
||||
"node_file_access",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"folder_name": "test",
|
||||
"file_name": "file.txt",
|
||||
},
|
||||
@@ -390,9 +393,9 @@ def test_node_folder_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
|
||||
|
||||
action = (
|
||||
"NODE_FOLDER_CREATE",
|
||||
"node_folder_create",
|
||||
{
|
||||
"node_id": 0,
|
||||
"node_name": "client_1",
|
||||
"folder_name": "test",
|
||||
},
|
||||
)
|
||||
@@ -413,15 +416,15 @@ def test_network_router_port_disable_integration(game_and_agent: Tuple[PrimaiteG
|
||||
|
||||
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
|
||||
browser.run()
|
||||
browser.target_url = "http://www.example.com"
|
||||
browser.config.target_url = "http://www.example.com"
|
||||
assert browser.get_webpage() # check that the browser can access example.com before we block it
|
||||
|
||||
# 2: Disable the NIC on client_1
|
||||
action = (
|
||||
"NETWORK_PORT_DISABLE",
|
||||
"network_port_disable",
|
||||
{
|
||||
"target_nodename": "router", # router
|
||||
"port_id": 1, # port 1
|
||||
"port_num": 1, # port 1
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -450,10 +453,10 @@ def test_network_router_port_enable_integration(game_and_agent: Tuple[PrimaiteGa
|
||||
|
||||
# 2: Use action to enable port
|
||||
action = (
|
||||
"NETWORK_PORT_ENABLE",
|
||||
"network_port_enable",
|
||||
{
|
||||
"target_nodename": "router", # router
|
||||
"port_id": 1, # port 1
|
||||
"port_num": 1, # port 1
|
||||
},
|
||||
)
|
||||
agent.store_action(action)
|
||||
@@ -473,14 +476,17 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
|
||||
|
||||
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
|
||||
browser.run()
|
||||
browser.target_url = "http://www.example.com"
|
||||
browser.config.target_url = "http://www.example.com"
|
||||
assert browser.get_webpage() # check that the browser can access example.com
|
||||
|
||||
assert browser.health_state_actual == SoftwareHealthState.GOOD
|
||||
assert browser.health_state_visible == SoftwareHealthState.UNUSED
|
||||
|
||||
# 2: Scan and check that the visible state is now correct
|
||||
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
|
||||
action = (
|
||||
"node_application_scan",
|
||||
{"node_name": "client_1", "application_name": "WebBrowser"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.health_state_actual == SoftwareHealthState.GOOD
|
||||
@@ -491,7 +497,10 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
|
||||
assert browser.health_state_visible == SoftwareHealthState.GOOD
|
||||
|
||||
# 4: Scan and check that the visible state is now correct
|
||||
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
|
||||
action = (
|
||||
"node_application_scan",
|
||||
{"node_name": "client_1", "application_name": "WebBrowser"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.health_state_actual == SoftwareHealthState.COMPROMISED
|
||||
@@ -512,7 +521,10 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
|
||||
browser.health_state_actual = SoftwareHealthState.COMPROMISED
|
||||
|
||||
# 2: Apply a fix action
|
||||
action = ("NODE_APPLICATION_FIX", {"node_id": 0, "application_id": 0})
|
||||
action = (
|
||||
"node_application_fix",
|
||||
{"node_name": "client_1", "application_name": "WebBrowser"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -520,7 +532,7 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
|
||||
assert browser.health_state_actual == SoftwareHealthState.FIXING
|
||||
|
||||
# 4: perform a few do-nothing steps and check that the application is now in the good state
|
||||
action = ("DONOTHING", {})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert browser.health_state_actual == SoftwareHealthState.GOOD
|
||||
@@ -538,7 +550,10 @@ def test_node_application_close_integration(game_and_agent: Tuple[PrimaiteGame,
|
||||
assert browser.operating_state == ApplicationOperatingState.RUNNING
|
||||
|
||||
# 2: Apply a close action
|
||||
action = ("NODE_APPLICATION_CLOSE", {"node_id": 0, "application_id": 0})
|
||||
action = (
|
||||
"node_application_close",
|
||||
{"node_name": "client_1", "application_name": "WebBrowser"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -549,7 +564,7 @@ def test_node_application_install_and_uninstall_integration(game_and_agent: Tupl
|
||||
"""Test that the NodeApplicationInstallAction and NodeApplicationRemoveAction can form a request and that
|
||||
it is accepted by the simulation.
|
||||
|
||||
When you initiate a install action, the Application will be installed and configured on the node.
|
||||
When you initiate an install action, the Application will be installed and configured on the node.
|
||||
The remove action will uninstall the application from the node."""
|
||||
game, agent = game_and_agent
|
||||
|
||||
@@ -557,13 +572,19 @@ def test_node_application_install_and_uninstall_integration(game_and_agent: Tupl
|
||||
|
||||
assert client_1.software_manager.software.get("DoSBot") is None
|
||||
|
||||
action = ("NODE_APPLICATION_INSTALL", {"node_id": 0, "application_name": "DoSBot"})
|
||||
action = (
|
||||
"node_application_install",
|
||||
{"node_name": "client_1", "application_name": "DoSBot"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
assert client_1.software_manager.software.get("DoSBot") is not None
|
||||
|
||||
action = ("NODE_APPLICATION_REMOVE", {"node_id": 0, "application_name": "DoSBot"})
|
||||
action = (
|
||||
"node_application_remove",
|
||||
{"node_name": "client_1", "application_name": "DoSBot"},
|
||||
)
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
|
||||
@@ -656,9 +677,9 @@ def test_firewall_acl_add_remove_rule_integration():
|
||||
assert firewall.external_outbound_acl.acl[1].action.name == "DENY"
|
||||
assert firewall.external_outbound_acl.acl[1].src_ip_address == IPv4Address("192.168.20.10")
|
||||
assert firewall.external_outbound_acl.acl[1].dst_ip_address == IPv4Address("192.168.0.10")
|
||||
assert firewall.external_outbound_acl.acl[1].dst_port is None
|
||||
assert firewall.external_outbound_acl.acl[1].src_port is None
|
||||
assert firewall.external_outbound_acl.acl[1].protocol is None
|
||||
assert firewall.external_outbound_acl.acl[1].dst_port == PORT_LOOKUP["NONE"]
|
||||
assert firewall.external_outbound_acl.acl[1].src_port == PORT_LOOKUP["NONE"]
|
||||
assert firewall.external_outbound_acl.acl[1].protocol == PROTOCOL_LOOKUP["NONE"]
|
||||
|
||||
env.step(12) # Remove ACL rule from External Outbound
|
||||
assert firewall.external_outbound_acl.num_rules == 1
|
||||
|
||||
@@ -17,12 +17,7 @@ def test_file_observation():
|
||||
dog_file_obs = FileObservation(
|
||||
where=["network", "nodes", pc.hostname, "file_system", "folders", "root", "files", "dog.png"],
|
||||
include_num_access=False,
|
||||
file_system_requires_scan=True,
|
||||
file_system_requires_scan=False,
|
||||
)
|
||||
assert dog_file_obs.observe(state) == {"health_status": 1}
|
||||
assert dog_file_obs.space == spaces.Dict({"health_status": spaces.Discrete(6)})
