Skip to content

Enhance README with configuration details #450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ondrej-lukas merged 1 commit into from
Feb 23, 2026
Merged

Enhance README with configuration details #450

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 65 additions & 1 deletion README_pypi.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ pip install netsecgame[server]

## Running the Game Environment

NetSecGame separates the game server from the interacting agents, ensuring flexibility in deployment. The easiest way to run the NetSecGame server is via the [official Docker image](https://hub.docker.com/r/stratosphereips/netsecgame):
NetSecGame separates the game server from the interacting agents, enabling flexible deployment. The easiest way to run the NetSecGame server is via the [official Docker image](https://hub.docker.com/r/stratosphereips/netsecgame):

```bash
docker pull stratosphereips/netsecgame
Expand All @@ -42,6 +42,70 @@ python3 -m netsecgame.game.worlds.NetSecGame \
--task_config=./examples/example_task_configuration.yaml \
--game_port=9000
```
### Configuration
To start the game, a task configuration file must be provided. Task configuration specifies the starting points and goals for agents, the episode length, rewards, and other game properties. Here is an example of the configuration:
```YAML
# Example of the task configuration for NetSecGame
# The objective of the Attacker in this task is to locate specific data
# and exfiltrate it to a remote C&C server.
# The scenario starts AFTER the initial breach of the local network
# (the attacker controls 1 local device + the remote C&C server).

coordinator:
agents:
Attacker: # Configuration of 'Attacker' agents
max_steps: 25 # timeout set for the role `Attacker`
goal: # Definition of the goal state
description: "Exfiltrate data from Samba server to remote C&C server."
is_any_part_of_goal_random: True
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {213.47.23.195: [[User1,DataFromServer1]]} # winning condition
known_blocks: {}
start_position: # Definition of the starting state (keywords "random" and "all" can be used)
known_networks: []
known_hosts: []
controlled_hosts: [213.47.23.195, random] # keyword 'random' will be replaced by randomly selected IP during initialization
known_services: {}
known_data: {}
known_blocks: {}

Defender:
goal:
description: "Block all attackers."
is_any_part_of_goal_random: False
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {}
known_blocks: {213.47.23.195: 'all_attackers'}

start_position:
known_networks: []
known_hosts: []
controlled_hosts: []
known_services: {}
known_data: {}
blocked_ips: {}
known_blocks: {}

env: # Environment configuraion
scenario: 'two_networks_tiny' # use the smallest topology for this example
use_global_defender: False # Do not use global SIEM Defender
use_dynamic_addresses: False # Do not randomize IP addresses
use_firewall: True # Use firewall
save_trajectories: False # Do not store trajectories
required_players: 1 # Minimal amount of agents required to start the game
rewards: # Configurable reward function
success: 100
step: -1
fail: -10
false_positive: -5
```
For detailed configuration instructions, please refer to the [Configuration Documentation](https://stratosphereips.github.io/NetSecGame/configuration/).

## Creating Agents

Expand Down