Documentation
¶
Index ¶
- type AccessPattern
- type ActivationPredictor
- type ActiveDefense
- type ActiveResponse
- type AdversarialAttackVector
- type AdversarialDetector
- type AdversarialRisk
- type AlertManager
- type AlertMetric
- type AlertRecord
- type AlertRule
- type AnalyticsRule
- type AnomalousInput
- type AnomalyDetectionResult
- type AnomalyDetector
- type AnomalyModel
- type AnomalyType
- type AstroturfDetector
- type AttackCampaign
- type AttackCorrelationResult
- type AttackCorrelator
- type AttackPattern
- type AttackRecord
- type AttackSignature
- type AttackStage
- type AttackVector
- type Attribution
- type AttributionAnalysis
- type AttributionEngine
- type AttributionFactor
- type AttributionRule
- type AuthenticationAnalytics
- type AuthenticationAnalyticsRule
- type AuthenticationEvent
- type AuthenticationFraud
- type AuthenticationFraudDetector
- type AuthenticationFraudPattern
- type AuthenticationMetric
- type AuthenticationMonitor
- type AuthenticationRecord
- type AuthenticationReport
- type AuthenticationReportGenerationRule
- type AuthenticationReportGenerator
- type AuthenticationReportSection
- type AuthenticationReportTemplate
- type AuthenticationRule
- type AuthenticationValidationRule
- type AuthorityInfo
- type AuthorityValidator
- type AutomatedAction
- type AutomationEngine
- type AutomationRule
- type AutomationTask
- type Baseline
- type BaselineComparisonEngine
- type BaselineComparisonResult
- type BaselineDeviation
- type BaselineHealth
- type BaselineManagementRule
- type BaselineManager
- type BaselineRule
- type BaselineUpdateScheduler
- type BehaviorBaseline
- type BehavioralAnalysisResult
- type BehavioralAnalyzer
- type BehavioralAnomaly
- type BehavioralConfig
- type BehavioralPattern
- type BehavioralRecommendation
- type BehavioralRiskAssessment
- type BotDetectionRule
- type CampaignDetectionResult
- type CampaignDetector
- type CampaignMetrics
- type CampaignPattern
- type CampaignProgress
- type CertificationBody
- type ChangePoint
- type ChangedBehavior
- type ChecksumAnalysis
- type ChecksumAnomaly
- type ChecksumMatch
- type ChecksumMismatch
- type CircularDependency
- type CircularDependencyDetector
- type CodeChange
- type CollectiveAnomaly
- type CommunicationPattern
- type CommunityMetrics
- type CommunityValidator
- type ComparisonRecord
- type ComparisonRule
- type ComplexityAnalyzer
- type ComplexityAnalyzerConfig
- type ComplexityLimiter
- type ComplexityThreat
- type ComplianceStandard
- type ComplianceValidator
- type ComprehensiveSecurityResult
- type ConnectionMonitor
- type ConnectionRecord
- type ConnectionRule
- type ContextualAnomaly
- type CoordinatedResponse
- type CoordinatedThreat
- type CoordinationRule
- type CorporateEntity
- type CorporateValidator
- type CorrelatedAttack
- type CorrelationRule
- type CredentialChecker
- type CredentialStrengthAnalyzer
- type CredentialValidationRule
- type CredentialWeakness
- type CrossEcosystemMonitor
- type CrossEcosystemResult
- type CrossEcosystemThreat
- type CrossPackagePattern
- type CrossPlatformIndicator
- type CyclicalPattern
- type DNSAnalysis
- type DNSAnalyzer
- type DNSAnomaly
- type DNSMetric
- type DNSPattern
- type DNSQuery
- type DNSResponse
- type DefenseCoordinationResult
- type DefenseCoordinator
- type DefenseGap
- type DefenseRecommendation
- type DefenseSystem
- type DependencyEdge
- type DependencyGraph
- type DependencyNode
- type DetectedBehavior
- type DetectedCampaign
- type DetectedThreat
- type DetectionAlgorithm
- type DomainAnalysisRule
- type DomainAnalyzer
- type DomainRecord
- type EcosystemCorrelation
- type EffectivenessRecord
- type EffectivenessTracker
- type EncryptionAnalysis
- type EncryptionAnalyzer
- type EncryptionAnomaly
- type EncryptionDetector
- type EncryptionMetric
- type EncryptionResult
- type EncryptionWeakness
- type EngagementMetrics
- type EnsembleDefense
- type EnsembleDefenseResult
- type EscalationDetector
- type EscalationManager
- type EscalationPath
- type EscalationPattern
- type EscalationRule
- type EvasionDetector
- type EventCollector
- type EventFilter
- type EventProcessor
- type EvolutionStage
- type ExecutionAnomaly
- type ExecutionPattern
- type ExpirationRecord
- type ExpirationRule
- type FeaturePoisoningDetector
- type FeaturePoisoningRisk
- type FileOperation
- type FileSystemAnalysisResult
- type FileSystemAnalyzer
- type FileSystemAnomaly
- type FileSystemRule
- type ForecastAnalysis
- type FraudDetectionRule
- type GeographicAnalyzer
- type GeographicInstallation
- type GradientAnalysisResult
- type GradientAnalyzer
- type GradientAttack
- type GradientPattern
- type ImpactAssessment
- type InputValidationResult
- type InputValidator
- type InstallationAnalysisResult
- type InstallationAnalyzer
- type InstallationAnomaly
- type InstallationMetrics
- type InstallationPattern
- type InstallationRecord
- type IntegrityAnalysis
- type IntegrityCheck
- type IntegrityChecker
- type IntegrityRule
- type IntegrityViolation
- type IntelSource
- type InteractionAnomaly
- type InteractionPattern
- type InteractionRecord
- type InteractionRule
- type MFAProvider
- type MFAToken
- type MFAValidationRule
- type MFAValidator
- type MLCountermeasure
- type MLHardeningConfig
- type MLHardeningResult
- type MLHardeningSystem
- type MLVulnerability
- type MaintainerProfile
- type MaintainerValidator
- type ManipulationTactic
- type MarketEvent
- type MitigationStrategy
- type ModelDiscrepancy
- type ModelRobustnessValidator
- type Monitor
- type MonitoringRule
- type MultiVectorAnalysisResult
- type MultiVectorConfig
- type MultiVectorCoordinator
- type NetworkAnalysisResult
- type NetworkAnalyzer
- type NetworkAnomaly
- type NetworkConnection
- type NewBehavior
- type NotificationChannel
- type OrchestrationRule
- type PatternDetectionResult
- type PatternDetector
- type PatternEvolution
- type PatternMatcher
- type PatternPrediction
- type PatternRecord
- type PerformanceImpact
- type PerformanceMetric
- type PerformanceMetrics
- type PerformanceMonitor
- type PerformanceRecord
- type PerformanceTracker
- type PermissionAnalysis
- type PermissionAnalyzer
- type PermissionAnomaly
- type PermissionChange
- type PermissionRule
- type PerturbationDetector
- type PerturbationTest
- type PerturbationTestConfig
- type PoisonedFeature
- type PoisoningImpact
- type PoisoningPattern
- type PoisoningTechnique
- type PredictedTrigger
- type Prediction
- type PrivilegeEscalation
- type ProcessAnalysisResult
- type ProcessAnalyzer
- type ProcessAnomaly
- type ProcessAnomalyDetector
- type ProcessAnomalyModel
- type ProcessBaseline
- type ProcessBaselineManager
- type ProcessBehavior
- type ProcessBehaviorAnalyzer
- type ProcessBehaviorPattern
- type ProcessInfo
- type ProcessMetrics
- type ProcessMonitor
- type ProcessPerformanceMetric
- type ProcessPerformanceTracker
- type ProcessRecord
- type ProcessRelationship
- type ProcessRule
- type ProcessSecurityAnalyzer
- type ProcessSecurityRule
- type ProcessThreat
- type ProcessThreatDetector
- type ProcessThreatPattern
- type ProcessVulnerability
- type ProcessVulnerabilityScanner
- type ProcessingRule
- type ProfileRule
- type ProgressionRule
- type ProgressionTracker
- type PropagationRule
- type ProtocolAnalysis
- type ProtocolAnalysisResult
- type ProtocolAnalyzer
- type ProtocolAnomaly
- type ProtocolHandler
- type ProtocolMetric
- type ProtocolPattern
- type PsychologicalTrigger
- type RedFlag
- type RemovedBehavior
- type ReportGenerationRule
- type ReportSection
- type ReportTemplate
- type ResearcherProfile
- type ResearcherValidator
- type ResourceUsagePattern
- type ResponseAction
- type ResponseActionHandler
- type ResponseChain
- type ResponseOrchestrationResult
- type ResponseOrchestrationService
- type ResponseOrchestrator
- type ResponseRecord
- type ResponseRule
- type ResponseSystem
- type ResponseTemplate
- type RiskAssessment
- type RiskCategory
- type RiskFactor
- type RiskForecast
- type RiskTrend
- type RobustnessValidationResult
- type RuntimeAnalysisResult
- type RuntimeAnalyzer
- type RuntimeBehavior
- type RuntimeMonitor
- type SanitizationRule
- type ScanMetric
- type SeasonalPattern
- type SecurityAlert
- type SecurityCoordinator
- type SecurityCoordinatorConfig
- type SecurityEvent
- type SecurityMetrics
- type SecurityMetricsResult
- type SecurityMonitor
- type SecurityPerformanceMetric
- type SecurityRecommendation
- type SecurityRule
- type SessionActivity
- type SessionAnalytics
- type SessionAuthenticationValidator
- type SessionMetric
- type SessionMonitor
- type SessionRecord
- type SessionReport
- type SessionReportGenerator
- type SessionRule
- type SessionSecurityAnalyzer
- type SessionSecurityRule
- type SessionThreat
- type SessionThreatDetectionRule
- type SessionThreatDetector
- type SessionThreatPattern
- type SocialEngineeringDetector
- type SocialEngineeringRisk
- type SpatialAnalyzer
- type SpatialCorrelation
- type StabilityMetric
- type StabilityMetrics
- type StageDetector
- type StageSignature
- type StagedAttack
- type Stakeholder
- type StatisticalAnomaly
- type StrengthMetric
- type StrengthRule
- type SupplyChainAnalyzer
- type SupplyChainRisk
- type SuspiciousChange
- type SuspiciousDomain
- type SuspiciousGradient
- type SuspiciousPattern
- type SuspiciousUser
- type SynchronizedEvent
- type TamperingDetection
- type TamperingEvent
- type TamperingIndicator
- type TamperingPattern
- type TechnicalAnalyzer
- type TechnicalCorrelation
- type TemporalAnalysisResult
- type TemporalAnalyzer
- type TemporalAnomaly
- type TemporalAnomalyDetector
- type TemporalAnomalyRecord
- type TemporalAnomalyRule
- type TemporalBehaviorAnalyzer
- type TemporalCorrelation
- type TemporalDetector
- type TemporalDetectorConfig
- type TemporalInstallation
- type TemporalInstallationAnalyzer
- type TemporalInstallationPattern
- type TemporalMonitor
- type TemporalPattern
- type TemporalPatternAnalyzer
- type TemporalPatternRule
- type TemporalRule
- type TemporalThreat
- type TemporalTrend
- type TemporalTrendAnalyzer
- type TemporalTrendRule
- type ThreatActor
- type ThreatDetectionRule
- type ThreatDetector
- type ThreatEvent
- type ThreatFeed
- type ThreatIndicator
- type ThreatIntelRecord
- type ThreatIntelResult
- type ThreatIntelligence
- type ThreatIntelligenceResult
- type ThreatIntelligenceService
- type ThreatMatch
- type ThreatMetric
- type ThreatModel
- type ThreatPropagationModel
- type ThreatRecord
- type TimeSeriesPoint
- type TimeWindow
- type TokenExpirationManager
- type TokenValidationRule
- type TokenValidator
- type TrafficAnalysis
- type TrafficAnalyzer
- type TrafficAnomaly
- type TrafficAnomalyDetector
- type TrafficAnomalyModel
- type TrafficMetric
- type TrafficPattern
- type TrainingDataPoint
- type TransitionRule
- type TrendAnalysis
- type TrendComponent
- type TrendRecord
- type TrustFactor
- type TrustValidationResult
- type TrustValidator
- type TrustValidatorConfig
- type UnusualPermission
- type UpdateRecord
- type UpdateRule
- type UserAction
- type UserAnalyzer
- type UserAnomaly
- type UserAnomalyDetector
- type UserAnomalyModel
- type UserAuthenticationAnalyzer
- type UserBehaviorAnalysis
- type UserBehaviorAnalyzer
- type UserBehaviorModel
- type UserBehaviorPattern
- type UserBehaviorProfile
- type UserCredential
- type UserEngagement
- type UserInteraction
- type UserInteractionAnalysisResult
- type UserInteractionAnalyzer
- type UserInteractionMonitor
- type UserProfile
- type UserProfileManager
- type UserSession
- type UserSessionAnalyzer
- type UserType
- type ValidationMetrics
- type ValidationResult
- type ValidationRule
- type VerificationMethod
- type VersionAnalysisResult
- type VersionEntry
- type VersionProgression
- type VersionTracker
- type VulnerabilityScanResult
- type VulnerabilityScanRule
- type WeakEncryption
- type WeaknessArea
- type WeaknessDetectionRule
- type WeaknessDetector
- type WeaknessPattern
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessPattern ¶
type AccessPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Files []string `json:"files"`
AccessFrequency int `json:"access_frequency"`
AccessTiming string `json:"access_timing"`
Users []string `json:"users"`
Processes []string `json:"processes"`
Anomalous bool `json:"anomalous"`
}
AccessPattern represents access patterns
type ActivationPredictor ¶
type ActivationPredictor struct {
// contains filtered or unexported fields
}
ActivationPredictor predicts potential activation triggers
func NewActivationPredictor ¶
func NewActivationPredictor() *ActivationPredictor
type ActiveDefense ¶
type ActiveDefense struct {
DefenseType string `json:"defense_type"`
Status string `json:"status"`
Effectiveness float64 `json:"effectiveness"`
Coverage []string `json:"coverage"`
LastActivated time.Time `json:"last_activated"`
ResponseTime time.Duration `json:"response_time"`
}
ActiveDefense represents active defense mechanisms
type ActiveResponse ¶
type ActiveResponse struct {
ResponseID string `json:"response_id"`
ResponseType string `json:"response_type"`
Status string `json:"status"`
TriggerEvent string `json:"trigger_event"`
Actions []string `json:"actions"`
Effectiveness float64 `json:"effectiveness"`
StartTime time.Time `json:"start_time"`
Duration time.Duration `json:"duration"`
}
ActiveResponse represents active response mechanisms
type AdversarialAttackVector ¶
type AdversarialAttackVector struct {
AttackType string `json:"attack_type"`
Severity string `json:"severity"`
Description string `json:"description"`
SuccessRate float64 `json:"success_rate"`
DetectionMethod string `json:"detection_method"`
Timestamp time.Time `json:"timestamp"`
}
AdversarialAttackVector represents specific adversarial attack vectors
type AdversarialDetector ¶
type AdversarialDetector struct {
// contains filtered or unexported fields
}
func NewAdversarialDetector ¶
func NewAdversarialDetector() *AdversarialDetector
type AdversarialRisk ¶
type AdversarialRisk struct {
RiskLevel string `json:"risk_level"`
ConfidenceScore float64 `json:"confidence_score"`
DetectedAttackVectors []AdversarialAttackVector `json:"detected_attack_vectors"`
PerturbationMagnitude float64 `json:"perturbation_magnitude"`
EvasionProbability float64 `json:"evasion_probability"`
DefenseRecommendations []string `json:"defense_recommendations"`
}
AdversarialRisk represents adversarial attack risk assessment
type AlertManager ¶
type AlertManager struct {
// contains filtered or unexported fields
}
AlertManager manages security alerts
type AlertMetric ¶
type AlertMetric struct {
MetricID string `json:"metric_id"`
AlertType string `json:"alert_type"`
AlertCount int `json:"alert_count"`
AcknowledgedCount int `json:"acknowledged_count"`
ResolvedCount int `json:"resolved_count"`
AverageResponseTime time.Duration `json:"average_response_time"`
}
AlertMetric represents alert metrics
type AlertRecord ¶
type AlertRecord struct {
RecordID string `json:"record_id"`
AlertID string `json:"alert_id"`
Action string `json:"action"`
Timestamp time.Time `json:"timestamp"`
User string `json:"user"`
Notes string `json:"notes"`
}
AlertRecord represents alert history records
type AlertRule ¶
type AlertRule struct {
RuleID string `json:"rule_id"`
RuleName string `json:"rule_name"`
TriggerCondition string `json:"trigger_condition"`
Severity string `json:"severity"`
AlertTemplate string `json:"alert_template"`
Parameters map[string]interface{} `json:"parameters"`
Enabled bool `json:"enabled"`
}
AlertRule defines alert generation rules
type AnalyticsRule ¶
type AnomalousInput ¶
type AnomalousInput struct {
InputType string `json:"input_type"`
AnomalyScore float64 `json:"anomaly_score"`
Description string `json:"description"`
SuspiciousValue string `json:"suspicious_value"`
ExpectedRange string `json:"expected_range"`
}
AnomalousInput represents anomalous input detection
type AnomalyDetectionResult ¶
type AnomalyDetectionResult struct {
DetectedAnomalies []BehavioralAnomaly `json:"detected_anomalies"`
AnomalyScore float64 `json:"anomaly_score"`
AnomalyTypes []AnomalyType `json:"anomaly_types"`
StatisticalAnomalies []StatisticalAnomaly `json:"statistical_anomalies"`
ContextualAnomalies []ContextualAnomaly `json:"contextual_anomalies"`
CollectiveAnomalies []CollectiveAnomaly `json:"collective_anomalies"`
}
AnomalyDetectionResult represents anomaly detection results
type AnomalyDetector ¶
type AnomalyDetector struct {
// contains filtered or unexported fields
}
type AnomalyModel ¶
type AnomalyType ¶
type AnomalyType struct {
TypeID string `json:"type_id"`
TypeName string `json:"type_name"`
Description string `json:"description"`
Frequency int `json:"frequency"`
AverageScore float64 `json:"average_score"`
RiskLevel string `json:"risk_level"`
}
AnomalyType represents anomaly types
type AstroturfDetector ¶
type AstroturfDetector struct {
// contains filtered or unexported fields
}
func NewAstroturfDetector ¶
func NewAstroturfDetector() *AstroturfDetector
type AttackCampaign ¶
type AttackCampaign struct {
CampaignID string `json:"campaign_id"`
CampaignName string `json:"campaign_name"`
StartDate time.Time `json:"start_date"`
EndDate *time.Time `json:"end_date"`
ThreatActor string `json:"threat_actor"`
Objectives []string `json:"objectives"`
Techniques []string `json:"techniques"`
AffectedTargets []string `json:"affected_targets"`
}
AttackCampaign represents identified attack campaigns
type AttackCorrelationResult ¶
type AttackCorrelationResult struct {
CorrelationScore float64 `json:"correlation_score"`
AttackPatterns []AttackPattern `json:"attack_patterns"`
TemporalCorrelations []TemporalCorrelation `json:"temporal_correlations"`
SpatialCorrelations []SpatialCorrelation `json:"spatial_correlations"`
TechnicalCorrelations []TechnicalCorrelation `json:"technical_correlations"`
}
AttackCorrelationResult represents attack correlation analysis
type AttackCorrelator ¶
type AttackCorrelator struct {
// contains filtered or unexported fields
}
func NewAttackCorrelator ¶
func NewAttackCorrelator(correlationWindow time.Duration) *AttackCorrelator
type AttackPattern ¶
type AttackPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Description string `json:"description"`
Frequency int `json:"frequency"`
Confidence float64 `json:"confidence"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
ThreatActors []string `json:"threat_actors"`
}
AttackPattern represents identified attack patterns
type AttackRecord ¶
type AttackSignature ¶
type AttackStage ¶
type AttackStage struct {
StageNumber int `json:"stage_number"`
StageName string `json:"stage_name"`
Status string `json:"status"`
StartTime *time.Time `json:"start_time"`
EndTime *time.Time `json:"end_time"`
Objectives []string `json:"objectives"`
Techniques []string `json:"techniques"`
Success bool `json:"success"`
}
AttackStage represents individual attack stages
type AttackVector ¶
type AttackVector struct {
VectorID string `json:"vector_id"`
VectorType string `json:"vector_type"`
Severity string `json:"severity"`
Description string `json:"description"`
TechnicalDetails map[string]interface{} `json:"technical_details"`
Indicators []string `json:"indicators"`
DetectionTime time.Time `json:"detection_time"`
}
AttackVector represents attack vectors
type Attribution ¶
type Attribution struct {
ThreatActor string `json:"threat_actor"`
Confidence float64 `json:"confidence"`
Evidence []string `json:"evidence"`
}
Attribution represents threat attribution
type AttributionAnalysis ¶
type AttributionAnalysis struct {
PrimaryAttribution string `json:"primary_attribution"`
AttributionConfidence float64 `json:"attribution_confidence"`
AlternativeAttributions []Attribution `json:"alternative_attributions"`
AttributionFactors []AttributionFactor `json:"attribution_factors"`
}
AttributionAnalysis represents threat attribution analysis
type AttributionEngine ¶
type AttributionEngine struct {
// contains filtered or unexported fields
}
type AttributionFactor ¶
type AttributionFactor struct {
FactorType string `json:"factor_type"`
Weight float64 `json:"weight"`
Evidence string `json:"evidence"`
Confidence float64 `json:"confidence"`
}
AttributionFactor represents attribution factors
type AttributionRule ¶
type AuthenticationAnalytics ¶
type AuthenticationAnalytics struct {
// contains filtered or unexported fields
}
type AuthenticationEvent ¶
type AuthenticationFraud ¶
type AuthenticationFraudDetector ¶
type AuthenticationFraudDetector struct {
// contains filtered or unexported fields
}
type AuthenticationMetric ¶
type AuthenticationMonitor ¶
type AuthenticationMonitor struct {
// contains filtered or unexported fields
}
type AuthenticationRecord ¶
type AuthenticationReport ¶
type AuthenticationReportGenerator ¶
type AuthenticationReportGenerator struct {
// contains filtered or unexported fields
}
type AuthenticationReportTemplate ¶
type AuthenticationReportTemplate struct {
TemplateID string
TemplateName string
Format string
Sections []AuthenticationReportSection
Parameters map[string]interface{}
}
type AuthenticationRule ¶
type AuthorityInfo ¶
type AuthorityValidator ¶
type AuthorityValidator struct {
// contains filtered or unexported fields
}
Authority validation structures
func NewAuthorityValidator ¶
func NewAuthorityValidator() *AuthorityValidator
type AutomatedAction ¶
type AutomatedAction struct {
ActionID string `json:"action_id"`
ActionType string `json:"action_type"`
TriggerCondition string `json:"trigger_condition"`
ExecutionTime time.Time `json:"execution_time"`
Result string `json:"result"`
Effectiveness float64 `json:"effectiveness"`
}
AutomatedAction represents automated actions
type AutomationEngine ¶
type AutomationEngine struct {
// contains filtered or unexported fields
}
type AutomationRule ¶
type AutomationTask ¶
type BaselineComparisonEngine ¶
type BaselineComparisonEngine struct {
// contains filtered or unexported fields
}
type BaselineComparisonResult ¶
type BaselineComparisonResult struct {
BaselineVersion string `json:"baseline_version"`
ComparisonScore float64 `json:"comparison_score"`
Deviations []BaselineDeviation `json:"deviations"`
NewBehaviors []NewBehavior `json:"new_behaviors"`
ChangedBehaviors []ChangedBehavior `json:"changed_behaviors"`
RemovedBehaviors []RemovedBehavior `json:"removed_behaviors"`
BaselineHealth *BaselineHealth `json:"baseline_health"`
}
BaselineComparisonResult represents baseline comparison results
type BaselineDeviation ¶
type BaselineDeviation struct {
DeviationID string `json:"deviation_id"`
DeviationType string `json:"deviation_type"`
Metric string `json:"metric"`
BaselineValue float64 `json:"baseline_value"`
CurrentValue float64 `json:"current_value"`
Deviation float64 `json:"deviation"`
Significance float64 `json:"significance"`
DetectionTime time.Time `json:"detection_time"`
}
BaselineDeviation represents baseline deviations
type BaselineHealth ¶
type BaselineHealth struct {
HealthScore float64 `json:"health_score"`
LastUpdate time.Time `json:"last_update"`
Staleness time.Duration `json:"staleness"`
Completeness float64 `json:"completeness"`
Accuracy float64 `json:"accuracy"`
Recommendations []string `json:"recommendations"`
}
BaselineHealth represents baseline health
type BaselineManagementRule ¶
type BaselineManager ¶
type BaselineManager struct {
// contains filtered or unexported fields
}
type BaselineRule ¶
type BaselineUpdateScheduler ¶
type BaselineUpdateScheduler struct {
// contains filtered or unexported fields
}
type BehaviorBaseline ¶
type BehaviorBaseline struct {
// contains filtered or unexported fields
}
BehaviorBaseline tracks normal behavior patterns
func NewBehaviorBaseline ¶
func NewBehaviorBaseline() *BehaviorBaseline
type BehavioralAnalysisResult ¶
type BehavioralAnalysisResult struct {
PackageName string `json:"package_name"`
OverallBehavioralScore float64 `json:"overall_behavioral_score"`
PatternDetection *PatternDetectionResult `json:"pattern_detection"`
AnomalyDetection *AnomalyDetectionResult `json:"anomaly_detection"`
InstallationAnalysis *InstallationAnalysisResult `json:"installation_analysis"`
RuntimeAnalysis *RuntimeAnalysisResult `json:"runtime_analysis"`
NetworkAnalysis *NetworkAnalysisResult `json:"network_analysis"`
FileSystemAnalysis *FileSystemAnalysisResult `json:"filesystem_analysis"`
ProcessAnalysis *ProcessAnalysisResult `json:"process_analysis"`
UserInteractionAnalysis *UserInteractionAnalysisResult `json:"user_interaction_analysis"`
TemporalAnalysis *TemporalAnalysisResult `json:"temporal_analysis"`
BaselineComparison *BaselineComparisonResult `json:"baseline_comparison"`
DetectedBehaviors []DetectedBehavior `json:"detected_behaviors"`
BehavioralAnomalies []BehavioralAnomaly `json:"behavioral_anomalies"`
RiskAssessment *BehavioralRiskAssessment `json:"risk_assessment"`
Recommendations []BehavioralRecommendation `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
BehavioralAnalysisResult represents behavioral analysis results
type BehavioralAnalyzer ¶
type BehavioralAnalyzer struct {
// contains filtered or unexported fields
}
BehavioralAnalyzer provides comprehensive behavioral pattern analysis and anomaly detection Addresses critical vulnerabilities identified in adversarial assessment: - Behavioral pattern exploitation - Anomalous installation patterns - Runtime behavior analysis - Network communication patterns - File system access patterns - Process execution patterns - User interaction patterns - Temporal behavior analysis
func NewBehavioralAnalyzer ¶
func NewBehavioralAnalyzer(config *BehavioralConfig, logger logger.Logger) *BehavioralAnalyzer
NewBehavioralAnalyzer creates a new behavioral analyzer
func (*BehavioralAnalyzer) AnalyzeBehavior ¶
func (ba *BehavioralAnalyzer) AnalyzeBehavior(ctx context.Context, pkg *types.Package) (*BehavioralAnalysisResult, error)
AnalyzeBehavior performs comprehensive behavioral analysis
type BehavioralAnomaly ¶
type BehavioralAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
Severity string `json:"severity"`
Description string `json:"description"`
DetectionTime time.Time `json:"detection_time"`
AnomalyScore float64 `json:"anomaly_score"`
Context map[string]interface{} `json:"context"`
Evidence []string `json:"evidence"`
Impact string `json:"impact"`
}
BehavioralAnomaly represents behavioral anomalies
type BehavioralConfig ¶
type BehavioralConfig struct {
EnablePatternDetection bool `yaml:"enable_pattern_detection"` // true
EnableAnomalyDetection bool `yaml:"enable_anomaly_detection"` // true
EnableInstallationAnalysis bool `yaml:"enable_installation_analysis"` // true
EnableRuntimeAnalysis bool `yaml:"enable_runtime_analysis"` // true
EnableNetworkAnalysis bool `yaml:"enable_network_analysis"` // true
EnableFileSystemAnalysis bool `yaml:"enable_filesystem_analysis"` // true
EnableProcessAnalysis bool `yaml:"enable_process_analysis"` // true
EnableUserInteractionAnalysis bool `yaml:"enable_user_interaction_analysis"` // true
EnableTemporalAnalysis bool `yaml:"enable_temporal_analysis"` // true
EnableBaselineManagement bool `yaml:"enable_baseline_management"` // true
AnomalyThreshold float64 `yaml:"anomaly_threshold"` // 0.7
PatternConfidenceThreshold float64 `yaml:"pattern_confidence_threshold"` // 0.8
BaselineUpdateInterval time.Duration `yaml:"baseline_update_interval"` // 24h
AnalysisWindow time.Duration `yaml:"analysis_window"` // 7d
MaxConcurrentAnalysis int `yaml:"max_concurrent_analysis"` // 5
Enabled bool `yaml:"enabled"` // true
}
BehavioralConfig configures behavioral analysis parameters
type BehavioralPattern ¶
type BehavioralPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Description string `json:"description"`
Frequency int `json:"frequency"`
Confidence float64 `json:"confidence"`
RiskLevel string `json:"risk_level"`
FirstObserved time.Time `json:"first_observed"`
LastObserved time.Time `json:"last_observed"`
Indicators []string `json:"indicators"`
Context map[string]interface{} `json:"context"`
}
BehavioralPattern represents detected behavioral patterns
type BehavioralRecommendation ¶
type BehavioralRecommendation struct {
RecommendationID string `json:"recommendation_id"`
RecommendationType string `json:"recommendation_type"`
Priority string `json:"priority"`
Description string `json:"description"`
Actions []string `json:"actions"`
Timeline time.Duration `json:"timeline"`
Resources []string `json:"resources"`
ExpectedOutcome string `json:"expected_outcome"`
SuccessMetrics []string `json:"success_metrics"`
}
BehavioralRecommendation represents behavioral recommendations
type BehavioralRiskAssessment ¶
type BehavioralRiskAssessment struct {
OverallRiskLevel string `json:"overall_risk_level"`
RiskScore float64 `json:"risk_score"`
RiskFactors []RiskFactor `json:"risk_factors"`
RiskCategories []RiskCategory `json:"risk_categories"`
RiskTrends []RiskTrend `json:"risk_trends"`
MitigationStrategies []MitigationStrategy `json:"mitigation_strategies"`
}
BehavioralRiskAssessment represents behavioral risk assessment
type BotDetectionRule ¶
type CampaignDetectionResult ¶
type CampaignDetectionResult struct {
DetectedCampaigns []DetectedCampaign `json:"detected_campaigns"`
CampaignPatterns []CampaignPattern `json:"campaign_patterns"`
StagedAttacks []StagedAttack `json:"staged_attacks"`
CampaignMetrics *CampaignMetrics `json:"campaign_metrics"`
}
CampaignDetectionResult represents campaign detection results
type CampaignDetector ¶
type CampaignDetector struct {
// contains filtered or unexported fields
}
func NewCampaignDetector ¶
func NewCampaignDetector() *CampaignDetector
type CampaignMetrics ¶
type CampaignMetrics struct {
TotalCampaigns int `json:"total_campaigns"`
ActiveCampaigns int `json:"active_campaigns"`
CompletedCampaigns int `json:"completed_campaigns"`
AverageDetectionTime time.Duration `json:"average_detection_time"`
DetectionAccuracy float64 `json:"detection_accuracy"`
}
CampaignMetrics represents campaign detection metrics
type CampaignPattern ¶
type CampaignPattern struct {
PatternID string `json:"pattern_id"`
PatternName string `json:"pattern_name"`
Stages []string `json:"stages"`
Duration time.Duration `json:"duration"`
SuccessRate float64 `json:"success_rate"`
ThreatActors []string `json:"threat_actors"`
}
CampaignPattern represents campaign patterns
type CampaignProgress ¶
type CertificationBody ¶
type ChangePoint ¶
type ChangePoint struct {
ChangePointID string `json:"change_point_id"`
Timestamp time.Time `json:"timestamp"`
ChangeType string `json:"change_type"`
Magnitude float64 `json:"magnitude"`
Confidence float64 `json:"confidence"`
Description string `json:"description"`
}
ChangePoint represents change points
type ChangedBehavior ¶
type ChangedBehavior struct {
BehaviorID string `json:"behavior_id"`
BehaviorType string `json:"behavior_type"`
ChangeType string `json:"change_type"`
OldPattern string `json:"old_pattern"`
NewPattern string `json:"new_pattern"`
ChangeTime time.Time `json:"change_time"`
Impact string `json:"impact"`
}
ChangedBehavior represents changed behaviors
type ChecksumAnalysis ¶
type ChecksumAnalysis struct {
ChecksumAlgorithm string `json:"checksum_algorithm"`
ChecksumMatches []ChecksumMatch `json:"checksum_matches"`
ChecksumMismatches []ChecksumMismatch `json:"checksum_mismatches"`
ChecksumAnomalies []ChecksumAnomaly `json:"checksum_anomalies"`
}
ChecksumAnalysis represents checksum analysis
type ChecksumAnomaly ¶
type ChecksumAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
AffectedFiles []string `json:"affected_files"`
Evidence []string `json:"evidence"`
}
ChecksumAnomaly represents checksum anomalies
type ChecksumMatch ¶
type ChecksumMatch struct {
FilePath string `json:"file_path"`
ExpectedChecksum string `json:"expected_checksum"`
ActualChecksum string `json:"actual_checksum"`
Timestamp time.Time `json:"timestamp"`
Verified bool `json:"verified"`
}
ChecksumMatch represents checksum matches
type ChecksumMismatch ¶
type ChecksumMismatch struct {
FilePath string `json:"file_path"`
ExpectedChecksum string `json:"expected_checksum"`
ActualChecksum string `json:"actual_checksum"`
DetectionTime time.Time `json:"detection_time"`
Severity string `json:"severity"`
PossibleCauses []string `json:"possible_causes"`
}
ChecksumMismatch represents checksum mismatches
type CircularDependency ¶
type CircularDependency struct {
Cycle []string `json:"cycle"`
Length int `json:"length"`
Complexity float64 `json:"complexity"`
Exploitable bool `json:"exploitable"`
}
CircularDependency represents a circular dependency
type CircularDependencyDetector ¶
type CircularDependencyDetector struct {
// contains filtered or unexported fields
}
CircularDependencyDetector detects circular dependencies
func NewCircularDependencyDetector ¶
func NewCircularDependencyDetector(maxCycles int) *CircularDependencyDetector
func (*CircularDependencyDetector) FindCycles ¶
func (cdd *CircularDependencyDetector) FindCycles(node string, graph *DependencyGraph) [][]string
func (*CircularDependencyDetector) Reset ¶
func (cdd *CircularDependencyDetector) Reset()
type CodeChange ¶
type CodeChange struct {
Type string // "addition", "modification", "deletion"
Location string
Content string
Suspicion float64
Indicators []string
}
CodeChange represents changes between versions
type CollectiveAnomaly ¶
type CollectiveAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AffectedEntities []string `json:"affected_entities"`
CollectiveScore float64 `json:"collective_score"`
Pattern string `json:"pattern"`
Duration time.Duration `json:"duration"`
Coordination bool `json:"coordination"`
}
CollectiveAnomaly represents collective anomalies
type CommunicationPattern ¶
type CommunicationPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Frequency int `json:"frequency"`
Destinations []string `json:"destinations"`
Protocols []string `json:"protocols"`
DataVolume int64 `json:"data_volume"`
Periodicity bool `json:"periodicity"`
Encrypted bool `json:"encrypted"`
Anomalous bool `json:"anomalous"`
}
CommunicationPattern represents communication patterns
type CommunityMetrics ¶
type CommunityValidator ¶
type CommunityValidator struct {
// contains filtered or unexported fields
}
Community validation structures
func NewCommunityValidator ¶
func NewCommunityValidator() *CommunityValidator
type ComparisonRecord ¶
type ComparisonRule ¶
type ComplexityAnalyzer ¶
type ComplexityAnalyzer struct {
// contains filtered or unexported fields
}
ComplexityAnalyzer detects and prevents computational complexity exploitation Addresses critical vulnerabilities identified in adversarial assessment: - Exponential dependency growth overwhelming analysis algorithms - Circular dependency mazes creating infinite analysis loops - Version constraint conflicts triggering NP-hard resolution problems - Transitive closure calculations scaling to O(V³) complexity
func NewComplexityAnalyzer ¶
func NewComplexityAnalyzer(config *ComplexityAnalyzerConfig, logger logger.Logger) *ComplexityAnalyzer
NewComplexityAnalyzer creates a new complexity analyzer
func (*ComplexityAnalyzer) AnalyzeComplexity ¶
func (ca *ComplexityAnalyzer) AnalyzeComplexity(ctx context.Context, pkg *types.Package) (*ComplexityThreat, error)
AnalyzeComplexity performs comprehensive complexity analysis
type ComplexityAnalyzerConfig ¶
type ComplexityAnalyzerConfig struct {
MaxDependencyDepth int `yaml:"max_dependency_depth"` // 15 levels max
MaxDependencyCount int `yaml:"max_dependency_count"` // 1000 deps max
MaxAnalysisTime time.Duration `yaml:"max_analysis_time"` // 30 seconds max
MaxMemoryUsage int64 `yaml:"max_memory_usage"` // 512MB max
CircularDetectionLimit int `yaml:"circular_detection_limit"` // 100 cycles max
ComplexityThreshold float64 `yaml:"complexity_threshold"` // 0.8
EnableEarlyTermination bool `yaml:"enable_early_termination"` // true
EnableComplexityLimits bool `yaml:"enable_complexity_limits"` // true
Enabled bool `yaml:"enabled"` // true
}
ComplexityAnalyzerConfig configures complexity analysis parameters
func DefaultComplexityAnalyzerConfig ¶
func DefaultComplexityAnalyzerConfig() *ComplexityAnalyzerConfig
DefaultComplexityAnalyzerConfig returns default configuration
type ComplexityLimiter ¶
type ComplexityLimiter struct {
// contains filtered or unexported fields
}
ComplexityLimiter enforces complexity limits during analysis
func NewComplexityLimiter ¶
func NewComplexityLimiter(maxTime time.Duration, maxMemory int64) *ComplexityLimiter
func (*ComplexityLimiter) IncrementOperations ¶
func (cl *ComplexityLimiter) IncrementOperations()
func (*ComplexityLimiter) ShouldTerminate ¶
func (cl *ComplexityLimiter) ShouldTerminate() bool
func (*ComplexityLimiter) Start ¶
func (cl *ComplexityLimiter) Start()
type ComplexityThreat ¶
type ComplexityThreat struct {
ThreatID string `json:"threat_id"`
PackageName string `json:"package_name"`
ThreatType string `json:"threat_type"`
Severity types.Severity `json:"severity"`
ComplexityScore float64 `json:"complexity_score"`
DependencyDepth int `json:"dependency_depth"`
DependencyCount int `json:"dependency_count"`
CircularDependencies []CircularDependency `json:"circular_dependencies"`
PerformanceImpact *PerformanceImpact `json:"performance_impact"`
ExploitationRisk string `json:"exploitation_risk"`
Recommendations []string `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
ComplexityThreat represents a detected complexity threat
type ComplianceStandard ¶
type ComplianceValidator ¶
type ComplianceValidator struct {
// contains filtered or unexported fields
}
Compliance validation structures
func NewComplianceValidator ¶
func NewComplianceValidator() *ComplianceValidator
type ComprehensiveSecurityResult ¶
type ComprehensiveSecurityResult struct {
PackageName string `json:"package_name"`
OverallThreatScore float64 `json:"overall_threat_score"`
ThreatLevel string `json:"threat_level"`
TemporalAnalysis *TemporalThreat `json:"temporal_analysis"`
ComplexityAnalysis *ComplexityThreat `json:"complexity_analysis"`
TrustValidation *TrustValidationResult `json:"trust_validation"`
MLHardening *MLHardeningResult `json:"ml_hardening"`
MultiVectorAnalysis *MultiVectorAnalysisResult `json:"multi_vector_analysis"`
BehavioralAnalysis *BehavioralAnalysisResult `json:"behavioral_analysis"`
ThreatIntelligence *ThreatIntelResult `json:"threat_intelligence"`
SecurityMetrics *SecurityMetricsResult `json:"security_metrics"`
DetectedThreats []DetectedThreat `json:"detected_threats"`
SecurityRecommendations []SecurityRecommendation `json:"security_recommendations"`
ResponseActions []ResponseAction `json:"response_actions"`
AlertsGenerated []SecurityAlert `json:"alerts_generated"`
AnalysisTimestamp time.Time `json:"analysis_timestamp"`
AnalysisDuration time.Duration `json:"analysis_duration"`
RequiresImmediateAction bool `json:"requires_immediate_action"`
Metadata map[string]interface{} `json:"metadata"`
}
ComprehensiveSecurityResult represents comprehensive security analysis results
type ConnectionMonitor ¶
type ConnectionMonitor struct {
// contains filtered or unexported fields
}
type ConnectionRecord ¶
type ConnectionRecord struct {
ConnectionID string
Timestamp time.Time
Details NetworkConnection
Classification string
}
type ConnectionRule ¶
type ContextualAnomaly ¶
type ContextualAnomaly struct {
AnomalyID string `json:"anomaly_id"`
Context map[string]interface{} `json:"context"`
ContextualScore float64 `json:"contextual_score"`
ExpectedBehavior string `json:"expected_behavior"`
ObservedBehavior string `json:"observed_behavior"`
ContextFactors []string `json:"context_factors"`
}
ContextualAnomaly represents contextual anomalies
type CoordinatedResponse ¶
type CoordinatedResponse struct {
ResponseID string `json:"response_id"`
ResponseType string `json:"response_type"`
TriggerEvent string `json:"trigger_event"`
Actions []string `json:"actions"`
Effectiveness float64 `json:"effectiveness"`
ExecutionTime time.Time `json:"execution_time"`
}
CoordinatedResponse represents coordinated defense responses
type CoordinatedThreat ¶
type CoordinatedThreat struct {
ThreatID string `json:"threat_id"`
ThreatType string `json:"threat_type"`
CoordinationLevel string `json:"coordination_level"`
AttackVectors []string `json:"attack_vectors"`
ThreatActors []string `json:"threat_actors"`
Timeline []ThreatEvent `json:"timeline"`
ImpactAssessment *ImpactAssessment `json:"impact_assessment"`
}
CoordinatedThreat represents coordinated threats
type CoordinationRule ¶
type CorporateEntity ¶
type CorporateValidator ¶
type CorporateValidator struct {
// contains filtered or unexported fields
}
Corporate validation structures
func NewCorporateValidator ¶
func NewCorporateValidator() *CorporateValidator
type CorrelatedAttack ¶
type CorrelatedAttack struct {
}
CorrelatedAttack represents correlated attack instances
type CorrelationRule ¶
type CredentialChecker ¶
type CredentialChecker struct {
// contains filtered or unexported fields
}
type CredentialStrengthAnalyzer ¶
type CredentialStrengthAnalyzer struct {
// contains filtered or unexported fields
}
type CredentialWeakness ¶
type CrossEcosystemMonitor ¶
type CrossEcosystemMonitor struct {
// contains filtered or unexported fields
}
func NewCrossEcosystemMonitor ¶
func NewCrossEcosystemMonitor() *CrossEcosystemMonitor
type CrossEcosystemResult ¶
type CrossEcosystemResult struct {
EcosystemsAnalyzed []string `json:"ecosystems_analyzed"`
CrossEcosystemThreats []CrossEcosystemThreat `json:"cross_ecosystem_threats"`
EcosystemCorrelations []EcosystemCorrelation `json:"ecosystem_correlations"`
SupplyChainRisks []SupplyChainRisk `json:"supply_chain_risks"`
CrossPlatformIndicators []CrossPlatformIndicator `json:"cross_platform_indicators"`
}
CrossEcosystemResult represents cross-ecosystem analysis
type CrossEcosystemThreat ¶
type CrossEcosystemThreat struct {
ThreatID string `json:"threat_id"`
ThreatType string `json:"threat_type"`
AffectedEcosystems []string `json:"affected_ecosystems"`
CoordinationLevel string `json:"coordination_level"`
ThreatSeverity string `json:"threat_severity"`
FirstDetected time.Time `json:"first_detected"`
PropagationVector string `json:"propagation_vector"`
}
CrossEcosystemThreat represents cross-ecosystem threats
type CrossPackagePattern ¶
type CrossPackagePattern struct {
PatternID string `json:"pattern_id"`
AffectedPackages []string `json:"affected_packages"`
PatternType string `json:"pattern_type"`
Correlation float64 `json:"correlation"`
RiskLevel string `json:"risk_level"`
}
CrossPackagePattern represents cross-package patterns
type CrossPlatformIndicator ¶
type CrossPlatformIndicator struct {
IndicatorType string `json:"indicator_type"`
Platforms []string `json:"platforms"`
IndicatorValue string `json:"indicator_value"`
ThreatLevel string `json:"threat_level"`
Confidence float64 `json:"confidence"`
}
CrossPlatformIndicator represents cross-platform indicators
type CyclicalPattern ¶
type CyclicalPattern struct {
PatternID string `json:"pattern_id"`
CycleType string `json:"cycle_type"`
CycleDuration time.Duration `json:"cycle_duration"`
Description string `json:"description"`
Amplitude float64 `json:"amplitude"`
Phase float64 `json:"phase"`
Stability float64 `json:"stability"`
}
CyclicalPattern represents cyclical patterns
type DNSAnalysis ¶
type DNSAnalysis struct {
DNSQueries []DNSQuery `json:"dns_queries"`
SuspiciousDomains []SuspiciousDomain `json:"suspicious_domains"`
DNSPatterns []DNSPattern `json:"dns_patterns"`
DNSAnomalies []DNSAnomaly `json:"dns_anomalies"`
}
DNSAnalysis represents DNS analysis
type DNSAnalyzer ¶
type DNSAnalyzer struct {
// contains filtered or unexported fields
}
type DNSAnomaly ¶
type DNSAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
AffectedDomains []string `json:"affected_domains"`
Evidence []string `json:"evidence"`
}
DNSAnomaly represents DNS anomalies
type DNSPattern ¶
type DNSPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Domains []string `json:"domains"`
Frequency int `json:"frequency"`
Periodicity bool `json:"periodicity"`
Anomalous bool `json:"anomalous"`
}
DNSPattern represents DNS patterns
type DNSQuery ¶
type DNSQuery struct {
QueryID string `json:"query_id"`
Domain string `json:"domain"`
QueryType string `json:"query_type"`
Timestamp time.Time `json:"timestamp"`
ResponseCode string `json:"response_code"`
ResponseTime time.Duration `json:"response_time"`
Suspicious bool `json:"suspicious"`
}
DNSQuery represents DNS queries
type DNSResponse ¶
type DefenseCoordinationResult ¶
type DefenseCoordinationResult struct {
CoordinationScore float64 `json:"coordination_score"`
ActiveDefenses []ActiveDefense `json:"active_defenses"`
DefenseGaps []DefenseGap `json:"defense_gaps"`
CoordinatedResponses []CoordinatedResponse `json:"coordinated_responses"`
DefenseEffectiveness float64 `json:"defense_effectiveness"`
}
DefenseCoordinationResult represents defense coordination results
type DefenseCoordinator ¶
type DefenseCoordinator struct {
// contains filtered or unexported fields
}
func NewDefenseCoordinator ¶
func NewDefenseCoordinator() *DefenseCoordinator
type DefenseGap ¶
type DefenseGap struct {
GapType string `json:"gap_type"`
Severity string `json:"severity"`
Description string `json:"description"`
AffectedAreas []string `json:"affected_areas"`
Recommendations []string `json:"recommendations"`
}
DefenseGap represents identified defense gaps
type DefenseRecommendation ¶
type DefenseRecommendation struct {
RecommendationID string `json:"recommendation_id"`
RecommendationType string `json:"recommendation_type"`
Priority string `json:"priority"`
Description string `json:"description"`
Actions []string `json:"actions"`
Timeline time.Duration `json:"timeline"`
Resources []string `json:"resources"`
Effectiveness float64 `json:"effectiveness"`
}
DefenseRecommendation represents defense recommendations
type DefenseSystem ¶
type DependencyEdge ¶
type DependencyGraph ¶
type DependencyGraph struct {
// contains filtered or unexported fields
}
DependencyGraph represents the dependency graph structure
func NewDependencyGraph ¶
func NewDependencyGraph() *DependencyGraph
func (*DependencyGraph) AddEdge ¶
func (dg *DependencyGraph) AddEdge(from, to string)
func (*DependencyGraph) AddNode ¶
func (dg *DependencyGraph) AddNode(node *DependencyNode)
func (*DependencyGraph) Reset ¶
func (dg *DependencyGraph) Reset()
type DependencyNode ¶
type DependencyNode struct {
Name string
Version string
Dependencies []string
Depth int
Visited bool
InStack bool
Complexity float64
}
DependencyNode represents a node in the dependency graph
type DetectedBehavior ¶
type DetectedBehavior struct {
BehaviorID string `json:"behavior_id"`
BehaviorType string `json:"behavior_type"`
Category string `json:"category"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
RiskLevel string `json:"risk_level"`
FirstDetected time.Time `json:"first_detected"`
LastDetected time.Time `json:"last_detected"`
Frequency int `json:"frequency"`
Context map[string]interface{} `json:"context"`
Indicators []string `json:"indicators"`
Evidence []string `json:"evidence"`
}
DetectedBehavior represents detected behaviors
type DetectedCampaign ¶
type DetectedCampaign struct {
CampaignID string `json:"campaign_id"`
CampaignType string `json:"campaign_type"`
Stage string `json:"stage"`
Confidence float64 `json:"confidence"`
StartTime time.Time `json:"start_time"`
Duration time.Duration `json:"duration"`
AttackVectors []string `json:"attack_vectors"`
TargetedAssets []string `json:"targeted_assets"`
}
DetectedCampaign represents detected attack campaigns
type DetectedThreat ¶
type DetectedThreat struct {
ThreatID string `json:"threat_id"`
ThreatType string `json:"threat_type"`
ThreatCategory string `json:"threat_category"`
Severity string `json:"severity"`
Confidence float64 `json:"confidence"`
Description string `json:"description"`
Evidence []string `json:"evidence"`
DetectionSource string `json:"detection_source"`
DetectionTimestamp time.Time `json:"detection_timestamp"`
AffectedComponents []string `json:"affected_components"`
PotentialImpact string `json:"potential_impact"`
MitigationStrategies []string `json:"mitigation_strategies"`
Context map[string]interface{} `json:"context"`
}
DetectedThreat represents a detected security threat
type DetectionAlgorithm ¶
type DomainAnalysisRule ¶
type DomainAnalyzer ¶
type DomainAnalyzer struct {
// contains filtered or unexported fields
}
type DomainRecord ¶
type EcosystemCorrelation ¶
type EcosystemCorrelation struct {
EcosystemPair []string `json:"ecosystem_pair"`
CorrelationStrength float64 `json:"correlation_strength"`
AttackVectors []string `json:"attack_vectors"`
}