|
||||
|
||||
|
||||
# TODO:
|
||||
# def test_file_num_access():
|
||||
# ...
|
||||
|
||||
@@ -29,16 +29,16 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
|
||||
client_1 = game.simulation.network.get_node_by_hostname("client_1")
|
||||
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
|
||||
browser.run()
|
||||
browser.target_url = "http://www.example.com"
|
||||
browser.config.target_url = "http://www.example.com"
|
||||
agent.reward_function.register_component(comp, 0.7)
|
||||
|
||||
# Check that before trying to fetch the webpage, the reward is 0.0
|
||||
agent.store_action(("DONOTHING", {}))
|
||||
agent.store_action(("do_nothing", {}))
|
||||
game.step()
|
||||
assert agent.reward_function.current_reward == 0.0
|
||||
|
||||
# Check that successfully fetching the webpage yields a reward of 0.7
|
||||
agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}))
|
||||
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
|
||||
game.step()
|
||||
assert agent.reward_function.current_reward == 0.7
|
||||
|
||||
@@ -50,7 +50,7 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
|
||||
src_port=PORT_LOOKUP["HTTP"],
|
||||
dst_port=PORT_LOOKUP["HTTP"],
|
||||
)
|
||||
agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}))
|
||||
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
|
||||
game.step()
|
||||
assert agent.reward_function.current_reward == -0.7
|
||||
|
||||
@@ -83,7 +83,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
|
||||
response = game.simulation.apply_request(request)
|
||||
state = game.get_sim_state()
|
||||
ahi = AgentHistoryItem(
|
||||
timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response
|
||||
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
|
||||
)
|
||||
reward_value = comp.calculate(state, last_action_response=ahi)
|
||||
assert reward_value == 1.0
|
||||
@@ -94,7 +94,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
|
||||
response = game.simulation.apply_request(request)
|
||||
state = game.get_sim_state()
|
||||
ahi = AgentHistoryItem(
|
||||
timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response
|
||||
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
|
||||
)
|
||||
reward_value = comp.calculate(
|
||||
state,
|
||||
@@ -154,13 +154,13 @@ def test_action_penalty():
|
||||
# Penalty = ActionPenalty(action_penalty=-0.75, do_nothing_penalty=0.125)
|
||||
Penalty = ActionPenalty(config=schema)
|
||||
|
||||
# Assert that penalty is applied if action isn't DONOTHING
|
||||
# Assert that penalty is applied if action isn't do_nothing
|
||||
reward_value = Penalty.calculate(
|
||||
state={},
|
||||
last_action_response=AgentHistoryItem(
|
||||
timestep=0,
|
||||
action="NODE_APPLICATION_EXECUTE",
|
||||
parameters={"node_id": 0, "application_id": 1},
|
||||
action="node_application_execute",
|
||||
parameters={"node_name": "client", "application_name": "WebBrowser"},
|
||||
request=["execute"],
|
||||
response=RequestResponse.from_bool(True),
|
||||
),
|
||||
@@ -168,12 +168,12 @@ def test_action_penalty():
|
||||
|
||||
assert reward_value == -0.75
|
||||
|
||||
# Assert that no penalty applied for a DONOTHING action
|
||||
# Assert that no penalty applied for a do_nothing action
|
||||
reward_value = Penalty.calculate(
|
||||
state={},
|
||||
last_action_response=AgentHistoryItem(
|
||||
timestep=0,
|
||||
action="DONOTHING",
|
||||
action="do_nothing",
|
||||
parameters={},
|
||||
request=["do_nothing"],
|
||||
response=RequestResponse.from_bool(True),
|
||||
@@ -192,12 +192,12 @@ def test_action_penalty_e2e(game_and_agent: tuple[PrimaiteGame, ControlledAgent]
|
||||
|
||||
agent.reward_function.register_component(comp, 1.0)
|
||||
|
||||
action = ("DONOTHING", {})
|
||||
action = ("do_nothing", {})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert agent.reward_function.current_reward == 0.125
|
||||
|
||||
action = ("NODE_FILE_SCAN", {"node_id": 0, "folder_id": 0, "file_id": 0})
|
||||
action = ("node_file_scan", {"node_name": "client", "folder_name": "downloads", "file_name": "document.pdf"})
|
||||
agent.store_action(action)
|
||||
game.step()
|
||||
assert agent.reward_function.current_reward == -0.75
|
||||
|
||||
@@ -3,6 +3,7 @@ from ipaddress import IPv4Address, IPv4Network
|
||||
from typing import Any, Dict, List, Tuple
|
||||
|
||||
import pytest
|
||||
from pydantic import Field
|
||||
|
||||
from primaite.simulator.network.container import Network
|
||||
from primaite.simulator.network.hardware.nodes.host.computer import Computer
|
||||
@@ -14,9 +15,16 @@ from primaite.utils.validation.ip_protocol import PROTOCOL_LOOKUP
|
||||
from primaite.utils.validation.port import PORT_LOOKUP
|
||||
|
||||
|
||||
class BroadcastTestService(Service):
|
||||
class BroadcastTestService(Service, identifier="BroadcastTestService"):
|
||||
"""A service for sending broadcast and unicast messages over a network."""
