├── .github └── workflows │ └── test.yml ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── ag_generation.py ├── alerts ├── ccdc │ └── wrcddc-2018.json.gz ├── cptc-2017 │ ├── NationalTeam1.json__.gz │ ├── NationalTeam10.json.gz │ ├── NationalTeam2.json.gz │ ├── NationalTeam3.json.gz │ ├── NationalTeam4.json.gz │ ├── NationalTeam5.json.gz │ ├── NationalTeam6.json.gz │ ├── NationalTeam7.json.gz │ ├── NationalTeam8.json.gz │ └── NationalTeam9.json.gz └── cptc-2018 │ ├── suricata_alert_t1.json.gz │ ├── suricata_alert_t2.json.gz │ ├── suricata_alert_t5.json.gz │ ├── suricata_alert_t7.json.gz │ ├── suricata_alert_t8.json.gz │ └── suricata_alert_t9.json.gz ├── episode_sequence_generation.py ├── model_learning.py ├── plotting.py ├── sage.py ├── signatures ├── __init__.py ├── alert_signatures.py ├── attack_stages.py └── mappings.py ├── spdfa-config.ini ├── test-scripts ├── compare-ag-dirs.sh ├── diff-ags.sh ├── diff-edges.sh ├── diff-nodes.sh ├── stats-ff.sh ├── stats-nodes-ags.sh ├── stats-sinks-ags.sh ├── test-ags.sh └── test-sinks.sh └── tests.py /.github/workflows/test.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/.github/workflows/test.yml -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/README.md -------------------------------------------------------------------------------- /ag_generation.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/ag_generation.py -------------------------------------------------------------------------------- /alerts/ccdc/wrcddc-2018.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/ccdc/wrcddc-2018.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam1.json__.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam1.json__.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam10.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam10.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam2.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam2.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam3.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam3.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam4.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam4.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam5.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam5.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam6.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam6.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam7.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam7.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam8.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam8.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2017/NationalTeam9.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2017/NationalTeam9.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t1.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t1.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t2.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t2.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t5.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t5.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t7.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t7.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t8.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t8.json.gz -------------------------------------------------------------------------------- /alerts/cptc-2018/suricata_alert_t9.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/alerts/cptc-2018/suricata_alert_t9.json.gz -------------------------------------------------------------------------------- /episode_sequence_generation.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/episode_sequence_generation.py -------------------------------------------------------------------------------- /model_learning.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/model_learning.py -------------------------------------------------------------------------------- /plotting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/plotting.py -------------------------------------------------------------------------------- /sage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/sage.py -------------------------------------------------------------------------------- /signatures/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /signatures/alert_signatures.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/signatures/alert_signatures.py -------------------------------------------------------------------------------- /signatures/attack_stages.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/signatures/attack_stages.py -------------------------------------------------------------------------------- /signatures/mappings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/signatures/mappings.py -------------------------------------------------------------------------------- /spdfa-config.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/spdfa-config.ini -------------------------------------------------------------------------------- /test-scripts/compare-ag-dirs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/compare-ag-dirs.sh -------------------------------------------------------------------------------- /test-scripts/diff-ags.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/diff-ags.sh -------------------------------------------------------------------------------- /test-scripts/diff-edges.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/diff-edges.sh -------------------------------------------------------------------------------- /test-scripts/diff-nodes.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/diff-nodes.sh -------------------------------------------------------------------------------- /test-scripts/stats-ff.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/stats-ff.sh -------------------------------------------------------------------------------- /test-scripts/stats-nodes-ags.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/stats-nodes-ags.sh -------------------------------------------------------------------------------- /test-scripts/stats-sinks-ags.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/stats-sinks-ags.sh -------------------------------------------------------------------------------- /test-scripts/test-ags.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/test-ags.sh -------------------------------------------------------------------------------- /test-scripts/test-sinks.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/test-scripts/test-sinks.sh -------------------------------------------------------------------------------- /tests.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tudelft-cda-lab/SAGE/HEAD/tests.py --------------------------------------------------------------------------------