In [None]:
import harmat as hm

# initialise the harm
h = hm.Harm()

# create the top layer of the harm
# top_layer refers to the top layer of the harm
h.top_layer = hm.AttackGraph()

# we will create 5 nodes and connect them in some way
# first we create some nodes
hosts = [hm.Host("Host {}".format(i)) for i in range(5)]
# then we will make a basic attack tree for each
for host in hosts:
    host.lower_layer = hm.AttackTree()
    # We will make two vulnerabilities and give some metrics
    vulnerability1 = hm.Vulnerability('CVE-0000', values = {
        'risk' : 10,
        'cost' : 4,
        'probability' : 0.5,
        'impact' : 12
    })
    vulnerability2 = hm.Vulnerability('CVE-0001', values = {
        'risk' : 1,
        'cost' : 5,
        'probability' : 0.2,
        'impact' : 2
    })
    # basic_at creates just one OR gate and puts all vulnerabilites
    # the children nodes
    host.lower_layer.basic_at([vulnerability1, vulnerability2])
    
# Now we will create an Attacker. This is not a physical node but it exists to describe
# the potential entry points of attackers.
attacker = hm.Attacker() 

# To add edges we simply use the add_edge function
# here h[0] refers to the top layer
# add_edge(A,B) creates a uni-directional from A -> B.
h[0].add_edge(attacker, hosts[0]) 
h[0].add_edge(hosts[0], hosts[3])
h[0].add_edge(hosts[1], hosts[0])
h[0].add_edge(hosts[0], hosts[2])
h[0].add_edge(hosts[3], hosts[4])
h[0].add_edge(hosts[3], hosts[2])


# Now we set the attacker and target
h[0].source = attacker
h[0].target = hosts[4]

# do some flow up
h.flowup()

# Now we will run some metrics
hm.HarmSummary(h).show()

In [6]:
import harmat as hm

h = hm.Harm()

h.top_layer = hm.AttackGraph()

hosts = [hm.Host("Host {}".format(i)) for i in range(2)]

for host in hosts:
    host.lower_layer = hm.AttackTree()
    vulnerability1 = hm.Vulnerability('CVE-0000', values = {
        'risk' : 4,
        'cost' : 2,
        'probability' : 0.4,
        'impact' : 10
    })
    vulnerability2 = hm.Vulnerability('CVE-0001', values = {
        'risk' : 1,
        'cost' : 5,
        'probability' : 0.5,
        'impact' : 2
    })
    host.lower_layer.basic_at([vulnerability1, vulnerability2])
    
attacker = hm.Attacker() 

h[0].add_edge(attacker, hosts[0]) 
h[0].add_edge(hosts[0], hosts[1])
h[0].add_edge(attacker, hosts[1]) 

h[0].source = attacker
h[0].target = hosts[1]

h.flowup()

hm.HarmSummary(h).show()

Metrics                                      Values
-----------------------------------------  --------
Number of hosts                            3
Risk                                       8
Cost                                       2
Mean of attack path lengths                1.5
Mode of attack path lengths                2
Standard Deviation of attack path lengths  0.707107
Shortest attack path length                1
Return on Attack                           4
Density                                    0.5
Probability of attack success              0.7


In [None]:
# 3 个 node 的情况
# attacker tree 默认
# attacker->node->target
# attacker->target

import harmat as hm

h = hm.Harm()

h.top_layer = hm.AttackGraph()

hosts = [hm.Host("Host {}".format(i)) for i in range(2)]
print(hosts)

for host in hosts:
    host.lower_layer = hm.AttackTree()
    vulnerability1 = hm.Vulnerability('CVE-0000', values = {
        'risk' : 10,
        'cost' : 4,
        'probability' : 0.5,
        'impact' : 12
    })
    vulnerability2 = hm.Vulnerability('CVE-0001', values = {
        'risk' : 1,
        'cost' : 5,
        'probability' : 0.2,
        'impact' : 2
    })
    host.lower_layer.basic_at([vulnerability1, vulnerability2])
    
attacker = hm.Attacker() 

h[0].add_edge(attacker, hosts[0]) 
h[0].add_edge(hosts[0], hosts[1])
h[0].add_edge(attacker, hosts[1]) 

h[0].source = attacker
h[0].target = hosts[1]

h.flowup()

hm.HarmSummary(h).show()
# 没有basic at
# [Host:Host 0, Host:Host 1]
# Metrics                                      Values
# -----------------------------------------  --------
# Number of hosts                            3
# Risk                                       2
# Cost                                       1
# Mean of attack path lengths                1.5
# Mode of attack path lengths                2
# Standard Deviation of attack path lengths  0.707107
# Shortest attack path length                1
# Return on Attack                           2
# Density                                    0.5
# Probability of attack success              1

