supplychain

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2025 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIManipulator

type APIManipulator struct {
	// contains filtered or unexported fields
}

APIManipulator implements API manipulation attacks

func NewAPIManipulator

func NewAPIManipulator() *APIManipulator

NewAPIManipulator creates a new API manipulator

func (*APIManipulator) ManipulateAPI

func (am *APIManipulator) ManipulateAPI(attack *SupplyChainAttack) error

ManipulateAPI manipulates API endpoints

type AttackStatus

type AttackStatus string

AttackStatus represents the attack status

const (
	StatusPlanning AttackStatus = "planning"
	StatusDeployed AttackStatus = "deployed"
	StatusActive   AttackStatus = "active"
	StatusDormant  AttackStatus = "dormant"
	StatusExecuted AttackStatus = "executed"
)

type AttackType

type AttackType string

AttackType defines types of supply chain attacks

const (
	AttackModelPoisoning       AttackType = "model_poisoning"
	AttackDatasetContamination AttackType = "dataset_contamination"
	AttackDependencyInjection  AttackType = "dependency_injection"
	AttackPluginCompromise     AttackType = "plugin_compromise"
	AttackAPIManipulation      AttackType = "api_manipulation"
	AttackTrainingPipeline     AttackType = "training_pipeline"
	AttackModelSwapping        AttackType = "model_swapping"
	AttackConfigTampering      AttackType = "config_tampering"
)

type AttackVector

type AttackVector struct {
	Method      string                 `json:"method"`
	Entry       string                 `json:"entry"`
	Persistence bool                   `json:"persistence"`
	Stealth     StealthLevel           `json:"stealth"`
	Metadata    map[string]interface{} `json:"metadata"`
}

AttackVector represents the attack delivery method

type AttackedPipeline

type AttackedPipeline struct {
	PipelineName     string
	InjectionPoints  []string
	ModificationCode string
}

AttackedPipeline represents an attacked training pipeline

type AttackerConfig

type AttackerConfig struct {
	MaxConcurrentAttacks int
	StealthMode          bool
	PersistenceEnabled   bool
	VerificationBypass   bool
}

AttackerConfig holds configuration for supply chain attacker

type CompromisedPlugin

type CompromisedPlugin struct {
	PluginName      string
	OriginalHash    string
	CompromisedHash string
	BackdoorCode    string
}

CompromisedPlugin represents a compromised plugin

type ConfigTamperer

type ConfigTamperer struct {
	// contains filtered or unexported fields
}

ConfigTamperer implements configuration tampering attacks

func NewConfigTamperer

func NewConfigTamperer() *ConfigTamperer

NewConfigTamperer creates a new config tamperer

func (*ConfigTamperer) TamperConfig

func (ct *ConfigTamperer) TamperConfig(attack *SupplyChainAttack) error

TamperConfig tampers with configuration files

type ContaminatedDataset

type ContaminatedDataset struct {
	OriginalSize      int
	ContaminatedSize  int
	PoisonRate        float64
	ContaminationType string
}

ContaminatedDataset represents a contaminated dataset

type DatasetContaminator

type DatasetContaminator struct {
	// contains filtered or unexported fields
}

DatasetContaminator implements dataset contamination attacks

func NewDatasetContaminator

func NewDatasetContaminator() *DatasetContaminator

NewDatasetContaminator creates a new dataset contaminator

func (*DatasetContaminator) ContaminateDataset

func (dc *DatasetContaminator) ContaminateDataset(attack *SupplyChainAttack) error

ContaminateDataset contaminates training datasets

type DependencyInjector

type DependencyInjector struct {
	// contains filtered or unexported fields
}

DependencyInjector implements dependency injection attacks

func NewDependencyInjector

func NewDependencyInjector() *DependencyInjector

NewDependencyInjector creates a new dependency injector

func (*DependencyInjector) InjectDependency

func (di *DependencyInjector) InjectDependency(attack *SupplyChainAttack) error

InjectDependency injects malicious dependencies

type ImpactLevel

type ImpactLevel string

ImpactLevel represents the severity of impact

const (
	ImpactCritical ImpactLevel = "critical"
	ImpactHigh     ImpactLevel = "high"
	ImpactMedium   ImpactLevel = "medium"
	ImpactLow      ImpactLevel = "low"
)

type InjectedDependency

type InjectedDependency struct {
	PackageName     string
	MaliciousCode   string
	OriginalVersion string
	InjectedVersion string
}

InjectedDependency represents an injected dependency

type ManipulatedAPI

type ManipulatedAPI struct {
	Endpoint         string
	OriginalBehavior string
	ModifiedBehavior string
	InterceptionCode string
}

ManipulatedAPI represents a manipulated API

type ModelPoisoner

type ModelPoisoner struct {
	// contains filtered or unexported fields
}

ModelPoisoner implements model poisoning attacks

func NewModelPoisoner

func NewModelPoisoner() *ModelPoisoner

NewModelPoisoner creates a new model poisoner

func (*ModelPoisoner) PoisonModel

func (mp *ModelPoisoner) PoisonModel(attack *SupplyChainAttack) error

PoisonModel poisons a model in the supply chain

type ModelSwapper

type ModelSwapper struct {
	// contains filtered or unexported fields
}

ModelSwapper implements model swapping attacks

func NewModelSwapper

func NewModelSwapper() *ModelSwapper

NewModelSwapper creates a new model swapper

func (*ModelSwapper) SwapModel

func (ms *ModelSwapper) SwapModel(attack *SupplyChainAttack) error

SwapModel performs model swapping attack

type PipelineAttacker

type PipelineAttacker struct {
	// contains filtered or unexported fields
}

PipelineAttacker implements training pipeline attacks

func NewPipelineAttacker

func NewPipelineAttacker() *PipelineAttacker

NewPipelineAttacker creates a new pipeline attacker

func (*PipelineAttacker) AttackPipeline

func (pa *PipelineAttacker) AttackPipeline(attack *SupplyChainAttack) error

AttackPipeline attacks the training pipeline

type PluginCompromiser

type PluginCompromiser struct {
	// contains filtered or unexported fields
}

PluginCompromiser implements plugin compromise attacks

func NewPluginCompromiser

func NewPluginCompromiser() *PluginCompromiser

NewPluginCompromiser creates a new plugin compromiser

func (*PluginCompromiser) CompromisePlugin

func (pc *PluginCompromiser) CompromisePlugin(attack *SupplyChainAttack) error

CompromisePlugin compromises LLM plugins

type PoisonedModel

type PoisonedModel struct {
	OriginalHash    string
	PoisonedHash    string
	BackdoorTrigger string
	PoisonType      string
}

PoisonedModel represents a poisoned model

type StealthLevel

type StealthLevel string

StealthLevel represents how hidden the attack is

const (
	StealthCovert   StealthLevel = "covert"
	StealthSubtle   StealthLevel = "subtle"
	StealthModerate StealthLevel = "moderate"
	StealthOvert    StealthLevel = "overt"
)

type SupplyChainAttack

type SupplyChainAttack struct {
	ID        string                 `json:"id"`
	Type      AttackType             `json:"type"`
	Target    TargetComponent        `json:"target"`
	Payload   string                 `json:"payload"`
	Vector    AttackVector           `json:"vector"`
	Impact    ImpactLevel            `json:"impact"`
	Metadata  map[string]interface{} `json:"metadata"`
	Status    AttackStatus           `json:"status"`
	CreatedAt time.Time              `json:"created_at"`
}

SupplyChainAttack represents a supply chain attack vector

type SupplyChainAttacker

type SupplyChainAttacker struct {
	// contains filtered or unexported fields
}

SupplyChainAttacker manages supply chain attacks

func NewSupplyChainAttacker

func NewSupplyChainAttacker(config AttackerConfig) *SupplyChainAttacker

NewSupplyChainAttacker creates a new supply chain attacker

func (*SupplyChainAttacker) GetActiveAttacks

func (sca *SupplyChainAttacker) GetActiveAttacks() []*SupplyChainAttack

GetActiveAttacks returns all active attacks

func (*SupplyChainAttacker) GetAttackStatus

func (sca *SupplyChainAttacker) GetAttackStatus(attackID string) (*SupplyChainAttack, error)

GetAttackStatus returns the status of an attack

func (*SupplyChainAttacker) LaunchAttack

func (sca *SupplyChainAttacker) LaunchAttack(ctx context.Context, attackType AttackType, target TargetComponent, payload string) (*SupplyChainAttack, error)

LaunchAttack launches a supply chain attack

type SwappedModel

type SwappedModel struct {
	OriginalModel   string
	MaliciousModel  string
	SwapConditions  []string
	FallbackEnabled bool
}

SwappedModel represents a swapped model

type TamperedConfig

type TamperedConfig struct {
	ConfigFile       string
	OriginalSettings map[string]interface{}
	ModifiedSettings map[string]interface{}
}

TamperedConfig represents a tampered configuration

type TargetComponent

type TargetComponent string

TargetComponent defines supply chain components

const (
	TargetPretrainedModel TargetComponent = "pretrained_model"
	TargetTrainingData    TargetComponent = "training_data"
	TargetDependencies    TargetComponent = "dependencies"
	TargetPlugins         TargetComponent = "plugins"
	TargetAPIs            TargetComponent = "apis"
	TargetInfrastructure  TargetComponent = "infrastructure"
	TargetModelRegistry   TargetComponent = "model_registry"
	TargetConfiguration   TargetComponent = "configuration"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL