add Poison IVY state machine

FSCS630_Cryptography/labs/11_Hash/Cry-Dangerous-A1 D8 42 FF.txt

@@ -0,0 +1,12 @@
+Dear Mr Shopaholic,
+
+please order a Porsche and a prepaid insurance scheme for Mr. Dodgy.
+
+Regards
+Honest John
+			
+   
+
+
+<EFBFBD><EFBFBD>  <20> 
+	

FSCS630_Cryptography/labs/11_Hash/Cry-Harmless-A1 D8 42 FF.txt

@@ -0,0 +1,11 @@
+Dear Mr Shopaholic,
+
+please order a typewriter.
+
+Regards
+Honest John		
+<EFBFBD><EFBFBD>				
+ 		<09>
+
+
+<EFBFBD>

Research/APT_FSM/.idea/compiler.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="CompilerConfiguration">
+    <annotationProcessing>
+      <profile name="Maven default annotation processors profile" enabled="true">
+        <sourceOutputDir name="target/generated-sources/annotations" />
+        <sourceTestOutputDir name="target/generated-test-sources/test-annotations" />
+        <outputRelativeToContentRoot value="true" />
+        <module name="APT_FSM" />
+      </profile>
+    </annotationProcessing>
+  </component>
+</project>

Research/APT_FSM/.idea/misc.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ExternalStorageConfigurationManager" enabled="true" />
+  <component name="MavenProjectsManager">
+    <option name="originalFiles">
+      <list>
+        <option value="$PROJECT_DIR$/pom.xml" />
+      </list>
+    </option>
+  </component>
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK">
+    <output url="file://$PROJECT_DIR$/out" />
+  </component>
+</project>

