Implement attacker security prioritization (type)

sei-awhisnant · sei-awhisnant · commit 7ee019eaa0d6 · 2021-04-15T13:43:29.000-04:00
diff --git a/README.md b/README.md
@@ -102,6 +102,12 @@ optional arguments:
   --verbose, -v         v for basic status, vv for detailed status
 ```
 
+## Simulation Details
+
+### Model
+
+- *type* - the player's prioritization of the security triad (Confidentiality, Integrity, Availability). For example, a defender listed as type, "CIA", prioritizes confidentiality the most and availability the least. An attacker listed as, "CIA", prioritizes espionage the highest (breaking confidentiality) and disrpution/denial (breaking availability) the least.
+
 ## License
 
 Copyright 2020 Carnegie Mellon University. See the [LICENSE.md](LICENSE.md) file for details.
diff --git a/cdas/agents.py b/cdas/agents.py
@@ -145,12 +145,34 @@ def __init__(
                 date.today().toordinal()))
 
             motivations = list(np.random.choice(
-                stix['attack-motivation'], np.random.randint(2, 4),
-                replace=False))
+                list(stix['attack-motivation'].keys()),
+                np.random.randint(2, 4), replace=False))
             self.primary_motivation = str(motivations[0])
             self.secondary_motivations = motivations[1:]
             self.goals = list(np.random.choice(
-                stix['goals'], np.random.randint(2, 4), False))
+                list(stix['goals'].keys()), np.random.randint(2, 4), False))
+            # player type (prioritization of Confidentiality, Integrity,
+            # Availability)
+            cia = {'C': 0, 'I': 0, 'A': 0}
+            for m in motivations:
+                try:
+                    cia[stix['attack-motivation'][m][0]] += 3
+                except IndexError:
+                    pass
+                try:
+                    cia[stix['attack-motivation'][m][1]] += 2
+                except IndexError:
+                    pass
+                try:
+                    cia[stix['attack-motivation'][m][2]] += 1
+                except IndexError:
+                    pass
+            for g in self.goals:
+                cia[stix['goals'][g][0]] += 3
+                cia[stix['goals'][g][1]] += 2
+                cia[stix['goals'][g][2]] += 1
+            self.priority = ''.join([item[0] for item in sorted(
+                cia.items(), key=lambda i: i[1], reverse=True)])
 
     def create_fake_history(
             self, relationships, tools, malwares, ttps, sophistication):
diff --git a/cdas/assets/vocabulary.json b/cdas/assets/vocabulary.json
@@ -1,9 +1,16 @@
 {
     "attack-motivation_notes": "source: STIX 2.0; \"accidental\" removed from attack-motivation",
-    "attack-motivation": [
-        "coercion", "dominance", "ideology", "notoriety", "organizational gain",
-        "personal gain", "personal satisfaction", "revenge", "unpredictable"
-    ],
+    "attack-motivation": {
+        "coercion": "",
+        "dominance": "",
+        "ideology": "AIC",
+        "notoriety": "AIC",
+        "organizational gain": "C",
+        "personal gain": "C",
+        "personal satisfaction": "",
+        "revenge": "IAC",
+        "unpredictable": ""
+    },
     "threat-actor-sophistication_notes": "source: STIX 2.0",
     "threat-actor-sophistication": {
         "strategic":1,
@@ -82,18 +89,18 @@
         "Snail","Snake","Sparrow","Squirrel","Tiger","Tortoise","Toucan",
         "Turkey","Wolf","Yak","Zebra"
     ],
-    "goals": [
-        "steal financial information",
-        "steal money",
-        "steal PII",
-        "steal intellectual property",
-        "embarass ememy states",
-        "obtain state secrets", 
-        "establish and maintain strategic access",
-        "manipulate other nation's economies",
-        "manipulate geopolitical siutations",
-        "display military prowess",
-        "disrupt operations",
-        "coerce victims"
-    ]
+    "goals": {
+        "steal financial information": "CIA",
+        "steal money": "CIA",
+        "steal PII": "CIA",
+        "steal intellectual property": "CIA",
+        "embarass ememy states": "AIC",
+        "obtain state secrets": "CIA",
+        "establish and maintain strategic access": "IAC",
+        "manipulate other nation's economies": "IAC",
+        "manipulate geopolitical siutations": "IAC",
+        "display military prowess": "AIC",
+        "disrupt operations": "AIC",
+        "coerce victims": "ICA"
+    }
 }
