First version of the payload replay concealment

Critical-Infrastructure-Systems-Lab · Jan 19, 2023 · c888b2c · c888b2c
1 parent e2b6c96
commit c888b2c
Show file tree

Hide file tree

Showing 11 changed files with 274 additions and 0 deletions.
diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_06.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_06.yaml
@@ -0,0 +1,11 @@
+inp_file: ctown_map.inp
+iterations: 2880
+network_topology_type: complex
+plcs: !include ctown_plcs.yaml
+log_level: debug
+simulator: epynet
+demand: pdd
+output_path: attack_output_06
+demand_patterns: events/demands_ctown_01.csv
+initial_tank_data: events/tanks_ctown_01.csv
+attacks: !include dataset_attacks/attack_06.yaml
diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_07.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_07.yaml
@@ -0,0 +1,11 @@
+inp_file: ctown_map.inp
+iterations: 2880
+network_topology_type: complex
+plcs: !include ctown_plcs.yaml
+log_level: debug
+simulator: epynet
+demand: pdd
+output_path: attack_output_07
+demand_patterns: events/demands_ctown_01.csv
+initial_tank_data: events/tanks_ctown_01.csv
+attacks: !include dataset_attacks/attack_07.yaml
diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_08.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_08.yaml
@@ -0,0 +1,11 @@
+inp_file: ctown_map.inp
+iterations: 2880
+network_topology_type: complex
+plcs: !include ctown_plcs.yaml
+log_level: debug
+simulator: epynet
+demand: pdd
+output_path: attack_output_08
+demand_patterns: events/demands_ctown_01.csv
+initial_tank_data: events/tanks_ctown_01.csv
+attacks: !include dataset_attacks/attack_08.yaml
diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_09.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_09.yaml
@@ -0,0 +1,11 @@
+inp_file: ctown_map.inp
+iterations: 2880
+network_topology_type: complex
+plcs: !include ctown_plcs.yaml
+log_level: debug
+simulator: epynet
+demand: pdd
+output_path: attack_output_09
+demand_patterns: events/demands_ctown_01.csv
+initial_tank_data: events/tanks_ctown_01.csv
+attacks: !include dataset_attacks/attack_09.yaml
diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml
@@ -0,0 +1,11 @@
+inp_file: ctown_map.inp
+iterations: 2880
+network_topology_type: complex
+plcs: !include ctown_plcs.yaml
+log_level: debug
+simulator: epynet
+demand: pdd
+output_path: attack_output_10
+demand_patterns: events/demands_ctown_01.csv
+initial_tank_data: events/tanks_ctown_01.csv
+attacks: !include dataset_attacks/attack_10.yaml
diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_06.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_06.yaml
@@ -0,0 +1,54 @@
+network_attacks:
+- name: plc5attack1
+  type: concealment_mitm
+  tags:
+    - tag: PU10
+      offset: 0.0
+    - tag: PU11
+      offset: 0.0
+    - tag: PU10F
+      offset: 0.0
+    - tag: PU11F
+      offset: 0.0
+  target: PLC5
+  concealment_data:
+    type: payload_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+- name: plc9attack
+  type: concealment_mitm
+  tags:
+    - tag: T7
+      offset: 0.0
+  target: PLC9
+  concealment_data:
+    type: payload_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+device_attacks:
+- actuator: PU10
+  command: closed
+  name: plc5attack2
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
+- actuator: PU11
+  command: closed
+  name: plc5attack3
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_07.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_07.yaml
@@ -0,0 +1,54 @@
+network_attacks:
+- name: plc5attack1
+  type: concealment_mitm
+  tags:
+    - tag: PU10
+      offset: 0.0
+    - tag: PU11
+      offset: 0.0
+    - tag: PU10F
+      offset: 0.0
+    - tag: PU11F
+      offset: 0.0
+  target: PLC5
+  concealment_data:
+    type: network_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+- name: plc9attack
+  type: concealment_mitm
+  tags:
+    - tag: T7
+      offset: 0.0
+  target: PLC9
+  concealment_data:
+    type: network_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+device_attacks:
+- actuator: PU10
+  command: closed
+  name: plc5attack2
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
+- actuator: PU11
+  command: closed
+  name: plc5attack3
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_08.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_08.yaml
@@ -0,0 +1,38 @@
+network_attacks:
+- name: plc9attack
+  type: concealment_mitm
+  tags:
+    - tag: T7
+      offset: 5.0
+  target: PLC9
+  concealment_data:
+    type: payload_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+- name: plc5attack
+  type: concealment_mitm
+  tags:
+    - tag: PU10
+      offset: 0.0
+    - tag: PU11
+      offset: 0.0
+    - tag: PU10F
+      offset: 0.0
+    - tag: PU11F
+      offset: 0.0
+  target: PLC5
+  concealment_data:
+    type: payload_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_09.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_09.yaml
@@ -0,0 +1,38 @@
+network_attacks:
+- name: plc9attack
+  type: concealment_mitm
+  tags:
+    - tag: T7
+      offset: 5.0
+  target: PLC9
+  concealment_data:
+    type: network_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
+
+- name: plc5attack
+  type: concealment_mitm
+  tags:
+    - tag: PU10
+      offset: 0.0
+    - tag: PU11
+      offset: 0.0
+    - tag: PU10F
+      offset: 0.0
+    - tag: PU11F
+      offset: 0.0
+  target: PLC5
+  concealment_data:
+    type: network_replay
+    capture_start: 300
+    capture_end: 672
+    replay_start: 1440
+  trigger:
+    start: 295
+    end: 1820
+    type: time
diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_10.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_10.yaml
@@ -0,0 +1,17 @@
+network_attacks:
+- name: plc9attack
+  type: mitm
+  target: PLC9
+  tag: T7
+  offset: 4.5
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
+
+- name: plc9conceal
+  type: unconstrained_blackbox_concealment_mitm
+  trigger:
+    start: 1440
+    end: 1812
+    type: time
diff --git a/examples/example/example_attack.yaml b/examples/example/example_attack.yaml
@@ -0,0 +1,18 @@
+network_attacks:
+- name: plc4attack
+  type: concealment_mitm
+  tags:
+    - tag: T3
+      offset: 10.0
+    - tag: T4
+      offset: 10.0
+  target: PLC4
+  concealment_data:
+    type: payload_replay
+    capture_start: 10
+    capture_end: 20
+    replay_start: 30
+  trigger:
+    start: 10
+    end: 50
+    type: time