+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Coming soon
+Coming soon
+The SEI is a research institute, and so we often are thinking about how to use GHOSTS in new ways to drive insight for our customers. Some of this work makes it here, with the caveat that it might be early beta editions or require some amount of engineer hand-holding in its current state. Some call it pre-release, we call it advanced features.
+ + + + + + + + +Coming soon
+The GHOSTS ANIMATOR Source Code Repository is hosted on GitHub
+Animator brings NPCs to life in two ways:
+Initial Creation
+Animator creates the initial NPC profile, including details such as name, address, career, finances, and family members. Based on configuration, it can place users in a multi-level organizational structure, and establish relationships between users.
+Animation Jobs
+Via jobs that can be run during training and exercise events, Animator can update the NPC's preferences, beliefs, and relationships. This enables dynamic NPCs that change over time.
+At its core, Animator is a realistic user detail generator. Its primary function is to create sufficiently realistic identities and accompanying verbose portfolios of personal information. Each generated user, or NPC (Non-Player Character) as we call them, has numerous categories of details associated with them, and a great deal of metadata that define who they are. Each piece of information is generated using sourced datasets in an attempt to distribute characteristics realistically. We like to say it creates, "NPCs so real, they sell for a premium on the dark web."1
+git clone <https://github.com/cmu-sei/GHOSTS-ANIMATOR>
+cd ghosts-animator/src
+docker build . -t ghosts/animator
+docker compose up -d
+or if you don't want to build and just run the latest docker-compose file:
+mkdir ghosts-animator
+cd ghosts-animator
+curl https://github.com/cmu-sei/GHOSTS-ANIMATOR/blob/master/src/docker-compose.yml -o docker-compose.yml
+docker compose up -d
+Now browse to http://localhost:5000/
+The data generated by Animator can be leveraged in multiple areas, but is particularly applicable in four key areas:
+Training Machine Learning Algorithms - Animator creates larges sets of hyper-realistic user data. It can be leveraged to generate data sets that can be used for training machine learning algorithms. This enables the rapid training of anthropology-related ML algorithms that can leverage one or more of the hundred-plus data points generated by Animator.2
+Honeypot Payloads - NPC details generated by Animator are designed to be as realistic as possible given the available relevant open source information. This makes the user data convincingly real while still being completely fabricated. Therefore, the data is ideal for use in applications like honeypots, where the goal is to trick an attacker into thinking they are compromising an asset with real user data. This data is also perfect for any other application that would benefit from extremely realistic user information.
+Insider Threat Modeling - Each Animator NPC is given an Insider Threat Profile. This profile determines how likely it is that the NPC is an insider threat by incorporating the CDSE's Insider Threat Potential Indicators. As we continue developing Animator, it will be possible to configure NPCs to be more or less likely to be insider threats based on factors like their finances, criminal history, foreign contacts, and mental health.
+Social Network and Relationship Modeling - Animator can establish relationships between the NPCs it generates. As we increase the fidelity of inter-NPC relationships, Animator NPCs create larger and more realistic social networks. By leveraging Animator's ability to quickly generate thousands of inter-related NPCs, Animator can easily be used to perform social networking modeling and research.
+Animator currently supports storing NPC data in a local Mongo Database. This feature is still being actively improved.
+ + + + + + + + + +So, now we have Animator-generated NPCs, and they have profile information and preferences.
+Animator has a job system that might enables us to push our simulation further:
+Jobs operate on a "per cycle" or "step" basis. For each cycle, the job processes a list of agents, and the actions or determinations programmed for each.
+We can use any combination of the following to drive agent decision-making:
+We implement the Reiss Motivational Profile (RMP) - which is a mathematical framework for reasoning about agent comparative motivations - agent A is twice as motivated by X than agent B - that is baselined every few years.
+Agents build relationships with other agents in the cohort. These get better or worse over time.
+How this works is that each agent has the potential to interact with n other agents (they can also potentially transfer knowledge as a result). The more an agent knows about a particular subject, maybe the more likely they are to transfer information to another agent.
+Agents build knowledge across an array of subjects that may alter their preferences. Within Animator, there are two main ways to learn:
+What an agent believes can directly influence their behavior. Beliefs shape understanding of the world and guide decision-making and problem-solving. Agents come to belief utilizing Bayes Theorem, which is a mathematical framework for reasoning about probability of evidence.
+So what does this all mean? Here is an example where an agent shares bits of information on social media:
+Some tweets contain no insight about the agent. Some disclose some bit of information:
+Other agents — and adversaries — can see and infer from this information!
+ + + + + + + + +Animator is a simulation of a population of agents. Animator runs in cycles, and for each cycle, the agents make decisions based on their attributes, preferences, motivations, and behaviors.
+appsettings.json file to enable Animations:"ApplicationSettings": {
+ "GhostsApiUrl": "http://localhost:52388/", // this should be root url of your ghosts API server
+ "Animations": {
+ "IsEnabled": false, // set this to true to enable animation jobs
+ "SocialGraph": {
+ "IsEnabled": false, // set this to true to enable the entire module (inc. web gui access)
+ "IsInteracting": false, // set this to true to actually run the interactions
+ "MaximumSteps": 4000, // animator stops when it reaches this many steps
+ "TurnLength": 900, // by default, a step is a cpu cycle, the higher this number, the slower the simulation
+ "ChanceOfKnowledgeTransfer": 0.3,
+ "Decay": {
+ "StepsTo": 10,
+ "ChanceOf": 0.05
+ }
+ },
+ "SocialSharing": {
+ "IsEnabled": false, // set this to true to enable the entire module (inc. web gui access)
+ "IsInteracting": false, // set this to true to actually run the interactions
+ "IsSendingTimelinesToGhostsApi": false, // set this to true to actually send the timeline commands to the ghosts API
+ "IsChatGptEnabled": false, // this is still under development, here be dragons
+ "SocializerUrl": "http://socializer.com", // change this to the root url of your in-game social server
+ "MaximumSteps": 14000,
+ "TurnLength": 9000 // by default, a step is a cpu cycle, the higher this number, the slower the simulation
+ },
+ "SocialBelief": {
+ "IsEnabled": false, // set this to true to enable the entire module (inc. web gui access)
+ "IsInteracting": false, // set this to true to actually run the interactions
+ "MaximumSteps": 14000,
+ "TurnLength": 9000
+ }
+ }
+ },
+ ...
+After you update the appsettings.json file, you will need to restart the Animator API server via:
+docker restart animator-api
+