[Host:Host 0, Host:Host 1]
Metrics                                       Values
-----------------------------------------  ---------
Number of hosts                             3
Risk                                       20
Cost                                        4
Mean of attack path lengths                 1.5
Mode of attack path lengths                 2
Standard Deviation of attack path lengths   0.707107
Shortest attack path length                 1
Return on Attack                            5
Density                                     0.5
Probability of attack success               0.6


In [13]:
# 3 个 node 的情况

import harmat as hm
h = hm.Harm()
h.top_layer = hm.AttackGraph()

hosts = [hm.Host("Host {}".format(i)) for i in range(2)]

for host in hosts:
    host.lower_layer = hm.AttackTree()
    vulnerability1 = hm.Vulnerability('CVE-0000', values = {
        'risk' : 4,
        'cost' : 2,
        'probability' : 0.4,
        'impact' : 10
    })
    # host.lower_layer.basic_at([vulnerability1])
    
attacker = hm.Attacker() 

h[0].add_edge(attacker, hosts[0]) 
h[0].add_edge(hosts[0], hosts[1])
h[0].add_edge(attacker, hosts[1]) 

h[0].source = attacker
h[0].target = hosts[1]

h.flowup()

hm.HarmSummary(h).show()

Metrics                                      Values
-----------------------------------------  --------
Number of hosts                            3
Risk                                       2
Cost                                       1
Mean of attack path lengths                1.5
Mode of attack path lengths                2
Standard Deviation of attack path lengths  0.707107
Shortest attack path length                1
Return on Attack                           2
Density                                    0.5
Probability of attack success              1


In [5]:
# attacker - > host
# 没有设置attack tree

import harmat as hm
h = hm.Harm()
h.top_layer = hm.AttackGraph()

hosts = [hm.Host("Host {}".format(i)) for i in range(1)]

attacker = hm.Attacker() 

h[0].add_edge(attacker, hosts[0]) 

h[0].source = attacker
h[0].target = hosts[0]

# h.flowup()

hm.HarmSummary(h).show()


Metrics                                      Values
-----------------------------------------  --------
Number of hosts                                 2
Risk                                            1
Cost                                            1
Mean of attack path lengths                     1
Mode of attack path lengths                     1
Standard Deviation of attack path lengths       0
Shortest attack path length                     1
Return on Attack                                1
Density                                         0.5
Probability of attack success                   1


In [10]:
# attacker->target

import harmat as hm
h = hm.Harm()
h.top_layer = hm.AttackGraph()

hosts = [hm.Host("Host {}".format(i)) for i in range(1)]

for host in hosts:
    host.lower_layer = hm.AttackTree()
    vulnerability1 = hm.Vulnerability('CVE-0000', values = {
        'risk' : 4,
        'cost' : 2,
        'probability' : 0.4,
        'impact' : 10
    })
    host.lower_layer.at_add_node(vulnerability1)
    # vulnerability2 = hm.Vulnerability('CVE-0001', values = {
    #     'risk' : 8,
    #     'cost' : 2,
    #     'probability' : 0.8,
    #     'impact' : 10
    # })
    # host.lower_layer.basic_at([vulnerability1])
    
attacker = hm.Attacker() 

h[0].add_edge(attacker, hosts[0]) 

h[0].source = attacker
h[0].target = hosts[0]

h.flowup()

hm.HarmSummary(h).show()

# 没有连接root
# Metrics                                      Values
# -----------------------------------------  --------
# Number of hosts                                 2
# Risk                                            1
# Cost                                            1
# Mean of attack path lengths                     1
# Mode of attack path lengths                     1
# Standard Deviation of attack path lengths       0
# Shortest attack path length                     1
# Return on Attack                                1
# Density                                         0.5
# Probability of attack success                   1

Metrics                                      Values
-----------------------------------------  --------
Number of hosts                                 2
Risk                                            4
Cost                                            2
Mean of attack path lengths                     1
Mode of attack path lengths                     1
Standard Deviation of attack path lengths       0
Shortest attack path length                     1
Return on Attack                                2
Density                                         0.5
Probability of attack success                   0.4


In [None]:
# 直接把vul加到host上, 用self.at_add_node(vul)