EcosystemCorrelation represents ecosystem correlations
type EffectivenessRecord ¶
type EffectivenessTracker ¶
type EffectivenessTracker struct {
// contains filtered or unexported fields
}
type EncryptionAnalysis ¶
type EncryptionAnalysis struct {
EncryptedTraffic float64 `json:"encrypted_traffic"`
EncryptionProtocols map[string]int `json:"encryption_protocols"`
WeakEncryption []WeakEncryption `json:"weak_encryption"`
EncryptionAnomalies []EncryptionAnomaly `json:"encryption_anomalies"`
}
EncryptionAnalysis represents encryption analysis
type EncryptionAnalyzer ¶
type EncryptionAnalyzer struct {
// contains filtered or unexported fields
}
type EncryptionAnomaly ¶
type EncryptionAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
Evidence []string `json:"evidence"`
}
EncryptionAnomaly represents encryption anomalies
type EncryptionDetector ¶
type EncryptionDetector struct {
DetectorID string
EncryptionType string
DetectionLogic func(data []byte) EncryptionResult
Enabled bool
}
type EncryptionMetric ¶
type EncryptionResult ¶
type EncryptionWeakness ¶
type EngagementMetrics ¶
type EngagementMetrics struct {
TotalUsers int `json:"total_users"`
ActiveUsers int `json:"active_users"`
AverageSessionTime time.Duration `json:"average_session_time"`
SessionFrequency float64 `json:"session_frequency"`
UserRetentionRate float64 `json:"user_retention_rate"`
EngagementTrend string `json:"engagement_trend"`
}
EngagementMetrics represents engagement metrics
type EnsembleDefense ¶
type EnsembleDefense struct {
// contains filtered or unexported fields
}
func NewEnsembleDefense ¶
func NewEnsembleDefense() *EnsembleDefense
type EnsembleDefenseResult ¶
type EnsembleDefenseResult struct {
EnsembleAgreement float64 `json:"ensemble_agreement"`
ConsensusScore float64 `json:"consensus_score"`
ModelDiscrepancies []ModelDiscrepancy `json:"model_discrepancies"`
DefenseEffectiveness float64 `json:"defense_effectiveness"`
}
EnsembleDefenseResult represents ensemble defense results
type EscalationDetector ¶
type EscalationDetector struct {
// contains filtered or unexported fields
}
type EscalationManager ¶
type EscalationManager struct {
// contains filtered or unexported fields
}
type EscalationPath ¶
type EscalationPath struct {
PathID string `json:"path_id"`
TriggerSeverity string `json:"trigger_severity"`
EscalationSteps []string `json:"escalation_steps"`
Stakeholders []string `json:"stakeholders"`
Timeline time.Duration `json:"timeline"`
}
EscalationPath represents escalation paths
type EscalationPattern ¶
type EscalationRule ¶
type EscalationRule struct {
RuleID string `json:"rule_id"`
TriggerCondition string `json:"trigger_condition"`
EscalationDelay time.Duration `json:"escalation_delay"`
EscalationAction string `json:"escalation_action"`
Enabled bool `json:"enabled"`
}
EscalationRule defines escalation rules
type EvasionDetector ¶
type EventCollector ¶
type EventCollector struct {
// contains filtered or unexported fields
}
type EventFilter ¶
type EventProcessor ¶
type EventProcessor struct {
ProcessorID string
ProcessorType string
ProcessingRules []ProcessingRule
Enabled bool
}
type EvolutionStage ¶
type EvolutionStage struct {
StageNumber int `json:"stage_number"`
StageName string `json:"stage_name"`
Timestamp time.Time `json:"timestamp"`
Characteristics []string `json:"characteristics"`
Changes []string `json:"changes"`
}
EvolutionStage represents pattern evolution stages
type ExecutionAnomaly ¶
type ExecutionAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
Severity string `json:"severity"`
Impact string `json:"impact"`
Evidence []string `json:"evidence"`
}
ExecutionAnomaly represents execution anomalies
type ExecutionPattern ¶
type ExecutionPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Processes []string `json:"processes"`
ExecutionOrder []string `json:"execution_order"`
Frequency int `json:"frequency"`
Timing string `json:"timing"`
Anomalous bool `json:"anomalous"`
}
ExecutionPattern represents execution patterns
type ExpirationRecord ¶
type ExpirationRule ¶
type FeaturePoisoningDetector ¶
type FeaturePoisoningDetector struct {
// contains filtered or unexported fields
}
func NewFeaturePoisoningDetector ¶
func NewFeaturePoisoningDetector() *FeaturePoisoningDetector
type FeaturePoisoningRisk ¶
type FeaturePoisoningRisk struct {
RiskLevel string `json:"risk_level"`
ConfidenceScore float64 `json:"confidence_score"`
PoisonedFeatures []PoisonedFeature `json:"poisoned_features"`
PoisoningTechniques []PoisoningTechnique `json:"poisoning_techniques"`
ImpactAssessment *PoisoningImpact `json:"impact_assessment"`
}
FeaturePoisoningRisk represents feature poisoning risk assessment
type FileOperation ¶
type FileOperation struct {
OperationID string `json:"operation_id"`
OperationType string `json:"operation_type"`
FilePath string `json:"file_path"`
Timestamp time.Time `json:"timestamp"`
User string `json:"user"`
Process string `json:"process"`
Result string `json:"result"`
Suspicious bool `json:"suspicious"`
}
FileOperation represents file operations
type FileSystemAnalysisResult ¶
type FileSystemAnalysisResult struct {
FileOperations []FileOperation `json:"file_operations"`
AccessPatterns []AccessPattern `json:"access_patterns"`
FileSystemAnomalies []FileSystemAnomaly `json:"filesystem_anomalies"`
PermissionAnalysis *PermissionAnalysis `json:"permission_analysis"`
IntegrityAnalysis *IntegrityAnalysis `json:"integrity_analysis"`
}
FileSystemAnalysisResult represents file system analysis results
type FileSystemAnalyzer ¶
type FileSystemAnalyzer struct {
// contains filtered or unexported fields
}
type FileSystemAnomaly ¶
type FileSystemAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
AffectedFiles []string `json:"affected_files"`
Severity string `json:"severity"`
Evidence []string `json:"evidence"`
}
FileSystemAnomaly represents file system anomalies
type FileSystemRule ¶
type ForecastAnalysis ¶
type ForecastAnalysis struct {
ForecastHorizon time.Duration `json:"forecast_horizon"`
ForecastAccuracy float64 `json:"forecast_accuracy"`
ForecastConfidence float64 `json:"forecast_confidence"`
Predictions []Prediction `json:"predictions"`
RiskForecasts []RiskForecast `json:"risk_forecasts"`
}
ForecastAnalysis represents forecast analysis
type FraudDetectionRule ¶
type GeographicAnalyzer ¶
type GeographicAnalyzer struct {
// contains filtered or unexported fields
}
type GeographicInstallation ¶
type GeographicInstallation struct {
Country string `json:"country"`
Region string `json:"region"`
InstallationCount int `json:"installation_count"`
Percentage float64 `json:"percentage"`
Anomalous bool `json:"anomalous"`
}
GeographicInstallation represents geographic installation data
type GradientAnalysisResult ¶
type GradientAnalysisResult struct {
GradientStability float64 `json:"gradient_stability"`
GradientMagnitude float64 `json:"gradient_magnitude"`
SuspiciousGradients []SuspiciousGradient `json:"suspicious_gradients"`
GradientAttacks []GradientAttack `json:"gradient_attacks"`
}
GradientAnalysisResult represents gradient analysis results
type GradientAnalyzer ¶
type GradientAnalyzer struct {
// contains filtered or unexported fields
}
func NewGradientAnalyzer ¶
func NewGradientAnalyzer() *GradientAnalyzer
type GradientAttack ¶
type GradientAttack struct {
AttackType string `json:"attack_type"`
TargetLayer string `json:"target_layer"`
AttackMagnitude float64 `json:"attack_magnitude"`
SuccessRate float64 `json:"success_rate"`
}
GradientAttack represents detected gradient-based attacks
type GradientPattern ¶
type ImpactAssessment ¶
type ImpactAssessment struct {
ImpactLevel string `json:"impact_level"`
AffectedSystems []string `json:"affected_systems"`
BusinessImpact string `json:"business_impact"`
TechnicalImpact string `json:"technical_impact"`
RecoveryTime time.Duration `json:"recovery_time"`
}
ImpactAssessment represents threat impact assessment
type InputValidationResult ¶
type InputValidationResult struct {
ValidationStatus string `json:"validation_status"`
AnomalousInputs []AnomalousInput `json:"anomalous_inputs"`
ValidationMetrics *ValidationMetrics `json:"validation_metrics"`
SanitizationApplied bool `json:"sanitization_applied"`
}
InputValidationResult represents input validation results
type InputValidator ¶
type InputValidator struct {
// contains filtered or unexported fields
}
func NewInputValidator ¶
func NewInputValidator() *InputValidator
type InstallationAnalysisResult ¶
type InstallationAnalysisResult struct {
InstallationPatterns []InstallationPattern `json:"installation_patterns"`
InstallationAnomalies []InstallationAnomaly `json:"installation_anomalies"`
InstallationMetrics *InstallationMetrics `json:"installation_metrics"`
GeographicDistribution []GeographicInstallation `json:"geographic_distribution"`
TemporalDistribution []TemporalInstallation `json:"temporal_distribution"`
UserBehaviorAnalysis *UserBehaviorAnalysis `json:"user_behavior_analysis"`
}
InstallationAnalysisResult represents installation analysis results
type InstallationAnalyzer ¶
type InstallationAnalyzer struct {
// contains filtered or unexported fields
}
type InstallationAnomaly ¶
type InstallationAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
InstallationSpike bool `json:"installation_spike"`
UnusualGeography bool `json:"unusual_geography"`
SuspiciousUsers []string `json:"suspicious_users"`
BotActivity bool `json:"bot_activity"`
}
InstallationAnomaly represents installation anomalies
type InstallationMetrics ¶
type InstallationMetrics struct {
TotalInstallations int `json:"total_installations"`
DailyInstallationRate float64 `json:"daily_installation_rate"`
WeeklyInstallationRate float64 `json:"weekly_installation_rate"`
MonthlyInstallationRate float64 `json:"monthly_installation_rate"`
GrowthRate float64 `json:"growth_rate"`
RetentionRate float64 `json:"retention_rate"`
UninstallRate float64 `json:"uninstall_rate"`
}
InstallationMetrics represents installation metrics
type InstallationPattern ¶
type InstallationPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
InstallationRate float64 `json:"installation_rate"`
GeographicSpread string `json:"geographic_spread"`
UserDemographics map[string]interface{} `json:"user_demographics"`
Seasonality bool `json:"seasonality"`
Anomalous bool `json:"anomalous"`
}
InstallationPattern represents installation patterns
type InstallationRecord ¶
type IntegrityAnalysis ¶
type IntegrityAnalysis struct {
IntegrityChecks []IntegrityCheck `json:"integrity_checks"`
IntegrityViolations []IntegrityViolation `json:"integrity_violations"`
ChecksumAnalysis *ChecksumAnalysis `json:"checksum_analysis"`
TamperingDetection *TamperingDetection `json:"tampering_detection"`
}
IntegrityAnalysis represents integrity analysis
type IntegrityCheck ¶
type IntegrityCheck struct {
CheckID string `json:"check_id"`
FilePath string `json:"file_path"`
CheckType string `json:"check_type"`
Timestamp time.Time `json:"timestamp"`
Result string `json:"result"`
ExpectedValue string `json:"expected_value"`
ActualValue string `json:"actual_value"`
Passed bool `json:"passed"`
}
IntegrityCheck represents integrity checks
type IntegrityChecker ¶
type IntegrityChecker struct {
// contains filtered or unexported fields
}
type IntegrityRule ¶
type IntegrityViolation ¶
type IntegrityViolation struct {
ViolationID string `json:"violation_id"`
ViolationType string `json:"violation_type"`
DetectionTime time.Time `json:"detection_time"`
FilePath string `json:"file_path"`
Description string `json:"description"`
Severity string `json:"severity"`
Evidence []string `json:"evidence"`
}
IntegrityViolation represents integrity violations
type IntelSource ¶
type InteractionAnomaly ¶
type InteractionAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
UserID string `json:"user_id"`
Description string `json:"description"`
Severity string `json:"severity"`
Evidence []string `json:"evidence"`
}
InteractionAnomaly represents interaction anomalies
type InteractionPattern ¶
type InteractionPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Description string `json:"description"`
Frequency int `json:"frequency"`
UserCount int `json:"user_count"`
Typical bool `json:"typical"`
RiskIndicators []string `json:"risk_indicators"`
}
InteractionPattern represents interaction patterns
type InteractionRecord ¶
type InteractionRule ¶
type MFAProvider ¶
type MFAValidationRule ¶
type MFAValidator ¶
type MFAValidator struct {
// contains filtered or unexported fields
}
type MLCountermeasure ¶
type MLCountermeasure struct {
CountermeasureType string `json:"countermeasure_type"`
Description string `json:"description"`
Effectiveness float64 `json:"effectiveness"`
ImplementationCost string `json:"implementation_cost"`
Prerequisites []string `json:"prerequisites"`
}
MLCountermeasure represents ML security countermeasures
type MLHardeningConfig ¶
type MLHardeningConfig struct {
EnableAdversarialDetection bool `yaml:"enable_adversarial_detection"` // true
EnableFeaturePoisoningCheck bool `yaml:"enable_feature_poisoning_check"` // true
EnableInputValidation bool `yaml:"enable_input_validation"` // true
EnableRobustnessValidation bool `yaml:"enable_robustness_validation"` // true
EnableGradientAnalysis bool `yaml:"enable_gradient_analysis"` // true
EnableEnsembleDefense bool `yaml:"enable_ensemble_defense"` // true
AdversarialThreshold float64 `yaml:"adversarial_threshold"` // 0.8
PoisoningThreshold float64 `yaml:"poisoning_threshold"` // 0.7
RobustnessThreshold float64 `yaml:"robustness_threshold"` // 0.6
MaxPerturbationMagnitude float64 `yaml:"max_perturbation_magnitude"` // 0.1
GradientAnalysisDepth int `yaml:"gradient_analysis_depth"` // 5
EnsembleSize int `yaml:"ensemble_size"` // 3
ValidationTimeout time.Duration `yaml:"validation_timeout"` // 60s
Enabled bool `yaml:"enabled"` // true
}
MLHardeningConfig configures ML hardening parameters
func DefaultMLHardeningConfig ¶
func DefaultMLHardeningConfig() *MLHardeningConfig
DefaultMLHardeningConfig returns default configuration
type MLHardeningResult ¶
type MLHardeningResult struct {
PackageName string `json:"package_name"`
OverallSecurityScore float64 `json:"overall_security_score"`
AdversarialRisk *AdversarialRisk `json:"adversarial_risk"`
FeaturePoisoningRisk *FeaturePoisoningRisk `json:"feature_poisoning_risk"`
InputValidationResult *InputValidationResult `json:"input_validation_result"`
RobustnessValidation *RobustnessValidationResult `json:"robustness_validation"`
GradientAnalysis *GradientAnalysisResult `json:"gradient_analysis"`
EnsembleDefenseResult *EnsembleDefenseResult `json:"ensemble_defense_result"`
DetectedVulnerabilities []MLVulnerability `json:"detected_vulnerabilities"`
Countermeasures []MLCountermeasure `json:"countermeasures"`
Recommendations []string `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
MLHardeningResult represents ML hardening analysis results
type MLHardeningSystem ¶
type MLHardeningSystem struct {
// contains filtered or unexported fields
}
MLHardeningSystem provides comprehensive ML model hardening capabilities Addresses critical AI/ML vulnerabilities identified in adversarial assessment: - Adversarial example generation and detection - Feature poisoning attacks - Model evasion techniques - Gradient-based attacks - Input perturbation detection - Model robustness validation
func NewMLHardeningSystem ¶
func NewMLHardeningSystem(config *MLHardeningConfig, logger logger.Logger) *MLHardeningSystem
NewMLHardeningSystem creates a new ML hardening system
func (*MLHardeningSystem) HardenMLModel ¶
func (mh *MLHardeningSystem) HardenMLModel(ctx context.Context, pkg *types.Package, features map[string]float64) (*MLHardeningResult, error)
HardenMLModel performs comprehensive ML model hardening
type MLVulnerability ¶
type MLVulnerability struct {
VulnerabilityType string `json:"vulnerability_type"`
Severity string `json:"severity"`
Description string `json:"description"`
ExploitPotential float64 `json:"exploit_potential"`
AffectedComponents []string `json:"affected_components"`
DetectionTime time.Time `json:"detection_time"`
}
MLVulnerability represents detected ML vulnerabilities
type MaintainerProfile ¶
type MaintainerValidator ¶
type MaintainerValidator struct {
// contains filtered or unexported fields
}
Maintainer validation structures
func NewMaintainerValidator ¶
func NewMaintainerValidator() *MaintainerValidator
type ManipulationTactic ¶
type ManipulationTactic struct {
Tactic string `json:"tactic"`
Description string `json:"description"`
Indicators []string `json:"indicators"`
Confidence float64 `json:"confidence"`
}
ManipulationTactic represents manipulation tactics
type MarketEvent ¶
MarketEvent represents market-based triggers
type MitigationStrategy ¶
type MitigationStrategy struct {
StrategyID string `json:"strategy_id"`
StrategyType string `json:"strategy_type"`
Description string `json:"description"`
Priority string `json:"priority"`
Effectiveness float64 `json:"effectiveness"`
Implementation []string `json:"implementation"`
Timeline time.Duration `json:"timeline"`
Resources []string `json:"resources"`
}
MitigationStrategy represents mitigation strategies
type ModelDiscrepancy ¶
type ModelDiscrepancy struct {
ModelPair string `json:"model_pair"`
DiscrepancyScore float64 `json:"discrepancy_score"`
ConflictingPredictions []string `json:"conflicting_predictions"`
SuspicionLevel string `json:"suspicion_level"`
}
ModelDiscrepancy represents discrepancies between ensemble models
type ModelRobustnessValidator ¶
type ModelRobustnessValidator struct {
// contains filtered or unexported fields
}
func NewModelRobustnessValidator ¶
func NewModelRobustnessValidator() *ModelRobustnessValidator
type MonitoringRule ¶
type MultiVectorAnalysisResult ¶
type MultiVectorAnalysisResult struct {
PackageName string `json:"package_name"`
OverallThreatScore float64 `json:"overall_threat_score"`
AttackCorrelation *AttackCorrelationResult `json:"attack_correlation"`
DefenseCoordination *DefenseCoordinationResult `json:"defense_coordination"`
ThreatIntelligence *ThreatIntelligenceResult `json:"threat_intelligence"`
CrossEcosystemAnalysis *CrossEcosystemResult `json:"cross_ecosystem_analysis"`
CampaignDetection *CampaignDetectionResult `json:"campaign_detection"`
ResponseOrchestration *ResponseOrchestrationResult `json:"response_orchestration"`
DetectedAttackVectors []AttackVector `json:"detected_attack_vectors"`
CoordinatedThreats []CoordinatedThreat `json:"coordinated_threats"`
DefenseRecommendations []DefenseRecommendation `json:"defense_recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
MultiVectorAnalysisResult represents multi-vector analysis results
type MultiVectorConfig ¶
type MultiVectorConfig struct {
EnableAttackCorrelation bool `yaml:"enable_attack_correlation"` // true
EnableDefenseCoordination bool `yaml:"enable_defense_coordination"` // true
EnableThreatIntelligence bool `yaml:"enable_threat_intelligence"` // true
EnableCrossEcosystemMonitor bool `yaml:"enable_cross_ecosystem_monitor"` // true
EnableCampaignDetection bool `yaml:"enable_campaign_detection"` // true
EnableResponseOrchestration bool `yaml:"enable_response_orchestration"` // true
CorrelationWindow time.Duration `yaml:"correlation_window"` // 24h
AttackThreshold float64 `yaml:"attack_threshold"` // 0.7
CampaignThreshold float64 `yaml:"campaign_threshold"` // 0.8
ResponseTimeout time.Duration `yaml:"response_timeout"` // 30s
MaxConcurrentAnalysis int `yaml:"max_concurrent_analysis"` // 10
Enabled bool `yaml:"enabled"` // true
}
MultiVectorConfig configures multi-vector coordination parameters
func DefaultMultiVectorConfig ¶
func DefaultMultiVectorConfig() *MultiVectorConfig
DefaultMultiVectorConfig returns default configuration
type MultiVectorCoordinator ¶
type MultiVectorCoordinator struct {
// contains filtered or unexported fields
}
MultiVectorCoordinator provides comprehensive multi-vector attack detection and coordination Addresses critical vulnerabilities identified in adversarial assessment: - Coordinated attacks across multiple vectors - Cross-ecosystem supply chain attacks - Synchronized temporal attacks - Multi-stage attack campaigns - Attack pattern correlation - Defense coordination across security layers
func NewMultiVectorCoordinator ¶
func NewMultiVectorCoordinator(config *MultiVectorConfig, logger logger.Logger) *MultiVectorCoordinator
NewMultiVectorCoordinator creates a new multi-vector coordinator
func (*MultiVectorCoordinator) AnalyzeMultiVectorThreats ¶
func (mvc *MultiVectorCoordinator) AnalyzeMultiVectorThreats(ctx context.Context, pkg *types.Package) (*MultiVectorAnalysisResult, error)
AnalyzeMultiVectorThreats performs comprehensive multi-vector threat analysis
type NetworkAnalysisResult ¶
type NetworkAnalysisResult struct {
NetworkConnections []NetworkConnection `json:"network_connections"`
CommunicationPatterns []CommunicationPattern `json:"communication_patterns"`
NetworkAnomalies []NetworkAnomaly `json:"network_anomalies"`
TrafficAnalysis *TrafficAnalysis `json:"traffic_analysis"`
DNSAnalysis *DNSAnalysis `json:"dns_analysis"`
ProtocolAnalysis *ProtocolAnalysis `json:"protocol_analysis"`
}
NetworkAnalysisResult represents network analysis results
type NetworkAnalyzer ¶
type NetworkAnalyzer struct {
// contains filtered or unexported fields
}
type NetworkAnomaly ¶
type NetworkAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
Severity string `json:"severity"`
AffectedConnections []string `json:"affected_connections"`
Evidence []string `json:"evidence"`
}
NetworkAnomaly represents network anomalies
type NetworkConnection ¶
type NetworkConnection struct {
ConnectionID string `json:"connection_id"`
SourceIP string `json:"source_ip"`
DestinationIP string `json:"destination_ip"`
SourcePort int `json:"source_port"`
DestinationPort int `json:"destination_port"`
Protocol string `json:"protocol"`
Timestamp time.Time `json:"timestamp"`
Duration time.Duration `json:"duration"`
BytesTransferred int64 `json:"bytes_transferred"`
Suspicious bool `json:"suspicious"`
}
NetworkConnection represents network connections
type NewBehavior ¶
type NewBehavior struct {
BehaviorID string `json:"behavior_id"`
BehaviorType string `json:"behavior_type"`
Description string `json:"description"`
FirstObserved time.Time `json:"first_observed"`
Frequency int `json:"frequency"`
RiskLevel string `json:"risk_level"`
Confidence float64 `json:"confidence"`
}
NewBehavior represents new behaviors
type NotificationChannel ¶
type NotificationChannel struct {
ChannelID string `json:"channel_id"`
ChannelType string `json:"channel_type"`
Configuration map[string]interface{} `json:"configuration"`
Enabled bool `json:"enabled"`
}
NotificationChannel defines notification channels
type OrchestrationRule ¶
type PatternDetectionResult ¶
type PatternDetectionResult struct {
DetectedPatterns []BehavioralPattern `json:"detected_patterns"`
PatternConfidence float64 `json:"pattern_confidence"`
SuspiciousPatterns []SuspiciousPattern `json:"suspicious_patterns"`
PatternEvolution []PatternEvolution `json:"pattern_evolution"`
CrossPackagePatterns []CrossPackagePattern `json:"cross_package_patterns"`
}
PatternDetectionResult represents pattern detection results
type PatternDetector ¶
type PatternDetector struct {
// contains filtered or unexported fields
}
type PatternEvolution ¶
type PatternEvolution struct {
PatternID string `json:"pattern_id"`
EvolutionStages []EvolutionStage `json:"evolution_stages"`
EvolutionRate float64 `json:"evolution_rate"`
Trajectory string `json:"trajectory"`
Predictions []PatternPrediction `json:"predictions"`
}
PatternEvolution represents pattern evolution over time
type PatternMatcher ¶
type PatternMatcher struct {
// contains filtered or unexported fields
}
type PatternPrediction ¶
type PatternPrediction struct {
PredictionID string `json:"prediction_id"`
PredictedChange string `json:"predicted_change"`
Probability float64 `json:"probability"`
TimeFrame time.Duration `json:"time_frame"`
Confidence float64 `json:"confidence"`
}
PatternPrediction represents pattern predictions
type PatternRecord ¶
type PerformanceImpact ¶
type PerformanceImpact struct {
AnalysisTime time.Duration `json:"analysis_time"`
MemoryUsage int64 `json:"memory_usage"`
OperationsCount int64 `json:"operations_count"`
TimeoutRisk float64 `json:"timeout_risk"`
MemoryExhaustion float64 `json:"memory_exhaustion"`
}
PerformanceImpact represents performance impact metrics
type PerformanceMetric ¶
type PerformanceMetrics ¶
type PerformanceMetrics struct {
CPUUsage float64 `json:"cpu_usage"`
MemoryUsage float64 `json:"memory_usage"`
DiskUsage float64 `json:"disk_usage"`
NetworkUsage float64 `json:"network_usage"`
ExecutionTime time.Duration `json:"execution_time"`
ResponseTime time.Duration `json:"response_time"`
ThroughputRate float64 `json:"throughput_rate"`
ErrorRate float64 `json:"error_rate"`
}
PerformanceMetrics represents performance metrics
type PerformanceMonitor ¶
type PerformanceMonitor struct {
// contains filtered or unexported fields
}
PerformanceMonitor tracks analysis performance
func NewPerformanceMonitor ¶
func NewPerformanceMonitor() *PerformanceMonitor
func (*PerformanceMonitor) GetElapsedTime ¶
func (pm *PerformanceMonitor) GetElapsedTime() time.Duration
func (*PerformanceMonitor) Start ¶
func (pm *PerformanceMonitor) Start()
func (*PerformanceMonitor) Stop ¶
func (pm *PerformanceMonitor) Stop()
type PerformanceRecord ¶
type PerformanceTracker ¶
type PerformanceTracker struct {
// contains filtered or unexported fields
}
type PermissionAnalysis ¶
type PermissionAnalysis struct {
PermissionChanges []PermissionChange `json:"permission_changes"`
UnusualPermissions []UnusualPermission `json:"unusual_permissions"`
PrivilegeEscalation []PrivilegeEscalation `json:"privilege_escalation"`
PermissionAnomalies []PermissionAnomaly `json:"permission_anomalies"`
}
PermissionAnalysis represents permission analysis
type PermissionAnalyzer ¶
type PermissionAnalyzer struct {
// contains filtered or unexported fields
}
type PermissionAnomaly ¶
type PermissionAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
AffectedFiles []string `json:"affected_files"`
Evidence []string `json:"evidence"`
}
PermissionAnomaly represents permission anomalies
type PermissionChange ¶
type PermissionChange struct {
ChangeID string `json:"change_id"`
FilePath string `json:"file_path"`
OldPermissions string `json:"old_permissions"`
NewPermissions string `json:"new_permissions"`
Timestamp time.Time `json:"timestamp"`
User string `json:"user"`
Process string `json:"process"`
Suspicious bool `json:"suspicious"`
}
PermissionChange represents permission changes
type PermissionRule ¶
type PerturbationDetector ¶
type PerturbationTest ¶
type PerturbationTest struct {
PerturbationType string `json:"perturbation_type"`
Magnitude float64 `json:"magnitude"`
SuccessRate float64 `json:"success_rate"`
ModelResponse string `json:"model_response"`
ExpectedResponse string `json:"expected_response"`
}
PerturbationTest represents perturbation testing results
type PerturbationTestConfig ¶
type PoisonedFeature ¶
type PoisonedFeature struct {
FeatureName string `json:"feature_name"`
PoisonScore float64 `json:"poison_score"`
AnomalyLevel string `json:"anomaly_level"`
Evidence []string `json:"evidence"`
OriginalValue float64 `json:"original_value"`
SuspiciousValue float64 `json:"suspicious_value"`
}
PoisonedFeature represents a potentially poisoned feature
type PoisoningImpact ¶
type PoisoningImpact struct {
ModelAccuracyDrop float64 `json:"model_accuracy_drop"`
FalsePositiveRate float64 `json:"false_positive_rate"`
FalseNegativeRate float64 `json:"false_negative_rate"`
OverallDegradation float64 `json:"overall_degradation"`
}
PoisoningImpact represents the impact of feature poisoning
type PoisoningPattern ¶
type PoisoningTechnique ¶
type PoisoningTechnique struct {
Technique string `json:"technique"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
Indicators []string `json:"indicators"`
}
PoisoningTechnique represents feature poisoning techniques
type PredictedTrigger ¶
type PredictedTrigger struct {
Type string `json:"type"`
Trigger string `json:"trigger"`
Probability float64 `json:"probability"`
EstimatedDate time.Time `json:"estimated_date,omitempty"`
}
PredictedTrigger represents a predicted activation trigger
type Prediction ¶
type Prediction struct {
PredictionID string `json:"prediction_id"`
PredictionType string `json:"prediction_type"`
Timestamp time.Time `json:"timestamp"`
PredictedValue float64 `json:"predicted_value"`
ConfidenceInterval []float64 `json:"confidence_interval"`
Probability float64 `json:"probability"`
}
Prediction represents predictions
type PrivilegeEscalation ¶
type PrivilegeEscalation struct {
EscalationID string `json:"escalation_id"`
EscalationType string `json:"escalation_type"`
DetectionTime time.Time `json:"detection_time"`
User string `json:"user"`
Process string `json:"process"`
Method string `json:"method"`
Success bool `json:"success"`
Evidence []string `json:"evidence"`
}
PrivilegeEscalation represents privilege escalation
type ProcessAnalysisResult ¶
type ProcessAnalysisResult struct {
ProcessBehaviors []ProcessBehavior `json:"process_behaviors"`
ProcessAnomalies []ProcessAnomaly `json:"process_anomalies"`
ProcessRelationships []ProcessRelationship `json:"process_relationships"`
ExecutionPatterns []ExecutionPattern `json:"execution_patterns"`
ProcessMetrics *ProcessMetrics `json:"process_metrics"`
}
ProcessAnalysisResult represents process analysis results
type ProcessAnalyzer ¶
type ProcessAnalyzer struct {
// contains filtered or unexported fields
}
type ProcessAnomaly ¶
type ProcessAnomaly struct {
AnomalyID string `json:"anomaly_id"`
ProcessID string `json:"process_id"`
ProcessName string `json:"process_name"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
Severity string `json:"severity"`
Evidence []string `json:"evidence"`
}
ProcessAnomaly represents process anomalies
type ProcessAnomalyDetector ¶
type ProcessAnomalyDetector struct {
// contains filtered or unexported fields
}
type ProcessAnomalyModel ¶
type ProcessBaseline ¶
type ProcessBaselineManager ¶
type ProcessBaselineManager struct {
// contains filtered or unexported fields
}
type ProcessBehavior ¶
type ProcessBehavior struct {
BehaviorID string `json:"behavior_id"`
ProcessID string `json:"process_id"`
ProcessName string `json:"process_name"`
BehaviorType string `json:"behavior_type"`
Description string `json:"description"`
StartTime time.Time `json:"start_time"`
Duration time.Duration `json:"duration"`
ResourceUsage map[string]float64 `json:"resource_usage"`
Suspicious bool `json:"suspicious"`
}
ProcessBehavior represents process behaviors
type ProcessBehaviorAnalyzer ¶
type ProcessBehaviorAnalyzer struct {
// contains filtered or unexported fields
}
type ProcessBehaviorPattern ¶
type ProcessInfo ¶
type ProcessMetrics ¶
type ProcessMetrics struct {
TotalProcesses int `json:"total_processes"`
ActiveProcesses int `json:"active_processes"`
AverageLifetime time.Duration `json:"average_lifetime"`
ProcessCreationRate float64 `json:"process_creation_rate"`
ProcessTerminationRate float64 `json:"process_termination_rate"`
ResourceUtilization map[string]float64 `json:"resource_utilization"`
}
ProcessMetrics represents process metrics
type ProcessMonitor ¶
type ProcessMonitor struct {
// contains filtered or unexported fields
}
type ProcessPerformanceTracker ¶
type ProcessPerformanceTracker struct {
// contains filtered or unexported fields
}
type ProcessRecord ¶
type ProcessRelationship ¶
type ProcessRelationship struct {
RelationshipID string `json:"relationship_id"`
ParentProcess string `json:"parent_process"`
ChildProcess string `json:"child_process"`
RelationshipType string `json:"relationship_type"`
CreationTime time.Time `json:"creation_time"`
Suspicious bool `json:"suspicious"`
}
ProcessRelationship represents process relationships
type ProcessRule ¶
type ProcessSecurityAnalyzer ¶
type ProcessSecurityAnalyzer struct {
// contains filtered or unexported fields
}
type ProcessSecurityRule ¶
type ProcessThreat ¶
type ProcessThreatDetector ¶
type ProcessThreatDetector struct {
// contains filtered or unexported fields
}
type ProcessThreatPattern ¶
type ProcessVulnerability ¶
type ProcessVulnerabilityScanner ¶
type ProcessVulnerabilityScanner struct {
// contains filtered or unexported fields
}
type ProcessingRule ¶
type ProfileRule ¶
type ProgressionRule ¶
type ProgressionTracker ¶
type ProgressionTracker struct {
// contains filtered or unexported fields
}
type PropagationRule ¶
type ProtocolAnalysis ¶
type ProtocolAnalysis struct {
ProtocolUsage map[string]int `json:"protocol_usage"`
ProtocolPatterns []ProtocolPattern `json:"protocol_patterns"`
ProtocolAnomalies []ProtocolAnomaly `json:"protocol_anomalies"`
EncryptionAnalysis *EncryptionAnalysis `json:"encryption_analysis"`
}
ProtocolAnalysis represents protocol analysis
type ProtocolAnalysisResult ¶
type ProtocolAnalyzer ¶
type ProtocolAnalyzer struct {
// contains filtered or unexported fields
}
type ProtocolAnomaly ¶
type ProtocolAnomaly struct {
AnomalyID string `json:"anomaly_id"`
Protocol string `json:"protocol"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
Description string `json:"description"`
Evidence []string `json:"evidence"`
}
ProtocolAnomaly represents protocol anomalies
type ProtocolHandler ¶
type ProtocolHandler struct {
HandlerID string
Protocol string
Handler func(data []byte) ProtocolAnalysisResult
Enabled bool
}
type ProtocolMetric ¶
type ProtocolPattern ¶
type ProtocolPattern struct {
PatternID string `json:"pattern_id"`
Protocol string `json:"protocol"`
UsagePattern string `json:"usage_pattern"`
Frequency int `json:"frequency"`
DataVolume int64 `json:"data_volume"`
Typical bool `json:"typical"`
}
ProtocolPattern represents protocol patterns
type PsychologicalTrigger ¶
type PsychologicalTrigger struct {
Type string `json:"type"`
Description string `json:"description"`
Severity string `json:"severity"`
Confidence float64 `json:"confidence"`
}
PsychologicalTrigger represents psychological manipulation triggers
type RedFlag ¶
type RedFlag struct {
Flag string `json:"flag"`
Severity string `json:"severity"`
Description string `json:"description"`
Evidence []string `json:"evidence"`
Timestamp time.Time `json:"timestamp"`
}
RedFlag represents trust red flags
type RemovedBehavior ¶
type RemovedBehavior struct {
BehaviorID string `json:"behavior_id"`
BehaviorType string `json:"behavior_type"`
Description string `json:"description"`
LastObserved time.Time `json:"last_observed"`
RemovalTime time.Time `json:"removal_time"`
Reason string `json:"reason"`
}
RemovedBehavior represents removed behaviors
type ReportGenerationRule ¶
type ReportSection ¶
type ReportTemplate ¶
type ReportTemplate struct {
TemplateID string
TemplateName string
Format string
Sections []ReportSection
Parameters map[string]interface{}
}
type ResearcherProfile ¶
type ResearcherValidator ¶
type ResearcherValidator struct {
// contains filtered or unexported fields
}
Researcher validation structures
func NewResearcherValidator ¶
func NewResearcherValidator() *ResearcherValidator
type ResourceUsagePattern ¶
type ResourceUsagePattern struct {
PatternID string `json:"pattern_id"`
ResourceType string `json:"resource_type"`
UsagePattern string `json:"usage_pattern"`
PeakUsage float64 `json:"peak_usage"`
AverageUsage float64 `json:"average_usage"`
UsageTrend string `json:"usage_trend"`
Anomalous bool `json:"anomalous"`
}
ResourceUsagePattern represents resource usage patterns
type ResponseAction ¶
type ResponseAction struct {
ActionID string `json:"action_id"`
ActionType string `json:"action_type"`
ActionStatus string `json:"action_status"`
Description string `json:"description"`
ExecutionTime time.Time `json:"execution_time"`
Result string `json:"result"`
Parameters map[string]interface{} `json:"parameters"`
}
ResponseAction represents automated response actions
type ResponseActionHandler ¶
ResponseActionHandler defines response action handlers
type ResponseChain ¶
type ResponseChain struct {
ChainID string `json:"chain_id"`
ChainType string `json:"chain_type"`
Responses []string `json:"responses"`
ExecutionOrder []int `json:"execution_order"`
Dependencies []string `json:"dependencies"`
Success bool `json:"success"`
}
ResponseChain represents response chains
type ResponseOrchestrationResult ¶
type ResponseOrchestrationResult struct {