|
||||
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSchema for BroadcastTestService."""
|
||||
|
||||
type: str = "BroadcastTestService"
|
||||
|
||||
config: "BroadcastTestService.ConfigSchema" = Field(default_factory=lambda: BroadcastTestService.ConfigSchema())
|
||||
|
||||
def __init__(self, **kwargs):
|
||||
# Set default service properties for broadcasting
|
||||
kwargs["name"] = "BroadcastService"
|
||||
@@ -46,6 +54,13 @@ class BroadcastTestService(Service):
|
||||
class BroadcastTestClient(Application, identifier="BroadcastTestClient"):
|
||||
"""A client application to receive broadcast and unicast messages."""
|
||||
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSchema for BroadcastTestClient."""
|
||||
|
||||
type: str = "BroadcastTestClient"
|
||||
|
||||
config: ConfigSchema = Field(default_factory=lambda: BroadcastTestClient.ConfigSchema())
|
||||
|
||||
payloads_received: List = []
|
||||
|
||||
def __init__(self, **kwargs):
|
||||
|
||||
@@ -495,6 +495,12 @@ def test_c2_suite_yaml():
|
||||
|
||||
computer_b: Computer = yaml_network.get_node_by_hostname("node_b")
|
||||
c2_beacon: C2Beacon = computer_b.software_manager.software.get("C2Beacon")
|
||||
c2_beacon.configure(
|
||||
c2_server_ip_address=c2_beacon.config.c2_server_ip_address,
|
||||
keep_alive_frequency=c2_beacon.config.keep_alive_frequency,
|
||||
masquerade_port=c2_beacon.config.masquerade_port,
|
||||
masquerade_protocol=c2_beacon.config.masquerade_protocol,
|
||||
)
|
||||
|
||||
assert c2_server.operating_state == ApplicationOperatingState.RUNNING
|
||||
|
||||
|
||||
@@ -163,7 +163,7 @@ def test_restore_backup_without_updating_scan(uc2_network):
|
||||
|
||||
db_service.db_file.corrupt() # corrupt the db
|
||||
assert db_service.db_file.health_status == FileSystemItemHealthStatus.CORRUPT # db file is actually corrupt
|
||||
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.GOOD # not scanned yet
|
||||
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.NONE # not scanned yet
|
||||
|
||||
db_service.db_file.scan() # scan the db file
|
||||
|
||||
@@ -190,7 +190,7 @@ def test_restore_backup_after_deleting_file_without_updating_scan(uc2_network):
|
||||
|
||||
db_service.db_file.corrupt() # corrupt the db
|
||||
assert db_service.db_file.health_status == FileSystemItemHealthStatus.CORRUPT # db file is actually corrupt
|
||||
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.GOOD # not scanned yet
|
||||
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.NONE # not scanned yet
|
||||
|
||||
db_service.db_file.scan() # scan the db file
|
||||
|
||||
@@ -232,7 +232,7 @@ def test_database_service_fix(uc2_network):
|
||||
assert db_service.health_state_actual == SoftwareHealthState.FIXING
|
||||
|
||||
# apply timestep until the fix is applied
|
||||
for i in range(db_service.fixing_duration + 1):
|
||||
for i in range(db_service.config.fixing_duration + 1):
|
||||
uc2_network.apply_timestep(i)
|
||||
|
||||
assert db_service.db_file.health_status == FileSystemItemHealthStatus.GOOD
|
||||
@@ -266,7 +266,7 @@ def test_database_cannot_be_queried_while_fixing(uc2_network):
|
||||
assert db_connection.query(sql="SELECT") is False
|
||||
|
||||
# apply timestep until the fix is applied
|
||||
for i in range(db_service.fixing_duration + 1):
|
||||
for i in range(db_service.config.fixing_duration + 1):
|
||||
uc2_network.apply_timestep(i)
|
||||
|
||||
assert db_service.health_state_actual == SoftwareHealthState.GOOD
|
||||
@@ -308,7 +308,7 @@ def test_database_can_create_connection_while_fixing(uc2_network):
|
||||
assert new_db_connection.query(sql="SELECT") is False # still should fail to query because FIXING
|
||||
|
||||
# apply timestep until the fix is applied
|
||||
for i in range(db_service.fixing_duration + 1):
|
||||
for i in range(db_service.config.fixing_duration + 1):
|
||||
uc2_network.apply_timestep(i)
|
||||
|
||||
assert db_service.health_state_actual == SoftwareHealthState.GOOD
|
||||
|
||||
@@ -14,7 +14,14 @@ from primaite.utils.validation.port import PORT_LOOKUP
|
||||
from tests import TEST_ASSETS_ROOT
|
||||
|
||||
|
||||
class _DatabaseListener(Service):
|
||||
class _DatabaseListener(Service, identifier="_DatabaseListener"):
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSchema for _DatabaseListener."""