Research/APT_FSM/.idea/uiDesigner.xml

@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="Palette2">
+    <group name="Swing">
+      <item class="com.intellij.uiDesigner.HSpacer" tooltip-text="Horizontal Spacer" icon="/com/intellij/uiDesigner/icons/hspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="1" hsize-policy="6" anchor="0" fill="1" />
+      </item>
+      <item class="com.intellij.uiDesigner.VSpacer" tooltip-text="Vertical Spacer" icon="/com/intellij/uiDesigner/icons/vspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="1" anchor="0" fill="2" />
+      </item>
+      <item class="javax.swing.JPanel" icon="/com/intellij/uiDesigner/icons/panel.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3" />
+      </item>
+      <item class="javax.swing.JScrollPane" icon="/com/intellij/uiDesigner/icons/scrollPane.png" removable="false" auto-create-binding="false" can-attach-label="true">
+        <default-constraints vsize-policy="7" hsize-policy="7" anchor="0" fill="3" />
+      </item>
+      <item class="javax.swing.JButton" icon="/com/intellij/uiDesigner/icons/button.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="3" anchor="0" fill="1" />
+        <initial-values>
+          <property name="text" value="Button" />
+        </initial-values>
+      </item>
+      <item class="javax.swing.JRadioButton" icon="/com/intellij/uiDesigner/icons/radioButton.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
+        <initial-values>
+          <property name="text" value="RadioButton" />
+        </initial-values>
+      </item>
+      <item class="javax.swing.JCheckBox" icon="/com/intellij/uiDesigner/icons/checkBox.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
+        <initial-values>
+          <property name="text" value="CheckBox" />
+        </initial-values>
+      </item>
+      <item class="javax.swing.JLabel" icon="/com/intellij/uiDesigner/icons/label.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="0" anchor="8" fill="0" />
+        <initial-values>
+          <property name="text" value="Label" />
+        </initial-values>
+      </item>
+      <item class="javax.swing.JTextField" icon="/com/intellij/uiDesigner/icons/textField.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
+          <preferred-size width="150" height="-1" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JPasswordField" icon="/com/intellij/uiDesigner/icons/passwordField.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
+          <preferred-size width="150" height="-1" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JFormattedTextField" icon="/com/intellij/uiDesigner/icons/formattedTextField.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
+          <preferred-size width="150" height="-1" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JTextArea" icon="/com/intellij/uiDesigner/icons/textArea.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JTextPane" icon="/com/intellij/uiDesigner/icons/textPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JEditorPane" icon="/com/intellij/uiDesigner/icons/editorPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JComboBox" icon="/com/intellij/uiDesigner/icons/comboBox.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="0" hsize-policy="2" anchor="8" fill="1" />
+      </item>
+      <item class="javax.swing.JTable" icon="/com/intellij/uiDesigner/icons/table.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JList" icon="/com/intellij/uiDesigner/icons/list.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="2" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JTree" icon="/com/intellij/uiDesigner/icons/tree.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
+          <preferred-size width="150" height="50" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JTabbedPane" icon="/com/intellij/uiDesigner/icons/tabbedPane.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
+          <preferred-size width="200" height="200" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JSplitPane" icon="/com/intellij/uiDesigner/icons/splitPane.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
+          <preferred-size width="200" height="200" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JSpinner" icon="/com/intellij/uiDesigner/icons/spinner.png" removable="false" auto-create-binding="true" can-attach-label="true">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
+      </item>
+      <item class="javax.swing.JSlider" icon="/com/intellij/uiDesigner/icons/slider.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
+      </item>
+      <item class="javax.swing.JSeparator" icon="/com/intellij/uiDesigner/icons/separator.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3" />
+      </item>
+      <item class="javax.swing.JProgressBar" icon="/com/intellij/uiDesigner/icons/progressbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1" />
+      </item>
+      <item class="javax.swing.JToolBar" icon="/com/intellij/uiDesigner/icons/toolbar.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1">
+          <preferred-size width="-1" height="20" />
+        </default-constraints>
+      </item>
+      <item class="javax.swing.JToolBar$Separator" icon="/com/intellij/uiDesigner/icons/toolbarSeparator.png" removable="false" auto-create-binding="false" can-attach-label="false">
+        <default-constraints vsize-policy="0" hsize-policy="0" anchor="0" fill="1" />
+      </item>
+      <item class="javax.swing.JScrollBar" icon="/com/intellij/uiDesigner/icons/scrollbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
+        <default-constraints vsize-policy="6" hsize-policy="0" anchor="0" fill="2" />
+      </item>
+    </group>
+  </component>
+</project>

