oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#2887 - Resolve conflicts from merge

Browse Source
This commit is contained in:
Charlie Crane
2025-01-23 09:17:27 +00:00
parent 3957142afd d2d09abcb1
commit fbef78db51
174 changed files with 7047 additions and 8412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

551
tests/assets/configs/action_penalty.yaml
View File

@@ -69,8 +69,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -96,490 +96,423 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH"
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH"
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 0
node_name: domain_controller
19:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 0
node_name: domain_controller
20:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: domain_controller
21:
action: NODE_RESET
action: node_reset
options:
node_id: 0
node_name: domain_controller
22:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 1
node_name: web_server
23:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 1
node_name: web_server
24:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: web_server
25:
action: NODE_RESET
action: node_reset
options:
node_id: 1
node_name: web_server
26: # old action num: 18
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
27:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 2
node_name: database_server
28:
action: NODE_STARTUP
action: node_startup
options:
node_id: 2
node_name: database_server
29:
action: NODE_RESET
action: node_reset
options:
node_id: 2
node_name: database_server
30:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 3
node_name: backup_server
31:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 3
node_name: backup_server
32:
action: NODE_STARTUP
action: node_startup
options:
node_id: 3
node_name: backup_server
33:
action: NODE_RESET
action: node_reset
options:
node_id: 3
node_name: backup_server
34:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 4
node_name: security_suite
35:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 4
node_name: security_suite
36:
action: NODE_STARTUP
action: node_startup
options:
node_id: 4
node_name: security_suite
37:
action: NODE_RESET
action: node_reset
options:
node_id: 4
node_name: security_suite
38:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 5
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
40: # old action num: 20
action: NODE_STARTUP
action: node_startup
options:
node_id: 5
node_name: client_1
41: # old action num: 21
action: NODE_RESET
action: node_reset
options:
node_id: 5
node_name: client_1
42:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 6
node_name: client_2
43:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 6
node_name: client_2
44:
action: NODE_STARTUP
action: node_startup
options:
node_id: 6
node_name: client_2
45:
action: NODE_RESET
action: node_reset
options:
node_id: 6
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 0
53: # old action num: 29
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 1
54: # old action num: 30
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 2
55: # old action num: 31
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 3
56: # old action num: 32
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 4
57: # old action num: 33
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 5
58: # old action num: 34
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 6
59: # old action num: 35
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 7
60: # old action num: 36
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 8
61: # old action num: 37
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_nodename: router_1
target_router: router_1
position: 9
62: # old action num: 38
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

465
tests/assets/configs/bad_primaite_session.yaml
View File

@@ -13,60 +13,19 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
options:
nodes:
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_nics_per_node: 2
max_acl_rules: 10
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
action_probabilities:
0: 1.0
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
- type: NODE_FILE_DELETE
- type: NODE_FILE_CORRUPT
- type: NODE_OS_SCAN
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -115,8 +74,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -142,381 +101,327 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH"
action: "node_file_checkhash"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH"
action: "node_folder_checkhash"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
19: # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
20:
action: "NODE_STARTUP"
action: "node_startup"
options:
node_id: 5
node_name: client_1
21:
action: "NODE_RESET"
action: "node_reset"
options:
node_id: 5
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
29:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
30:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
31:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
32:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
33:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
34:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
35:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
36:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
37:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
38:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
39:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
40:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
41:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
42:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
43:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
44:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
45:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
46:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
47:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
48:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
49:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
50:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
51:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
52:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
53:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

33
tests/assets/configs/basic_firewall.yaml
View File

@@ -27,39 +27,22 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
reward_function:
reward_components:
- type: DUMMY
node_name: client_2
application_name: WebBrowser
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
action_probabilities:
0: 0.4
1: 0.6
simulation:
network:

55
tests/assets/configs/basic_switched_network.yaml
View File

@@ -30,41 +30,26 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
node_name: client_2
application_name: WebBrowser
reward_function:
reward_components:
- type: DUMMY
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
action_probabilities:
0: 0.4
1: 0.6
- ref: defender
team: BLUE
@@ -103,8 +88,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -122,28 +107,10 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
options:
nodes:
- node_name: switch
- node_name: client_1
- node_name: client_2
- node_name: client_3
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.10.21
- 192.168.10.22
- 192.168.10.23
reward_function:
reward_components:

611
tests/assets/configs/data_manipulation.yaml
View File

@@ -30,35 +30,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_2
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_2
application_name: DatabaseClient
reward_function:
reward_components:
@@ -79,35 +66,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_1
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_1
application_name: WebBrowser
reward_function:
reward_components:
@@ -127,34 +101,12 @@ agents:
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
- node_name: client_2
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -187,7 +139,7 @@ agents:
num_files: 1
num_nics: 2
include_num_access: false
include_nmne: true
include_nmne: true
monitored_traffic:
icmp:
- NONE
@@ -208,8 +160,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -235,490 +187,423 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 0
node_name: domain_controller
19:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 0
node_name: domain_controller
20:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: domain_controller
21:
action: NODE_RESET
action: node_reset
options:
node_id: 0
node_name: domain_controller
22:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 1
node_name: web_server
23:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 1
node_name: web_server
24:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: web_server
25:
action: NODE_RESET
action: node_reset
options:
node_id: 1
node_name: web_server
26: # old action num: 18
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
27:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 2
node_name: database_server
28:
action: NODE_STARTUP
action: node_startup
options:
node_id: 2
node_name: database_server
29:
action: NODE_RESET
action: node_reset
options:
node_id: 2
node_name: database_server
30:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 3
node_name: backup_server
31:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 3
node_name: backup_server
32:
action: NODE_STARTUP
action: node_startup
options:
node_id: 3
node_name: backup_server
33:
action: NODE_RESET
action: node_reset
options:
node_id: 3
node_name: backup_server
34:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 4
node_name: security_suite
35:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 4
node_name: security_suite
36:
action: NODE_STARTUP
action: node_startup
options:
node_id: 4
node_name: security_suite
37:
action: NODE_RESET
action: node_reset
options:
node_id: 4
node_name: security_suite
38:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 5
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
40: # old action num: 20
action: NODE_STARTUP
action: node_startup
options:
node_id: 5
node_name: client_1
41: # old action num: 21
action: NODE_RESET
action: node_reset
options:
node_id: 5
node_name: client_1
42:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 6
node_name: client_2
43:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 6
node_name: client_2
44:
action: NODE_STARTUP
action: node_startup
options:
node_id: 6
node_name: client_2
45:
action: NODE_RESET
action: node_reset
options:
node_id: 6
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

33
tests/assets/configs/dmz_network.yaml
View File

@@ -52,39 +52,22 @@ agents:
- ref: client_1_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_1
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
reward_function:
reward_components:
- type: DUMMY
node_name: client_1
application_name: WebBrowser
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
action_probabilities:
0: 0.4
1: 0.6
simulation:

463
tests/assets/configs/eval_only_primaite_session.yaml
View File

@@ -13,72 +13,47 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
options:
nodes:
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_nics_per_node: 2
max_acl_rules: 10
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
action_probabilities:
0: 1.0
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
- type: NODE_FILE_DELETE
- type: NODE_FILE_CORRUPT
- type: NODE_OS_SCAN
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
node_name: client_1
application_name: DataManipulationBot
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -127,8 +102,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -154,381 +129,327 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH"
action: "node_file_checkhash"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 1
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH"
action: "node_folder_checkhash"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 1
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
19: # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
20:
action: "NODE_STARTUP"
action: "node_startup"
options:
node_id: 5
node_name: client_1
21:
action: "NODE_RESET"
action: "node_reset"
options:
node_id: 5
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
29:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
30:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
31:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
32:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
33:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
34:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
35:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
36:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
37:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
38:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
39:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
40:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
41:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
42:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
43:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
44:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
45:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
46:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
47:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
48:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
49:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
50:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
51:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
52:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
53:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

606
tests/assets/configs/extended_config.yaml
View File

@@ -30,35 +30,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_2
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_2
application_name: DatabaseClient
reward_function:
reward_components:
@@ -79,35 +66,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_1
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_1
application_name: DatabaseClient
reward_function:
reward_components:
@@ -128,33 +102,12 @@ agents:
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
- node_name: client_2
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -208,8 +161,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -235,491 +188,426 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_file_checkhash"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_folder_checkhash"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 0
node_name: domain_controller
19:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 0
node_name: domain_controller
20:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: domain_controller
21:
action: NODE_RESET
action: node_reset
options:
node_id: 0
node_name: domain_controller
22:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 1
node_name: web_server
23:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 1
node_name: web_server
24:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: web_server
25:
action: NODE_RESET
action: node_reset
options:
node_id: 1
node_name: web_server
26: # old action num: 18
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
27:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 2
node_name: database_server
28:
action: NODE_STARTUP
action: node_startup
options:
node_id: 2
node_name: database_server
29:
action: NODE_RESET
action: node_reset
options:
node_id: 2
node_name: database_server
30:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 3
node_name: backup_server
31:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 3
node_name: backup_server
32:
action: NODE_STARTUP
action: node_startup
options:
node_id: 3
node_name: backup_server
33:
action: NODE_RESET
action: node_reset
options:
node_id: 3
node_name: backup_server
34:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 4
node_name: security_suite
35:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 4
node_name: security_suite
36:
action: NODE_STARTUP
action: node_startup
options:
node_id: 4
node_name: security_suite
37:
action: NODE_RESET
action: node_reset
options:
node_id: 4
node_name: security_suite
38:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 5
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
40: # old action num: 20
action: NODE_STARTUP
action: node_startup
options:
node_id: 5
node_name: client_1
41: # old action num: 21
action: NODE_RESET
action: node_reset
options:
node_id: 5
node_name: client_1
42:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 6
node_name: client_2
43:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 6
node_name: client_2
44:
action: NODE_STARTUP
action: node_startup
options:
node_id: 6
node_name: client_2
45:
action: NODE_RESET
action: node_reset
options:
node_id: 6
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
options:
nodes:
- node_name: domain_controller
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
reward_function:
reward_components:
- type: DATABASE_FILE_INTEGRITY

165
tests/assets/configs/firewall_actions_network.yaml
View File

@@ -77,8 +77,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -95,181 +95,156 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: FIREWALL_ACL_ADDRULE
- type: FIREWALL_ACL_REMOVERULE
- type: NETWORK_PORT_DISABLE
- type: NETWORK_PORT_ENABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
type: firewall_acl_add_rule
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: inbound
position: 1
permission: 1
source_ip_id: 2 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: PERMIT
src_ip: 192.168.0.10
dst_ip: ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
2:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: inbound
position: 1
3:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: outbound
position: 1
permission: 2
source_ip_id: 2 # client 1
dest_ip_id: 1 # ALL
source_port_id: 2
dest_port_id: 3
protocol_id: 2
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.0.10 # client 1
dst_ip: ALL
src_port: ARP
dst_port: DNS
protocol_name: ICMP
src_wildcard: NONE
dst_wildcard: NONE
4:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: internal
firewall_port_direction: outbound
position: 1
5:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: inbound
position: 1
permission: 2
source_ip_id: 3 # dmz_server
dest_ip_id: 2 # client_1
source_port_id: 4
dest_port_id: 4
protocol_id: 4
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.10 # dmz_server
dst_ip: 192.168.0.10 # client_1
src_port: HTTP
dst_port: HTTP
protocol_name: UDP
src_wildcard: NONE
dst_wildcard: NONE
6:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: inbound
position: 1
7:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: outbound
position: 2
permission: 2
source_ip_id: 3 # dmz_server
dest_ip_id: 2 # client_1
source_port_id: 4
dest_port_id: 4
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.10 # dmz_server
dst_ip: 192.168.0.10 # client_1
src_port: HTTP
dst_port: HTTP
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
8:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: dmz
firewall_port_direction: outbound
position: 2
9:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: inbound
position: 10
permission: 2
source_ip_id: 4 # external_computer
dest_ip_id: 3 # dmz
source_port_id: 5
dest_port_id: 5
protocol_id: 2
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.20.10 # external_computer
dst_ip: 192.168.10.10 # dmz
src_port: POSTGRES_SERVER
dst_port: POSTGRES_SERVER
protocol_name: ICMP
src_wildcard: NONE
dst_wildcard: NONE
10:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: inbound
position: 10
11:
action: FIREWALL_ACL_ADDRULE
action: firewall_acl_add_rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: outbound
position: 1
permission: 2
source_ip_id: 4 # external_computer
dest_ip_id: 2 # client_1
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.20.10 # external_computer
dst_ip: 192.168.0.10 # client_1
src_port: NONE
dst_port: NONE
protocol_name: none
src_wildcard: NONE
dst_wildcard: NONE
12:
action: FIREWALL_ACL_REMOVERULE
action: firewall_acl_remove_rule
options:
target_firewall_nodename: firewall
firewall_port_name: external
firewall_port_direction: outbound
position: 1
13:
action: NETWORK_PORT_DISABLE
action: network_port_disable
options:
type: network_port_disable
target_nodename: firewall
port_id: 3
port_num: 3
14:
action: NETWORK_PORT_ENABLE
action: network_port_enable
options:
type: network_port_enable
target_nodename: firewall
port_id: 3
options:
nodes:
- node_name: client_1
- node_name: dmz_server
- node_name: external_computer
ip_list:
- 192.168.0.10
- 192.168.10.10
- 192.168.20.10
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
reward_function:
reward_components:
- type: DUMMY
port_num: 3
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3

63
tests/assets/configs/fix_duration_one_item.yaml → tests/assets/configs/fixing_duration_one_item.yaml
View File

@@ -27,40 +27,21 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
reward_function:
reward_components:
- type: DUMMY
node_name: client_1
application_name: WebBrowser
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
action_probabilities:
0: 0.4
1: 0.6
- ref: defender
@@ -100,8 +81,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -119,28 +100,10 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
options:
nodes:
- node_name: switch
- node_name: client_1
- node_name: client_2
- node_name: client_3
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.10.21
- 192.168.10.22
- 192.168.10.23
reward_function:
reward_components:
@@ -185,7 +148,7 @@ simulation:
options:
db_server_ip: 192.168.1.10
server_password: arcd
fix_duration: 1
fixing_duration: 1
- type: DataManipulationBot
options:
port_scan_p_of_success: 0.8
@@ -206,7 +169,7 @@ simulation:
arcd.com: 192.168.1.10
- type: DatabaseService
options:
fix_duration: 5
fixing_duration: 5
backup_server_ip: 192.168.1.10
- type: WebServer
- type: FTPClient

83
tests/assets/configs/install_and_configure_apps.yaml
View File

@@ -18,80 +18,63 @@ agents:
team: BLUE
type: ProxyAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_INSTALL
- type: CONFIGURE_DATABASE_CLIENT
- type: CONFIGURE_DOSBOT
- type: CONFIGURE_RANSOMWARE_SCRIPT
- type: NODE_APPLICATION_REMOVE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_INSTALL
action: node_application_install
options:
node_id: 0
node_name: client_1
application_name: DatabaseClient
2:
action: NODE_APPLICATION_INSTALL
action: node_application_install
options:
node_id: 1
node_name: client_2
application_name: RansomwareScript
3:
action: NODE_APPLICATION_INSTALL
action: node_application_install
options:
node_id: 2
node_name: client_3
application_name: DoSBot
4:
action: CONFIGURE_DATABASE_CLIENT
action: configure_database_client
options:
node_id: 0
config:
server_ip_address: 10.0.0.5
node_name: client_1
server_ip_address: 10.0.0.5
5:
action: CONFIGURE_DATABASE_CLIENT
action: configure_database_client
options:
node_id: 0
config:
server_password: correct_password
node_name: client_1
server_password: correct_password
6:
action: CONFIGURE_RANSOMWARE_SCRIPT
action: configure_ransomware_script
options:
node_id: 1
config:
server_ip_address: 10.0.0.5
server_password: correct_password
payload: ENCRYPT
node_name: client_2
server_ip_address: 10.0.0.5
server_password: correct_password
payload: ENCRYPT
7:
action: CONFIGURE_DOSBOT
action: configure_dos_bot
options:
node_id: 2
config:
target_ip_address: 10.0.0.5
target_port: POSTGRES_SERVER
payload: DELETE
repeat: true
port_scan_p_of_success: 1.0
dos_intensity: 1.0
max_sessions: 1000
node_name: client_3
target_ip_address: 10.0.0.5
target_port: POSTGRES_SERVER
payload: DELETE
repeat: true
port_scan_p_of_success: 1.0
dos_intensity: 1.0
max_sessions: 1000
8:
action: NODE_APPLICATION_INSTALL
action: node_application_install
options:
node_id: 1
node_name: client_2
application_name: DatabaseClient
options:
nodes:
- node_name: client_1
- node_name: client_2
- node_name: client_3
ip_list: []
reward_function:
reward_components:
- type: DUMMY
agent_settings:
flatten_obs: True
action_masking: False
simulation:
network:

