updating documents

README.md

@@ -1,8 +1,8 @@
 # MTDSimTime
 
-A research project on the simulation and evaluation of moving target defense in the time domain.
+A time-based simulator used for evaluating Moving Target Defence (MTD) techniques.
 
-## Setup this project
+## Getting Started:
 
 1. Installing [conda](https://conda.io/projects/conda/en/latest/user-guide/install/index.html)
 2. Creating conda environment
@@ -13,71 +13,30 @@ A research project on the simulation and evaluation of moving target defense in
 4. Updating the environment
    - `conda env update --name mtdsimtime --file environment.yml --prune`
 
+## Features
 
-## Progresses
+1. Network graph generation
+<p>
+  <img alt="" src="output/network.png" width="1080"/>
+</p>
 
-1. set up new discrete event simulation structure:
-    - get rid of the original `ActionManager` based structure
-    - use [SimPy](https://simpy.readthedocs.io/en/latest/index.html) to manage the time simulation, event processing, interaction (interruption)
-    - use [time generator](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/component/time_generator.py) to generate exponential/normal/uniform/weibull/poisson variate
+2. Attack Operation
 
-2. set up new mtd action flow in [mtd_operation](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/operation/mtd_operation.py):
-    - introduce resource occupation mechanism:
-        - MTD fetch resource when it executes, release resource when it completes
-        - each resource has a `capacity` parameter (default=1) represents the number of available resource in the network.
-        - two types of resource: network / application
-            - network: [completetopologyshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/completetopologyshuffle.py), [hosttoplogyshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/hosttopologyshuffle.py), [ipshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/ipshuffle.py)
-            - application: [osdiversity](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/osdiversity.py), [portshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/portshuffle.py), [servicediversity](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/servicediversity.py)
-            - reserve: [usershuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/usershuffle.py) (_todo_)
-    - interrupt attack process:
-        - network MTD operation: any attack action -> scan_host
-        - application MTD operation: (scan_port, exploit_vuln, brute_force) -> scan_port
-    -
+<p>
+  <img alt="" src="output/attack_record.png" width="720"/>
+</p>
 
-3. Rework the attack profile to facilitate `SimPy` framework ([hacker](https://github.com/MoeBuTa/MTDSimTime/blob/New-Attack-Method/mtdnetwork/hacker.py) -> [adversary](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/component/adversary.py))
-    - scan_host: merged start network enum and set up host enum
-    - enum_host: merged start host enum and process host enum
-    - scan_port: merged port scan and check pass reuse 
-    - exploit_vuln: merged find and exploit vulns
-    - brute_force: merged start and process brute force
-    - scan_neighbor: merged start and set up new neighbors
-
 
-4. Implement snapshot mechanism to save the state of the network object and the adversary object. Restrictions with generator object issues:
-    - cannot save and maintain generator object generated by SimPy when saving
-    - **solution**: [snapshot saving](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/snapshot) [operation](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/operation)
-      - extract mtd_operation object from network object to handle state saving for network object
-      - extract attack_operation object from adversary object to handle state saving for adversary object
-      - introduce SnapshotCheckpoint to save and load files based on simulation time.
+3. MTD Operation
 
-5. Refactor [data collection and analysis](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/statistic)
+<p>
+  <img alt="" src="output/mtd_record.png" width="755"/>
+</p>
 
-6. implement three [MTD Schemes](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/component/mtd_scheme): simultaneously, randomly, alternatively.
 