Research/APT_FSM/.idea/workspace.xml

@@ -0,0 +1,125 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ChangeListManager">
+    <list default="true" id="42f38a7d-1581-4dba-964f-7c9ea4bd6434" name="Default Changelist" comment="" />
+    <option name="SHOW_DIALOG" value="false" />
+    <option name="HIGHLIGHT_CONFLICTS" value="true" />
+    <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
+    <option name="LAST_RESOLUTION" value="IGNORE" />
+  </component>
+  <component name="FileTemplateManagerImpl">
+    <option name="RECENT_TEMPLATES">
+      <list>
+        <option value="Kotlin Class" />
+        <option value="Class" />
+      </list>
+    </option>
+  </component>
+  <component name="MavenImportPreferences">
+    <option name="importingSettings">
+      <MavenImportingSettings>
+        <option name="importAutomatically" value="true" />
+      </MavenImportingSettings>
+    </option>
+  </component>
+  <component name="ProjectId" id="1YpIT4BwLNO03IojBWVDOVNSp8s" />
+  <component name="ProjectViewState">
+    <option name="hideEmptyMiddlePackages" value="true" />
+    <option name="showExcludedFiles" value="true" />
+    <option name="showLibraryContents" value="true" />
+  </component>
+  <component name="PropertiesComponent">
+    <property name="RunOnceActivity.ShowReadmeOnStart" value="true" />
+    <property name="last_opened_file_path" value="$PROJECT_DIR$" />
+    <property name="project.structure.last.edited" value="Modules" />
+    <property name="project.structure.proportion" value="0.15" />
+    <property name="project.structure.side.proportion" value="0.2" />
+  </component>
+  <component name="RecentsManager">
+    <key name="MoveFile.RECENT_KEYS">
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM" />
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM\src\main\java" />
+    </key>
+    <key name="CopyFile.RECENT_KEYS">
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM" />
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM\src" />
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM\src\main" />
+      <recent name="C:\Users\Fxu\IdeaProjects\APT_FSM\src\main\resources" />
+    </key>
+  </component>
+  <component name="RunManager" selected="Application.PivyFsmMain">
+    <configuration name="PivyFSM" type="Application" factoryName="Application" temporary="true" nameIsGenerated="true">
+      <option name="MAIN_CLASS_NAME" value="PivyFSM" />
+      <module name="APT_FSM" />
+      <method v="2">
+        <option name="Make" enabled="true" />
+      </method>
+    </configuration>
+    <configuration name="PivyFsmMain" type="Application" factoryName="Application" temporary="true" nameIsGenerated="true">
+      <option name="MAIN_CLASS_NAME" value="PivyFsmMain" />
+      <module name="APT_FSM" />
+      <method v="2">
+        <option name="Make" enabled="true" />
+      </method>
+    </configuration>
+    <recent_temporary>
+      <list>
+        <item itemvalue="Application.PivyFsmMain" />
+        <item itemvalue="Application.PivyFSM" />
+      </list>
+    </recent_temporary>
+  </component>
+  <component name="SvnConfiguration">
+    <configuration />
+  </component>
+  <component name="TaskManager">
+    <task active="true" id="Default" summary="Default task">
+      <changelist id="42f38a7d-1581-4dba-964f-7c9ea4bd6434" name="Default Changelist" comment="" />
+      <created>1583633113481</created>
+      <option name="number" value="Default" />
+      <option name="presentableId" value="Default" />
+      <updated>1583633113481</updated>
+    </task>
+    <servers />
+  </component>
+  <component name="WindowStateProjectService">
+    <state x="4109" y="358" key="#Project_Structure" timestamp="1583633475765">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state x="4109" y="358" key="#Project_Structure/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1583633475765" />
+    <state x="2517" y="503" key="#com.intellij.fileTypes.FileTypeChooser" timestamp="1583646719732">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state x="2517" y="503" key="#com.intellij.fileTypes.FileTypeChooser/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1583646719732" />
+    <state x="2645" y="589" key="#com.intellij.ide.util.projectWizard.JdkChooserPanel.MyDialog" timestamp="1583642139500">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state x="2645" y="589" key="#com.intellij.ide.util.projectWizard.JdkChooserPanel.MyDialog/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1583642139500" />
+    <state width="1694" height="310" key="GridCell.Tab.0.bottom" timestamp="1584993241366">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state width="1877" height="218" key="GridCell.Tab.0.bottom/0.0.1920.1040/1920.0.3440.1400@0.0.1920.1040" timestamp="1583685350572" />
+    <state width="1694" height="310" key="GridCell.Tab.0.bottom/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1584993241366" />
+    <state width="1694" height="310" key="GridCell.Tab.0.center" timestamp="1584993241366">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state width="1877" height="218" key="GridCell.Tab.0.center/0.0.1920.1040/1920.0.3440.1400@0.0.1920.1040" timestamp="1583685350572" />
+    <state width="1694" height="310" key="GridCell.Tab.0.center/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1584993241366" />
+    <state width="1694" height="310" key="GridCell.Tab.0.left" timestamp="1584993241366">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state width="1877" height="218" key="GridCell.Tab.0.left/0.0.1920.1040/1920.0.3440.1400@0.0.1920.1040" timestamp="1583685350572" />
+    <state width="1694" height="310" key="GridCell.Tab.0.left/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1584993241366" />
+    <state width="1694" height="310" key="GridCell.Tab.0.right" timestamp="1584993241366">
+      <screen x="1920" y="0" width="3440" height="1400" />
+    </state>
+    <state width="1877" height="218" key="GridCell.Tab.0.right/0.0.1920.1040/1920.0.3440.1400@0.0.1920.1040" timestamp="1583685350572" />
+    <state width="1694" height="310" key="GridCell.Tab.0.right/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1584993241366" />
+    <state x="2346" y="389" key="com.intellij.ide.util.TipDialog" timestamp="1588635647846">
+      <screen x="1920" y="0" width="2560" height="1040" />
+    </state>
+    <state x="2346" y="389" key="com.intellij.ide.util.TipDialog/0.0.1920.1040/1920.0.2560.1040@1920.0.2560.1040" timestamp="1588635647846" />
+    <state x="320" y="389" key="com.intellij.ide.util.TipDialog/0.0.1920.1040/1920.0.3440.1400@0.0.1920.1040" timestamp="1583706822459" />
+    <state x="2493" y="524" key="com.intellij.ide.util.TipDialog/0.0.1920.1040/1920.0.3440.1400@1920.0.3440.1400" timestamp="1584990024879" />
+  </component>
+</project>