1131
tests/assets/configs/multi_agent_session.yaml
View File

File diff suppressed because it is too large Load Diff

21
tests/assets/configs/nmap_network_service_recon_red_agent_config.yaml
View File

@@ -22,32 +22,17 @@ agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
observation_space: null
action_space:
options:
nodes:
- node_name: client_1
applications:
- application_name: NMAP
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
action_list:
- type: NODE_NMAP_NETWORK_SERVICE_RECON
action_map:
0:
action: NODE_NMAP_NETWORK_SERVICE_RECON
action: node_network_service_recon
options:
source_node: client_1
target_ip_address: 192.168.10.0/24
target_port: 80
target_protocol: tcp
reward_function:
reward_components:
- type: DUMMY
show: false
agent_settings:
action_probabilities:
0: 1.0

20
tests/assets/configs/nmap_ping_scan_red_agent_config.yaml
View File

@@ -22,29 +22,15 @@ agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
observation_space: null
action_space:
options:
nodes:
- node_name: client_1
applications:
- application_name: NMAP
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
action_list:
- type: NODE_NMAP_PING_SCAN
action_map:
0:
action: NODE_NMAP_PING_SCAN
action: node_nmap_ping_scan
options:
source_node: client_1
target_ip_address: 192.168.1.0/24
reward_function:
reward_components:
- type: DUMMY
show: False
agent_settings:
action_probabilities:

20
tests/assets/configs/nmap_port_scan_red_agent_config.yaml
View File

@@ -22,22 +22,11 @@ agents:
- ref: client_1_red_nmap
team: RED
type: ProbabilisticAgent
observation_space: null
action_space:
options:
nodes:
- node_name: client_1
applications:
- application_name: NMAP
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
action_list:
- type: NODE_NMAP_PORT_SCAN
action_map:
0:
action: NODE_NMAP_PORT_SCAN
action: node_nmap_port_scan
options:
source_node: client_1
target_ip_address: 192.168.10.0/24
@@ -47,10 +36,7 @@ agents:
- 80
- 123
- 219
reward_function:
reward_components:
- type: DUMMY
show: false
agent_settings:
action_probabilities:

18
tests/assets/configs/scenario_with_placeholders/greens_1.yaml
View File

@@ -6,25 +6,17 @@ agents: &greens
action_probabilities:
0: 0.2
1: 0.8
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client
applications:
- application_name: DatabaseClient
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client
application_name: DatabaseClient
reward_function:
reward_components:

18
tests/assets/configs/scenario_with_placeholders/greens_2.yaml
View File

@@ -6,25 +6,17 @@ agents: &greens
action_probabilities:
0: 0.95
1: 0.05
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client
applications:
- application_name: DatabaseClient
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client
application_name: DatabaseClient
reward_function:
reward_components:

25
tests/assets/configs/scenario_with_placeholders/reds_1.yaml
View File

@@ -3,24 +3,9 @@ reds: &reds
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client
applications:
- application_name: DataManipulationBot
reward_function:
reward_components:
- type: DUMMY
agent_settings:
start_settings:
start_step: 10
frequency: 10
variance: 0
possible_start_nodes: [client,]
target_application: DataManipulationBot
start_step: 10
frequency: 10
variance: 0

26
tests/assets/configs/scenario_with_placeholders/reds_2.yaml
View File

@@ -2,25 +2,9 @@ reds: &reds
- ref: red_B
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client
applications:
- application_name: DataManipulationBot
reward_function:
reward_components:
- type: DUMMY
agent_settings:
start_settings:
start_step: 3
frequency: 2
variance: 1
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
start_step: 3
frequency: 2
variance: 1

61
tests/assets/configs/scenario_with_placeholders/scenario.yaml
View File

@@ -54,65 +54,46 @@ agents:
- server:eth-1<->switch_1:eth-2
action_space:
action_list:
- type: DONOTHING
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_SHUTDOWN
action: node_shutdown
options:
node_id: 0
node_name: client
2:
action: NODE_SHUTDOWN
action: node_shutdown
options:
node_id: 1
node_name: server
3:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: client
4:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: server
5:
action: HOST_NIC_DISABLE
action: host_nic_disable
options:
node_id: 0
nic_id: 0
node_name: client
nic_num: 1
6:
action: HOST_NIC_DISABLE
action: host_nic_disable
options:
node_id: 1
nic_id: 0
node_name: server
nic_num: 1
7:
action: HOST_NIC_ENABLE
action: host_nic_enable
options:
node_id: 0
nic_id: 0
node_name: client
nic_num: 1
8:
action: HOST_NIC_ENABLE
action: host_nic_enable
options:
node_id: 1
nic_id: 0
options:
nodes:
- node_name: client
- node_name: server
max_folders_per_node: 0
max_files_per_folder: 0
max_services_per_node: 0
max_nics_per_node: 1
max_acl_rules: 0
ip_list:
- 192.168.1.2
- 192.168.1.3
node_name: server
nic_num: 1
reward_function:
reward_components:

608
tests/assets/configs/shared_rewards.yaml
View File

@@ -29,35 +29,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_2
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_2
application_name: DatabaseClient
reward_function:
reward_components:
@@ -78,35 +65,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_1
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_1
application_name: DatabaseClient
reward_function:
reward_components:
@@ -123,33 +97,12 @@ agents:
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
- node_name: client_2
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -198,8 +151,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -225,490 +178,423 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH"
action: "node_file_checkhash"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH"
action: "node_folder_checkhash"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 0
node_name: domain_controller
19:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 0
node_name: domain_controller
20:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: domain_controller
21:
action: NODE_RESET
action: node_reset
options:
node_id: 0
node_name: domain_controller
22:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 1
node_name: web_server
23:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 1
node_name: web_server
24:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: web_server
25:
action: NODE_RESET
action: node_reset
options:
node_id: 1
node_name: web_server
26: # old action num: 18
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
27:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 2
node_name: database_server
28:
action: NODE_STARTUP
action: node_startup
options:
node_id: 2
node_name: database_server
29:
action: NODE_RESET
action: node_reset
options:
node_id: 2
node_name: database_server
30:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 3
node_name: backup_server
31:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 3
node_name: backup_server
32:
action: NODE_STARTUP
action: node_startup
options:
node_id: 3
node_name: backup_server
33:
action: NODE_RESET
action: node_reset
options:
node_id: 3
node_name: backup_server
34:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 4
node_name: security_suite
35:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 4
node_name: security_suite
36:
action: NODE_STARTUP
action: node_startup
options:
node_id: 4
node_name: security_suite
37:
action: NODE_RESET
action: node_reset
options:
node_id: 4
node_name: security_suite
38:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 5
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
40: # old action num: 20
action: NODE_STARTUP
action: node_startup
options:
node_id: 5
node_name: client_1
41: # old action num: 21
action: NODE_RESET
action: node_reset
options:
node_id: 5
node_name: client_1
42:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 6
node_name: client_2
43:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 6
node_name: client_2
44:
action: NODE_STARTUP
action: node_startup
options:
node_id: 6
node_name: client_2
45:
action: NODE_RESET
action: node_reset
options:
node_id: 6
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
53: # old action num: 29
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
54: # old action num: 30
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
55: # old action num: 31
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
56: # old action num: 32
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
57: # old action num: 33
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
58: # old action num: 34
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
59: # old action num: 35
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
60: # old action num: 36
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
61: # old action num: 37
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
62: # old action num: 38
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

88
tests/assets/configs/software_fix_duration.yaml → tests/assets/configs/software_fixing_duration.yaml
View File

@@ -27,40 +27,21 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
reward_function:
reward_components:
- type: DUMMY
node_name: client_2
application_name: WebBrowser
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
action_probabilities:
0: 0.4
1: 0.6
- ref: defender
@@ -100,8 +81,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -119,28 +100,10 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
options:
nodes:
- node_name: switch
- node_name: client_1
- node_name: client_2
- node_name: client_3
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.10.21
- 192.168.10.22
- 192.168.10.23
reward_function:
reward_components:
@@ -179,19 +142,19 @@ simulation:
applications:
- type: NMAP
options:
fix_duration: 1
fixing_duration: 1
- type: RansomwareScript
options:
fix_duration: 1
fixing_duration: 1
- type: WebBrowser
options:
target_url: http://arcd.com/users/
fix_duration: 1
fixing_duration: 1
- type: DatabaseClient
options:
db_server_ip: 192.168.1.10
server_password: arcd
fix_duration: 1
fixing_duration: 1
- type: DataManipulationBot
options:
port_scan_p_of_success: 0.8
@@ -199,43 +162,44 @@ simulation:
payload: "DELETE"
server_ip: 192.168.1.21
server_password: arcd
fix_duration: 1
fixing_duration: 1
- type: DoSBot
options:
target_ip_address: 192.168.10.21
payload: SPOOF DATA
port_scan_p_of_success: 0.8
fix_duration: 1
fixing_duration: 1
services:
- type: DNSClient
options:
fix_duration: 3
dns_server: 192.168.1.10
fixing_duration: 3
- type: DNSServer
options:
fix_duration: 3
fixing_duration: 3
domain_mapping:
arcd.com: 192.168.1.10
- type: DatabaseService
options:
backup_server_ip: 192.168.1.10
fix_duration: 3
fixing_duration: 3
- type: WebServer
options:
fix_duration: 3
fixing_duration: 3
- type: FTPClient
options:
fix_duration: 3
fixing_duration: 3
- type: FTPServer
options:
server_password: arcd
fix_duration: 3
fixing_duration: 3
- type: NTPClient
options:
ntp_server_ip: 192.168.1.10
fix_duration: 3
fixing_duration: 3
- type: NTPServer
options:
fix_duration: 3
fixing_duration: 3
- hostname: client_2
type: computer
ip_address: 192.168.10.22

674
tests/assets/configs/test_application_install.yaml
View File

@@ -29,35 +29,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_2
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_2
application_name: DatabaseClient
reward_function:
reward_components:
@@ -78,35 +65,22 @@ agents:
0: 0.3
1: 0.6
2: 0.1
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: WebBrowser
- application_name: DatabaseClient
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 2
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: client_1
application_name: WebBrowser
2:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 1
node_name: client_1
application_name: WebBrowser
reward_function:
reward_components:
@@ -127,33 +101,12 @@ agents:
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
- node_name: client_2
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1, client_2]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -202,8 +155,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -229,524 +182,449 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
- type: NODE_APPLICATION_INSTALL
- type: NODE_APPLICATION_REMOVE
- type: NODE_APPLICATION_EXECUTE
- type: CONFIGURE_DOSBOT
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_file_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_SCAN" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
action: "node_folder_scan" # CHECKHASH replaced by SCAN - but the behaviour is the same in this context.
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 0
node_name: domain_controller
19:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 0
node_name: domain_controller
20:
action: NODE_STARTUP
action: node_startup
options:
node_id: 0
node_name: domain_controller
21:
action: NODE_RESET
action: node_reset
options:
node_id: 0
node_name: domain_controller
22:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 1
node_name: web_server
23:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 1
node_name: web_server
24:
action: NODE_STARTUP
action: node_startup
options:
node_id: 1
node_name: web_server
25:
action: NODE_RESET
action: node_reset
options:
node_id: 1
node_name: web_server
26: # old action num: 18
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
27:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 2
node_name: database_server
28:
action: NODE_STARTUP
action: node_startup
options:
node_id: 2
node_name: database_server
29:
action: NODE_RESET
action: node_reset
options:
node_id: 2
node_name: database_server
30:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 3
node_name: backup_server
31:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 3
node_name: backup_server
32:
action: NODE_STARTUP
action: node_startup
options:
node_id: 3
node_name: backup_server
33:
action: NODE_RESET
action: node_reset
options:
node_id: 3
node_name: backup_server
34:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 4
node_name: security_suite
35:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 4
node_name: security_suite
36:
action: NODE_STARTUP
action: node_startup
options:
node_id: 4
node_name: security_suite
37:
action: NODE_RESET
action: node_reset
options:
node_id: 4
node_name: security_suite
38:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 5
node_name: client_1
39: # old action num: 19 # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
40: # old action num: 20
action: NODE_STARTUP
action: node_startup
options:
node_id: 5
node_name: client_1
41: # old action num: 21
action: NODE_RESET
action: node_reset
options:
node_id: 5
node_name: client_1
42:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 6
node_name: client_2
43:
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 6
node_name: client_2
44:
action: NODE_STARTUP
action: node_startup
options:
node_id: 6
node_name: client_2
45:
action: NODE_RESET
action: node_reset
options:
node_id: 6
node_name: client_2
46: # old action num: 22 # "ACL: ADDRULE - Block outgoing traffic from client 1"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
47: # old action num: 23 # "ACL: ADDRULE - Block outgoing traffic from client 2"
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
48: # old action num: 24 # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
49: # old action num: 25 # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
50: # old action num: 26
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
51: # old action num: 27
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
52: # old action num: 28
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 0
53: # old action num: 29
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 1
54: # old action num: 30
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 2
55: # old action num: 31
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 3
56: # old action num: 32
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 4
57: # old action num: 33
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 5
58: # old action num: 34
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 6
59: # old action num: 35
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 7
60: # old action num: 36
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 8
61: # old action num: 37
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router_hostname: router_1
target_router: router_1
position: 9
62: # old action num: 38
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
63: # old action num: 39
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
64: # old action num: 40
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
65: # old action num: 41
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
66: # old action num: 42
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
67: # old action num: 43
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
68: # old action num: 44
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
69: # old action num: 45
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
70: # old action num: 46
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
71: # old action num: 47
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
72: # old action num: 48
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
73: # old action num: 49
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
74: # old action num: 50
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
75: # old action num: 51
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
76: # old action num: 52
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
77: # old action num: 53
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
78:
action: NODE_APPLICATION_INSTALL
action: node_application_install
options:
node_id: 0
node_name: domain_controller
application_name: DoSBot
79:
action: NODE_APPLICATION_REMOVE
action: node_application_remove
options:
node_id: 0
node_name: domain_controller
application_name: DoSBot
80:
action: NODE_APPLICATION_REMOVE
action: node_application_remove
options:
node_id: 0
node_name: domain_controller
application_name: WebBrowser
81:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
node_name: domain_controller
application_name: DoSBot
82:
action: CONFIGURE_DOSBOT
action: configure_dos_bot
options:
node_id: 0
config:
target_ip_address: 192.168.1.14
target_port: POSTGRES_SERVER
options:
nodes:
- node_name: domain_controller
applications:
- application_name: DoSBot
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: domain_controller
target_ip_address: 192.168.1.14
target_port: POSTGRES_SERVER
reward_function:
reward_components:

482
tests/assets/configs/test_primaite_session.yaml
View File

@@ -21,73 +21,40 @@ agents:
- ref: client_2_green_user
team: GREEN
type: ProbabilisticAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
options:
nodes:
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_nics_per_node: 2
max_acl_rules: 10
reward_function:
reward_components:
- type: DUMMY
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
action_probabilities:
0: 1.0
- ref: data_manipulation_attacker
team: RED
type: RedDatabaseCorruptingAgent
observation_space: null
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
- type: NODE_FILE_DELETE
- type: NODE_FILE_CORRUPT
- type: NODE_OS_SCAN
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
1:
action: NODE_APPLICATION_EXECUTE
action: node_application_execute
options:
node_id: 0
application_id: 0
options:
nodes:
- node_name: client_1
applications:
- application_name: DataManipulationBot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
reward_function:
reward_components:
- type: DUMMY
node_name: client_1
application_name: DataManipulationBot
agent_settings: # options specific to this particular agent type, basically args of __init__(self)
start_settings:
start_step: 25
frequency: 20
variance: 5
possible_start_nodes: [client_1,]
target_application: DataManipulationBot
start_step: 25
frequency: 20
variance: 5
- ref: defender
team: BLUE
@@ -136,8 +103,8 @@ agents:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -163,391 +130,326 @@ agents:
options: {}
action_space:
action_list:
- type: DONOTHING
- type: NODE_SERVICE_SCAN
- type: NODE_SERVICE_STOP
- type: NODE_SERVICE_START
- type: NODE_SERVICE_PAUSE
- type: NODE_SERVICE_RESUME
- type: NODE_SERVICE_RESTART
- type: NODE_SERVICE_DISABLE
- type: NODE_SERVICE_ENABLE
- type: NODE_SERVICE_FIX
- type: NODE_FILE_SCAN
- type: NODE_FILE_CHECKHASH
- type: NODE_FILE_DELETE
- type: NODE_FILE_REPAIR
- type: NODE_FILE_RESTORE
- type: NODE_FOLDER_SCAN
- type: NODE_FOLDER_CHECKHASH
- type: NODE_FOLDER_REPAIR
- type: NODE_FOLDER_RESTORE
- type: NODE_OS_SCAN
- type: NODE_SHUTDOWN
- type: NODE_STARTUP
- type: NODE_RESET
- type: ROUTER_ACL_ADDRULE
- type: ROUTER_ACL_REMOVERULE
- type: HOST_NIC_ENABLE
- type: HOST_NIC_DISABLE
action_map:
0:
action: DONOTHING
action: do_nothing
options: {}
# scan webapp service
1:
action: NODE_SERVICE_SCAN
action: node_service_scan
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# stop webapp service
2:
action: NODE_SERVICE_STOP
action: node_service_stop
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
# start webapp service
3:
action: "NODE_SERVICE_START"
action: "node_service_start"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
4:
action: "NODE_SERVICE_PAUSE"
action: "node_service_pause"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
5:
action: "NODE_SERVICE_RESUME"
action: "node_service_resume"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
6:
action: "NODE_SERVICE_RESTART"
action: "node_service_restart"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
7:
action: "NODE_SERVICE_DISABLE"
action: "node_service_disable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
8:
action: "NODE_SERVICE_ENABLE"
action: "node_service_enable"
options:
node_id: 1
service_id: 0
node_name: web_server
service_name: WebServer
9: # check database.db file
action: "NODE_FILE_SCAN"
action: "node_file_scan"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
10:
action: "NODE_FILE_CHECKHASH"
action: "node_file_checkhash"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
11:
action: "NODE_FILE_DELETE"
action: "node_file_delete"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
12:
action: "NODE_FILE_REPAIR"
action: "node_file_repair"
options:
node_id: 2
folder_id: 0
file_id: 0
node_name: database_server
folder_name: database
file_name: database.db
13:
action: "NODE_SERVICE_FIX"
action: "node_service_fix"
options:
node_id: 2
service_id: 0
node_name: database_server
service_name: DatabaseService
14:
action: "NODE_FOLDER_SCAN"
action: "node_folder_scan"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
15:
action: "NODE_FOLDER_CHECKHASH"
action: "node_folder_checkhash"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
16:
action: "NODE_FOLDER_REPAIR"
action: "node_folder_repair"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
17:
action: "NODE_FOLDER_RESTORE"
action: "node_folder_restore"
options:
node_id: 2
folder_id: 0
node_name: database_server
folder_name: database
18:
action: "NODE_OS_SCAN"
action: "node_os_scan"
options:
node_id: 2
node_name: database_server
19: # shutdown client 1
action: "NODE_SHUTDOWN"
action: "node_shutdown"
options:
node_id: 5
node_name: client_1
20:
action: "NODE_STARTUP"
action: "node_startup"
options:
node_id: 5
node_name: client_1
21:
action: "NODE_RESET"
action: "node_reset"
options:
node_id: 5
node_name: client_1
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 1
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 2
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: ALL # ALL
src_port: ALL
dst_port: ALL
protocol_name: ALL
src_wildcard: NONE
dst_wildcard: NONE
24: # block tcp traffic from client 1 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 3
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
25: # block tcp traffic from client 2 to web app
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 4
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.12 # web server
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
26:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 5
permission: 2
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.21 # client 1
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
27:
action: "ROUTER_ACL_ADDRULE"
action: "router_acl_add_rule"
options:
target_router: router_1
position: 6
permission: 2
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
source_wildcard_id: 0
dest_wildcard_id: 0
permission: DENY
src_ip: 192.168.10.22 # client 2
dst_ip: 192.168.1.14 # database
src_port: ALL
dst_port: ALL
protocol_name: TCP
src_wildcard: NONE
dst_wildcard: NONE
28:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 0
29:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 1
30:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 2
31:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 3
32:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 4
33:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 5
34:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 6
35:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 7
36:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 8
37:
action: "ROUTER_ACL_REMOVERULE"
action: "router_acl_remove_rule"
options:
target_router: router_1
position: 9
38:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
39:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 0
nic_id: 0
node_name: domain_controller
nic_num: 1
40:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
41:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 1
nic_id: 0
node_name: web_server
nic_num: 1
42:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
43:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 2
nic_id: 0
node_name: database_server
nic_num: 1
44:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
45:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 3
nic_id: 0
node_name: backup_server
nic_num: 1
46:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
47:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 0
node_name: security_suite
nic_num: 1
48:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
49:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 4
nic_id: 1
node_name: security_suite
nic_num: 2
50:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
51:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 5
nic_id: 0
node_name: client_1
nic_num: 1
52:
action: "HOST_NIC_DISABLE"
action: "host_nic_disable"
options:
node_id: 6
nic_id: 0
node_name: client_2
nic_num: 1
53:
action: "HOST_NIC_ENABLE"
action: "host_nic_enable"
options:
node_id: 6
nic_id: 0
options:
nodes:
- node_name: domain_controller
- node_name: web_server
applications:
- application_name: DatabaseClient
services:
- service_name: WebServer
- node_name: database_server
folders:
- folder_name: database
files:
- file_name: database.db
services:
- service_name: DatabaseService
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_list:
- 192.168.1.10
- 192.168.1.12
- 192.168.1.14
- 192.168.1.16
- 192.168.1.110
- 192.168.10.21
- 192.168.10.22
- 192.168.10.110
node_name: client_2
nic_num: 1
reward_function:
reward_components:

201
tests/conftest.py
View File

@@ -1,8 +1,9 @@
# © Crown-owned copyright 2025, Defence Science and Technology Laboratory UK
from typing import Any, Dict, Tuple
from typing import Any, Dict, Optional, Tuple
import pytest
import yaml
from pydantic import Field
from ray import init as rayinit
from primaite import getLogger, PRIMAITE_PATHS
@@ -10,6 +11,7 @@ from primaite.game.agent.actions import ActionManager
from primaite.game.agent.interface import AbstractAgent
from primaite.game.agent.observations.observation_manager import NestedObservation, ObservationManager
from primaite.game.agent.rewards import RewardFunction
from primaite.game.agent.scripted_agents.probabilistic_agent import ProbabilisticAgent
from primaite.game.game import PrimaiteGame
from primaite.simulator.file_system.file_system import FileSystem
from primaite.simulator.network.container import Network
@@ -37,9 +39,16 @@ ACTION_SPACE_NODE_ACTION_VALUES = 1
_LOGGER = getLogger(__name__)
class DummyService(Service):
class DummyService(Service, identifier="DummyService"):
"""Test Service class"""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for DummyService."""
type: str = "DummyService"
config: "DummyService.ConfigSchema" = Field(default_factory=lambda: DummyService.ConfigSchema())
def describe_state(self) -> Dict:
return super().describe_state()
@@ -56,6 +65,13 @@ class DummyService(Service):
class DummyApplication(Application, identifier="DummyApplication"):
"""Test Application class"""
class ConfigSchema(Application.ConfigSchema):
"""ConfigSchema for DummyApplication."""
type: str = "DummyApplication"
config: "DummyApplication.ConfigSchema" = Field(default_factory=lambda: DummyApplication.ConfigSchema())
def __init__(self, **kwargs):
kwargs["name"] = "DummyApplication"
kwargs["port"] = PORT_LOOKUP["HTTP"]
@@ -196,7 +212,7 @@ def example_network() -> Network:
# Router 1
router_1_cfg = {"hostname":"router_1", "type":"router"}
router_1_cfg = {"hostname": "router_1", "type": "router"}
# router_1 = Router(hostname="router_1", start_up_duration=0)
router_1 = Router.from_config(config=router_1_cfg)
@@ -226,27 +242,30 @@ def example_network() -> Network:
# # Client 1
client_1_cfg = {"type": "computer",
"hostname": "client_1",
"ip_address": "192.168.10.21",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.10.1",
"start_up_duration": 0}
client_1_cfg = {
"type": "computer",
"hostname": "client_1",
"ip_address": "192.168.10.21",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.10.1",
"start_up_duration": 0,
}
client_1=Computer.from_config(config=client_1_cfg)
client_1 = Computer.from_config(config=client_1_cfg)
client_1.power_on()
network.connect(endpoint_b=client_1.network_interface[1], endpoint_a=switch_2.network_interface[1])
# # Client 2
client_2_cfg = {"type": "computer",
"hostname": "client_2",
"ip_address": "192.168.10.22",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.10.1",
"start_up_duration": 0,
}
client_2_cfg = {
"type": "computer",
"hostname": "client_2",
"ip_address": "192.168.10.22",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.10.1",
"start_up_duration": 0,
}
client_2 = Computer.from_config(config=client_2_cfg)
@@ -255,13 +274,14 @@ def example_network() -> Network:
# # Server 1
server_1_cfg = {"type": "server",
"hostname": "server_1",
"ip_address":"192.168.1.10",
"subnet_mask":"255.255.255.0",
"default_gateway":"192.168.1.1",
"start_up_duration":0,
}
server_1_cfg = {
"type": "server",
"hostname": "server_1",
"ip_address": "192.168.1.10",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.1.1",
"start_up_duration": 0,
}
server_1 = Server.from_config(config=server_1_cfg)
@@ -270,12 +290,13 @@ def example_network() -> Network:
# # DServer 2
server_2_cfg = {"type": "server",
"hostname": "server_2",
"ip_address":"192.168.1.14",
"subnet_mask":"255.255.255.0",
"default_gateway":"192.168.1.1",
"start_up_duration":0,
server_2_cfg = {
"type": "server",
"hostname": "server_2",
"ip_address": "192.168.1.14",
"subnet_mask": "255.255.255.0",
"default_gateway": "192.168.1.1",
"start_up_duration": 0,
}
server_2 = Server.from_config(config=server_2_cfg)
@@ -292,23 +313,16 @@ def example_network() -> Network:
return network
class ControlledAgent(AbstractAgent):
class ControlledAgent(AbstractAgent, identifier="ControlledAgent"):
"""Agent that can be controlled by the tests."""
def __init__(
self,
agent_name: str,
action_space: ActionManager,
observation_space: ObservationManager,
reward_function: RewardFunction,
) -> None:
super().__init__(
agent_name=agent_name,
action_space=action_space,
observation_space=observation_space,
reward_function=reward_function,
)
self.most_recent_action: Tuple[str, Dict]
config: "ControlledAgent.ConfigSchema" = Field(default_factory=lambda: ControlledAgent.ConfigSchema())
most_recent_action: Optional[Tuple[str, Dict]] = None
class ConfigSchema(AbstractAgent.ConfigSchema):
"""Configuration Schema for Abstract Agent used in tests."""
type: str = "ControlledAgent"
def get_action(self, obs: None, timestep: int = 0) -> Tuple[str, Dict]:
"""Return the agent's most recent action, formatted in CAOS format."""
@@ -403,6 +417,7 @@ def install_stuff_to_sim(sim: Simulation):
# 5: Assert that the simulation starts off in the state that we expect
assert len(sim.network.nodes) == 6
assert len(sim.network.links) == 5
# 5.1: Assert the router is correctly configured
r = sim.network.router_nodes[0]
for i, acl_rule in enumerate(r.acl.acl):
@@ -446,97 +461,13 @@ def game_and_agent():
sim = game.simulation
install_stuff_to_sim(sim)
actions = [
{"type": "DONOTHING"},
{"type": "NODE_SERVICE_SCAN"},
{"type": "NODE_SERVICE_STOP"},
{"type": "NODE_SERVICE_START"},
{"type": "NODE_SERVICE_PAUSE"},
{"type": "NODE_SERVICE_RESUME"},
{"type": "NODE_SERVICE_RESTART"},
{"type": "NODE_SERVICE_DISABLE"},
{"type": "NODE_SERVICE_ENABLE"},
{"type": "NODE_SERVICE_FIX"},
{"type": "NODE_APPLICATION_EXECUTE"},
{"type": "NODE_APPLICATION_SCAN"},
{"type": "NODE_APPLICATION_CLOSE"},
{"type": "NODE_APPLICATION_FIX"},
{"type": "NODE_APPLICATION_INSTALL"},
{"type": "NODE_APPLICATION_REMOVE"},
{"type": "NODE_FILE_CREATE"},
{"type": "NODE_FILE_SCAN"},
{"type": "NODE_FILE_CHECKHASH"},
{"type": "NODE_FILE_DELETE"},
{"type": "NODE_FILE_REPAIR"},
{"type": "NODE_FILE_RESTORE"},
{"type": "NODE_FILE_CORRUPT"},
{"type": "NODE_FILE_ACCESS"},
{"type": "NODE_FOLDER_CREATE"},
{"type": "NODE_FOLDER_SCAN"},
{"type": "NODE_FOLDER_CHECKHASH"},
{"type": "NODE_FOLDER_REPAIR"},
{"type": "NODE_FOLDER_RESTORE"},
{"type": "NODE_OS_SCAN"},
{"type": "NODE_SHUTDOWN"},
{"type": "NODE_STARTUP"},
{"type": "NODE_RESET"},
{"type": "ROUTER_ACL_ADDRULE"},
{"type": "ROUTER_ACL_REMOVERULE"},
{"type": "HOST_NIC_ENABLE"},
{"type": "HOST_NIC_DISABLE"},
{"type": "NETWORK_PORT_ENABLE"},
{"type": "NETWORK_PORT_DISABLE"},
{"type": "CONFIGURE_C2_BEACON"},
{"type": "C2_SERVER_RANSOMWARE_LAUNCH"},
{"type": "C2_SERVER_RANSOMWARE_CONFIGURE"},
{"type": "C2_SERVER_TERMINAL_COMMAND"},
{"type": "C2_SERVER_DATA_EXFILTRATE"},
{"type": "NODE_ACCOUNTS_CHANGE_PASSWORD"},
{"type": "SSH_TO_REMOTE"},
{"type": "SESSIONS_REMOTE_LOGOFF"},
{"type": "NODE_SEND_REMOTE_COMMAND"},
]
config = {
"type": "ControlledAgent",
"ref": "test_agent",
"team": "BLUE",
}
action_space = ActionManager(
actions=actions, # ALL POSSIBLE ACTIONS
nodes=[
{
"node_name": "client_1",
"applications": [
{"application_name": "WebBrowser"},
{"application_name": "DoSBot"},
{"application_name": "C2Server"},
],
"folders": [{"folder_name": "downloads", "files": [{"file_name": "cat.png"}]}],
},
{
"node_name": "server_1",
"services": [{"service_name": "DNSServer"}],
"applications": [{"application_name": "C2Beacon"}],
},
{"node_name": "server_2", "services": [{"service_name": "WebServer"}]},
{"node_name": "router"},
],
max_folders_per_node=2,
max_files_per_folder=2,
max_services_per_node=2,
max_applications_per_node=3,
max_nics_per_node=2,
max_acl_rules=10,
protocols=["TCP", "UDP", "ICMP"],
ports=["HTTP", "DNS", "ARP"],
ip_list=["10.0.1.1", "10.0.1.2", "10.0.2.1", "10.0.2.2", "10.0.2.3"],
act_map={},
)
observation_space = ObservationManager(NestedObservation(components={}))
reward_function = RewardFunction()
test_agent = ControlledAgent(
agent_name="test_agent",
action_space=action_space,
observation_space=observation_space,
reward_function=reward_function,
)
test_agent = ControlledAgent(config=config)
game.agents["test_agent"] = test_agent

2
tests/e2e_integration_tests/test_uc2_data_manipulation_scenario.py
View File

@@ -49,7 +49,7 @@ def test_application_install_uninstall_on_uc2():
cfg = yaml.safe_load(f)
env = PrimaiteGymEnv(env_config=cfg)
env.agent.flatten_obs = False
env.agent.config.agent_settings.flatten_obs = False
env.reset()
_, _, _, _, _ = env.step(0)

32
tests/integration_tests/configuration_file_parsing/test_software_fix_duration.py → tests/integration_tests/configuration_file_parsing/test_software_fixing_duration.py
View File

@@ -13,8 +13,8 @@ from primaite.simulator.system.services.database.database_service import Databas
from primaite.simulator.system.services.dns.dns_client import DNSClient
from tests import TEST_ASSETS_ROOT
TEST_CONFIG = TEST_ASSETS_ROOT / "configs/software_fix_duration.yaml"
ONE_ITEM_CONFIG = TEST_ASSETS_ROOT / "configs/fix_duration_one_item.yaml"
TEST_CONFIG = TEST_ASSETS_ROOT / "configs/software_fixing_duration.yaml"
ONE_ITEM_CONFIG = TEST_ASSETS_ROOT / "configs/fixing_duration_one_item.yaml"
TestApplications = ["DummyApplication", "BroadcastTestClient"]
@@ -27,27 +27,27 @@ def load_config(config_path: Union[str, Path]) -> PrimaiteGame:
return PrimaiteGame.from_config(cfg)
def test_default_fix_duration():
"""Test that software with no defined fix duration in config uses the default fix duration of 2."""
def test_default_fixing_duration():
"""Test that software with no defined fixing duration in config uses the default fixing duration of 2."""
game = load_config(TEST_CONFIG)
client_2: Computer = game.simulation.network.get_node_by_hostname("client_2")
database_client: DatabaseClient = client_2.software_manager.software.get("DatabaseClient")
assert database_client.fixing_duration == 2
assert database_client.config.fixing_duration == 2
dns_client: DNSClient = client_2.software_manager.software.get("DNSClient")
assert dns_client.fixing_duration == 2
assert dns_client.config.fixing_duration == 2
def test_fix_duration_set_from_config():
"""Test to check that the fix duration set for applications and services works as intended."""
def test_fixing_duration_set_from_config():
"""Test to check that the fixing duration set for applications and services works as intended."""
game = load_config(TEST_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
# in config - services take 3 timesteps to fix
for service in ["DNSClient", "DNSServer", "DatabaseService", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
assert client_1.software_manager.software.get(service) is not None
assert client_1.software_manager.software.get(service).fixing_duration == 3
assert client_1.software_manager.software.get(service).config.fixing_duration == 3
# in config - applications take 1 timestep to fix
# remove test applications from list
@@ -55,27 +55,27 @@ def test_fix_duration_set_from_config():
for application in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot", "DatabaseClient"]:
assert client_1.software_manager.software.get(application) is not None
assert client_1.software_manager.software.get(application).fixing_duration == 1
assert client_1.software_manager.software.get(application).config.fixing_duration == 1
def test_fix_duration_for_one_item():
"""Test that setting fix duration for one application does not affect other components."""
def test_fixing_duration_for_one_item():
"""Test that setting fixing duration for one application does not affect other components."""
game = load_config(ONE_ITEM_CONFIG)
client_1: Computer = game.simulation.network.get_node_by_hostname("client_1")
# in config - services take 3 timesteps to fix
for service in ["DNSClient", "DNSServer", "WebServer", "FTPClient", "FTPServer", "NTPServer"]:
assert client_1.software_manager.software.get(service) is not None
assert client_1.software_manager.software.get(service).fixing_duration == 2
assert client_1.software_manager.software.get(service).config.fixing_duration == 2
# in config - applications take 1 timestep to fix
# remove test applications from list
for applications in ["RansomwareScript", "WebBrowser", "DataManipulationBot", "DoSBot"]:
assert client_1.software_manager.software.get(applications) is not None
assert client_1.software_manager.software.get(applications).fixing_duration == 2
assert client_1.software_manager.software.get(applications).config.fixing_duration == 2
database_client: DatabaseClient = client_1.software_manager.software.get("DatabaseClient")
assert database_client.fixing_duration == 1
assert database_client.config.fixing_duration == 1
database_service: DatabaseService = client_1.software_manager.software.get("DatabaseService")
assert database_service.fixing_duration == 5
assert database_service.config.fixing_duration == 5

11
tests/integration_tests/extensions/applications/extended_application.py
View File

@@ -4,7 +4,7 @@ from ipaddress import IPv4Address
from typing import Dict, List, Optional
from urllib.parse import urlparse
from pydantic import BaseModel, ConfigDict
from pydantic import BaseModel, ConfigDict, Field
from primaite import getLogger
from primaite.interface.request import RequestResponse
@@ -31,6 +31,14 @@ class ExtendedApplication(Application, identifier="ExtendedApplication"):
The application requests and loads web pages using its domain name and requesting IP addresses using DNS.
"""
class ConfigSchema(Application.ConfigSchema):
"""ConfigSchema for ExtendedApplication."""
type: str = "ExtendedApplication"
target_url: Optional[str] = None
config: "ExtendedApplication.ConfigSchema" = Field(default_factory=lambda: ExtendedApplication.ConfigSchema())
target_url: Optional[str] = None
domain_name_ip_address: Optional[IPv4Address] = None
@@ -50,6 +58,7 @@ class ExtendedApplication(Application, identifier="ExtendedApplication"):
kwargs["port"] = PORT_LOOKUP["HTTP"]
super().__init__(**kwargs)
self.target_url = self.config.target_url
self.run()
def _init_request_manager(self) -> RequestManager:

11
tests/integration_tests/extensions/services/extended_service.py
View File

@@ -3,6 +3,8 @@ from ipaddress import IPv4Address
from typing import Any, Dict, List, Literal, Optional, Union
from uuid import uuid4
from pydantic import Field
from primaite import getLogger
from primaite.simulator.file_system.file_system import File
from primaite.simulator.file_system.file_system_item_abc import FileSystemItemHealthStatus
@@ -17,13 +19,20 @@ from primaite.utils.validation.port import PORT_LOOKUP
_LOGGER = getLogger(__name__)
class ExtendedService(Service, identifier="extendedservice"):
class ExtendedService(Service, identifier="ExtendedService"):
"""
A copy of DatabaseService that uses the extension framework instead of being part of PrimAITE.
This class inherits from the `Service` class and provides methods to simulate a SQL database.
"""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for ExtendedService."""
type: str = "ExtendedService"
config: "ExtendedService.ConfigSchema" = Field(default_factory=lambda: ExtendedService.ConfigSchema())
password: Optional[str] = None
"""Password that needs to be provided by clients if they want to connect to the DatabaseService."""

8
tests/integration_tests/game_layer/actions/test_application_request_permission.py
View File

@@ -33,22 +33,22 @@ def test_application_cannot_perform_actions_unless_running(game_and_agent_fixtur
browser.close()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
action = ("node_application_scan", {"node_name": "client_1", "application_name": "WebBrowser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("NODE_APPLICATION_CLOSE", {"node_id": 0, "application_id": 0})
action = ("node_application_close", {"node_name": "client_1", "application_name": "WebBrowser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("NODE_APPLICATION_FIX", {"node_id": 0, "application_id": 0})
action = ("node_application_fix", {"node_name": "client_1", "application_name": "WebBrowser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED
action = ("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0})
action = ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"})
agent.store_action(action)
game.step()
assert browser.operating_state == ApplicationOperatingState.CLOSED

55
tests/integration_tests/game_layer/actions/test_c2_suite_actions.py
View File

@@ -46,23 +46,21 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
action = (
"NODE_APPLICATION_INSTALL",
{"node_id": 1, "application_name": "C2Beacon"},
"node_application_install",
{"node_name": "server_1", "application_name": "C2Beacon"},
)
agent.store_action(action)
game.step()
assert agent.history[-1].response.status == "success"
action = (
"CONFIGURE_C2_BEACON",
"configure_c2_beacon",
{
"node_id": 1,
"config": {
"c2_server_ip_address": "10.0.1.2",
"keep_alive_frequency": 5,
"masquerade_protocol": "TCP",
"masquerade_port": "HTTP",
},
"node_name": "server_1",
"c2_server_ip_address": "10.0.1.2",
"keep_alive_frequency": 5,
"masquerade_protocol": "TCP",
"masquerade_port": "HTTP",
},
)
agent.store_action(action)
@@ -70,8 +68,8 @@ def test_c2_beacon_default(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgen
assert agent.history[-1].response.status == "success"
action = (
"NODE_APPLICATION_EXECUTE",
{"node_id": 1, "application_id": 0},
"node_application_execute",
{"node_name": "server_1", "application_name": "C2Beacon"},
)
agent.store_action(action)
game.step()
@@ -103,14 +101,12 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
# C2 Action 1: Installing the RansomwareScript & Database client via Terminal
action = (
"C2_SERVER_TERMINAL_COMMAND",
"c2_server_terminal_command",
{
"node_id": 0,
"node_name": "client_1",
"ip_address": None,
"account": {
"username": "admin",
"password": "admin",
},
"username": "admin",
"password": "admin",
"commands": [
["software_manager", "application", "install", "RansomwareScript"],
["software_manager", "application", "install", "DatabaseClient"],
@@ -122,10 +118,11 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
assert agent.history[-1].response.status == "success"
action = (
"C2_SERVER_RANSOMWARE_CONFIGURE",
"c2_server_ransomware_configure",
{
"node_id": 0,
"config": {"server_ip_address": "10.0.2.3", "payload": "ENCRYPT"},
"node_name": "client_1",
"server_ip_address": "10.0.2.3",
"payload": "ENCRYPT",
},
)
agent.store_action(action)
@@ -134,16 +131,16 @@ def test_c2_server_ransomware(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
# Stepping a few timesteps to allow for the RansowmareScript to finish installing.
action = ("DONOTHING", {})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
game.step()
game.step()
action = (
"C2_SERVER_RANSOMWARE_LAUNCH",
"c2_server_ransomware_launch",
{
"node_id": 0,
"node_name": "client_1",
},
)
agent.store_action(action)
@@ -181,17 +178,15 @@ def test_c2_server_data_exfiltration(game_and_agent_fixture: Tuple[PrimaiteGame,
# C2 Action: Data exfiltrate.
action = (
"C2_SERVER_DATA_EXFILTRATE",
"c2_server_data_exfiltrate",
{
"node_id": 0,
"node_name": "client_1",
"target_file_name": "database.db",
"target_folder_name": "database",
"exfiltration_folder_name": "spoils",
"target_ip_address": "10.0.2.3",
"account": {
"username": "admin",
"password": "admin",
},
"username": "admin",
"password": "admin",
},
)
agent.store_action(action)

70
tests/integration_tests/game_layer/actions/test_configure_actions.py
View File

@@ -4,7 +4,7 @@ from ipaddress import IPv4Address
import pytest
from pydantic import ValidationError
from primaite.game.agent.actions import (
from primaite.game.agent.actions.software import (
ConfigureDatabaseClientAction,
ConfigureDoSBotAction,
ConfigureRansomwareScriptAction,
@@ -27,7 +27,6 @@ class TestConfigureDatabaseAction:
def test_configure_ip_password(self, game_and_agent):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
@@ -35,13 +34,11 @@ class TestConfigureDatabaseAction:
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
action = (
"CONFIGURE_DATABASE_CLIENT",
"configure_database_client",
{
"node_id": 0,
"config": {
"server_ip_address": "192.168.1.99",
"server_password": "admin123",
},
"node_name": "client_1",
"server_ip_address": "192.168.1.99",
"server_password": "admin123",
},
)
agent.store_action(action)
@@ -53,7 +50,6 @@ class TestConfigureDatabaseAction:
def test_configure_ip(self, game_and_agent):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
@@ -61,12 +57,10 @@ class TestConfigureDatabaseAction:
db_client: DatabaseClient = client_1.software_manager.software["DatabaseClient"]
action = (
"CONFIGURE_DATABASE_CLIENT",
"configure_database_client",
{
"node_id": 0,
"config": {
"server_ip_address": "192.168.1.99",
},
"node_name": "client_1",
"server_ip_address": "192.168.1.99",
},
)
agent.store_action(action)
@@ -78,7 +72,6 @@ class TestConfigureDatabaseAction:
def test_configure_password(self, game_and_agent):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_DATABASE_CLIENT"] = ConfigureDatabaseClientAction(agent.action_manager)
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
@@ -87,12 +80,10 @@ class TestConfigureDatabaseAction:
old_ip = db_client.server_ip_address
action = (
"CONFIGURE_DATABASE_CLIENT",
"configure_database_client",
{
"node_id": 0,
"config": {
"server_password": "admin123",
},
"node_name": "client_1",
"server_password": "admin123",
},
)
agent.store_action(action)
@@ -120,9 +111,6 @@ class TestConfigureRansomwareScriptAction:
def test_configure_ip_password(self, game_and_agent, config):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction(
agent.action_manager
)
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
@@ -134,8 +122,8 @@ class TestConfigureRansomwareScriptAction:
old_payload = ransomware_script.payload
action = (
"CONFIGURE_RANSOMWARE_SCRIPT",
{"node_id": 0, "config": config},
"configure_ransomware_script",
{"node_name": "client_1", **config},
)
agent.store_action(action)
game.step()
@@ -151,18 +139,15 @@ class TestConfigureRansomwareScriptAction:
def test_invalid_config(self, game_and_agent):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_RANSOMWARE_SCRIPT"] = ConfigureRansomwareScriptAction(
agent.action_manager
)
# make sure there is a database client on this node
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(RansomwareScript)
ransomware_script: RansomwareScript = client_1.software_manager.software["RansomwareScript"]
action = (
"CONFIGURE_RANSOMWARE_SCRIPT",
"configure_ransomware_script",
{
"node_id": 0,
"node_name": "client_1",
"config": {"server_password": "admin123", "bad_option": 70},
},
)
@@ -172,28 +157,25 @@ class TestConfigureRansomwareScriptAction:
class TestConfigureDoSBot:
def test_configure_DoSBot(self, game_and_agent):
def test_configure_dos_bot(self, game_and_agent):
game, agent = game_and_agent
agent: ControlledAgent
agent.action_manager.actions["CONFIGURE_DOSBOT"] = ConfigureDoSBotAction(agent.action_manager)
client_1 = game.simulation.network.get_node_by_hostname("client_1")
client_1.software_manager.install(DoSBot)
dos_bot: DoSBot = client_1.software_manager.software["DoSBot"]
action = (
"CONFIGURE_DOSBOT",
"configure_dos_bot",
{
"node_id": 0,
"config": {
"target_ip_address": "192.168.1.99",
"target_port": "POSTGRES_SERVER",
"payload": "HACC",
"repeat": False,
"port_scan_p_of_success": 0.875,
"dos_intensity": 0.75,
"max_sessions": 50,
},
"node_name": "client_1",
"target_ip_address": "192.168.1.99",
"target_port": "POSTGRES_SERVER",
"payload": "HACC",
"repeat": False,
"port_scan_p_of_success": 0.875,
"dos_intensity": 0.75,
"max_sessions": 50,
},
)
agent.store_action(action)
@@ -239,7 +221,7 @@ class TestConfigureYAML:
assert db_client.server_password == "correct_password"
assert db_client.connect()
def test_configure_ransomware_script(self):
def test_c2_server_ransomware_configure(self):
env = PrimaiteGymEnv(env_config=APP_CONFIG_YAML)
client_2 = env.game.simulation.network.get_node_by_hostname("client_2")
assert client_2.software_manager.software.get("RansomwareScript") is None

30
tests/integration_tests/game_layer/actions/test_file_request_permission.py
View File