|
||||
|
||||
type: str = "_DatabaseListener"
|
||||
listen_on_ports: Set[int] = {PORT_LOOKUP["POSTGRES_SERVER"]}
|
||||
|
||||
config: "_DatabaseListener.ConfigSchema" = Field(default_factory=lambda: _DatabaseListener.ConfigSchema())
|
||||
name: str = "DatabaseListener"
|
||||
protocol: str = PROTOCOL_LOOKUP["TCP"]
|
||||
port: int = PORT_LOOKUP["NONE"]
|
||||
|
||||
@@ -51,7 +51,7 @@ def test_web_page_get_users_page_request_with_domain_name(web_client_and_web_ser
|
||||
web_browser_app, computer, web_server_service, server = web_client_and_web_server
|
||||
|
||||
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
|
||||
web_browser_app.target_url = f"http://arcd.com/"
|
||||
web_browser_app.config.target_url = f"http://arcd.com/"
|
||||
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
|
||||
|
||||
assert web_browser_app.get_webpage() is True
|
||||
@@ -66,7 +66,7 @@ def test_web_page_get_users_page_request_with_ip_address(web_client_and_web_serv
|
||||
web_browser_app, computer, web_server_service, server = web_client_and_web_server
|
||||
|
||||
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
|
||||
web_browser_app.target_url = f"http://{web_server_ip}/"
|
||||
web_browser_app.config.target_url = f"http://{web_server_ip}/"
|
||||
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
|
||||
|
||||
assert web_browser_app.get_webpage() is True
|
||||
@@ -81,7 +81,7 @@ def test_web_page_request_from_shut_down_server(web_client_and_web_server):
|
||||
web_browser_app, computer, web_server_service, server = web_client_and_web_server
|
||||
|
||||
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
|
||||
web_browser_app.target_url = f"http://arcd.com/"
|
||||
web_browser_app.config.target_url = f"http://arcd.com/"
|
||||
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
|
||||
|
||||
assert web_browser_app.get_webpage() is True
|
||||
@@ -108,7 +108,7 @@ def test_web_page_request_from_closed_web_browser(web_client_and_web_server):
|
||||
web_browser_app, computer, web_server_service, server = web_client_and_web_server
|
||||
|
||||
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
|
||||
web_browser_app.target_url = f"http://arcd.com/"
|
||||
web_browser_app.config.target_url = f"http://arcd.com/"
|
||||
assert web_browser_app.get_webpage() is True
|
||||
|
||||
# latest response should have status code 200
|
||||
|
||||
@@ -74,7 +74,7 @@ def web_client_web_server_database(example_network) -> Tuple[Network, Computer,
|
||||
# Install Web Browser on computer
|
||||
computer.software_manager.install(WebBrowser)
|
||||
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
|
||||
web_browser.target_url = "http://arcd.com/users/"
|
||||
web_browser.config.target_url = "http://arcd.com/users/"
|
||||
web_browser.run()
|
||||
|
||||
# Install DNS Client service on computer
|
||||
@@ -131,7 +131,7 @@ def test_database_fix_disrupts_web_client(uc2_network):
|
||||
|
||||
assert web_browser.get_webpage() is False
|
||||
|
||||
for i in range(database_service.fixing_duration + 1):
|
||||
for i in range(database_service.config.fixing_duration + 1):
|
||||
uc2_network.apply_timestep(i)
|
||||
|
||||
assert database_service.health_state_actual == SoftwareHealthState.GOOD
|
||||
|
||||
@@ -2,10 +2,11 @@
|
||||
from unittest.mock import Mock
|
||||
|
||||
import pytest
|
||||
from pydantic import ValidationError
|
||||
|
||||
from primaite.game.agent.actions import (
|
||||
ActionManager,
|
||||
DoNothingAction,
|
||||
from primaite.game.agent.actions import ActionManager
|
||||
from primaite.game.agent.actions.manager import DoNothingAction
|
||||
from primaite.game.agent.actions.service import (
|
||||
NodeServiceDisableAction,
|
||||
NodeServiceEnableAction,
|
||||
NodeServicePauseAction,
|
||||
@@ -18,13 +19,8 @@ from primaite.game.agent.actions import (
|
||||
|
||||
|
||||
def test_do_nothing_action_form_request():
|
||||
"""Test that the DoNothingAction can form a request and that it is correct."""
|
||||
manager = Mock()
|
||||
|
||||
action = DoNothingAction(manager=manager)
|
||||
|
||||
request = action.form_request()
|
||||
|
||||
"""Test that the do_nothingAction can form a request and that it is correct."""
|
||||
request = DoNothingAction.form_request(DoNothingAction.ConfigSchema())
|
||||
assert request == ["do_nothing"]
|
||||
|
||||
|
||||
@@ -42,7 +38,7 @@ def test_do_nothing_action_form_request():
|
||||
],
|
||||
) # flake8: noqa
|
||||
@pytest.mark.parametrize(
|
||||
"node_name, service_name, expect_to_do_nothing",
|
||||
"node_name, service_name, expect_failure",
|
||||
[
|
||||
("pc_1", "chrome", False),
|
||||
(None, "chrome", True),
|
||||
@@ -50,42 +46,15 @@ def test_do_nothing_action_form_request():
|
||||
(None, None, True),
|
||||
],
|
||||
) # flake8: noqa
|
||||
def test_service_action_form_request(node_name, service_name, expect_to_do_nothing, action_class, action_verb):
|
||||
def test_service_action_form_request(node_name, service_name, expect_failure, action_class, action_verb):
|
||||
"""Test that the ServiceScanAction can form a request and that it is correct."""
|
||||
manager: ActionManager = Mock()
|
||||
manager.get_node_name_by_idx.return_value = node_name
|
||||
manager.get_service_name_by_idx.return_value = service_name
|
||||
|
||||
action = action_class(manager=manager, num_nodes=1, num_services=1)
|
||||
|
||||
request = action.form_request(node_id=0, service_id=0)
|
||||
|
||||
if expect_to_do_nothing:
|
||||
assert request == ["do_nothing"]
|
||||
if expect_failure:
|
||||
with pytest.raises(ValidationError):
|
||||
request = action_class.form_request(
|
||||
config=action_class.ConfigSchema(node_name=node_name, service_name=service_name)
|
||||
)
|
||||
else:
|
||||
request = action_class.form_request(
|
||||
config=action_class.ConfigSchema(node_name=node_name, service_name=service_name)
|
||||
)
|
||||
assert request == ["network", "node", node_name, "service", service_name, action_verb]
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"node_name, service_name, expect_to_do_nothing",
|
||||
[
|
||||
("pc_1", "chrome", False),
|
||||
(None, "chrome", True),
|
||||
("pc_1", None, True),
|
||||
(None, None, True),
|
||||
],
|
||||
) # flake8: noqa
|
||||
def test_service_scan_form_request(node_name, service_name, expect_to_do_nothing):
|
||||
"""Test that the ServiceScanAction can form a request and that it is correct."""
