⚔ Alice Arena

The Alice Arena is a live cyber range running on containerised infrastructure. Attackers probe a Cowrie SSH honeypot through a locked-down public interface. Each round lasts 120 seconds. Every connection, command, and scan is logged and scored.

• Ports discovered and SSH connections attempted
• Commands executed on the honeypot
• Stealth — evading Suricata IDS detection
• Defender scores from IDS alerts and interaction volume

7 containers · 3 networks · Deception, detection, defence, and observability layers. Orchestrated by an AI agent with an automated scoring engine.