Skip to content

NVombat/ztSim

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

153 Commits
.vscode
.vscode
 
 
src
src
 
 
tests
tests
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

ztSim - Zero Trust Simulation Framework

A comprehensive simulation framework for comparing zero-trust security models, specifically designed to demonstrate that the ADP (Adaptive) model is more secure than the BAS (Baseline) model without sacrificing usability.

🎯 Project Overview

This project implements a sophisticated zero-trust simulation environment that models user behavior, authentication challenges, and security policies in enterprise networks. The simulation compares two zero-trust models:

  • BAS (Baseline): Traditional zero-trust model with static policies
  • ADP (Adaptive): Enhanced zero-trust model with dynamic trust factors and adaptive mechanisms

Key Research Question

"Can we enhance security without sacrificing usability in zero-trust architectures?"

The simulation demonstrates that ADP successfully breaks the traditional security-usability trade-off paradigm, providing:

  • Significant reduction in safe moves (better security - fewer opportunities for attackers)
  • Fewer completed attacks (better threat prevention)
  • Improved auth challenge efficiency for completed attacks (maintained usability)
  • No usability degradation for legitimate users (comparable or improved experience)

🚀 Key Features

Simulation Capabilities

  • Multi-parameter experimentation across network configurations
  • Probabilistic user behavior modeling with Bernoulli distributions
  • Dynamic policy graph generation with configurable resource networks
  • Adaptive trust factor mechanisms with real-time penalty calculations
  • Attack sequence simulation for security evaluation
  • Comprehensive data collection with 20+ metrics per simulation run

Analysis & Visualization

  • Publication-quality visualizations demonstrating key narrative
  • Statistical analysis with significance testing
  • Interactive Jupyter notebooks for exploratory analysis
  • Automated report generation with key findings
  • Parameter sensitivity analysis across all configuration dimensions

Configuration Management

  • JSON-based configuration system for easy parameter modification
  • Modular architecture supporting different simulation modes
  • Reproducible experiments with deterministic seeding
  • Scalable execution across parameter combinations

📋 Prerequisites

System Requirements

  • Python 3.13+ (required for latest features)
  • 8GB+ RAM (recommended for large-scale simulations)
  • 2GB+ disk space (for simulation data and visualizations)

Dependencies

The project uses Poetry for dependency management with core packages:

  • pandas (2.3.2+) - Data manipulation and analysis
  • matplotlib (3.10.5+) - Visualization and plotting
  • seaborn (0.13.2+) - Statistical visualization
  • numpy (2.3.2+) - Numerical computing
  • scipy (1.16.2+) - Scientific computing
  • networkx (3.5+) - Graph/network analysis
  • ipykernel (6.30.1+) - Jupyter notebook support

🛠️ Installation

1. Clone the Repository

git clone <repository-url>
cd ztSim

2. Install Poetry (if not already installed)

curl -sSL https://install.python-poetry.org | python3 -

3. Install Dependencies

poetry install

4. Activate Virtual Environment

poetry shell

🎮 Quick Start

Run Complete Analysis (Recommended)

# Analyze existing simulation data and generate visualizations
python src/analysis/analysis.py

# Run security analysis (challenge efficiency and proactive defense)
python src/analysis/security_analysis.py

This will:

  • Load simulation records from the archive directory
  • Generate publication-quality visualizations demonstrating the narrative
  • Display interactive plots with plt.show()
  • Save all outputs to src/analysis/plots/
  • Print statistical summaries supporting the narrative

Run New Simulations

Standard User Behavior Simulation

# Generate new BAS and ADP simulation data
python src/base_runner.py

Attack Sequence Simulation

# Simulate attack scenarios for security evaluation
python src/attack_runner.py

Interactive Analysis

# Launch Jupyter for custom analysis
jupyter lab src/analysis/analyzer.ipynb
jupyter lab src/analysis/att_analyzer.ipynb

📊 Usage Examples

Basic Simulation Execution

The simulation automatically runs across all parameter combinations defined in configuration files:

# Parameters are loaded from src/assets/config/*.json
# - num_resources: [250, 500, 750, 1000, 1250, 1500]
# - num_steps: [12, 16, 20, 24, 28, 32]
# - edge_density: [0.5, 0.4, 0.3, 0.2, 0.1]
# - p_val: [0.9, 0.8, 0.6, 0.5, 0.4, 0.2, 0.1]
# - threshold: [4.0, 5.0, 6.0, 7.0, 8.0]