|
||||
manager: ActionManager = Mock()
|
||||
manager.get_node_name_by_idx.return_value = node_name
|
||||
manager.get_service_name_by_idx.return_value = service_name
|
||||
|
||||
action = NodeServiceScanAction(manager=manager, num_nodes=1, num_services=1)
|
||||
|
||||
request = action.form_request(node_id=0, service_id=0)
|
||||
|
||||
if expect_to_do_nothing:
|
||||
assert request == ["do_nothing"]
|
||||
else:
|
||||
assert request == ["network", "node", node_name, "service", service_name, "scan"]
|
||||
|
||||
52
tests/unit_tests/_primaite/_game/_agent/test_agent.py
Normal file
52
tests/unit_tests/_primaite/_game/_agent/test_agent.py
Normal file
@@ -0,0 +1,52 @@
|
||||
from primaite.game.agent.observations.file_system_observations import FileObservation
|
||||
from primaite.game.agent.observations.observation_manager import NullObservation
|
||||
from primaite.game.agent.scripted_agents.random_agent import RandomAgent
|
||||
|
||||
|
||||
def test_creating_empty_agent():
|
||||
agent = RandomAgent()
|
||||
assert len(agent.action_manager.action_map) == 0
|
||||
assert isinstance(agent.observation_manager.obs, NullObservation)
|
||||
assert len(agent.reward_function.reward_components) == 0
|
||||
|
||||
|
||||
def test_creating_agent_from_dict():
|
||||
action_config = {
|
||||
"action_map": {
|
||||
0: {"action": "do_nothing", "options": {}},
|
||||
1: {
|
||||
"action": "node_application_execute",
|
||||
"options": {"node_name": "client", "application_name": "database"},
|
||||
},
|
||||
}
|
||||
}
|
||||
observation_config = {
|
||||
"type": "FILE",
|
||||
"options": {
|
||||
"file_name": "dog.pdf",
|
||||
"include_num_access": False,
|
||||
"file_system_requires_scan": False,
|
||||
},
|
||||
}
|
||||
reward_config = {
|
||||
"reward_components": [
|
||||
{
|
||||
"type": "DATABASE_FILE_INTEGRITY",
|
||||
"weight": 0.3,
|
||||
"options": {"node_hostname": "server", "folder_name": "database", "file_name": "database.db"},
|
||||
}
|
||||
]
|
||||
}
|
||||
agent = RandomAgent(
|
||||
config={
|
||||
"ref": "random_agent",
|
||||
"team": "BLUE",
|
||||
"action_space": action_config,
|
||||
"observation_space": observation_config,
|
||||
"reward_function": reward_config,
|
||||
}
|
||||
)
|
||||
|
||||
assert len(agent.action_manager.action_map) == 2
|
||||
assert isinstance(agent.observation_manager.obs, FileObservation)
|
||||
assert len(agent.reward_function.reward_components) == 1
|
||||
@@ -69,8 +69,8 @@ class TestFileSystemRequiresScan:
|
||||
wildcard_list:
|
||||
- 0.0.0.1
|
||||
port_list:
|
||||
- 80
|
||||
- 5432
|
||||
- HTTP
|
||||
- POSTGRES_SERVER
|
||||
protocol_list:
|
||||
- ICMP
|
||||
- TCP
|
||||
@@ -98,7 +98,7 @@ class TestFileSystemRequiresScan:
|
||||
"""
|
||||
|
||||
cfg = yaml.safe_load(obs_cfg_yaml)
|
||||
manager = ObservationManager.from_config(cfg)
|
||||
manager = ObservationManager(config=cfg)
|
||||
|
||||
hosts: List[HostObservation] = manager.obs.components["NODES"].hosts
|
||||
for i, host in enumerate(hosts):
|
||||
@@ -119,14 +119,20 @@ class TestFileSystemRequiresScan:
|
||||
assert obs_not_requiring_scan.observe(file_state)["health_status"] == 3
|
||||
|
||||
def test_folder_require_scan(self):
|
||||
folder_state = {"health_status": 3, "visible_status": 1}
|
||||
folder_state = {"health_status": 3, "visible_status": 1, "scanned_this_step": False}
|
||||
|
||||
obs_requiring_scan = FolderObservation(
|
||||
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=True
|
||||
)
|
||||
assert obs_requiring_scan.observe(folder_state)["health_status"] == 1
|
||||
assert obs_requiring_scan.observe(folder_state)["health_status"] == 0
|
||||
|
||||
obs_not_requiring_scan = FolderObservation(
|
||||
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=False
|
||||
)
|
||||
assert obs_not_requiring_scan.observe(folder_state)["health_status"] == 3
|
||||
|
||||
folder_state = {"health_status": 3, "visible_status": 1, "scanned_this_step": True}
|
||||
obs_requiring_scan = FolderObservation(
|
||||
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=True
|
||||
)
|
||||
assert obs_requiring_scan.observe(folder_state)["health_status"] == 1
|
||||
|
||||
@@ -3,6 +3,7 @@ from primaite.game.agent.actions import ActionManager
|
||||
from primaite.game.agent.observations.observation_manager import NestedObservation, ObservationManager
|
||||
from primaite.game.agent.rewards import RewardFunction
|
||||
from primaite.game.agent.scripted_agents.probabilistic_agent import ProbabilisticAgent
|
||||
from primaite.game.game import PrimaiteGame, PrimaiteGameOptions
|
||||
|
||||
|
||||
def test_probabilistic_agent():
|
||||
@@ -16,69 +17,58 @@ def test_probabilistic_agent():
|
||||
"""
|
||||
N_TRIALS = 10_000
|
||||
P_DO_NOTHING = 0.1
|
||||
P_NODE_APPLICATION_EXECUTE = 0.3
|
||||
P_NODE_FILE_DELETE = 0.6
|
||||
P_node_application_execute = 0.3
|
||||
P_node_file_delete = 0.6
|
||||
MIN_DO_NOTHING = 850
|
||||
MAX_DO_NOTHING = 1150
|
||||
MIN_NODE_APPLICATION_EXECUTE = 2800
|
||||
MAX_NODE_APPLICATION_EXECUTE = 3200
|
||||
MIN_NODE_FILE_DELETE = 5750
|
||||
MAX_NODE_FILE_DELETE = 6250
|
||||
MIN_node_application_execute = 2800
|
||||
MAX_node_application_execute = 3200
|
||||
MIN_node_file_delete = 5750
|
||||
MAX_node_file_delete = 6250
|
||||
|
||||
action_space = ActionManager(
|
||||
actions=[
|
||||
{"type": "DONOTHING"},
|
||||
{"type": "NODE_APPLICATION_EXECUTE"},
|
||||
{"type": "NODE_FILE_DELETE"},
|
||||
],
|
||||
nodes=[
|
||||
{
|
||||
"node_name": "client_1",
|
||||
"applications": [{"application_name": "WebBrowser"}],
|
||||
"folders": [{"folder_name": "downloads", "files": [{"file_name": "cat.png"}]}],
|
||||
action_space_cfg = {
|
||||
"action_map": {
|
||||
0: {"action": "do_nothing", "options": {}},
|
||||
1: {
|
||||
"action": "node_application_execute",
|
||||
"options": {"node_name": "client_1", "application_name": "WebBrowser"},
|
||||
},
|
||||
2: {
|
||||
"action": "node_file_delete",
|