Research/APT_FSM/APT_FSM.iml

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4" />

Research/APT_FSM/MyStateMachine.dot

@@ -0,0 +1,13 @@
+digraph {
+compound=true;
+subgraph cluster_StateMachine {
+label="PivyFSM";
+Exfiltrated [label="Exfiltrated"];
+Secure [label="Secure"];
+Explored [label="Explored"];
+Penetrated [label="Penetrated"];
+
+Exfiltrated -> Explored [ label="changeSrcIPFound"];
+Secure -> Penetrated [ label="pivyNameFound"];
+Penetrated -> Exfiltrated [ label="trafficFound"];
+Penetrated -> Explored [ label="changeSrcIPFound"];}}

Research/APT_FSM/MyStateMachine.scxml

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<scxml initial="Secure" version="1.0"
+    xmlns="http://www.w3.org/2005/07/scxml" xmlns:sqrl="http://squirrelframework.org/squirrel">
+    <sqrl:fsm context-insensitive="true" context-type="java.lang.Void"
+        event-type="PivyFSM$PivyEvent" fsm-type="PivyFSM"
+        id="wYDJTbm8m0" state-type="PivyFSM$PivyState"/>
+    <state id="Exfiltrated">
+        <transition
+            cond="instance#org.squirrelframework.foundation.fsm.Conditions$Always"
+            event="changeSrcIPFound" sqrl:priority="1"
+            sqrl:type="EXTERNAL" target="Explored">
+            <sqrl:action content="method#transitFromExfiltratedToExploredOnchangeSrcIPFound:-10"/>
+        </transition>
+    </state>
+    <state id="Secure">
+        <transition
+            cond="instance#org.squirrelframework.foundation.fsm.Conditions$Always"
+            event="pivyNameFound" sqrl:priority="1" sqrl:type="EXTERNAL" target="Penetrated">
+            <sqrl:action content="method#transitFromSecureToPenetratedOnpivyNameFound:-10"/>
+        </transition>
+    </state>
+    <state id="Explored"/>
+    <state id="Penetrated">
+        <transition
+            cond="instance#org.squirrelframework.foundation.fsm.Conditions$Always"
+            event="trafficFound" sqrl:priority="1" sqrl:type="EXTERNAL" target="Exfiltrated">
+            <sqrl:action content="method#transitFromPenetratedToExfiltratedOntrafficFound:-10"/>
+        </transition>
+        <transition
+            cond="instance#org.squirrelframework.foundation.fsm.Conditions$Always"
+            event="changeSrcIPFound" sqrl:priority="1"
+            sqrl:type="EXTERNAL" target="Explored">
+            <sqrl:action content="method#transitFromPenetratedToExploredOnchangeSrcIPFound:-10"/>
+        </transition>
+    </state>
+</scxml>

