Giters

mitre-atlas / arsenal

CALDERA plugin for adversary emulation of AI-enabled systems

Home Page:https://mitre-atlas.github.io/arsenal/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

caldera-plugincybersecuritymachine-learning

CALDERA plugin: Arsenal

Arsenal is a plugin developed for adversary emulation of AI-enabled systems. This plugin will provide TTPs defined in MITRE ATLAS to interface with CALDERA.

Read the full documentation

For ml-attack-staging and ml-model-access abilities (see list below), additional information and examples on using these abilities are detailed in the arsenal/docs/ folder.

JUNE 2023 included abilities:

  • Discover remote services
  • Discover local services
  • Discover available network services
  • Search and stage Tensorflow model files/checkpoints
  • Discover ML specific services - Torchserve
  • Discover GPUs on a system
  • Stage a local image for classification
  • Install ML-related tools (on C2-server or victim system): Python, Microsoft Counterfit, Tensorflow-CPU, Tesorflow-GPU
  • Gain API access to a served model (Torchserve)
  • Build a custom Microsoft Counterfit target and stage an attack

JUNE 2023 included Adversaries:

  • "Tensormancer" - Discover a Tensorflow model or checkpoint and stage an image for classification
  • Exfiltrate a model or checkpoint file
  • Stage an adversarial ML attack on a discovered ML model or service using Microsoft Counterfit library

Usage

System requirements:

  • Ubuntu 18.04 or 20.04

  • Python version 3.7+

    Plugin Dependencies:

    • Caldera Stockpile: Some Arsenal abilities and adversaries require addition TTPs and requirements include in the Caldera Stockpile. A version more recent than this commit is required for these capabilities: Stockpile.
    • Microsoft Counterfit: a required dependency to create and run adversarial machine learning attacks. This dependency is used by the Build and Attack a Custom CFTarget ability and its payload.
      • If following the Installation with Caldera, this dependency is installed automatically on the C2 server (host).
      • It can also be installed locally using the requirements.txt located in this repository or installed on remote machines using the Install Counterfit ability.

Installation with CALDERA*:

  1. Navigate to caldera-atlas repository and follow steps for installation and setup.

  2. Navigate to the UI: localhost:8888

    *arsenal is not yet a default CALDERA plugin, therefore there are additional steps to include this plugin into the app.

Contact us atlas@mitre.org

overview

About

CALDERA plugin for adversary emulation of AI-enabled systems

https://mitre-atlas.github.io/arsenal/

caldera-plugincybersecuritymachine-learning

License:Apache License 2.0

Languages

Language:Python 79.1%Language:Shell 13.8%Language:HTML 7.1%