@@ -33,8 +33,8 @@ def test_create_file(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_file(folder_name=random_folder, file_name=random_file) is None
action = (
"NODE_FILE_CREATE",
{"node_id": 0, "folder_name": random_folder, "file_name": random_file},
"node_file_create",
{"node_name": "client_1", "folder_name": random_folder, "file_name": random_file},
)
agent.store_action(action)
game.step()
@@ -51,8 +51,8 @@ def test_file_delete_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.deleted is False
action = (
"NODE_FILE_DELETE",
{"node_id": 0, "folder_id": 0, "file_id": 0},
"node_file_delete",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
game.step()
@@ -69,11 +69,11 @@ def test_file_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent
file.corrupt()
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
action = (
"NODE_FILE_SCAN",
{"node_id": 0, "folder_id": 0, "file_id": 0},
"node_file_scan",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
game.step()
@@ -93,8 +93,8 @@ def test_file_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"NODE_FILE_REPAIR",
{"node_id": 0, "folder_id": 0, "file_id": 0},
"node_file_repair",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
game.step()
@@ -113,8 +113,8 @@ def test_file_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"NODE_FILE_RESTORE",
{"node_id": 0, "folder_id": 0, "file_id": 0},
"node_file_restore",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
game.step()
@@ -132,8 +132,8 @@ def test_file_corrupt_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAg
assert file.health_status == FileSystemItemHealthStatus.GOOD
action = (
"NODE_FILE_CORRUPT",
{"node_id": 0, "folder_id": 0, "file_id": 0},
"node_file_corrupt",
{"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
)
agent.store_action(action)
game.step()
@@ -150,8 +150,8 @@ def test_file_access_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
assert file.num_access == 0
action = (
"NODE_FILE_ACCESS",
{"node_id": 0, "folder_name": file.folder_name, "file_name": file.name},
"node_file_access",
{"node_name": "client_1", "folder_name": file.folder_name, "file_name": file.name},
)
agent.store_action(action)
game.step()

26
tests/integration_tests/game_layer/actions/test_folder_request_permission.py
View File

@@ -32,9 +32,9 @@ def test_create_folder(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_folder(folder_name=random_folder) is None
action = (
"NODE_FOLDER_CREATE",
"node_folder_create",
{
"node_id": 0,
"node_name": "client_1",
"folder_name": random_folder,
},
)
@@ -52,18 +52,18 @@ def test_folder_scan_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAge
folder = client_1.file_system.get_folder(folder_name="downloads")
assert folder.health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
folder.corrupt()
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
action = (
"NODE_FOLDER_SCAN",
"node_folder_scan",
{
"node_id": 0, # client_1,
"folder_id": 0, # downloads
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads
},
)
agent.store_action(action)
@@ -87,10 +87,10 @@ def test_folder_repair_action(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyA
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"NODE_FOLDER_REPAIR",
"node_folder_repair",
{
"node_id": 0, # client_1,
"folder_id": 0, # downloads
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads
},
)
agent.store_action(action)
@@ -111,10 +111,10 @@ def test_folder_restore_action(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
action = (
"NODE_FOLDER_RESTORE",
"node_folder_restore",
{
"node_id": 0, # client_1,
"folder_id": 0, # downloads
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads
},
)
agent.store_action(action)

24
tests/integration_tests/game_layer/actions/test_nic_request_permission.py
View File

@@ -29,10 +29,10 @@ def test_nic_cannot_be_turned_off_if_not_on(game_and_agent_fixture: Tuple[Primai
assert nic.enabled is False
action = (
"HOST_NIC_DISABLE",
"host_nic_disable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)
@@ -50,10 +50,10 @@ def test_nic_cannot_be_turned_on_if_already_on(game_and_agent_fixture: Tuple[Pri
assert nic.enabled
action = (
"HOST_NIC_ENABLE",
"host_nic_enable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)
@@ -71,10 +71,10 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
assert nic.enabled
action = (
"HOST_NIC_DISABLE",
"host_nic_disable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)
@@ -83,10 +83,10 @@ def test_that_a_nic_can_be_enabled_and_disabled(game_and_agent_fixture: Tuple[Pr
assert nic.enabled is False
action = (
"HOST_NIC_ENABLE",
"host_nic_enable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)

14
tests/integration_tests/game_layer/actions/test_node_request_permission.py
View File

@@ -29,28 +29,28 @@ def test_node_startup_shutdown(game_and_agent_fixture: Tuple[PrimaiteGame, Proxy
assert client_1.operating_state == NodeOperatingState.ON
# turn it off
action = ("NODE_SHUTDOWN", {"node_id": 0})
action = ("node_shutdown", {"node_name": "client_1"})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.SHUTTING_DOWN
for i in range(client_1.shut_down_duration + 1):
action = ("DONOTHING", {"node_id": 0})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.OFF
# turn it on
action = ("NODE_STARTUP", {"node_id": 0})
action = ("node_startup", {"node_name": "client_1"})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.BOOTING
for i in range(client_1.start_up_duration + 1):
action = ("DONOTHING", {"node_id": 0})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
@@ -65,7 +65,7 @@ def test_node_cannot_be_started_up_if_node_is_already_on(game_and_agent_fixture:
assert client_1.operating_state == NodeOperatingState.ON
# turn it on
action = ("NODE_STARTUP", {"node_id": 0})
action = ("node_startup", {"node_name": "client_1"})
agent.store_action(action)
game.step()
@@ -80,14 +80,14 @@ def test_node_cannot_be_shut_down_if_node_is_already_off(game_and_agent_fixture:
client_1.power_off()
for i in range(client_1.shut_down_duration + 1):
action = ("DONOTHING", {"node_id": 0})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
assert client_1.operating_state == NodeOperatingState.OFF
# turn it ff
action = ("NODE_SHUTDOWN", {"node_id": 0})
action = ("node_shutdown", {"node_name": "client_1"})
agent.store_action(action)
game.step()

18
tests/integration_tests/game_layer/actions/test_service_request_permission.py
View File

@@ -31,7 +31,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
dns_server.pause()
assert dns_server.operating_state == ServiceOperatingState.PAUSED
action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0})
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.PAUSED
@@ -40,7 +40,7 @@ def test_service_start(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_START", {"node_id": 1, "service_id": 0})
action = ("node_service_start", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
@@ -54,7 +54,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
server_1: Server = game.simulation.network.get_node_by_hostname("server_1")
dns_server = server_1.software_manager.software.get("DNSServer")
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.RUNNING
@@ -63,7 +63,7 @@ def test_service_resume(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent])
assert dns_server.operating_state == ServiceOperatingState.PAUSED
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
@@ -80,27 +80,27 @@ def test_service_cannot_perform_actions_unless_running(game_and_agent_fixture: T
dns_server.stop()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_PAUSE", {"node_id": 1, "service_id": 0})
action = ("node_service_pause", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_RESUME", {"node_id": 1, "service_id": 0})
action = ("node_service_resume", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_RESTART", {"node_id": 1, "service_id": 0})
action = ("node_service_restart", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED
action = ("NODE_SERVICE_FIX", {"node_id": 1, "service_id": 0})
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert dns_server.operating_state == ServiceOperatingState.STOPPED

26
tests/integration_tests/game_layer/actions/test_terminal_actions.py
View File

@@ -36,9 +36,9 @@ def test_remote_login(game_and_agent_fixture: Tuple[PrimaiteGame, ProxyAgent]):
server_1_usm.add_user("user123", "password", is_admin=True)
action = (
"SSH_TO_REMOTE",
"node_session_remote_login",
{
"node_id": 0,
"node_name": "client_1",
"username": "user123",
"password": "password",
"remote_ip": str(server_1.network_interface[1].ip_address),
@@ -68,9 +68,9 @@ def test_remote_login_wrong_password(game_and_agent_fixture: Tuple[PrimaiteGame,
server_1_usm.add_user("user123", "password", is_admin=True)
action = (
"SSH_TO_REMOTE",
"node_session_remote_login",
{
"node_id": 0,
"node_name": "client_1",
"username": "user123",
"password": "wrong_password",
"remote_ip": str(server_1.network_interface[1].ip_address),
@@ -100,12 +100,13 @@ def test_remote_login_change_password(game_and_agent_fixture: Tuple[PrimaiteGame
server_1_um.add_user("user123", "password", is_admin=True)
action = (
"NODE_ACCOUNTS_CHANGE_PASSWORD",
"node_account_change_password",
{
"node_id": 1, # server_1
"node_name": "server_1", # server_1
"username": "user123",
"current_password": "password",
"new_password": "different_password",
"remote_ip": str(server_1.network_interface[1].ip_address),
},
)
agent.store_action(action)
@@ -126,9 +127,9 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
# Log in remotely
action = (
"SSH_TO_REMOTE",
"node_session_remote_login",
{
"node_id": 0,
"node_name": "client_1",
"username": "user123",
"password": "password",
"remote_ip": str(server_1.network_interface[1].ip_address),
@@ -139,12 +140,13 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
# Change password
action = (
"NODE_ACCOUNTS_CHANGE_PASSWORD",
"node_account_change_password",
{
"node_id": 1, # server_1
"node_name": "server_1", # server_1
"username": "user123",
"current_password": "password",
"new_password": "different_password",
"remote_ip": str(server_1.network_interface[1].ip_address),
},
)
agent.store_action(action)
@@ -152,9 +154,9 @@ def test_change_password_logs_out_user(game_and_agent_fixture: Tuple[PrimaiteGam
# Assert that the user cannot execute an action
action = (
"NODE_SEND_REMOTE_COMMAND",
"node_send_remote_command",
{
"node_id": 0,
"node_name": "client_1",
"remote_ip": str(server_1.network_interface[1].ip_address),
"command": ["file_system", "create", "file", "folder123", "doggo.pdf", False],
},

8
tests/integration_tests/game_layer/observations/test_file_system_observations.py
View File

@@ -32,11 +32,11 @@ def test_file_observation(simulation):
assert dog_file_obs.space["health_status"] == spaces.Discrete(6)
observation_state = dog_file_obs.observe(simulation.describe_state())
assert observation_state.get("health_status") == 1 # good initial
assert observation_state.get("health_status") == 0 # initially unset
file.corrupt()
observation_state = dog_file_obs.observe(simulation.describe_state())
assert observation_state.get("health_status") == 1 # scan file so this changes
assert observation_state.get("health_status") == 0 # still default unset value because no scan happened
file.scan()
file.apply_timestep(0) # apply time step
@@ -63,11 +63,11 @@ def test_folder_observation(simulation):
observation_state = root_folder_obs.observe(simulation.describe_state())
assert observation_state.get("FILES") is not None
assert observation_state.get("health_status") == 1
assert observation_state.get("health_status") == 0 # initially unset
file.corrupt() # corrupt just the file
observation_state = root_folder_obs.observe(simulation.describe_state())
assert observation_state.get("health_status") == 1 # scan folder to change this
assert observation_state.get("health_status") == 0 # still unset as no scan occurred yet
folder.scan()
for i in range(folder.scan_duration + 1):

2
tests/integration_tests/game_layer/observations/test_nic_observations.py
View File

@@ -191,7 +191,7 @@ def test_nic_monitored_traffic(simulation):
# send a database query
browser: WebBrowser = pc.software_manager.software.get("WebBrowser")
browser.target_url = f"http://arcd.com/"
browser.config.target_url = f"http://arcd.com/"
browser.get_webpage()
traffic_obs = nic_obs.observe(simulation.describe_state()).get("TRAFFIC")

2
tests/integration_tests/game_layer/observations/test_user_observations.py
View File

@@ -13,7 +13,7 @@ DATA_MANIPULATION_CONFIG = TEST_ASSETS_ROOT / "configs" / "data_manipulation.yam
def env_with_ssh() -> PrimaiteGymEnv:
"""Build data manipulation environment with SSH port open on router."""
env = PrimaiteGymEnv(DATA_MANIPULATION_CONFIG)
env.agent.flatten_obs = False
env.agent.config.agent_settings.flatten_obs = False
router: Router = env.game.simulation.network.get_node_by_hostname("router_1")
router.acl.add_rule(ACLAction.PERMIT, src_port=PORT_LOOKUP["SSH"], dst_port=PORT_LOOKUP["SSH"], position=3)
return env

8
tests/integration_tests/game_layer/test_RNG_seed.py
View File

@@ -24,12 +24,12 @@ def test_rng_seed_set(create_env):
env.reset(seed=3)
for i in range(100):
env.step(0)
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
env.reset(seed=3)
for i in range(100):
env.step(0)
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
assert a == b
@@ -40,11 +40,11 @@ def test_rng_seed_unset(create_env):
env.reset()
for i in range(100):
env.step(0)
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
a = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
env.reset()
for i in range(100):
env.step(0)
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "DONOTHING"]
b = [item.timestep for item in env.game.agents["client_2_green_user"].history if item.action != "do_nothing"]
assert a != b

71
tests/integration_tests/game_layer/test_action_mask.py
View File

@@ -15,7 +15,6 @@ def test_mask_contents_correct():
net = sim.network
mask = game.action_mask("defender")
agent = env.agent
node_list = agent.action_manager.node_names
action_map = agent.action_manager.action_map
# CHECK NIC ENABLE/DISABLE ACTIONS
@@ -23,10 +22,10 @@ def test_mask_contents_correct():
mask = game.action_mask("defender")
act_type, act_params = action
if act_type == "NODE_NIC_ENABLE":
node_name = node_list[act_params["node_id"]]
if act_type == "node_nic_enable":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
nic_obj = node_obj.network_interface[act_params["nic_id"] + 1]
nic_obj = node_obj.network_interface[act_params["nic_num"]]
assert nic_obj.enabled
assert not mask[action_num]
nic_obj.disable()
@@ -34,10 +33,10 @@ def test_mask_contents_correct():
assert mask[action_num]
nic_obj.enable()
if act_type == "NODE_NIC_DISABLE":
node_name = node_list[act_params["node_id"]]
if act_type == "node_nic_disable":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
nic_obj = node_obj.network_interface[act_params["nic_id"] + 1]
nic_obj = node_obj.network_interface[act_params["nic_num"]]
assert nic_obj.enabled
assert mask[action_num]
nic_obj.disable()
@@ -45,14 +44,14 @@ def test_mask_contents_correct():
assert not mask[action_num]
nic_obj.enable()
if act_type == "ROUTER_ACL_ADDRULE":
if act_type == "router_acl_add_rule":
assert mask[action_num]
if act_type == "ROUTER_ACL_REMOVERULE":
if act_type == "router_acl_remove_rule":
assert mask[action_num]
if act_type == "NODE_RESET":
node_name = node_list[act_params["node_id"]]
if act_type == "node_reset":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
assert mask[action_num]
@@ -61,8 +60,8 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "NODE_SHUTDOWN":
node_name = node_list[act_params["node_id"]]
if act_type == "node_shutdown":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
assert mask[action_num]
@@ -71,8 +70,8 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "NODE_OS_SCAN":
node_name = node_list[act_params["node_id"]]
if act_type == "node_os_scan":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
assert mask[action_num]
@@ -81,8 +80,8 @@ def test_mask_contents_correct():
assert not mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "NODE_STARTUP":
node_name = node_list[act_params["node_id"]]
if act_type == "node_startup":
node_name = act_params["node_name"]
node_obj = net.get_node_by_hostname(node_name)
assert node_obj.operating_state is NodeOperatingState.ON
assert not mask[action_num]
@@ -91,15 +90,15 @@ def test_mask_contents_correct():
assert mask[action_num]
node_obj.operating_state = NodeOperatingState.ON
if act_type == "DONOTHING":
if act_type == "do_nothing":
assert mask[action_num]
if act_type == "NODE_SERVICE_DISABLE":
if act_type == "node_service_disable":
assert mask[action_num]
if act_type in ["NODE_SERVICE_SCAN", "NODE_SERVICE_STOP", "NODE_SERVICE_PAUSE"]:
node_name = node_list[act_params["node_id"]]
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
if act_type in ["node_service_scan", "node_service_stop", "node_service_pause"]:
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
service_obj = node_obj.software_manager.software.get(service_name)
assert service_obj.operating_state is ServiceOperatingState.RUNNING
@@ -109,9 +108,9 @@ def test_mask_contents_correct():
assert not mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "NODE_SERVICE_RESUME":
node_name = node_list[act_params["node_id"]]
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
if act_type == "node_service_resume":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
service_obj = node_obj.software_manager.software.get(service_name)
assert service_obj.operating_state is ServiceOperatingState.RUNNING
@@ -121,9 +120,9 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "NODE_SERVICE_START":
node_name = node_list[act_params["node_id"]]
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
if act_type == "node_service_start":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
service_obj = node_obj.software_manager.software.get(service_name)
assert service_obj.operating_state is ServiceOperatingState.RUNNING
@@ -133,9 +132,9 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type == "NODE_SERVICE_ENABLE":
node_name = node_list[act_params["node_id"]]
service_name = agent.action_manager.service_names[act_params["node_id"]][act_params["service_id"]]
if act_type == "node_service_enable":
node_name = act_params["node_name"]
service_name = act_params["service_name"]
node_obj = net.get_node_by_hostname(node_name)
service_obj = node_obj.software_manager.software.get(service_name)
assert service_obj.operating_state is ServiceOperatingState.RUNNING
@@ -145,12 +144,10 @@ def test_mask_contents_correct():
assert mask[action_num]
service_obj.operating_state = ServiceOperatingState.RUNNING
if act_type in ["NODE_FILE_SCAN", "NODE_FILE_CHECKHASH", "NODE_FILE_DELETE"]:
node_name = node_list[act_params["node_id"]]
folder_name = agent.action_manager.get_folder_name_by_idx(act_params["node_id"], act_params["folder_id"])
file_name = agent.action_manager.get_file_name_by_idx(
act_params["node_id"], act_params["folder_id"], act_params["file_id"]
)
if act_type in ["node_file_scan", "node_file_checkhash", "node_file_delete"]:
node_name = act_params["node_name"]
folder_name = act_params["folder_name"]
file_name = act_params["file_name"]
node_obj = net.get_node_by_hostname(node_name)
file_obj = node_obj.file_system.get_file(folder_name, file_name, include_deleted=True)
assert not file_obj.deleted