# This generates 6 × 6 × 5 × 7 × 5 × 2 = 12,600 simulation runs
# (2 modes: BAS and ADP)

Custom Parameter Configuration

Modify configuration files in src/assets/config/ to customize simulations:

# Edit basic simulation parameters
vim src/assets/config/basic_config.json

# Edit adaptive model parameters
vim src/assets/config/adaptive_config.json

# Edit network topology parameters
vim src/assets/config/policy_graph_config.json

Analysis Customization

from src.analysis.analysis import SecurityUsabilityAnalyzer

# Initialize analyzer
analyzer = SecurityUsabilityAnalyzer()

# Load custom data files
analyzer.load_and_merge_data(
    bas_file="path/to/custom_bas_data.csv",
    adp_file="path/to/custom_adp_data.csv"
)

# Generate specific analysis
analyzer.create_narrative_visualization()

📁 Project Structure

ztSim/
├── README.md                          # This file - project overview and setup
├── pyproject.toml                     # Poetry configuration and dependencies
├── src/                               # Source code directory
│   ├── README.md                      # Source code documentation
│   ├── analysis/                      # Analysis tools and visualizations
│   │   ├── README.md                  # Analysis documentation
│   │   ├── analysis.py                # Main thesis analysis script
│   │   ├── security_analysis.py       # Strategic security analysis script
│   │   ├── analyzer.ipynb             # Interactive analysis notebook
│   │   ├── att_analyzer.ipynb         # Attack analysis notebook
│   │   └── plots/                     # Generated visualizations
│   ├── assets/                        # Configuration and data files
│   │   ├── config/                    # JSON configuration files
│   │   ├── archive/                   # Historical simulation datasets (organized by run number)
│   │   └── results/                   # New simulation outputs
│   ├── base_runner.py                 # Main simulation runner (user behavior)
│   ├── attack_runner.py               # Attack simulation runner
│   ├── simulator.py                   # Core simulation engine
│   ├── attack_simulator.py            # Attack sequence simulator
│   ├── user.py                        # User behavior models
│   ├── authenticator.py               # Authentication system
│   ├── policy_generator.py            # Network policy graph generator
│   ├── delta.py                       # Trust factor penalty calculations
│   └── utils.py                       # Utility functions
└── ...

🔬 Key Results & Findings

Thesis Validation: "ADP is More Secure Without Sacrificing Usability"

Our comprehensive analysis of 12,600 simulation runs demonstrates:

🔒 Security Improvements (ADP vs BAS)

  • Safe Moves: Significant reduction (attackers have less freedom to move undetected)
  • Attack Completion: Fewer successful attacks (better threat prevention)
  • Proactive Defense: ADP stops attacks before completion, while BAS allows all attacks to complete

👤 Usability Preservation Through Strategic Design

  • Smart Challenge Strategy: ADP uses proactive defense (early termination) rather than reactive challenge escalation
  • Surgical Precision: Authentication challenges are strategically focused where they matter most
  • Challenge Efficiency: Fewer total challenges with better security outcomes - demonstrating "smarter security"
  • User Experience: Enhanced security without challenge fatigue for legitimate users

⚙️ Breaking the Trade-off with Strategic Intelligence

  • Traditional Assumption: More security = worse usability ❌
  • ADP Innovation: Strategic security + maintained usability ✅
  • Key Insight: ADP prevents problematic attacks early rather than burdening users with excessive authentication
  • Result: Surgically precise security interventions that enhance protection while preserving user productivity

Generated Visualizations (10 Total)

From analysis.py (8 plots):

  1. Safe Moves Analysis: Security improvement across all parameters (nr, ns, ed, p, th)
  2. Attack Completion Rates: Threat prevention effectiveness across all parameters
  3. Auth Challenge Analysis: Usability for completed attacks across all parameters
  4. Legitimate User Study: Usability for high P values (0.8, 0.9) - no degradation for trusted users
  5. Attacker Usability Analysis: Usability for low P values (0.1, 0.2)
  6. All Attacks Usability: Overall usability including terminated attacks
  7. Terminated Attacks Usability: Usability for attacks stopped by ADP
  8. Thesis Narrative Figure: Publication-quality 2×2 summary panel