||||
"options": {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
|
||||
},
|
||||
],
|
||||
max_folders_per_node=2,
|
||||
max_files_per_folder=2,
|
||||
max_services_per_node=2,
|
||||
max_applications_per_node=2,
|
||||
max_nics_per_node=2,
|
||||
max_acl_rules=10,
|
||||
protocols=["TCP", "UDP", "ICMP"],
|
||||
ports=["HTTP", "DNS", "ARP"],
|
||||
act_map={
|
||||
0: {"action": "DONOTHING", "options": {}},
|
||||
1: {"action": "NODE_APPLICATION_EXECUTE", "options": {"node_id": 0, "application_id": 0}},
|
||||
2: {"action": "NODE_FILE_DELETE", "options": {"node_id": 0, "folder_id": 0, "file_id": 0}},
|
||||
},
|
||||
)
|
||||
observation_space = ObservationManager(NestedObservation(components={}))
|
||||
reward_function = RewardFunction()
|
||||
}
|
||||
|
||||
pa = ProbabilisticAgent(
|
||||
agent_name="test_agent",
|
||||
action_space=action_space,
|
||||
observation_space=observation_space,
|
||||
reward_function=reward_function,
|
||||
settings={
|
||||
"action_probabilities": {0: P_DO_NOTHING, 1: P_NODE_APPLICATION_EXECUTE, 2: P_NODE_FILE_DELETE},
|
||||
game = PrimaiteGame()
|
||||
game.options = PrimaiteGameOptions(ports=[], protocols=[])
|
||||
|
||||
pa_config = {
|
||||
"type": "ProbabilisticAgent",
|
||||
"ref": "ProbabilisticAgent",
|
||||
"team": "BLUE",
|
||||
"action_space": action_space_cfg,
|
||||
"agent_settings": {
|
||||
"action_probabilities": {0: P_DO_NOTHING, 1: P_node_application_execute, 2: P_node_file_delete},
|
||||
},
|
||||
)
|
||||
}
|
||||
|
||||
pa = ProbabilisticAgent.from_config(config=pa_config)
|
||||
|
||||
do_nothing_count = 0
|
||||
node_application_execute_count = 0
|
||||
node_file_delete_count = 0
|
||||
for _ in range(N_TRIALS):
|
||||
a = pa.get_action(0)
|
||||
if a == ("DONOTHING", {}):
|
||||
if a == ("do_nothing", {}):
|
||||
do_nothing_count += 1
|
||||
elif a == ("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}):
|
||||
elif a == ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}):
|
||||
node_application_execute_count += 1
|
||||
elif a == ("NODE_FILE_DELETE", {"node_id": 0, "folder_id": 0, "file_id": 0}):
|
||||
elif a == ("node_file_delete", {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"}):
|
||||
node_file_delete_count += 1
|
||||
else:
|
||||
raise AssertionError("Probabilistic agent produced an unexpected action.")
|
||||
|
||||
assert MIN_DO_NOTHING < do_nothing_count < MAX_DO_NOTHING
|
||||
assert MIN_NODE_APPLICATION_EXECUTE < node_application_execute_count < MAX_NODE_APPLICATION_EXECUTE
|
||||
assert MIN_NODE_FILE_DELETE < node_file_delete_count < MAX_NODE_FILE_DELETE
|
||||
assert MIN_node_application_execute < node_application_execute_count < MAX_node_application_execute
|
||||
assert MIN_node_file_delete < node_file_delete_count < MAX_node_file_delete
|
||||
|
||||
@@ -81,7 +81,7 @@ class TestWebpageUnavailabilitySticky:
|
||||
reward = WebpageUnavailablePenalty(config=schema)
|
||||
|
||||
# no response codes yet, reward is 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
browser_history = []
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
|
||||
@@ -91,8 +91,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == 0
|
||||
|
||||
# agent did a successful fetch
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
browser_history.append({"outcome": 200})
|
||||
@@ -104,7 +104,7 @@ class TestWebpageUnavailabilitySticky:
|
||||
|
||||
# THE IMPORTANT BIT
|
||||
# agent did nothing, because reward is not sticky, it goes back to 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
browser_history = []
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
|
||||
@@ -114,8 +114,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == 0.0
|
||||
|
||||
# agent fails to fetch, get a -1.0 reward
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
browser_history.append({"outcome": 404})
|
||||
@@ -126,8 +126,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == -1.0
|
||||
|
||||
# agent fails again to fetch, get a -1.0 reward again
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
browser_history.append({"outcome": 404})
|
||||
@@ -142,7 +142,7 @@ class TestWebpageUnavailabilitySticky:
|
||||
reward = WebpageUnavailablePenalty(config=schema)
|
||||
|
||||
# no response codes yet, reward is 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
browser_history = []
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
|
||||
@@ -152,8 +152,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == 0
|
||||
|
||||
# agent did a successful fetch
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
browser_history.append({"outcome": 200})
|
||||
@@ -165,7 +165,7 @@ class TestWebpageUnavailabilitySticky:
|
||||
|
||||
# THE IMPORTANT BIT
|
||||
# agent did nothing, because reward is sticky, it stays at 1.0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
|
||||
last_action_response = AgentHistoryItem(
|
||||
@@ -174,8 +174,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == 1.0
|
||||
|
||||
# agent fails to fetch, get a -1.0 reward
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
browser_history.append({"outcome": 404})
|
||||
@@ -186,8 +186,8 @@ class TestWebpageUnavailabilitySticky:
|
||||
assert reward.calculate(state, last_action_response) == -1.0
|
||||
|
||||
# agent fails again to fetch, get a -1.0 reward again
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "WebBrowser"}
|
||||
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
browser_history.append({"outcome": 404})
|
||||
@@ -207,7 +207,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
|
||||
|
||||
# no response codes yet, reward is 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
last_action_response = AgentHistoryItem(
|
||||
@@ -216,8 +216,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == 0
|
||||
|
||||
# agent did a successful fetch
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
@@ -228,7 +228,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
|
||||
# THE IMPORTANT BIT
|
||||
# agent did nothing, because reward is not sticky, it goes back to 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
last_action_response = AgentHistoryItem(
|
||||
@@ -237,8 +237,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == 0.0
|
||||
|
||||
# agent fails to fetch, get a -1.0 reward
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
@@ -248,8 +248,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == -1.0
|
||||
|
||||
# agent fails again to fetch, get a -1.0 reward again
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
@@ -266,7 +266,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
|
||||
|
||||
# no response codes yet, reward is 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
last_action_response = AgentHistoryItem(
|
||||
@@ -275,8 +275,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == 0
|
||||
|
||||
# agent did a successful fetch
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
@@ -287,7 +287,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
|
||||
# THE IMPORTANT BIT
|
||||
# agent did nothing, because reward is not sticky, it goes back to 0
|
||||
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
|
||||
action, params, request = "do_nothing", {}, ["do_nothing"]
|
||||
response = RequestResponse(status="success", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
last_action_response = AgentHistoryItem(
|
||||
@@ -296,8 +296,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == 1.0
|
||||
|
||||
# agent fails to fetch, get a -1.0 reward
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
@@ -307,8 +307,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
|
||||
assert reward.calculate(state, last_action_response) == -1.0
|
||||
|
||||
# agent fails again to fetch, get a -1.0 reward again
|
||||
action = "NODE_APPLICATION_EXECUTE"
|
||||
params = {"node_id": 0, "application_id": 0}
|
||||
action = "node_application_execute"
|
||||
params = {"node_name": "computer", "application_name": "DatabaseClient"}
|
||||
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
|
||||
response = RequestResponse(status="failure", data={})
|
||||
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
|
||||
|
||||
@@ -22,12 +22,12 @@ def test_file_scan(file_system):
|
||||
file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder")
|
||||
|
||||
assert file.health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
file.corrupt()
|
||||
|
||||
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
file.scan()
|
||||
|
||||
@@ -46,7 +46,7 @@ def test_file_reveal_to_red_scan(file_system):
|
||||
assert file.revealed_to_red is True
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
|
||||
@pytest.mark.skip(reason="node_file_checkhash not implemented")
|
||||
def test_simulated_file_check_hash(file_system):
|
||||
file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder")
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ def test_file_scan_request(populated_file_system):
|
||||
|
||||
file.corrupt()
|
||||
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
fs.apply_request(request=["folder", folder.name, "file", file.name, "scan"])
|
||||
|
||||
@@ -32,7 +32,7 @@ def test_file_scan_request(populated_file_system):
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
|
||||
@pytest.mark.skip(reason="node_file_checkhash not implemented")
|
||||
def test_file_checkhash_request(populated_file_system):
|
||||
"""Test that an agent can request a file hash check."""
|
||||
fs, folder, file = populated_file_system
|
||||
@@ -94,7 +94,7 @@ def test_deleted_file_cannot_be_interacted_with(populated_file_system):
|
||||
assert fs.get_file(folder_name=folder.name, file_name=file.name).health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert (
|
||||
fs.get_file(folder_name=folder.name, file_name=file.name).visible_health_status
|
||||
== FileSystemItemHealthStatus.GOOD
|
||||
== FileSystemItemHealthStatus.NONE
|
||||
)
|
||||
|
||||
fs.apply_request(request=["delete", "file", folder.name, file.name])
|
||||
|
||||
@@ -44,25 +44,25 @@ def test_folder_scan(file_system):
|
||||
file2: File = folder.get_file_by_id(file_uuid=list(folder.files)[0])
|
||||
|
||||
assert folder.health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
folder.corrupt()
|
||||
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
folder.scan()
|
||||
|
||||
folder.apply_timestep(timestep=0)
|
||||
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
folder.apply_timestep(timestep=1)
|
||||
folder.apply_timestep(timestep=2)
|
||||
@@ -120,7 +120,7 @@ def test_folder_corrupt_repair(file_system):
|
||||
assert file.health_status == FileSystemItemHealthStatus.GOOD
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
|
||||
@pytest.mark.skip(reason="node_file_checkhash not implemented")
|
||||
def test_simulated_folder_check_hash(file_system):
|
||||
folder: Folder = file_system.create_folder(folder_name="test_folder")
|
||||
file_system.create_file(file_name="test_file.txt", folder_name="test_folder")
|
||||
|
||||
@@ -29,18 +29,18 @@ def test_folder_scan_request(populated_file_system):
|
||||
|
||||
folder.corrupt()
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
fs.apply_request(request=["folder", folder.name, "scan"])
|
||||
|
||||
folder.apply_timestep(timestep=0)
|
||||
|
||||
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
folder.apply_timestep(timestep=1)
|
||||
folder.apply_timestep(timestep=2)
|
||||
@@ -51,7 +51,7 @@ def test_folder_scan_request(populated_file_system):
|
||||
assert file2.visible_health_status == FileSystemItemHealthStatus.CORRUPT
|
||||
|
||||
|
||||
@pytest.mark.skip(reason="NODE_FOLDER_CHECKHASH not implemented")
|
||||
@pytest.mark.skip(reason="node_folder_checkhash not implemented")
|
||||
def test_folder_checkhash_request(populated_file_system):
|
||||
"""Test that an agent can request a folder hash check."""