161
tests/integration_tests/game_layer/test_actions.py
View File

@@ -32,10 +32,10 @@ FIREWALL_ACTIONS_NETWORK = TEST_ASSETS_ROOT / "configs/firewall_actions_network.
def test_do_nothing_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
"""Test that the DoNothingAction can form a request and that it is accepted by the simulation."""
"""Test that the do_nothingAction can form a request and that it is accepted by the simulation."""
game, agent = game_and_agent
action = ("DONOTHING", {})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
@@ -56,7 +56,7 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
assert svc.health_state_visible == SoftwareHealthState.UNUSED
# 2: Scan and check that the visible state is now correct
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.GOOD
@@ -67,7 +67,7 @@ def test_node_service_scan_integration(game_and_agent: Tuple[PrimaiteGame, Proxy
assert svc.health_state_visible == SoftwareHealthState.GOOD
# 4: Scan and check that the visible state is now correct
action = ("NODE_SERVICE_SCAN", {"node_id": 1, "service_id": 0})
action = ("node_service_scan", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.COMPROMISED
@@ -88,7 +88,7 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
svc.health_state_actual = SoftwareHealthState.COMPROMISED
# 2: Apply a patch action
action = ("NODE_SERVICE_FIX", {"node_id": 1, "service_id": 0})
action = ("node_service_fix", {"node_name": "server_1", "service_name": "DNSServer"})
agent.store_action(action)
game.step()
@@ -96,7 +96,7 @@ def test_node_service_fix_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
assert svc.health_state_actual == SoftwareHealthState.FIXING
# 4: perform a few do-nothing steps and check that the service is now in the good state
action = ("DONOTHING", {})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
assert svc.health_state_actual == SoftwareHealthState.GOOD
@@ -121,18 +121,18 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
# 2: Add a rule to block client 1 from reaching server 2 on router
action = (
"ROUTER_ACL_ADDRULE",
"router_acl_add_rule",
{
"target_router": "router",
"position": 4, # 4th rule
"permission": 2, # DENY
"source_ip_id": 3, # 10.0.1.2 (client_1)
"dest_ip_id": 6, # 10.0.2.3 (server_2)
"dest_port_id": 1, # ALL
"source_port_id": 1, # ALL
"protocol_id": 1, # ALL
"source_wildcard_id": 0,
"dest_wildcard_id": 0,
"position": 4,
"permission": "DENY",
"src_ip": "10.0.1.2",
"src_wildcard": "NONE",
"src_port": "ALL",
"dst_ip": "10.0.2.3",
"dst_wildcard": "NONE",
"dst_port": "ALL",
"protocol_name": "icmp",
},
)
agent.store_action(action)
@@ -148,24 +148,26 @@ def test_router_acl_addrule_integration(game_and_agent: Tuple[PrimaiteGame, Prox
# 4: Add a rule to block server_1 from reaching server_2 on router (this should not affect comms as they are on same subnet)
action = (
"ROUTER_ACL_ADDRULE",
"router_acl_add_rule",
{
"target_router": "router",
"position": 5, # 5th rule
"permission": 2, # DENY
"source_ip_id": 5, # 10.0.2.2 (server_1)
"dest_ip_id": 6, # 10.0.2.3 (server_2)
"dest_port_id": 1, # ALL
"source_port_id": 1, # ALL
"protocol_id": 1, # ALL
"source_wildcard_id": 0,
"dest_wildcard_id": 0,
"permission": "DENY", # DENY
"src_ip": "10.0.2.2", # 10.0.2.2 (server_1)
"src_wildcard": 0,
"src_port": "ALL", # ALL
"dst_ip": "10.0.2.3", # 10.0.2.3 (server_2)
"dst_wildcard": 0,
"dst_port": "ALL", # ALL
"protocol_name": "ALL", # ALL
},
)
agent.store_action(action)
print(agent.most_recent_action)
game.step()
print(agent.most_recent_action)
# 5: Check that the ACL now has 6 rules, but that server_1 can still ping server_2
print(router.acl.show())
assert router.acl.num_rules == 6
assert server_1.ping("10.0.2.3") # Can ping server_2
@@ -181,12 +183,12 @@ def test_router_acl_removerule_integration(game_and_agent: Tuple[PrimaiteGame, P
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser.run()
browser.target_url = "http://www.example.com"
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Remove rule that allows HTTP traffic across the network
action = (
"ROUTER_ACL_REMOVERULE",
"router_acl_remove_rule",
{
"target_router": "router",
"position": 3, # 4th rule
@@ -214,15 +216,15 @@ def test_host_nic_disable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser.run()
browser.target_url = "http://www.example.com"
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Disable the NIC on client_1
action = (
"HOST_NIC_DISABLE",
"host_nic_disable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)
@@ -250,10 +252,10 @@ def test_host_nic_enable_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAg
# 2: Use action to enable nic
action = (
"HOST_NIC_ENABLE",
"host_nic_enable",
{
"node_id": 0, # client_1
"nic_id": 0, # the only nic (eth-1)
"node_name": "client_1", # client_1
"nic_num": 1, # the only nic (eth-1)
},
)
agent.store_action(action)
@@ -273,15 +275,15 @@ def test_node_file_scan_integration(game_and_agent: Tuple[PrimaiteGame, ProxyAge
client_1 = game.simulation.network.get_node_by_hostname("client_1")
file = client_1.file_system.get_file("downloads", "cat.png")
assert file.health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
# 2: perform a scan and make sure nothing has changed
action = (
"NODE_FILE_SCAN",
"node_file_scan",
{
"node_id": 0, # client_1,
"folder_id": 0, # downloads,
"file_id": 0, # cat.png
"node_name": "client_1", # client_1,
"folder_name": "downloads", # downloads,
"file_name": "cat.png", # cat.png
},
)
agent.store_action(action)
@@ -314,11 +316,11 @@ def test_node_file_delete_integration(game_and_agent: Tuple[PrimaiteGame, ProxyA
# 2: delete the file
action = (
"NODE_FILE_DELETE",
"node_file_delete",
{
"node_id": 0, # client_1
"folder_id": 0, # downloads
"file_id": 0, # cat.png
"node_name": "client_1", # client_1
"folder_name": "downloads", # downloads
"file_name": "cat.png", # cat.png
},
)
agent.store_action(action)
@@ -334,14 +336,15 @@ def test_node_file_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
"""Test that a file is created."""
game, agent = game_and_agent
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
client_1 = game.simulation.network.get_node_by_hostname("client_1")
action = (
"NODE_FILE_CREATE",
"node_file_create",
{
"node_id": 0,
"node_name": "client_1",
"folder_name": "test",
"file_name": "file.txt",
"force": "False",
},
)
agent.store_action(action)
@@ -357,9 +360,9 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
action = (
"NODE_FILE_CREATE",
"node_file_create",
{
"node_id": 0,
"node_name": "client_1",
"folder_name": "test",
"file_name": "file.txt",
},
@@ -370,9 +373,9 @@ def test_node_file_access(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
assert client_1.file_system.get_file(folder_name="test", file_name="file.txt").num_access == 0
action = (
"NODE_FILE_ACCESS",
"node_file_access",
{
"node_id": 0,
"node_name": "client_1",
"folder_name": "test",
"file_name": "file.txt",
},
@@ -390,9 +393,9 @@ def test_node_folder_create(game_and_agent: Tuple[PrimaiteGame, ProxyAgent]):
client_1 = game.simulation.network.get_node_by_hostname("client_1") #
action = (
"NODE_FOLDER_CREATE",
"node_folder_create",
{
"node_id": 0,
"node_name": "client_1",
"folder_name": "test",
},
)
@@ -413,15 +416,15 @@ def test_network_router_port_disable_integration(game_and_agent: Tuple[PrimaiteG
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser.run()
browser.target_url = "http://www.example.com"
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com before we block it
# 2: Disable the NIC on client_1
action = (
"NETWORK_PORT_DISABLE",
"network_port_disable",
{
"target_nodename": "router", # router
"port_id": 1, # port 1
"port_num": 1, # port 1
},
)
agent.store_action(action)
@@ -450,10 +453,10 @@ def test_network_router_port_enable_integration(game_and_agent: Tuple[PrimaiteGa
# 2: Use action to enable port
action = (
"NETWORK_PORT_ENABLE",
"network_port_enable",
{
"target_nodename": "router", # router
"port_id": 1, # port 1
"port_num": 1, # port 1
},
)
agent.store_action(action)
@@ -473,14 +476,17 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser.run()
browser.target_url = "http://www.example.com"
browser.config.target_url = "http://www.example.com"
assert browser.get_webpage() # check that the browser can access example.com
assert browser.health_state_actual == SoftwareHealthState.GOOD
assert browser.health_state_visible == SoftwareHealthState.UNUSED
# 2: Scan and check that the visible state is now correct
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
action = (
"node_application_scan",
{"node_name": "client_1", "application_name": "WebBrowser"},
)
agent.store_action(action)
game.step()
assert browser.health_state_actual == SoftwareHealthState.GOOD
@@ -491,7 +497,10 @@ def test_node_application_scan_integration(game_and_agent: Tuple[PrimaiteGame, P
assert browser.health_state_visible == SoftwareHealthState.GOOD
# 4: Scan and check that the visible state is now correct
action = ("NODE_APPLICATION_SCAN", {"node_id": 0, "application_id": 0})
action = (
"node_application_scan",
{"node_name": "client_1", "application_name": "WebBrowser"},
)
agent.store_action(action)
game.step()
assert browser.health_state_actual == SoftwareHealthState.COMPROMISED
@@ -512,7 +521,10 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
browser.health_state_actual = SoftwareHealthState.COMPROMISED
# 2: Apply a fix action
action = ("NODE_APPLICATION_FIX", {"node_id": 0, "application_id": 0})
action = (
"node_application_fix",
{"node_name": "client_1", "application_name": "WebBrowser"},
)
agent.store_action(action)
game.step()
@@ -520,7 +532,7 @@ def test_node_application_fix_integration(game_and_agent: Tuple[PrimaiteGame, Pr
assert browser.health_state_actual == SoftwareHealthState.FIXING
# 4: perform a few do-nothing steps and check that the application is now in the good state
action = ("DONOTHING", {})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
assert browser.health_state_actual == SoftwareHealthState.GOOD
@@ -538,7 +550,10 @@ def test_node_application_close_integration(game_and_agent: Tuple[PrimaiteGame,
assert browser.operating_state == ApplicationOperatingState.RUNNING
# 2: Apply a close action
action = ("NODE_APPLICATION_CLOSE", {"node_id": 0, "application_id": 0})
action = (
"node_application_close",
{"node_name": "client_1", "application_name": "WebBrowser"},
)
agent.store_action(action)
game.step()
@@ -549,7 +564,7 @@ def test_node_application_install_and_uninstall_integration(game_and_agent: Tupl
"""Test that the NodeApplicationInstallAction and NodeApplicationRemoveAction can form a request and that
it is accepted by the simulation.
When you initiate a install action, the Application will be installed and configured on the node.
When you initiate an install action, the Application will be installed and configured on the node.
The remove action will uninstall the application from the node."""
game, agent = game_and_agent
@@ -557,13 +572,19 @@ def test_node_application_install_and_uninstall_integration(game_and_agent: Tupl
assert client_1.software_manager.software.get("DoSBot") is None
action = ("NODE_APPLICATION_INSTALL", {"node_id": 0, "application_name": "DoSBot"})
action = (
"node_application_install",
{"node_name": "client_1", "application_name": "DoSBot"},
)
agent.store_action(action)
game.step()
assert client_1.software_manager.software.get("DoSBot") is not None
action = ("NODE_APPLICATION_REMOVE", {"node_id": 0, "application_name": "DoSBot"})
action = (
"node_application_remove",
{"node_name": "client_1", "application_name": "DoSBot"},
)
agent.store_action(action)
game.step()
@@ -656,9 +677,9 @@ def test_firewall_acl_add_remove_rule_integration():
assert firewall.external_outbound_acl.acl[1].action.name == "DENY"
assert firewall.external_outbound_acl.acl[1].src_ip_address == IPv4Address("192.168.20.10")
assert firewall.external_outbound_acl.acl[1].dst_ip_address == IPv4Address("192.168.0.10")
assert firewall.external_outbound_acl.acl[1].dst_port is None
assert firewall.external_outbound_acl.acl[1].src_port is None
assert firewall.external_outbound_acl.acl[1].protocol is None
assert firewall.external_outbound_acl.acl[1].dst_port == PORT_LOOKUP["NONE"]
assert firewall.external_outbound_acl.acl[1].src_port == PORT_LOOKUP["NONE"]
assert firewall.external_outbound_acl.acl[1].protocol == PROTOCOL_LOOKUP["NONE"]
env.step(12) # Remove ACL rule from External Outbound
assert firewall.external_outbound_acl.num_rules == 1

7
tests/integration_tests/game_layer/test_observations.py
View File

@@ -17,12 +17,7 @@ def test_file_observation():
dog_file_obs = FileObservation(
where=["network", "nodes", pc.hostname, "file_system", "folders", "root", "files", "dog.png"],
include_num_access=False,
file_system_requires_scan=True,
file_system_requires_scan=False,
)
assert dog_file_obs.observe(state) == {"health_status": 1}
assert dog_file_obs.space == spaces.Dict({"health_status": spaces.Discrete(6)})
# TODO:
# def test_file_num_access():
# ...