From security_analysis.py (2 plots): 9. Early Detection Analysis: How quickly ADP identifies and stops threats (moves and challenges before action) 10. Challenge Distribution Analysis: Strategic authentication focus patterns (scatter plots showing challenges vs moves)

🔧 Configuration Parameters

Network Topology (policy_graph_config.json)

  • num_resources: [250, 500, 750, 1000, 1250, 1500] - Network size
  • num_steps: [12, 16, 20, 24, 28, 32] - Workflow complexity
  • edge_density: [0.5, 0.4, 0.3, 0.2, 0.1] - Network connectivity

User Behavior (basic_config.json)

  • p_val: [0.9, 0.8, 0.6, 0.5, 0.4, 0.2, 0.1] - Legitimacy probability
  • max_session_len: 50 - Maximum session duration
  • history_depth: 3 - User history tracking depth

Adaptive Model (adaptive_config.json)

  • trust_factor_threshold: [4.0, 5.0, 6.0, 7.0, 8.0] - Security thresholds
  • init_trust_factor: 7.0 - Initial user trust
  • base_trust_factor: 10.0 - Maximum trust level

Authentication (auth_config.json)

  • num_auth_levels: 4 - Authentication complexity levels
  • auth_prob_config: Level-specific success probabilities
  • access_denied_limit: 3 - Maximum failed attempts

🧪 Testing & Validation

Run Analysis Tests

# Test the core analysis script with existing data
python src/analysis/analysis.py

# Test the security analysis script
python src/analysis/security_analysis.py

# Expected output: 10 visualizations + statistical summaries
# Check: src/analysis/plots/ for generated files

Validate Simulation

# Quick simulation test (modify config for smaller parameter space)
python src/base_runner.py

# Check: src/assets/results/ for new CSV files

Interactive Exploration

# Launch Jupyter for detailed investigation
jupyter lab src/analysis/analyzer.ipynb

📈 Performance & Scalability

Simulation Scale

  • Current Dataset: 12,600 simulation runs
  • Parameter Space: 5-dimensional configuration matrix
  • Execution Time: ~2-4 hours for full parameter sweep
  • Memory Usage: ~2-4GB peak during large simulations

Analysis Performance

  • Data Loading: <10 seconds for 12,600 records
  • Visualization Generation: ~30-60 seconds for all plots
  • Statistical Calculations: <5 seconds for thesis metrics

🤝 Contributing

Development Setup

# Install development dependencies
poetry install --with dev

# Run code formatting
poetry run black src/
poetry run isort src/

# Run type checking
poetry run mypy src/

Adding New Analysis

  1. Create analysis functions in src/analysis/
  2. Follow existing patterns for data loading and visualization
  3. Update documentation in src/analysis/ANALYSIS_README.md
  4. Test with existing datasets before committing

📚 Documentation

  • README.md (this file): Project overview and setup
  • src/README.md: Source code structure and modules
  • src/analysis/README.md: Analysis tools, methods, and thesis documentation
    • Core Analysis (analysis.py): Parameter analysis, usability studies, narrative visualization
    • Strategic Security Analysis (security_analysis.py): Early detection and challenge distribution
  • Jupyter Notebooks: Interactive analysis examples
    • src/analysis/analyzer.ipynb: Custom exploratory analysis
    • src/analysis/att_analyzer.ipynb: Attack sequence analysis

🐛 Troubleshooting

Common Issues

Import Errors

# Ensure you're in the Poetry environment
poetry shell

# Reinstall dependencies if needed
poetry install --sync

Missing Data Files

# Check if simulation data exists
ls src/assets/archive/

# Run simulations if data is missing
python src/base_runner.py

Visualization Issues

# Install GUI backend for matplotlib
poetry add tkinter  # or appropriate backend

# Use non-interactive backend if needed
export MPLBACKEND=Agg

📄 License

This project is part of academic research on zero-trust security architectures. Please cite appropriately if using this work in academic publications.

🎯 Next Steps

  1. Run the analysis: python src/analysis/analysis.py
  2. Explore the data: Open src/analysis/analyzer.ipynb
  3. Review findings: Check generated plots in src/analysis/plots/
  4. Customize parameters: Modify files in src/assets/config/
  5. Generate new data: Run python src/base_runner.py

The simulation demonstrates that enhanced security doesn't require usability sacrifice - ADP proves this empirically across 12,600 test scenarios.

About

A Zero Trust Simulation Framework

Topics

simulation zero-trust adaptive-zero-trust

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages