ml

package
v0.0.0-...-5185360 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 3, 2020 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package ml contains machine learning methods for flow classification.

Index

Constants

View Source
const MLName = "godpi-ml"

MLName is the name of the machine learning module, to be used as an identifier for the source of classification.

Variables

This section is empty.

Functions

func DownloadFileToTemp

func DownloadFileToTemp(url, tmpPrefix string) (string, error)

DownloadFileToTemp downloads a file from a URL to a temporary file and returns the temporary file's path, or an error. The temporary file's name will have the given prefix.

func MakeFeaturesFromPayload

func MakeFeaturesFromPayload(payload []byte) (feats map[int32]float32)

MakeFeaturesFromPayload creates the 2-grams from the given payload. Each key-value pair in the returned map signifies that the (key) 2 byte sequence was found (value) times in the payload.

Types

type LinearSVCModule

type LinearSVCModule struct {
	Threshold                  float32 // If a prediction has less confidence than this, it is not considered.
	TCPModelPath, UDPModelPath string  // The paths where the liblinear models are stored, for TCP and UDP predictions.
	// contains filtered or unexported fields
}

LinearSVCModule is the module that classifies flows based on a trained SVC model.

func NewLinearSVCModule

func NewLinearSVCModule() *LinearSVCModule

NewLinearSVCModule returns a new LinearSVCModule with the default configuration. By default, the models are downloaded from the project's wiki on initialization, and the classification threshold is 0.8.

func (*LinearSVCModule) ClassifyFlow

func (module *LinearSVCModule) ClassifyFlow(flow *types.Flow) (result types.ClassificationResult)

ClassifyFlow creates 2-grams from the given flow's first packet that has a payload, and it passes these to liblinear, in order to classify the flow using the trained models.

func (*LinearSVCModule) ClassifyFlowAll

func (module *LinearSVCModule) ClassifyFlowAll(flow *types.Flow) []types.ClassificationResult

ClassifyFlowAll returns all the protocols returned by all the ML methods.

func (*LinearSVCModule) Destroy

func (module *LinearSVCModule) Destroy() error

Destroy frees and destroys the loaded models.

func (*LinearSVCModule) Initialize

func (module *LinearSVCModule) Initialize() error

Initialize loads the files that contain the SVC models used for classification.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL