Coder Social home page Coder Social logo

mitre-atlas / arsenal Goto Github PK

View Code? Open in Web Editor NEW
74.0 2.0 8.0 17 MB

CALDERA plugin for adversary emulation of AI-enabled systems

Home Page: https://mitre-atlas.github.io/arsenal/

License: Apache License 2.0

Python 79.10% Shell 13.80% HTML 7.10%
caldera-plugin cybersecurity machine-learning

arsenal's Introduction

CALDERA plugin: Arsenal

Arsenal is a plugin developed for adversary emulation of AI-enabled systems. This plugin will provide TTPs defined in MITRE ATLAS to interface with CALDERA.

Read the full documentation

For ml-attack-staging and ml-model-access abilities (see list below), additional information and examples on using these abilities are detailed in the arsenal/docs/ folder.

JUNE 2023 included abilities:

  • Discover remote services
  • Discover local services
  • Discover available network services
  • Search and stage Tensorflow model files/checkpoints
  • Discover ML specific services - Torchserve
  • Discover GPUs on a system
  • Stage a local image for classification
  • Install ML-related tools (on C2-server or victim system): Python, Microsoft Counterfit, Tensorflow-CPU, Tesorflow-GPU
  • Gain API access to a served model (Torchserve)
  • Build a custom Microsoft Counterfit target and stage an attack

JUNE 2023 included Adversaries:

  • "Tensormancer" - Discover a Tensorflow model or checkpoint and stage an image for classification
  • Exfiltrate a model or checkpoint file
  • Stage an adversarial ML attack on a discovered ML model or service using Microsoft Counterfit library

Usage

System requirements:

  • Ubuntu 18.04 or 20.04

  • Python version 3.7+

    Plugin Dependencies:

    • Caldera Stockpile: Some Arsenal abilities and adversaries require addition TTPs and requirements include in the Caldera Stockpile. A version more recent than this commit is required for these capabilities: Stockpile.
    • Microsoft Counterfit: a required dependency to create and run adversarial machine learning attacks. This dependency is used by the Build and Attack a Custom CFTarget ability and its payload.
      • If following the Installation with Caldera, this dependency is installed automatically on the C2 server (host).
      • It can also be installed locally using the requirements.txt located in this repository or installed on remote machines using the Install Counterfit ability.

Installation with CALDERA*:

  1. Navigate to caldera-atlas repository and follow steps for installation and setup.

  2. Navigate to the UI: localhost:8888

    *arsenal is not yet a default CALDERA plugin, therefore there are additional steps to include this plugin into the app.

Contact us [email protected]

overview

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.