Research/APT_FSM/MyStateMachine2.scxml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<scxml initial="Secure" version="1.0"
+    xmlns="http://www.w3.org/2005/07/scxml" xmlns:sqrl="http://squirrelframework.org/squirrel">
+    <sqrl:fsm context-insensitive="true" context-type="java.lang.Void"
+        event-type="PivyFSM$PivyEvent" fsm-type="PivyFSM"
+        id="sxllthXFut" state-type="PivyFSM$PivyState"/>
+    <state id="Secure">
+        <transition
+            cond="instance#org.squirrelframework.foundation.fsm.Conditions$Always"
+            event="pivyNameFound" sqrl:priority="1" sqrl:type="EXTERNAL" target="Penetrated">
+            <sqrl:action content="method#transitFromSecureToPenetratedOnpivyNameFound:-10"/>
+        </transition>
+    </state>
+    <state id="Penetrated"/>
+</scxml>

Research/APT_FSM/fileLogs.txt

@@ -0,0 +1,3 @@
+google.exe
+piosionIvy.exe
+hello.txt

Research/APT_FSM/networkTraffic.txt

@@ -0,0 +1,2 @@
+dst_ref.value = '44.3.2.12'
+src_ref.value = '10.0.2.10'

Research/APT_FSM/pom.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>org.example</groupId>
+    <artifactId>APT_FSM</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <dependencies>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+            <version>2.6</version>
+        </dependency>
+        <dependency>
+            <groupId>org.squirrelframework</groupId>
+            <artifactId>squirrel-foundation</artifactId>
+            <version>0.3.8</version>
+        </dependency>
+    </dependencies>
+</project>

Research/APT_FSM/src/main/java/PivyFSM.java

@@ -0,0 +1,41 @@
+import org.squirrelframework.foundation.fsm.annotation.ContextInsensitive;
+import org.squirrelframework.foundation.fsm.annotation.Transitions;
+import org.squirrelframework.foundation.fsm.impl.AbstractStateMachine;
+
+@ContextInsensitive
+public class PivyFSM extends AbstractStateMachine <PivyFSM, PivyFSM.PivyState, PivyFSM.PivyEvent, Void> {
+    public enum PivyEvent {
+        pivyNameFound, trafficFound, changeSrcIPFound
+    }
+
+    // Penetrated state indicates malicious code has been successfully installed on an SUI by an attacker
+    // Explored indicates an SUI has been explored by attackers to gain a better understanding of the environment for future actions.
+    //          change to a new src id=10.0.2.10
+    // Exfiltrated indicates the SUI has an unauthorized movement of data.
+    public enum PivyState {
+        Secure, Penetrated, Explored, Exfiltrated
+    }
+
+    private StringBuilder logger = new StringBuilder();
+
+    //for future visualization
+    public void transitFromSecureToPenetratedOnpivyNameFound(PivyState from, PivyState to, PivyFSM.PivyEvent event) {
+        logger.append("Vulnerability found! Transit From Secure To Penetrated On pivyNameFound");
+        System.out.println(logger.toString());
+    }
+
+    public void transitFromPenetratedToExfiltratedOntrafficFound(PivyState from, PivyState to, PivyFSM.PivyEvent event) {
+        logger.append("-> Transit From Penetrated To Exfiltrated On trafficeFound");
+        System.out.println(logger.toString());
+    }
+
+    public void transitFromExfiltratedToExploredOnchangeSrcIPFound(PivyState from, PivyState to, PivyFSM.PivyEvent event) {
+        logger.append("-> Transit From Exfiltrated To Explored On changeSrcIPFound");
+        System.out.println(logger.toString());
+    }
+
+    public void transitFromPenetratedToExploredOnchangeSrcIPFound(PivyState from, PivyState to, PivyFSM.PivyEvent event) {
+        logger.append("-> Transit From Penetrated To Explored On changeSrcIPFound");
+        System.out.println(logger.toString());
+    }
+}

