The first goal of the research team was to create a custom simulation environment based on an open-source toolkit known as
Open AI Gym. Using that environment, the researchers created attacker entities of different skill and persistence levels with the ability to use a subset of seven tactics and 15 techniques from the MITRE ATT&CK framework. The goals of the attacker agents are to move through the seven steps of the attack chain, from initial access to execution, from persistence to command and control, and from collection to impact. For the attacker, adapting their tactics to the state of the environment and the defender's current actions can be complex, says PNNL's Chatterjee.
