Skip to content

architecture.md

Latest commit

 

History

History
132 lines (100 loc) · 2.97 KB

architecture.md

File metadata and controls

132 lines (100 loc) · 2.97 KB

AAPP-MART Architecture

AAPP-MART is a modular, extensible, and autonomous security analysis framework.
It combines AI-driven Attack Path Prediction (AAPP) with a Multi-Agent Red Team (MART) engine.

This document outlines the system architecture, core components, and internal data flow.

1. High-Level Overview

AAPP-MART consists of three major subsystems:

  1. AAPP (AI-Autonomous Attack Path Prediction)
    Builds attack graphs, predicts likely attack paths, and prioritizes risks.

  2. MART (Multi-Agent Red Team Simulation Engine)
    Simulates attacker behavior using autonomous agents.

  3. CORE (Simulation Brain)
    Orchestrates AAPP + MART, manages global state, and controls execution.

All components communicate through a shared Knowledge Graph.

2. Directory Structure

aapp-mart
├── assets/
├── configs/
├── docs/
├── examples/
├── helm/
├── observability/
├── scripts/
├── src/
│   └── aapp_mart/
│       ├── agents/  
│       ├── cli/  
│       ├── domain/                
│       ├── common/  
│       ├── integrations/  
│       ├── mart/  
│       ├── modules/  
│       ├── offline/  
│       ├── rl/  
│       ├── utils/  
│       └── main.py  
├── tests/
├── CHANGELOG.md
├── CITATION.cff
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── DISCLAIMER.md
├── GOVERNANCE.md
├── LICENSE
├── LICENSE‑3RD‑PARTY.md
├── MAINTAINERS
├── NOTICE
├── README.md
├── RELEASE_NOTES.md
├── SECURITY.md
├── SUPPORT.md
├── requirements-dev.txt
├── requirements.txt
└── trivyignore

3. Component Breakdown

3.1 AAPP — AI-Autonomous Attack Path Prediction

Responsible for:

  • Parsing target data
  • Building attack graphs
  • Predicting attack paths
  • Scoring risks

3.2 MART — Multi-Agent Red Team Simulation Engine

Simulates attacker behavior using specialized agents:

  • Reconnaissance
  • Exploitation
  • Privilege escalation
  • Lateral movement
  • Persistence
  • Reporting

All agents inherit from agent_base.py and share memory via the Knowledge Graph.

3.3 CORE — Simulation Brain

Coordinates the entire system:

  • Runs AAPP
  • Initializes MART agents
  • Executes simulation loops
  • Maintains global state
  • Generates final reports

4. Knowledge Graph

Stores:

  • Hosts
  • Services
  • Vulnerabilities
  • Credentials
  • Attack paths
  • Agent findings

Acts as the shared memory for all agents.

5. Data Flow

Input → AAPP → Knowledge Graph → MART → Reports

6. Extensibility

AAPP-MART supports:

  • New agents
  • New ML models
  • New scoring algorithms
  • New simulation modes

7. Summary

AAPP-MART integrates predictive attack modeling with autonomous red-team simulation.
Its architecture is modular, scalable, and designed for advanced security research.