Research/APT_FSM/src/main/java/PivyFsmMain.java

@@ -0,0 +1,62 @@
+import org.squirrelframework.foundation.component.SquirrelProvider;
+import org.squirrelframework.foundation.fsm.*;
+import org.apache.commons.io.FileUtils;
+import java.io.File;
+import java.io.IOException;
+
+public class PivyFsmMain {
+    public static void main(String[] args) throws IOException {
+        // builder the state machine
+        StateMachineBuilder<PivyFSM, PivyFSM.PivyState, PivyFSM.PivyEvent, Void> builder = StateMachineBuilderFactory.create(
+                PivyFSM.class, PivyFSM.PivyState.class, PivyFSM.PivyEvent.class, Void.class);
+
+        //predefined vulnerability events
+        builder.externalTransition().from(PivyFSM.PivyState.Secure).to(PivyFSM.PivyState.Penetrated).on(PivyFSM.PivyEvent.pivyNameFound);
+        builder.externalTransition().from(PivyFSM.PivyState.Penetrated).to(PivyFSM.PivyState.Exfiltrated).on(PivyFSM.PivyEvent.trafficFound);
+        builder.externalTransition().from(PivyFSM.PivyState.Exfiltrated).to(PivyFSM.PivyState.Explored).on(PivyFSM.PivyEvent.changeSrcIPFound);
+        builder.externalTransition().from(PivyFSM.PivyState.Penetrated).to(PivyFSM.PivyState.Explored).on(PivyFSM.PivyEvent.changeSrcIPFound);
+
+        PivyFSM stateMachine = builder.newStateMachine(PivyFSM.PivyState.Secure);
+
+        //Start the state machine
+        stateMachine.start();
+
+        // check for vulnerability events
+        final String pivyName = "piosionIvy.exe";
+        final String logName="fileLogs.txt";
+
+        if (FileUtils.readFileToString(new File(logName),"UTF-8").contains(pivyName)){
+            stateMachine.fire(PivyFSM.PivyEvent.pivyNameFound);
+        }
+
+        // check for exfiltrating traffic
+        final String networkTrafficFile="networkTraffic.txt";
+        final String dst_ip = "dst_ref.value = \'44.3.2.12\'";
+        if (FileUtils.readFileToString(new File(networkTrafficFile),"UTF-8").contains(dst_ip)) {
+            stateMachine.fire(PivyFSM.PivyEvent.trafficFound);
+        }
+
+        // check for lateral movement
+        final String networkLateralTrafficFile="networkTraffic.txt";
+        final String src_ip = "src_ref.value = \'10.0.2.10\'";
+        if (FileUtils.readFileToString(new File(networkLateralTrafficFile),"UTF-8").contains(src_ip)) {
+            stateMachine.fire(PivyFSM.PivyEvent.changeSrcIPFound);
+        }
+
+        // check for current state
+        System.out.println("================");
+        System.out.println("Current State: "+stateMachine.getCurrentState());
+
+        //export state machine definition in [SCXML] 2 document
+        SCXMLVisitor visitor = SquirrelProvider.getInstance().newInstance(SCXMLVisitor.class);
+        stateMachine.accept(visitor);
+        visitor.convertSCXMLFile("MyStateMachine", true);
+
+        // viewed by [GraphViz] 3.
+        // C:\Users\Fxu\Anaconda3\Library\bin\graphviz\gvedit.exe to display the dot file
+        // open with gvedit.exe
+        DotVisitor dotVisitor = SquirrelProvider.getInstance().newInstance(DotVisitor.class);
+        stateMachine.accept(dotVisitor);
+        dotVisitor.convertDotFile("MyStateMachine");
+    }
+}

Research/APT_FSM/src/main/resources/fileLogs.txt

@@ -0,0 +1,3 @@
+google.exe
+piosionIvy.exe
+hello.txt

Research/APT_FSM/target/classes/resources/fileLogs.txt

@@ -0,0 +1,3 @@
+google.exe
+piosionIvy.exe
+hello.txt

Research/APT_FSM/winRegistryLogs.txt

@@ -0,0 +1 @@
+key = ‘^HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\myPoisonIvy_autorun’