|
||||
fs, folder, file = populated_file_system
|
||||
|
||||
@@ -70,13 +70,13 @@ def test_node_os_scan(node):
|
||||
# add folder and file to node
|
||||
folder: Folder = node.file_system.create_folder(folder_name="test_folder")
|
||||
folder.corrupt()
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
file: File = node.file_system.create_file(folder_name="test_folder", file_name="file.txt")
|
||||
file2: File = node.file_system.create_file(folder_name="test_folder", file_name="file2.txt")
|
||||
file.corrupt()
|
||||
file2.corrupt()
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
|
||||
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
|
||||
|
||||
# run os scan
|
||||
node.apply_request(["os", "scan"])
|
||||
|
||||
@@ -128,13 +128,13 @@ def test_c2_handle_switching_port(basic_c2_network):
|
||||
assert c2_server.c2_connection_active is True
|
||||
|
||||
# Assert to confirm that both the C2 server and the C2 beacon are configured correctly.
|
||||
assert c2_beacon.c2_config.keep_alive_frequency is 2
|
||||
assert c2_beacon.c2_config.masquerade_port is PORT_LOOKUP["HTTP"]
|
||||
assert c2_beacon.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
assert c2_beacon.config.keep_alive_frequency is 2
|
||||
assert c2_beacon.config.masquerade_port is PORT_LOOKUP["HTTP"]
|
||||
assert c2_beacon.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
|
||||
assert c2_server.c2_config.keep_alive_frequency is 2
|
||||
assert c2_server.c2_config.masquerade_port is PORT_LOOKUP["HTTP"]
|
||||
assert c2_server.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
assert c2_server.config.keep_alive_frequency is 2
|
||||
assert c2_server.config.masquerade_port is PORT_LOOKUP["HTTP"]
|
||||
assert c2_server.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
|
||||
# Configuring the C2 Beacon.
|
||||
c2_beacon.configure(
|
||||
@@ -150,11 +150,11 @@ def test_c2_handle_switching_port(basic_c2_network):
|
||||
|
||||
# Assert to confirm that both the C2 server and the C2 beacon
|
||||
# Have reconfigured their C2 settings.
|
||||
assert c2_beacon.c2_config.masquerade_port is PORT_LOOKUP["FTP"]
|
||||
assert c2_beacon.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
assert c2_beacon.config.masquerade_port is PORT_LOOKUP["FTP"]
|
||||
assert c2_beacon.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
|
||||
assert c2_server.c2_config.masquerade_port is PORT_LOOKUP["FTP"]
|
||||
assert c2_server.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
assert c2_server.config.masquerade_port is PORT_LOOKUP["FTP"]
|
||||
assert c2_server.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
|
||||
|
||||
|
||||
def test_c2_handle_switching_frequency(basic_c2_network):
|
||||
@@ -174,8 +174,8 @@ def test_c2_handle_switching_frequency(basic_c2_network):
|
||||
assert c2_server.c2_connection_active is True
|
||||
|
||||
# Assert to confirm that both the C2 server and the C2 beacon are configured correctly.
|
||||
assert c2_beacon.c2_config.keep_alive_frequency is 2
|
||||
assert c2_server.c2_config.keep_alive_frequency is 2
|
||||
assert c2_beacon.config.keep_alive_frequency is 2
|
||||
assert c2_server.config.keep_alive_frequency is 2
|
||||
|
||||
# Configuring the C2 Beacon.
|
||||
c2_beacon.configure(c2_server_ip_address="192.168.0.1", keep_alive_frequency=10)
|
||||
@@ -186,8 +186,8 @@ def test_c2_handle_switching_frequency(basic_c2_network):
|
||||
|
||||
# Assert to confirm that both the C2 server and the C2 beacon
|
||||
# Have reconfigured their C2 settings.
|
||||
assert c2_beacon.c2_config.keep_alive_frequency is 10
|
||||
assert c2_server.c2_config.keep_alive_frequency is 10
|
||||
assert c2_beacon.config.keep_alive_frequency is 10
|
||||
assert c2_server.config.keep_alive_frequency is 10
|
||||
|
||||
# Now skipping 9 time steps to confirm keep alive inactivity
|
||||
for i in range(9):
|
||||
|
||||
@@ -148,7 +148,7 @@ def test_service_fixing(service):
|
||||
service.fix()
|
||||
assert service.health_state_actual == SoftwareHealthState.FIXING
|
||||
|
||||
for i in range(service.fixing_duration + 1):
|
||||
for i in range(service.config.fixing_duration + 1):
|
||||
service.apply_timestep(i)
|
||||
|
||||
assert service.health_state_actual == SoftwareHealthState.GOOD
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
from typing import Dict
|
||||
|
||||
import pytest
|
||||
from pydantic import Field
|
||||
|
||||
from primaite.simulator.system.core.sys_log import SysLog
|
||||
from primaite.simulator.system.services.service import Service
|
||||
@@ -10,7 +11,14 @@ from primaite.utils.validation.ip_protocol import PROTOCOL_LOOKUP
|
||||
from primaite.utils.validation.port import PORT_LOOKUP
|
||||
|
||||
|
||||
class TestSoftware(Service):
|
||||
class TestSoftware(Service, identifier="TestSoftware"):
|
||||
class ConfigSchema(Service.ConfigSchema):
|
||||
"""ConfigSChema for TestSoftware."""
|
||||
|
||||
type: str = "TestSoftware"
|
||||
|
||||
config: "TestSoftware.ConfigSchema" = Field(default_factory=lambda: TestSoftware.ConfigSchema())
|
||||
|
||||
def describe_state(self) -> Dict:
|
||||
pass
|
||||
|
||||
|
||||
Reference in New Issue
Block a user