-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy pathexample_task_configuration.yaml
More file actions
57 lines (53 loc) · 1.81 KB
/
example_task_configuration.yaml
File metadata and controls
57 lines (53 loc) · 1.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Example of the task configuration for NetSecGame
# The objective of the Attacker in this task is to locate specific data
# and exfiltrate it to a remote C&C server.
# The scenario starts AFTER initial breach of the local network
# (the attacker controls 1 local device + the remote C&C server).
coordinator:
agents:
Attacker: # Configuration of 'Attacker' agents
max_steps: 50
goal:
description: "Exfiltrate data from Samba server to remote C&C server (213.47.23.195)."
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {213.47.23.195: [[User1,DataFromServer1]]} # winning condition
known_blocks: {}
start_position: # Defined starting position of the attacker
known_networks: []
known_hosts: []
controlled_hosts: [213.47.23.195, 192.168.1.1] #
known_services: {}
known_data: {}
known_blocks: {}
Defender:
goal:
description: "Block all attackers"
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {}
known_blocks: {213.47.23.195: 'all_attackers'}
start_position:
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {}
blocked_ips: {}
known_blocks: {}
env:
scenario: 'two_networks_tiny' # use the smallest topology for this example
use_global_defender: False # Do not use global SIEM Defender
use_dynamic_addresses: True # Do not randomize IP addresses
use_firewall: True # Use firewall
save_trajectories: False # Do not store trajectories
required_players: 1
rewards: # Configurable reward function
success: 100
step: -1
fail: -10
false_positive: -5