26
tests/integration_tests/game_layer/test_rewards.py
View File

@@ -29,16 +29,16 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
client_1 = game.simulation.network.get_node_by_hostname("client_1")
browser: WebBrowser = client_1.software_manager.software.get("WebBrowser")
browser.run()
browser.target_url = "http://www.example.com"
browser.config.target_url = "http://www.example.com"
agent.reward_function.register_component(comp, 0.7)
# Check that before trying to fetch the webpage, the reward is 0.0
agent.store_action(("DONOTHING", {}))
agent.store_action(("do_nothing", {}))
game.step()
assert agent.reward_function.current_reward == 0.0
# Check that successfully fetching the webpage yields a reward of 0.7
agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}))
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
game.step()
assert agent.reward_function.current_reward == 0.7
@@ -50,7 +50,7 @@ def test_WebpageUnavailablePenalty(game_and_agent: tuple[PrimaiteGame, Controlle
src_port=PORT_LOOKUP["HTTP"],
dst_port=PORT_LOOKUP["HTTP"],
)
agent.store_action(("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}))
agent.store_action(("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}))
game.step()
assert agent.reward_function.current_reward == -0.7
@@ -83,7 +83,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
response = game.simulation.apply_request(request)
state = game.get_sim_state()
ahi = AgentHistoryItem(
timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
)
reward_value = comp.calculate(state, last_action_response=ahi)
assert reward_value == 1.0
@@ -94,7 +94,7 @@ def test_uc2_rewards(game_and_agent: tuple[PrimaiteGame, ControlledAgent]):
response = game.simulation.apply_request(request)
state = game.get_sim_state()
ahi = AgentHistoryItem(
timestep=0, action="NODE_APPLICATION_EXECUTE", parameters={}, request=request, response=response
timestep=0, action="node_application_execute", parameters={}, request=request, response=response
)
reward_value = comp.calculate(
state,
@@ -154,13 +154,13 @@ def test_action_penalty():
# Penalty = ActionPenalty(action_penalty=-0.75, do_nothing_penalty=0.125)
Penalty = ActionPenalty(config=schema)
# Assert that penalty is applied if action isn't DONOTHING
# Assert that penalty is applied if action isn't do_nothing
reward_value = Penalty.calculate(
state={},
last_action_response=AgentHistoryItem(
timestep=0,
action="NODE_APPLICATION_EXECUTE",
parameters={"node_id": 0, "application_id": 1},
action="node_application_execute",
parameters={"node_name": "client", "application_name": "WebBrowser"},
request=["execute"],
response=RequestResponse.from_bool(True),
),
@@ -168,12 +168,12 @@ def test_action_penalty():
assert reward_value == -0.75
# Assert that no penalty applied for a DONOTHING action
# Assert that no penalty applied for a do_nothing action
reward_value = Penalty.calculate(
state={},
last_action_response=AgentHistoryItem(
timestep=0,
action="DONOTHING",
action="do_nothing",
parameters={},
request=["do_nothing"],
response=RequestResponse.from_bool(True),
@@ -192,12 +192,12 @@ def test_action_penalty_e2e(game_and_agent: tuple[PrimaiteGame, ControlledAgent]
agent.reward_function.register_component(comp, 1.0)
action = ("DONOTHING", {})
action = ("do_nothing", {})
agent.store_action(action)
game.step()
assert agent.reward_function.current_reward == 0.125
action = ("NODE_FILE_SCAN", {"node_id": 0, "folder_id": 0, "file_id": 0})
action = ("node_file_scan", {"node_name": "client", "folder_name": "downloads", "file_name": "document.pdf"})
agent.store_action(action)
game.step()
assert agent.reward_function.current_reward == -0.75

17
tests/integration_tests/network/test_broadcast.py
View File

@@ -3,6 +3,7 @@ from ipaddress import IPv4Address, IPv4Network
from typing import Any, Dict, List, Tuple
import pytest
from pydantic import Field
from primaite.simulator.network.container import Network
from primaite.simulator.network.hardware.nodes.host.computer import Computer
@@ -14,9 +15,16 @@ from primaite.utils.validation.ip_protocol import PROTOCOL_LOOKUP
from primaite.utils.validation.port import PORT_LOOKUP
class BroadcastTestService(Service):
class BroadcastTestService(Service, identifier="BroadcastTestService"):
"""A service for sending broadcast and unicast messages over a network."""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for BroadcastTestService."""
type: str = "BroadcastTestService"
config: "BroadcastTestService.ConfigSchema" = Field(default_factory=lambda: BroadcastTestService.ConfigSchema())
def __init__(self, **kwargs):
# Set default service properties for broadcasting
kwargs["name"] = "BroadcastService"
@@ -46,6 +54,13 @@ class BroadcastTestService(Service):
class BroadcastTestClient(Application, identifier="BroadcastTestClient"):
"""A client application to receive broadcast and unicast messages."""
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for BroadcastTestClient."""
type: str = "BroadcastTestClient"
config: ConfigSchema = Field(default_factory=lambda: BroadcastTestClient.ConfigSchema())
payloads_received: List = []
def __init__(self, **kwargs):

6
tests/integration_tests/system/red_applications/test_c2_suite_integration.py
View File

@@ -495,6 +495,12 @@ def test_c2_suite_yaml():
computer_b: Computer = yaml_network.get_node_by_hostname("node_b")
c2_beacon: C2Beacon = computer_b.software_manager.software.get("C2Beacon")
c2_beacon.configure(
c2_server_ip_address=c2_beacon.config.c2_server_ip_address,
keep_alive_frequency=c2_beacon.config.keep_alive_frequency,
masquerade_port=c2_beacon.config.masquerade_port,
masquerade_protocol=c2_beacon.config.masquerade_protocol,
)
assert c2_server.operating_state == ApplicationOperatingState.RUNNING

10
tests/integration_tests/system/test_database_on_node.py
View File

@@ -163,7 +163,7 @@ def test_restore_backup_without_updating_scan(uc2_network):
db_service.db_file.corrupt() # corrupt the db
assert db_service.db_file.health_status == FileSystemItemHealthStatus.CORRUPT # db file is actually corrupt
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.GOOD # not scanned yet
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.NONE # not scanned yet
db_service.db_file.scan() # scan the db file
@@ -190,7 +190,7 @@ def test_restore_backup_after_deleting_file_without_updating_scan(uc2_network):
db_service.db_file.corrupt() # corrupt the db
assert db_service.db_file.health_status == FileSystemItemHealthStatus.CORRUPT # db file is actually corrupt
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.GOOD # not scanned yet
assert db_service.db_file.visible_health_status == FileSystemItemHealthStatus.NONE # not scanned yet
db_service.db_file.scan() # scan the db file
@@ -232,7 +232,7 @@ def test_database_service_fix(uc2_network):
assert db_service.health_state_actual == SoftwareHealthState.FIXING
# apply timestep until the fix is applied
for i in range(db_service.fixing_duration + 1):
for i in range(db_service.config.fixing_duration + 1):
uc2_network.apply_timestep(i)
assert db_service.db_file.health_status == FileSystemItemHealthStatus.GOOD
@@ -266,7 +266,7 @@ def test_database_cannot_be_queried_while_fixing(uc2_network):
assert db_connection.query(sql="SELECT") is False
# apply timestep until the fix is applied
for i in range(db_service.fixing_duration + 1):
for i in range(db_service.config.fixing_duration + 1):
uc2_network.apply_timestep(i)
assert db_service.health_state_actual == SoftwareHealthState.GOOD
@@ -308,7 +308,7 @@ def test_database_can_create_connection_while_fixing(uc2_network):
assert new_db_connection.query(sql="SELECT") is False # still should fail to query because FIXING
# apply timestep until the fix is applied
for i in range(db_service.fixing_duration + 1):
for i in range(db_service.config.fixing_duration + 1):
uc2_network.apply_timestep(i)
assert db_service.health_state_actual == SoftwareHealthState.GOOD

9
tests/integration_tests/system/test_service_listening_on_ports.py
View File

@@ -14,7 +14,14 @@ from primaite.utils.validation.port import PORT_LOOKUP
from tests import TEST_ASSETS_ROOT
class _DatabaseListener(Service):
class _DatabaseListener(Service, identifier="_DatabaseListener"):
class ConfigSchema(Service.ConfigSchema):
"""ConfigSchema for _DatabaseListener."""
type: str = "_DatabaseListener"
listen_on_ports: Set[int] = {PORT_LOOKUP["POSTGRES_SERVER"]}
config: "_DatabaseListener.ConfigSchema" = Field(default_factory=lambda: _DatabaseListener.ConfigSchema())
name: str = "DatabaseListener"
protocol: str = PROTOCOL_LOOKUP["TCP"]
port: int = PORT_LOOKUP["NONE"]

8
tests/integration_tests/system/test_web_client_server.py
View File

@@ -51,7 +51,7 @@ def test_web_page_get_users_page_request_with_domain_name(web_client_and_web_ser
web_browser_app, computer, web_server_service, server = web_client_and_web_server
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
web_browser_app.target_url = f"http://arcd.com/"
web_browser_app.config.target_url = f"http://arcd.com/"
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
assert web_browser_app.get_webpage() is True
@@ -66,7 +66,7 @@ def test_web_page_get_users_page_request_with_ip_address(web_client_and_web_serv
web_browser_app, computer, web_server_service, server = web_client_and_web_server
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
web_browser_app.target_url = f"http://{web_server_ip}/"
web_browser_app.config.target_url = f"http://{web_server_ip}/"
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
assert web_browser_app.get_webpage() is True
@@ -81,7 +81,7 @@ def test_web_page_request_from_shut_down_server(web_client_and_web_server):
web_browser_app, computer, web_server_service, server = web_client_and_web_server
web_server_ip = server.network_interfaces.get(next(iter(server.network_interfaces))).ip_address
web_browser_app.target_url = f"http://arcd.com/"
web_browser_app.config.target_url = f"http://arcd.com/"
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
assert web_browser_app.get_webpage() is True
@@ -108,7 +108,7 @@ def test_web_page_request_from_closed_web_browser(web_client_and_web_server):
web_browser_app, computer, web_server_service, server = web_client_and_web_server
assert web_browser_app.operating_state == ApplicationOperatingState.RUNNING
web_browser_app.target_url = f"http://arcd.com/"
web_browser_app.config.target_url = f"http://arcd.com/"
assert web_browser_app.get_webpage() is True
# latest response should have status code 200

4
tests/integration_tests/system/test_web_client_server_and_database.py
View File

@@ -74,7 +74,7 @@ def web_client_web_server_database(example_network) -> Tuple[Network, Computer,
# Install Web Browser on computer
computer.software_manager.install(WebBrowser)
web_browser: WebBrowser = computer.software_manager.software.get("WebBrowser")
web_browser.target_url = "http://arcd.com/users/"
web_browser.config.target_url = "http://arcd.com/users/"
web_browser.run()
# Install DNS Client service on computer
@@ -131,7 +131,7 @@ def test_database_fix_disrupts_web_client(uc2_network):
assert web_browser.get_webpage() is False
for i in range(database_service.fixing_duration + 1):
for i in range(database_service.config.fixing_duration + 1):
uc2_network.apply_timestep(i)
assert database_service.health_state_actual == SoftwareHealthState.GOOD

63
tests/unit_tests/_primaite/_game/_agent/test_actions.py
View File

@@ -2,10 +2,11 @@
from unittest.mock import Mock
import pytest
from pydantic import ValidationError
from primaite.game.agent.actions import (
ActionManager,
DoNothingAction,
from primaite.game.agent.actions import ActionManager
from primaite.game.agent.actions.manager import DoNothingAction
from primaite.game.agent.actions.service import (
NodeServiceDisableAction,
NodeServiceEnableAction,
NodeServicePauseAction,
@@ -18,13 +19,8 @@ from primaite.game.agent.actions import (
def test_do_nothing_action_form_request():
"""Test that the DoNothingAction can form a request and that it is correct."""
manager = Mock()
action = DoNothingAction(manager=manager)
request = action.form_request()
"""Test that the do_nothingAction can form a request and that it is correct."""
request = DoNothingAction.form_request(DoNothingAction.ConfigSchema())
assert request == ["do_nothing"]
@@ -42,7 +38,7 @@ def test_do_nothing_action_form_request():
],
) # flake8: noqa
@pytest.mark.parametrize(
"node_name, service_name, expect_to_do_nothing",
"node_name, service_name, expect_failure",
[
("pc_1", "chrome", False),
(None, "chrome", True),
@@ -50,42 +46,15 @@ def test_do_nothing_action_form_request():
(None, None, True),
],
) # flake8: noqa
def test_service_action_form_request(node_name, service_name, expect_to_do_nothing, action_class, action_verb):
def test_service_action_form_request(node_name, service_name, expect_failure, action_class, action_verb):
"""Test that the ServiceScanAction can form a request and that it is correct."""
manager: ActionManager = Mock()
manager.get_node_name_by_idx.return_value = node_name
manager.get_service_name_by_idx.return_value = service_name
action = action_class(manager=manager, num_nodes=1, num_services=1)
request = action.form_request(node_id=0, service_id=0)
if expect_to_do_nothing:
assert request == ["do_nothing"]
if expect_failure:
with pytest.raises(ValidationError):
request = action_class.form_request(
config=action_class.ConfigSchema(node_name=node_name, service_name=service_name)
)
else:
request = action_class.form_request(
config=action_class.ConfigSchema(node_name=node_name, service_name=service_name)
)
assert request == ["network", "node", node_name, "service", service_name, action_verb]
@pytest.mark.parametrize(
"node_name, service_name, expect_to_do_nothing",
[
("pc_1", "chrome", False),
(None, "chrome", True),
("pc_1", None, True),
(None, None, True),
],
) # flake8: noqa
def test_service_scan_form_request(node_name, service_name, expect_to_do_nothing):
"""Test that the ServiceScanAction can form a request and that it is correct."""
manager: ActionManager = Mock()
manager.get_node_name_by_idx.return_value = node_name
manager.get_service_name_by_idx.return_value = service_name
action = NodeServiceScanAction(manager=manager, num_nodes=1, num_services=1)
request = action.form_request(node_id=0, service_id=0)
if expect_to_do_nothing:
assert request == ["do_nothing"]
else:
assert request == ["network", "node", node_name, "service", service_name, "scan"]

52
tests/unit_tests/_primaite/_game/_agent/test_agent.py Normal file
View File

@@ -0,0 +1,52 @@
from primaite.game.agent.observations.file_system_observations import FileObservation
from primaite.game.agent.observations.observation_manager import NullObservation
from primaite.game.agent.scripted_agents.random_agent import RandomAgent
def test_creating_empty_agent():
agent = RandomAgent()
assert len(agent.action_manager.action_map) == 0
assert isinstance(agent.observation_manager.obs, NullObservation)
assert len(agent.reward_function.reward_components) == 0
def test_creating_agent_from_dict():
action_config = {
"action_map": {
0: {"action": "do_nothing", "options": {}},
1: {
"action": "node_application_execute",
"options": {"node_name": "client", "application_name": "database"},
},
}
}
observation_config = {
"type": "FILE",
"options": {
"file_name": "dog.pdf",
"include_num_access": False,
"file_system_requires_scan": False,
},
}
reward_config = {
"reward_components": [
{
"type": "DATABASE_FILE_INTEGRITY",
"weight": 0.3,
"options": {"node_hostname": "server", "folder_name": "database", "file_name": "database.db"},
}
]
}
agent = RandomAgent(
config={
"ref": "random_agent",
"team": "BLUE",
"action_space": action_config,
"observation_space": observation_config,
"reward_function": reward_config,
}
)
assert len(agent.action_manager.action_map) == 2
assert isinstance(agent.observation_manager.obs, FileObservation)
assert len(agent.reward_function.reward_components) == 1

16
tests/unit_tests/_primaite/_game/_agent/test_observations.py
View File

@@ -69,8 +69,8 @@ class TestFileSystemRequiresScan:
wildcard_list:
- 0.0.0.1
port_list:
- 80
- 5432
- HTTP
- POSTGRES_SERVER
protocol_list:
- ICMP
- TCP
@@ -98,7 +98,7 @@ class TestFileSystemRequiresScan:
"""
cfg = yaml.safe_load(obs_cfg_yaml)
manager = ObservationManager.from_config(cfg)
manager = ObservationManager(config=cfg)
hosts: List[HostObservation] = manager.obs.components["NODES"].hosts
for i, host in enumerate(hosts):
@@ -119,14 +119,20 @@ class TestFileSystemRequiresScan:
assert obs_not_requiring_scan.observe(file_state)["health_status"] == 3
def test_folder_require_scan(self):
folder_state = {"health_status": 3, "visible_status": 1}
folder_state = {"health_status": 3, "visible_status": 1, "scanned_this_step": False}
obs_requiring_scan = FolderObservation(
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=True
)
assert obs_requiring_scan.observe(folder_state)["health_status"] == 1
assert obs_requiring_scan.observe(folder_state)["health_status"] == 0
obs_not_requiring_scan = FolderObservation(
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=False
)
assert obs_not_requiring_scan.observe(folder_state)["health_status"] == 3
folder_state = {"health_status": 3, "visible_status": 1, "scanned_this_step": True}
obs_requiring_scan = FolderObservation(
[], files=[], num_files=0, include_num_access=False, file_system_requires_scan=True
)
assert obs_requiring_scan.observe(folder_state)["health_status"] == 1

