0bfe3258b5
Replit-Commit-Author: Agent Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: 1c71ce6e-1a3e-4f53-bb5d-77cdd22b8ea3
191 lines
4.5 KiB
JSON
191 lines
4.5 KiB
JSON
{
|
|
"feature_names": [
|
|
"activity_pattern_1h",
|
|
"activity_pattern_24h",
|
|
"activity_pattern_6h",
|
|
"attack_fallback_0",
|
|
"attack_fallback_1",
|
|
"attack_fallback_2",
|
|
"attack_fallback_3",
|
|
"attack_fallback_4",
|
|
"attack_fallback_5",
|
|
"attack_fallback_6",
|
|
"attack_fallback_7",
|
|
"attack_fallback_8",
|
|
"attack_fallback_9",
|
|
"avg_session_duration",
|
|
"avg_time_between_requests",
|
|
"betweenness_centrality",
|
|
"botnet_probability",
|
|
"burst_session_pattern",
|
|
"closeness_centrality",
|
|
"cluster_advanced_5",
|
|
"cluster_advanced_6",
|
|
"cluster_advanced_7",
|
|
"cluster_advanced_8",
|
|
"cluster_advanced_9",
|
|
"cluster_avg_rate",
|
|
"cluster_size",
|
|
"community_id",
|
|
"coordinated_attack_score",
|
|
"cross_ip_pattern",
|
|
"day_of_month",
|
|
"day_of_week",
|
|
"degree_centrality",
|
|
"first_octet",
|
|
"fourth_octet",
|
|
"geo_correlation",
|
|
"geo_risk_factor",
|
|
"graph_fallback_0",
|
|
"graph_fallback_1",
|
|
"graph_fallback_2",
|
|
"graph_fallback_3",
|
|
"graph_fallback_4",
|
|
"graph_fallback_5",
|
|
"graph_fallback_6",
|
|
"graph_fallback_7",
|
|
"graph_fallback_8",
|
|
"graph_fallback_9",
|
|
"high_port_usage",
|
|
"hour",
|
|
"hourly_pattern_0",
|
|
"hourly_pattern_1",
|
|
"hourly_pattern_10",
|
|
"hourly_pattern_11",
|
|
"hourly_pattern_12",
|
|
"hourly_pattern_13",
|
|
"hourly_pattern_14",
|
|
"hourly_pattern_15",
|
|
"hourly_pattern_2",
|
|
"hourly_pattern_3",
|
|
"hourly_pattern_4",
|
|
"hourly_pattern_5",
|
|
"hourly_pattern_6",
|
|
"hourly_pattern_7",
|
|
"hourly_pattern_8",
|
|
"hourly_pattern_9",
|
|
"ip_advanced_12",
|
|
"ip_advanced_13",
|
|
"ip_advanced_14",
|
|
"ip_cluster_label",
|
|
"ip_record_count",
|
|
"ip_reputation_score",
|
|
"ip_sequential_pattern",
|
|
"ip_temporal_concentration",
|
|
"ip_temporal_diversity",
|
|
"is_business_hours",
|
|
"is_link_local",
|
|
"is_localhost",
|
|
"is_multicast",
|
|
"is_night",
|
|
"is_outlier_cluster",
|
|
"is_private_ip",
|
|
"is_weekend",
|
|
"long_session_indicator",
|
|
"markov_entropy",
|
|
"markov_feature_5",
|
|
"markov_feature_6",
|
|
"markov_feature_7",
|
|
"markov_feature_8",
|
|
"markov_feature_9",
|
|
"max_session_gap",
|
|
"max_time_between_requests",
|
|
"min_time_between_requests",
|
|
"minute",
|
|
"month",
|
|
"ngram_feature_0",
|
|
"ngram_feature_1",
|
|
"ngram_feature_2",
|
|
"ngram_feature_3",
|
|
"ngram_feature_4",
|
|
"ngram_feature_5",
|
|
"ngram_feature_6",
|
|
"ngram_feature_7",
|
|
"ngram_feature_8",
|
|
"ngram_feature_9",
|
|
"off_hours_activity",
|
|
"pagerank_score",
|
|
"pattern_anomaly",
|
|
"persistent_connection",
|
|
"port_110",
|
|
"port_143",
|
|
"port_21",
|
|
"port_22",
|
|
"port_25",
|
|
"port_443",
|
|
"port_53",
|
|
"port_80",
|
|
"port_993",
|
|
"port_995",
|
|
"port_diversity",
|
|
"port_feature_0",
|
|
"port_feature_1",
|
|
"port_feature_10",
|
|
"port_feature_11",
|
|
"port_feature_12",
|
|
"port_feature_13",
|
|
"port_feature_14",
|
|
"port_feature_2",
|
|
"port_feature_3",
|
|
"port_feature_4",
|
|
"port_feature_5",
|
|
"port_feature_6",
|
|
"port_feature_7",
|
|
"port_feature_8",
|
|
"port_feature_9",
|
|
"port_scan_indicator",
|
|
"proto_anomaly_score",
|
|
"proto_dns",
|
|
"proto_feature_15",
|
|
"proto_feature_16",
|
|
"proto_feature_17",
|
|
"proto_feature_18",
|
|
"proto_feature_19",
|
|
"proto_ftp",
|
|
"proto_http",
|
|
"proto_https",
|
|
"proto_icmp",
|
|
"proto_pop3",
|
|
"proto_smtp",
|
|
"proto_ssh",
|
|
"proto_tcp",
|
|
"proto_udp",
|
|
"protocol_diversity",
|
|
"protocol_entropy",
|
|
"protocol_similarity",
|
|
"quarter_hour",
|
|
"random_port_score",
|
|
"request_burst_intensity",
|
|
"requests_per_session",
|
|
"second",
|
|
"second_octet",
|
|
"sequence_predictability",
|
|
"session_anomaly",
|
|
"session_count",
|
|
"session_intensity",
|
|
"session_regularity",
|
|
"similarity_to_cluster",
|
|
"state_diversity",
|
|
"std_time_between_requests",
|
|
"subnet_activity",
|
|
"sustained_activity",
|
|
"swarm_indicator",
|
|
"tcp_ratio",
|
|
"temporal_anomaly_score",
|
|
"temporal_correlation",
|
|
"third_octet",
|
|
"transition_regularity",
|
|
"weekend_high_activity"
|
|
],
|
|
"feature_count": 176,
|
|
"temporal_features": 33,
|
|
"network_features": 49,
|
|
"correlation_features": 12,
|
|
"sequence_features": 10,
|
|
"extraction_timestamp": "2025-06-03T11:20:50.554651",
|
|
"tensorflow_models": {
|
|
"autoencoder": true,
|
|
"autoencoder_threshold": 14748.6160247561
|
|
},
|
|
"deep_learning_enabled": true
|
|
} |