-7. implement evaluation metrics: Mean Time to Compromise, Attack Success Rate, MTD Execute Frequency.
-
-
-
-
-## Todos / Future works
-### Time related
- - assign mean/std/distribution of each time variable based on system properties, sensitivity analysis, empirical data (currently is randomly assigned)
- - more time based evaluation metrics
-
-### MTD related
-1. defense metrics (implement QOS)
-2. reconfiguration limit
-   - dynamic MTD
-   - resource capacity (1 or more)
-   - system state
-3. AI
-
-
-### Attack related
-1. Attack metrics
-2. multiple attackers
-3. 
+4. Snapshot
 
+5. Evaluation based on MTTC
 
 
 ## System Architecture
@@ -90,7 +49,15 @@ The system uses the 3-layer HARM model to represent the network. This is a repre
 | Services        | An attack tree of vulnerabilities. A service is compromised when  the sum of the vulnerabilities exploited impact is above 7             |
 | Vulnerabilities | Generated with a set Attack Complexity and Impact                                                                                        |
 
-more info: [MTD parameter](https://github.com/MoeBuTa/MTDSimTime/blob/main/docs/MTD%20Parameters.pdf)
+more info: [MTD parameter](https://github.com/MoeBuTa/MTDSimTime/blob/main/docs/manual/MTD%20Parameters.pdf)
+
+## Documents
+
+see [docs](https://github.com/MoeBuTa/MTDSimTime/blob/main/docs/) for all related documents.
+
+
+
+
 
 
 ## Setup the previous works only

docs/manual/logs.md

@@ -0,0 +1,39 @@
+1. set up new discrete event simulation structure:
+    - get rid of the original `ActionManager` based structure
+    - use [SimPy](https://simpy.readthedocs.io/en/latest/index.html) to manage the time simulation, event processing, interaction (interruption)
+    - use [time generator](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/component/time_generator.py) to generate exponential/normal/uniform/weibull/poisson variate
+
+2. set up new mtd action flow in [mtd_operation](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/operation/mtd_operation.py):
+    - introduce resource occupation mechanism:
+        - MTD fetch resource when it executes, release resource when it completes
+        - each resource has a `capacity` parameter (default=1) represents the number of available resource in the network.
+        - two types of resource: network / application
+            - network: [completetopologyshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/completetopologyshuffle.py), [hosttoplogyshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/hosttopologyshuffle.py), [ipshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/ipshuffle.py)
+            - application: [osdiversity](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/osdiversity.py), [portshuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/portshuffle.py), [servicediversity](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/servicediversity.py)
+            - reserve: [usershuffle](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/mtd/usershuffle.py) (_todo_)
+    - interrupt attack process:
+        - network MTD operation: any attack action -> scan_host
+        - application MTD operation: (scan_port, exploit_vuln, brute_force) -> scan_port
+    -
+
+3. Rework the attack profile to facilitate `SimPy` framework ([hacker](https://github.com/MoeBuTa/MTDSimTime/blob/New-Attack-Method/mtdnetwork/hacker.py) -> [adversary](https://github.com/MoeBuTa/MTDSimTime/blob/main/mtdnetwork/component/adversary.py))
+    - scan_host: merged start network enum and set up host enum
+    - enum_host: merged start host enum and process host enum
+    - scan_port: merged port scan and check pass reuse
+    - exploit_vuln: merged find and exploit vulns
+    - brute_force: merged start and process brute force
+    - scan_neighbor: merged start and set up new neighbors
+
+
+4. Implement snapshot mechanism to save the state of the network object and the adversary object. Restrictions with generator object issues:
+    - cannot save and maintain generator object generated by SimPy when saving
+    - **solution**: [snapshot saving](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/snapshot) [operation](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/operation)
+        - extract mtd_operation object from network object to handle state saving for network object
+        - extract attack_operation object from adversary object to handle state saving for adversary object
+        - introduce SnapshotCheckpoint to save and load files based on simulation time.
+
+5. Refactor [data collection and analysis](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/statistic)
+
+6. implement three [MTD Schemes](https://github.com/MoeBuTa/MTDSimTime/tree/main/mtdnetwork/component/mtd_scheme): simultaneously, randomly, alternatively.
+
+7. implement evaluation metrics: Mean Time to Compromise, Attack Success Rate, MTD Execute Frequency.