264 lines
6.1 KiB
YAML
264 lines
6.1 KiB
YAML
# Basic Switched network
|
|
#
|
|
# -------------- -------------- --------------
|
|
# | client_1 |------| switch_1 |------| client_2 |
|
|
# -------------- -------------- --------------
|
|
#
|
|
io_settings:
|
|
save_step_metadata: false
|
|
save_pcap_logs: true
|
|
save_sys_logs: true
|
|
sys_log_level: WARNING
|
|
|
|
|
|
game:
|
|
max_episode_length: 256
|
|
ports:
|
|
- ARP
|
|
- DNS
|
|
- HTTP
|
|
- POSTGRES_SERVER
|
|
protocols:
|
|
- ICMP
|
|
- TCP
|
|
- UDP
|
|
|
|
agents:
|
|
- ref: client_2_green_user
|
|
team: GREEN
|
|
type: ProbabilisticAgent
|
|
observation_space: null
|
|
action_space:
|
|
action_list:
|
|
- type: DONOTHING
|
|
- type: NODE_APPLICATION_EXECUTE
|
|
action_map:
|
|
0:
|
|
action: DONOTHING
|
|
options: {}
|
|
1:
|
|
action: NODE_APPLICATION_EXECUTE
|
|
options:
|
|
node_id: 0
|
|
application_id: 0
|
|
options:
|
|
nodes:
|
|
- node_name: client_2
|
|
applications:
|
|
- application_name: WebBrowser
|
|
max_folders_per_node: 1
|
|
max_files_per_folder: 1
|
|
max_services_per_node: 1
|
|
max_applications_per_node: 1
|
|
|
|
reward_function:
|
|
reward_components:
|
|
- type: DUMMY
|
|
|
|
agent_settings:
|
|
start_settings:
|
|
start_step: 5
|
|
frequency: 4
|
|
variance: 3
|
|
|
|
|
|
|
|
- ref: defender
|
|
team: BLUE
|
|
type: ProxyAgent
|
|
|
|
observation_space:
|
|
type: CUSTOM
|
|
options:
|
|
components:
|
|
- type: NODES
|
|
label: NODES
|
|
options:
|
|
hosts:
|
|
- hostname: client_1
|
|
- hostname: client_2
|
|
- hostname: client_3
|
|
num_services: 1
|
|
num_applications: 0
|
|
num_folders: 1
|
|
num_files: 1
|
|
num_nics: 2
|
|
include_num_access: false
|
|
monitored_traffic:
|
|
icmp:
|
|
- NONE
|
|
tcp:
|
|
- DNS
|
|
include_nmne: false
|
|
routers:
|
|
- hostname: router_1
|
|
num_ports: 0
|
|
ip_list:
|
|
- 192.168.10.21
|
|
- 192.168.10.22
|
|
- 192.168.10.23
|
|
wildcard_list:
|
|
- 0.0.0.1
|
|
port_list:
|
|
- 80
|
|
- 5432
|
|
protocol_list:
|
|
- ICMP
|
|
- TCP
|
|
- UDP
|
|
num_rules: 10
|
|
|
|
- type: LINKS
|
|
label: LINKS
|
|
options:
|
|
link_references:
|
|
- switch_1:eth-1<->client_1:eth-1
|
|
- switch_1:eth-2<->client_2:eth-1
|
|
- type: "NONE"
|
|
label: ICS
|
|
options: {}
|
|
|
|
action_space:
|
|
action_list:
|
|
- type: DONOTHING
|
|
|
|
action_map:
|
|
0:
|
|
action: DONOTHING
|
|
options: {}
|
|
options:
|
|
nodes:
|
|
- node_name: switch
|
|
- node_name: client_1
|
|
- node_name: client_2
|
|
- node_name: client_3
|
|
max_folders_per_node: 2
|
|
max_files_per_folder: 2
|
|
max_services_per_node: 2
|
|
max_nics_per_node: 8
|
|
max_acl_rules: 10
|
|
ip_list:
|
|
- 192.168.10.21
|
|
- 192.168.10.22
|
|
- 192.168.10.23
|
|
|
|
reward_function:
|
|
reward_components:
|
|
- type: DATABASE_FILE_INTEGRITY
|
|
weight: 0.5
|
|
options:
|
|
node_hostname: database_server
|
|
folder_name: database
|
|
file_name: database.db
|
|
|
|
|
|
- type: WEB_SERVER_404_PENALTY
|
|
weight: 0.5
|
|
options:
|
|
node_hostname: web_server
|
|
service_name: web_server_web_service
|
|
|
|
|
|
agent_settings:
|
|
flatten_obs: true
|
|
|
|
simulation:
|
|
network:
|
|
nodes:
|
|
|
|
- type: switch
|
|
hostname: switch_1
|
|
num_ports: 8
|
|
|
|
- hostname: client_1
|
|
type: computer
|
|
ip_address: 192.168.10.21
|
|
subnet_mask: 255.255.255.0
|
|
default_gateway: 192.168.10.1
|
|
dns_server: 192.168.1.10
|
|
applications:
|
|
- type: NMAP
|
|
options:
|
|
fix_duration: 1
|
|
- type: RansomwareScript
|
|
options:
|
|
fix_duration: 1
|
|
- type: WebBrowser
|
|
options:
|
|
target_url: http://arcd.com/users/
|
|
fix_duration: 1
|
|
- type: DatabaseClient
|
|
options:
|
|
db_server_ip: 192.168.1.10
|
|
server_password: arcd
|
|
fix_duration: 1
|
|
- type: DataManipulationBot
|
|
options:
|
|
port_scan_p_of_success: 0.8
|
|
data_manipulation_p_of_success: 0.8
|
|
payload: "DELETE"
|
|
server_ip: 192.168.1.21
|
|
server_password: arcd
|
|
fix_duration: 1
|
|
- type: DoSBot
|
|
options:
|
|
target_ip_address: 192.168.10.21
|
|
payload: SPOOF DATA
|
|
port_scan_p_of_success: 0.8
|
|
fix_duration: 1
|
|
services:
|
|
- type: DNSClient
|
|
options:
|
|
fix_duration: 3
|
|
- type: DNSServer
|
|
options:
|
|
fix_duration: 3
|
|
domain_mapping:
|
|
arcd.com: 192.168.1.10
|
|
- type: DatabaseService
|
|
options:
|
|
backup_server_ip: 192.168.1.10
|
|
fix_duration: 3
|
|
- type: WebServer
|
|
options:
|
|
fix_duration: 3
|
|
- type: FTPClient
|
|
options:
|
|
fix_duration: 3
|
|
- type: FTPServer
|
|
options:
|
|
server_password: arcd
|
|
fix_duration: 3
|
|
- type: NTPClient
|
|
options:
|
|
ntp_server_ip: 192.168.1.10
|
|
fix_duration: 3
|
|
- type: NTPServer
|
|
options:
|
|
fix_duration: 3
|
|
- hostname: client_2
|
|
type: computer
|
|
ip_address: 192.168.10.22
|
|
subnet_mask: 255.255.255.0
|
|
default_gateway: 192.168.10.1
|
|
dns_server: 192.168.1.10
|
|
applications:
|
|
- type: DatabaseClient
|
|
options:
|
|
db_server_ip: 192.168.1.10
|
|
server_password: arcd
|
|
services:
|
|
- type: DNSClient
|
|
|
|
links:
|
|
- endpoint_a_hostname: switch_1
|
|
endpoint_a_port: 1
|
|
endpoint_b_hostname: client_1
|
|
endpoint_b_port: 1
|
|
bandwidth: 200
|
|
- endpoint_a_hostname: switch_1
|
|
endpoint_a_port: 2
|
|
endpoint_b_hostname: client_2
|
|
endpoint_b_port: 1
|
|
bandwidth: 200
|