Arsenal is a plugin developed for adversary emulation of AI-enabled systems. This plugin will provide TTPs defined in MITRE ATLAS to interface with CALDERA.

Read the full documentation

For ml-attack-staging and ml-model-access abilities (see list below), additional information and examples on using these abilities are detailed in the arsenal/docs/ folder.

JUNE 2023 included abilities:

• Discover remote services
• Discover local services
• Discover available network services
• Search and stage Tensorflow model files/checkpoints
• Discover ML specific services - Torchserve
• Discover GPUs on a system
• Stage a local image for classification
• Install ML-related tools (on C2-server or victim system): Python, Microsoft Counterfit, Tensorflow-CPU, Tesorflow-GPU
• Gain API access to a served model (Torchserve)
• Build a custom Microsoft Counterfit target and stage an attack

JUNE 2023 included Adversaries:

• "Tensormancer" - Discover a Tensorflow model or checkpoint and stage an image for classification
• Exfiltrate a model or checkpoint file
• Stage an adversarial ML attack on a discovered ML model or service using Microsoft Counterfit library

Usage

System requirements:

• Ubuntu 18.04 or 20.04

• Python version 3.7+

  Plugin Dependencies:

  • Caldera Stockpile: Some Arsenal abilities and adversaries require addition TTPs and requirements include in the Caldera Stockpile. A version more recent than this commit is required for these capabilities: Stockpile.
  • Microsoft Counterfit: a required dependency to create and run adversarial machine learning attacks. This dependency is used by the Build and Attack a Custom CFTarget ability and its payload.
    • If following the Installation with Caldera, this dependency is installed automatically on the C2 server (host).
    • It can also be installed locally using the requirements.txt located in this repository or installed on remote machines using the Install Counterfit ability.

Installation with CALDERA*:

1. Navigate to caldera-atlas repository and follow steps for installation and setup.

2. Navigate to the UI: localhost:8888

   *arsenal is not yet a default CALDERA plugin, therefore there are additional steps to include this plugin into the app.

Contact us atlas@mitre.org