82
tests/unit_tests/_primaite/_game/_agent/test_probabilistic_agent.py
View File

@@ -3,6 +3,7 @@ from primaite.game.agent.actions import ActionManager
from primaite.game.agent.observations.observation_manager import NestedObservation, ObservationManager
from primaite.game.agent.rewards import RewardFunction
from primaite.game.agent.scripted_agents.probabilistic_agent import ProbabilisticAgent
from primaite.game.game import PrimaiteGame, PrimaiteGameOptions
def test_probabilistic_agent():
@@ -16,69 +17,58 @@ def test_probabilistic_agent():
"""
N_TRIALS = 10_000
P_DO_NOTHING = 0.1
P_NODE_APPLICATION_EXECUTE = 0.3
P_NODE_FILE_DELETE = 0.6
P_node_application_execute = 0.3
P_node_file_delete = 0.6
MIN_DO_NOTHING = 850
MAX_DO_NOTHING = 1150
MIN_NODE_APPLICATION_EXECUTE = 2800
MAX_NODE_APPLICATION_EXECUTE = 3200
MIN_NODE_FILE_DELETE = 5750
MAX_NODE_FILE_DELETE = 6250
MIN_node_application_execute = 2800
MAX_node_application_execute = 3200
MIN_node_file_delete = 5750
MAX_node_file_delete = 6250
action_space = ActionManager(
actions=[
{"type": "DONOTHING"},
{"type": "NODE_APPLICATION_EXECUTE"},
{"type": "NODE_FILE_DELETE"},
],
nodes=[
{
"node_name": "client_1",
"applications": [{"application_name": "WebBrowser"}],
"folders": [{"folder_name": "downloads", "files": [{"file_name": "cat.png"}]}],
action_space_cfg = {
"action_map": {
0: {"action": "do_nothing", "options": {}},
1: {
"action": "node_application_execute",
"options": {"node_name": "client_1", "application_name": "WebBrowser"},
},
2: {
"action": "node_file_delete",
"options": {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"},
},
],
max_folders_per_node=2,
max_files_per_folder=2,
max_services_per_node=2,
max_applications_per_node=2,
max_nics_per_node=2,
max_acl_rules=10,
protocols=["TCP", "UDP", "ICMP"],
ports=["HTTP", "DNS", "ARP"],
act_map={
0: {"action": "DONOTHING", "options": {}},
1: {"action": "NODE_APPLICATION_EXECUTE", "options": {"node_id": 0, "application_id": 0}},
2: {"action": "NODE_FILE_DELETE", "options": {"node_id": 0, "folder_id": 0, "file_id": 0}},
},
)
observation_space = ObservationManager(NestedObservation(components={}))
reward_function = RewardFunction()
}
pa = ProbabilisticAgent(
agent_name="test_agent",
action_space=action_space,
observation_space=observation_space,
reward_function=reward_function,
settings={
"action_probabilities": {0: P_DO_NOTHING, 1: P_NODE_APPLICATION_EXECUTE, 2: P_NODE_FILE_DELETE},
game = PrimaiteGame()
game.options = PrimaiteGameOptions(ports=[], protocols=[])
pa_config = {
"type": "ProbabilisticAgent",
"ref": "ProbabilisticAgent",
"team": "BLUE",
"action_space": action_space_cfg,
"agent_settings": {
"action_probabilities": {0: P_DO_NOTHING, 1: P_node_application_execute, 2: P_node_file_delete},
},
)
}
pa = ProbabilisticAgent.from_config(config=pa_config)
do_nothing_count = 0
node_application_execute_count = 0
node_file_delete_count = 0
for _ in range(N_TRIALS):
a = pa.get_action(0)
if a == ("DONOTHING", {}):
if a == ("do_nothing", {}):
do_nothing_count += 1
elif a == ("NODE_APPLICATION_EXECUTE", {"node_id": 0, "application_id": 0}):
elif a == ("node_application_execute", {"node_name": "client_1", "application_name": "WebBrowser"}):
node_application_execute_count += 1
elif a == ("NODE_FILE_DELETE", {"node_id": 0, "folder_id": 0, "file_id": 0}):
elif a == ("node_file_delete", {"node_name": "client_1", "folder_name": "downloads", "file_name": "cat.png"}):
node_file_delete_count += 1
else:
raise AssertionError("Probabilistic agent produced an unexpected action.")
assert MIN_DO_NOTHING < do_nothing_count < MAX_DO_NOTHING
assert MIN_NODE_APPLICATION_EXECUTE < node_application_execute_count < MAX_NODE_APPLICATION_EXECUTE
assert MIN_NODE_FILE_DELETE < node_file_delete_count < MAX_NODE_FILE_DELETE
assert MIN_node_application_execute < node_application_execute_count < MAX_node_application_execute
assert MIN_node_file_delete < node_file_delete_count < MAX_node_file_delete

64
tests/unit_tests/_primaite/_game/_agent/test_sticky_rewards.py
View File

@@ -81,7 +81,7 @@ class TestWebpageUnavailabilitySticky:
reward = WebpageUnavailablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
@@ -91,8 +91,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="success", data={})
browser_history.append({"outcome": 200})
@@ -104,7 +104,7 @@ class TestWebpageUnavailabilitySticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
@@ -114,8 +114,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == 0.0
# agent fails to fetch, get a -1.0 reward
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
@@ -126,8 +126,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
@@ -142,7 +142,7 @@ class TestWebpageUnavailabilitySticky:
reward = WebpageUnavailablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
browser_history = []
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
@@ -152,8 +152,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="success", data={})
browser_history.append({"outcome": 200})
@@ -165,7 +165,7 @@ class TestWebpageUnavailabilitySticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is sticky, it stays at 1.0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"WebBrowser": {"history": browser_history}}}}}}
last_action_response = AgentHistoryItem(
@@ -174,8 +174,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == 1.0
# agent fails to fetch, get a -1.0 reward
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
@@ -186,8 +186,8 @@ class TestWebpageUnavailabilitySticky:
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "WebBrowser"}
request = ["network", "node", "computer", "application", "WebBrowser", "execute"]
response = RequestResponse(status="failure", data={})
browser_history.append({"outcome": 404})
@@ -207,7 +207,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
last_action_response = AgentHistoryItem(
@@ -216,8 +216,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
@@ -228,7 +228,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
last_action_response = AgentHistoryItem(
@@ -237,8 +237,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == 0.0
# agent fails to fetch, get a -1.0 reward
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
@@ -248,8 +248,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
@@ -266,7 +266,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
reward = GreenAdminDatabaseUnreachablePenalty(config=schema)
# no response codes yet, reward is 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
last_action_response = AgentHistoryItem(
@@ -275,8 +275,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == 0
# agent did a successful fetch
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
@@ -287,7 +287,7 @@ class TestGreenAdminDatabaseUnreachableSticky:
# THE IMPORTANT BIT
# agent did nothing, because reward is not sticky, it goes back to 0
action, params, request = "DO_NOTHING", {}, ["DONOTHING"]
action, params, request = "do_nothing", {}, ["do_nothing"]
response = RequestResponse(status="success", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
last_action_response = AgentHistoryItem(
@@ -296,8 +296,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == 1.0
# agent fails to fetch, get a -1.0 reward
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}
@@ -307,8 +307,8 @@ class TestGreenAdminDatabaseUnreachableSticky:
assert reward.calculate(state, last_action_response) == -1.0
# agent fails again to fetch, get a -1.0 reward again
action = "NODE_APPLICATION_EXECUTE"
params = {"node_id": 0, "application_id": 0}
action = "node_application_execute"
params = {"node_name": "computer", "application_name": "DatabaseClient"}
request = ["network", "node", "computer", "application", "DatabaseClient", "execute"]
response = RequestResponse(status="failure", data={})
state = {"network": {"nodes": {"computer": {"applications": {"DatabaseClient": {}}}}}}

6
tests/unit_tests/_primaite/_simulator/_file_system/test_file.py
View File

@@ -22,12 +22,12 @@ def test_file_scan(file_system):
file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder")
assert file.health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
file.corrupt()
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
file.scan()
@@ -46,7 +46,7 @@ def test_file_reveal_to_red_scan(file_system):
assert file.revealed_to_red is True
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
@pytest.mark.skip(reason="node_file_checkhash not implemented")
def test_simulated_file_check_hash(file_system):
file: File = file_system.create_file(file_name="test_file.txt", folder_name="test_folder")

6
tests/unit_tests/_primaite/_simulator/_file_system/test_file_actions.py
View File

@@ -24,7 +24,7 @@ def test_file_scan_request(populated_file_system):
file.corrupt()
assert file.health_status == FileSystemItemHealthStatus.CORRUPT
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
fs.apply_request(request=["folder", folder.name, "file", file.name, "scan"])
@@ -32,7 +32,7 @@ def test_file_scan_request(populated_file_system):
assert file.visible_health_status == FileSystemItemHealthStatus.CORRUPT
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
@pytest.mark.skip(reason="node_file_checkhash not implemented")
def test_file_checkhash_request(populated_file_system):
"""Test that an agent can request a file hash check."""
fs, folder, file = populated_file_system
@@ -94,7 +94,7 @@ def test_deleted_file_cannot_be_interacted_with(populated_file_system):
assert fs.get_file(folder_name=folder.name, file_name=file.name).health_status == FileSystemItemHealthStatus.CORRUPT
assert (
fs.get_file(folder_name=folder.name, file_name=file.name).visible_health_status
== FileSystemItemHealthStatus.GOOD
== FileSystemItemHealthStatus.NONE
)
fs.apply_request(request=["delete", "file", folder.name, file.name])

20
tests/unit_tests/_primaite/_simulator/_file_system/test_folder.py
View File

@@ -44,25 +44,25 @@ def test_folder_scan(file_system):
file2: File = folder.get_file_by_id(file_uuid=list(folder.files)[0])
assert folder.health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
folder.corrupt()
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
folder.scan()
folder.apply_timestep(timestep=0)
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
folder.apply_timestep(timestep=1)
folder.apply_timestep(timestep=2)
@@ -120,7 +120,7 @@ def test_folder_corrupt_repair(file_system):
assert file.health_status == FileSystemItemHealthStatus.GOOD
@pytest.mark.skip(reason="NODE_FILE_CHECKHASH not implemented")
@pytest.mark.skip(reason="node_file_checkhash not implemented")
def test_simulated_folder_check_hash(file_system):
folder: Folder = file_system.create_folder(folder_name="test_folder")
file_system.create_file(file_name="test_file.txt", folder_name="test_folder")

14
tests/unit_tests/_primaite/_simulator/_file_system/test_folder_actions.py
View File

@@ -29,18 +29,18 @@ def test_folder_scan_request(populated_file_system):
folder.corrupt()
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
fs.apply_request(request=["folder", folder.name, "scan"])
folder.apply_timestep(timestep=0)
assert folder.health_status == FileSystemItemHealthStatus.CORRUPT
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file1.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file2.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
assert file1.visible_health_status == FileSystemItemHealthStatus.NONE
assert file2.visible_health_status == FileSystemItemHealthStatus.NONE
folder.apply_timestep(timestep=1)
folder.apply_timestep(timestep=2)
@@ -51,7 +51,7 @@ def test_folder_scan_request(populated_file_system):
assert file2.visible_health_status == FileSystemItemHealthStatus.CORRUPT
@pytest.mark.skip(reason="NODE_FOLDER_CHECKHASH not implemented")
@pytest.mark.skip(reason="node_folder_checkhash not implemented")
def test_folder_checkhash_request(populated_file_system):
"""Test that an agent can request a folder hash check."""
fs, folder, file = populated_file_system

4
tests/unit_tests/_primaite/_simulator/_network/_hardware/test_node_actions.py
View File

@@ -70,13 +70,13 @@ def test_node_os_scan(node):
# add folder and file to node
folder: Folder = node.file_system.create_folder(folder_name="test_folder")
folder.corrupt()
assert folder.visible_health_status == FileSystemItemHealthStatus.GOOD
assert folder.visible_health_status == FileSystemItemHealthStatus.NONE
file: File = node.file_system.create_file(folder_name="test_folder", file_name="file.txt")
file2: File = node.file_system.create_file(folder_name="test_folder", file_name="file2.txt")
file.corrupt()
file2.corrupt()
assert file.visible_health_status == FileSystemItemHealthStatus.GOOD
assert file.visible_health_status == FileSystemItemHealthStatus.NONE
# run os scan
node.apply_request(["os", "scan"])

28
tests/unit_tests/_primaite/_simulator/_system/_applications/_red_applications/test_c2_suite.py
View File

@@ -128,13 +128,13 @@ def test_c2_handle_switching_port(basic_c2_network):
assert c2_server.c2_connection_active is True
# Assert to confirm that both the C2 server and the C2 beacon are configured correctly.
assert c2_beacon.c2_config.keep_alive_frequency is 2
assert c2_beacon.c2_config.masquerade_port is PORT_LOOKUP["HTTP"]
assert c2_beacon.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_beacon.config.keep_alive_frequency is 2
assert c2_beacon.config.masquerade_port is PORT_LOOKUP["HTTP"]
assert c2_beacon.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_server.c2_config.keep_alive_frequency is 2
assert c2_server.c2_config.masquerade_port is PORT_LOOKUP["HTTP"]
assert c2_server.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_server.config.keep_alive_frequency is 2
assert c2_server.config.masquerade_port is PORT_LOOKUP["HTTP"]
assert c2_server.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
# Configuring the C2 Beacon.
c2_beacon.configure(
@@ -150,11 +150,11 @@ def test_c2_handle_switching_port(basic_c2_network):
# Assert to confirm that both the C2 server and the C2 beacon
# Have reconfigured their C2 settings.
assert c2_beacon.c2_config.masquerade_port is PORT_LOOKUP["FTP"]
assert c2_beacon.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_beacon.config.masquerade_port is PORT_LOOKUP["FTP"]
assert c2_beacon.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_server.c2_config.masquerade_port is PORT_LOOKUP["FTP"]
assert c2_server.c2_config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
assert c2_server.config.masquerade_port is PORT_LOOKUP["FTP"]
assert c2_server.config.masquerade_protocol is PROTOCOL_LOOKUP["TCP"]
def test_c2_handle_switching_frequency(basic_c2_network):
@@ -174,8 +174,8 @@ def test_c2_handle_switching_frequency(basic_c2_network):
assert c2_server.c2_connection_active is True
# Assert to confirm that both the C2 server and the C2 beacon are configured correctly.
assert c2_beacon.c2_config.keep_alive_frequency is 2
assert c2_server.c2_config.keep_alive_frequency is 2
assert c2_beacon.config.keep_alive_frequency is 2
assert c2_server.config.keep_alive_frequency is 2
# Configuring the C2 Beacon.
c2_beacon.configure(c2_server_ip_address="192.168.0.1", keep_alive_frequency=10)
@@ -186,8 +186,8 @@ def test_c2_handle_switching_frequency(basic_c2_network):
# Assert to confirm that both the C2 server and the C2 beacon
# Have reconfigured their C2 settings.
assert c2_beacon.c2_config.keep_alive_frequency is 10
assert c2_server.c2_config.keep_alive_frequency is 10
assert c2_beacon.config.keep_alive_frequency is 10
assert c2_server.config.keep_alive_frequency is 10
# Now skipping 9 time steps to confirm keep alive inactivity
for i in range(9):

2
tests/unit_tests/_primaite/_simulator/_system/_services/test_services.py
View File

@@ -148,7 +148,7 @@ def test_service_fixing(service):
service.fix()
assert service.health_state_actual == SoftwareHealthState.FIXING
for i in range(service.fixing_duration + 1):
for i in range(service.config.fixing_duration + 1):
service.apply_timestep(i)
assert service.health_state_actual == SoftwareHealthState.GOOD

10
tests/unit_tests/_primaite/_simulator/_system/test_software.py
View File

@@ -2,6 +2,7 @@
from typing import Dict
import pytest
from pydantic import Field
from primaite.simulator.system.core.sys_log import SysLog
from primaite.simulator.system.services.service import Service
@@ -10,7 +11,14 @@ from primaite.utils.validation.ip_protocol import PROTOCOL_LOOKUP
from primaite.utils.validation.port import PORT_LOOKUP
class TestSoftware(Service):
class TestSoftware(Service, identifier="TestSoftware"):
class ConfigSchema(Service.ConfigSchema):
"""ConfigSChema for TestSoftware."""
type: str = "TestSoftware"
config: "TestSoftware.ConfigSchema" = Field(default_factory=lambda: TestSoftware.ConfigSchema())
def describe_state(self) -> Dict:
pass