51be271928
Please run some of these changes locally. Read the notebook, check that it makes sense, and run the code cells to see if they produce the result you expect. ## Summary Apologies that all these fixes are part of 1 massive PR instead of individual PRs. I thought it was going to be a quick job and it spiralled out of control. Changes: - Fixed a bug where ACL rules were not resetting on episode reset. - Fixed a bug where blue agent's ACL actions were being applied against the wrong IP addresses - Fixed a bug where deleted files and folders did not reset correctly on episode reset. - Fixed a bug where service health status was using the actual health state instead of the visible health state - Fixed a bug where the database file health status was using the incorrect value for negative rewards - Fixed a bug preventing file actions from reaching their intended file - Made database patch correctly take 2 timesteps instead of being immediate - Made database patch only possible when the software is compromised or good, it's no longer possible when the software is OFF or RESETTING - Temporarily disable the blue agent file delete action due to crashes. This issue is resolved in another branch that will be merged into dev soon. - Fix a bug where ACLs were not showing up correctly in the observation space. - Added a recap of agent actions to the `info` output of `step()` - Added a notebook which explains UC2, demonstrates the attack, and shows off blue agent's action space, observation space, and reward function. ## Test process New notebook verifies end-to-end UC2 functionality. ## Checklist - [y] PR is linked to a **work item** - [y] **acceptance criteria** of linked ticket are met - [y] performed **self-review** of the code - [~] written **tests** for any new functionality added with this PR - [y] updated the **documentation** if this PR changes or adds functionality - [n] written/updated **design docs** if this PR implements new functionality - [y] updated the **change log** - [y] ran **pre-commit** checks for code style - [y] attended to any **TO-DOs** left in the code Related work items: #2208, #2218, #2219, #2220
PrimAITE
The ARCD Primary-level AI Training Environment (PrimAITE) provides an effective simulation capability for the purposes of training and evaluating AI in a cyber-defensive role. It incorporates the functionality required of a primary-level ARCD environment, which includes:
-
The ability to model a relevant platform / system context;
-
The ability to model key characteristics of a platform / system by representing connections, IP addresses, ports, traffic loading, operating systems and services;
-
Operates at machine-speed to enable fast training cycles.
PrimAITE presents the following features:
-
Highly configurable (via YAML files) to provide the means to model a variety of platform / system laydowns and adversarial attack scenarios;
-
A Reinforcement Learning (RL) reward function based on (a) the ability to counter the specific modelled adversarial cyber-attack, and (b) the ability to ensure success;
-
Provision of logging to support AI evaluation and metrics gathering;
-
Realistic network traffic simulation, including address and sending packets via internet protocols like TCP, UDP, ICMP, and others
-
Routers with traffic routing and firewall capabilities
-
Support for multiple agents, each having their own customisable observation space, action space, and reward function definition, and either deterministic or RL-directed behaviour
Getting Started with PrimAITE
💫 Install & Run
PrimAITE is designed to be OS-agnostic, and thus should work on most variations/distros of Linux, Windows, and MacOS. Currently, the PrimAITE wheel can only be installed from GitHub. This may change in the future with release to PyPi.
Windows (PowerShell)
Prerequisites:
- Manual install of Python >= 3.8 < 3.11
Install:
mkdir ~\primaite
cd ~\primaite
python3 -m venv .venv
attrib +h .venv /s /d # Hides the .venv directory
.\.venv\Scripts\activate
pip install https://github.com/Autonomous-Resilient-Cyber-Defence/PrimAITE/releases/download/v2.0.0/primaite-2.0.0-py3-none-any.whl
primaite setup
Run:
primaite session
Unix
Prerequisites:
- Manual install of Python >= 3.8 < 3.11
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt install python3.10
sudo apt-get install python3-pip
sudo apt-get install python3-venv
Install:
mkdir ~/primaite
cd ~/primaite
python3 -m venv .venv
source .venv/bin/activate
pip install https://github.com/Autonomous-Resilient-Cyber-Defence/PrimAITE/releases/download/v2.0.0/primaite-2.0.0-py3-none-any.whl
primaite setup
Run:
primaite session
Developer Install from Source
To make your own changes to PrimAITE, perform the install from source (developer install)
1. Clone the PrimAITE repository
git clone git@github.com:Autonomous-Resilient-Cyber-Defence/PrimAITE.git
2. CD into the repo directory
cd PrimAITE
3. Create a new python virtual environment (venv)
python3 -m venv venv
4. Activate the venv
Unix
source venv/bin/activate
Windows (Powershell)
.\venv\Scripts\activate
5. Install primaite with the dev extra into the venv along with all of it's dependencies
python3 -m pip install -e .[dev]
6. Perform the PrimAITE setup:
primaite setup
📚 Building documentation
The PrimAITE documentation can be built with the following commands:
Unix
cd docs
make html
Windows (Powershell)
cd docs
.\make.bat html