OrchestrationScore float64 `json:"orchestration_score"`
ActiveResponses []ActiveResponse `json:"active_responses"`
ResponseChains []ResponseChain `json:"response_chains"`
AutomatedActions []AutomatedAction `json:"automated_actions"`
EscalationPaths []EscalationPath `json:"escalation_paths"`
}
ResponseOrchestrationResult represents response orchestration results
type ResponseOrchestrationService ¶
type ResponseOrchestrationService struct {
// contains filtered or unexported fields
}
ResponseOrchestrationService manages automated response actions
type ResponseOrchestrator ¶
type ResponseOrchestrator struct {
// contains filtered or unexported fields
}
func NewResponseOrchestrator ¶
func NewResponseOrchestrator() *ResponseOrchestrator
type ResponseRecord ¶
type ResponseRecord struct {
RecordID string `json:"record_id"`
RuleID string `json:"rule_id"`
ActionType string `json:"action_type"`
ExecutionTime time.Time `json:"execution_time"`
ExecutionResult string `json:"execution_result"`
Parameters map[string]interface{} `json:"parameters"`
Success bool `json:"success"`
ErrorMessage string `json:"error_message"`
}
ResponseRecord represents response execution records
type ResponseRule ¶
type ResponseRule struct {
RuleID string `json:"rule_id"`
RuleName string `json:"rule_name"`
TriggerCondition string `json:"trigger_condition"`
ActionType string `json:"action_type"`
Parameters map[string]interface{} `json:"parameters"`
Enabled bool `json:"enabled"`
Priority int `json:"priority"`
}
ResponseRule defines automated response rules
type ResponseSystem ¶
type ResponseTemplate ¶
type RiskAssessment ¶
type RiskAssessment struct {
// contains filtered or unexported fields
}
type RiskCategory ¶
type RiskCategory struct {
CategoryID string `json:"category_id"`
CategoryName string `json:"category_name"`
RiskLevel string `json:"risk_level"`
RiskScore float64 `json:"risk_score"`
Contributing []string `json:"contributing_factors"`
Mitigation []string `json:"mitigation"`
}
RiskCategory represents risk categories
type RiskFactor ¶
type RiskForecast ¶
type RiskForecast struct {
ForecastID string `json:"forecast_id"`
RiskType string `json:"risk_type"`
TimeFrame time.Duration `json:"time_frame"`
RiskProbability float64 `json:"risk_probability"`
RiskImpact string `json:"risk_impact"`
Mitigation []string `json:"mitigation"`
}
RiskForecast represents risk forecasts
type RiskTrend ¶
type RiskTrend struct {
TrendID string `json:"trend_id"`
TrendType string `json:"trend_type"`
Direction string `json:"direction"`
Magnitude float64 `json:"magnitude"`
TimeFrame time.Duration `json:"time_frame"`
Confidence float64 `json:"confidence"`
Implications []string `json:"implications"`
}
RiskTrend represents risk trends
type RobustnessValidationResult ¶
type RobustnessValidationResult struct {
RobustnessScore float64 `json:"robustness_score"`
StabilityMetrics *StabilityMetrics `json:"stability_metrics"`
PerturbationTests []PerturbationTest `json:"perturbation_tests"`
WeaknessAreas []WeaknessArea `json:"weakness_areas"`
}
RobustnessValidationResult represents model robustness validation
type RuntimeAnalysisResult ¶
type RuntimeAnalysisResult struct {
RuntimeBehaviors []RuntimeBehavior `json:"runtime_behaviors"`
PerformanceMetrics *PerformanceMetrics `json:"performance_metrics"`
ResourceUsagePatterns []ResourceUsagePattern `json:"resource_usage_patterns"`
ExecutionAnomalies []ExecutionAnomaly `json:"execution_anomalies"`
SecurityEvents []SecurityEvent `json:"security_events"`
}
RuntimeAnalysisResult represents runtime analysis results
type RuntimeAnalyzer ¶
type RuntimeAnalyzer struct {
// contains filtered or unexported fields
}
type RuntimeBehavior ¶
type RuntimeBehavior struct {
BehaviorID string `json:"behavior_id"`
BehaviorType string `json:"behavior_type"`
Description string `json:"description"`
Frequency int `json:"frequency"`
Duration time.Duration `json:"duration"`
ResourceImpact string `json:"resource_impact"`
SecurityImpact string `json:"security_impact"`
Anomalous bool `json:"anomalous"`
}
RuntimeBehavior represents runtime behaviors
type RuntimeMonitor ¶
type RuntimeMonitor struct {
// contains filtered or unexported fields
}
type SanitizationRule ¶
type ScanMetric ¶
type ScanMetric struct {
MetricID string `json:"metric_id"`
ScanType string `json:"scan_type"`
ScanCount int `json:"scan_count"`
SuccessRate float64 `json:"success_rate"`
AverageDuration time.Duration `json:"average_duration"`
LastScan time.Time `json:"last_scan"`
}
ScanMetric represents scan metrics
type SeasonalPattern ¶
type SeasonalPattern struct {
Name string
StartMonth int
EndMonth int
Probability float64
Indicators []string
}
SeasonalPattern represents seasonal activation patterns
type SecurityAlert ¶
type SecurityAlert struct {
AlertID string `json:"alert_id"`
AlertType string `json:"alert_type"`
Severity string `json:"severity"`
Title string `json:"title"`
Message string `json:"message"`
Timestamp time.Time `json:"timestamp"`
Source string `json:"source"`
AffectedPackage string `json:"affected_package"`
Context map[string]interface{} `json:"context"`
Acknowledged bool `json:"acknowledged"`
}
SecurityAlert represents security alerts
type SecurityCoordinator ¶
type SecurityCoordinator struct {
// contains filtered or unexported fields
}
SecurityCoordinator orchestrates all security components for comprehensive threat detection Integrates: temporal detection, complexity analysis, trust validation, ML hardening, multi-vector coordination, and behavioral analysis
func NewSecurityCoordinator ¶
func NewSecurityCoordinator(config *SecurityCoordinatorConfig, logger logger.Logger) *SecurityCoordinator
NewSecurityCoordinator creates a new security coordinator
func (*SecurityCoordinator) PerformComprehensiveSecurityAnalysis ¶
func (sc *SecurityCoordinator) PerformComprehensiveSecurityAnalysis(ctx context.Context, pkg *types.Package) (*ComprehensiveSecurityResult, error)
PerformComprehensiveSecurityAnalysis performs comprehensive security analysis
type SecurityCoordinatorConfig ¶
type SecurityCoordinatorConfig struct {
EnableTemporalDetection bool `yaml:"enable_temporal_detection"` // true
EnableComplexityAnalysis bool `yaml:"enable_complexity_analysis"` // true
EnableTrustValidation bool `yaml:"enable_trust_validation"` // true
EnableMLHardening bool `yaml:"enable_ml_hardening"` // true
EnableMultiVectorDetection bool `yaml:"enable_multi_vector_detection"` // true
EnableBehavioralAnalysis bool `yaml:"enable_behavioral_analysis"` // true
EnableThreatIntelligence bool `yaml:"enable_threat_intelligence"` // true
EnableResponseOrchestration bool `yaml:"enable_response_orchestration"` // true
EnableSecurityMetrics bool `yaml:"enable_security_metrics"` // true
EnableAlertManagement bool `yaml:"enable_alert_management"` // true
MaxConcurrentScans int `yaml:"max_concurrent_scans"` // 10
ScanTimeout time.Duration `yaml:"scan_timeout"` // 30m
ThreatScoreThreshold float64 `yaml:"threat_score_threshold"` // 0.7
CriticalThreatThreshold float64 `yaml:"critical_threat_threshold"` // 0.9
AutoResponseEnabled bool `yaml:"auto_response_enabled"` // false
Enabled bool `yaml:"enabled"` // true
}
SecurityCoordinatorConfig configures the security coordinator
type SecurityEvent ¶
type SecurityEvent struct {
EventID string `json:"event_id"`
EventType string `json:"event_type"`
Timestamp time.Time `json:"timestamp"`
Severity string `json:"severity"`
Description string `json:"description"`
Source string `json:"source"`
Target string `json:"target"`
Action string `json:"action"`
Result string `json:"result"`
Context map[string]interface{} `json:"context"`
}
SecurityEvent represents security events
type SecurityMetrics ¶
type SecurityMetrics struct {
// contains filtered or unexported fields
}
SecurityMetrics tracks security metrics
type SecurityMetricsResult ¶
type SecurityMetricsResult struct {
ScanMetrics []ScanMetric `json:"scan_metrics"`
ThreatMetrics []ThreatMetric `json:"threat_metrics"`
PerformanceMetrics []PerformanceMetric `json:"performance_metrics"`
AlertMetrics []AlertMetric `json:"alert_metrics"`
OverallHealth string `json:"overall_health"`
HealthScore float64 `json:"health_score"`
GeneratedAt time.Time `json:"generated_at"`
}
SecurityMetricsResult represents security metrics results
type SecurityMonitor ¶
type SecurityMonitor struct {
// contains filtered or unexported fields
}
type SecurityPerformanceMetric ¶
type SecurityPerformanceMetric struct {
MetricID string `json:"metric_id"`
ComponentName string `json:"component_name"`
AverageLatency time.Duration `json:"average_latency"`
Throughput float64 `json:"throughput"`
ErrorRate float64 `json:"error_rate"`
ResourceUsage float64 `json:"resource_usage"`
}
SecurityPerformanceMetric represents performance metrics
type SecurityRecommendation ¶
type SecurityRecommendation struct {
RecommendationID string `json:"recommendation_id"`
RecommendationType string `json:"recommendation_type"`
Priority string `json:"priority"`
Title string `json:"title"`
Description string `json:"description"`
ActionItems []string `json:"action_items"`
EstimatedEffort string `json:"estimated_effort"`
ExpectedBenefit string `json:"expected_benefit"`
Timestamp time.Time `json:"timestamp"`
}
SecurityRecommendation represents security recommendations
type SecurityRule ¶
type SessionActivity ¶
type SessionAnalytics ¶
type SessionAnalytics struct {
// contains filtered or unexported fields
}
type SessionAuthenticationValidator ¶
type SessionAuthenticationValidator struct {
// contains filtered or unexported fields
}
type SessionMetric ¶
type SessionMonitor ¶
type SessionMonitor struct {
// contains filtered or unexported fields
}
type SessionRecord ¶
type SessionReport ¶
type SessionReportGenerator ¶
type SessionReportGenerator struct {
// contains filtered or unexported fields
}
type SessionRule ¶
type SessionSecurityAnalyzer ¶
type SessionSecurityAnalyzer struct {
// contains filtered or unexported fields
}
type SessionSecurityRule ¶
type SessionThreat ¶
type SessionThreatDetector ¶
type SessionThreatDetector struct {
// contains filtered or unexported fields
}
type SessionThreatPattern ¶
type SocialEngineeringDetector ¶
type SocialEngineeringDetector struct {
// contains filtered or unexported fields
}
Social engineering detection structures
func NewSocialEngineeringDetector ¶
func NewSocialEngineeringDetector() *SocialEngineeringDetector
type SocialEngineeringRisk ¶
type SocialEngineeringRisk struct {
RiskLevel string `json:"risk_level"`
ConfidenceScore float64 `json:"confidence_score"`
DetectedTechniques []string `json:"detected_techniques"`
PsychologicalTriggers []PsychologicalTrigger `json:"psychological_triggers"`
ManipulationTactics []ManipulationTactic `json:"manipulation_tactics"`
}
SocialEngineeringRisk represents social engineering risk assessment
type SpatialAnalyzer ¶
type SpatialAnalyzer struct {
// contains filtered or unexported fields
}
type SpatialCorrelation ¶
type SpatialCorrelation struct {
GeographicRegion string `json:"geographic_region"`
AttackDensity float64 `json:"attack_density"`
CorrelationStrength float64 `json:"correlation_strength"`
AffectedEcosystems []string `json:"affected_ecosystems"`
}
SpatialCorrelation represents spatial attack correlations
type StabilityMetric ¶
type StabilityMetrics ¶
type StabilityMetrics struct {
PredictionVariance float64 `json:"prediction_variance"`
OutputStability float64 `json:"output_stability"`
FeatureSensitivity float64 `json:"feature_sensitivity"`
NoiseResistance float64 `json:"noise_resistance"`
}
StabilityMetrics represents model stability metrics
type StageDetector ¶
type StageDetector struct {
// contains filtered or unexported fields
}
type StageSignature ¶
type StagedAttack ¶
type StagedAttack struct {
AttackID string `json:"attack_id"`
Stages []AttackStage `json:"stages"`
CurrentStage int `json:"current_stage"`
Progression float64 `json:"progression"`
NextStageETA *time.Time `json:"next_stage_eta"`
}
StagedAttack represents staged attack sequences
type Stakeholder ¶
type StatisticalAnomaly ¶
type StatisticalAnomaly struct {
AnomalyID string `json:"anomaly_id"`
Metric string `json:"metric"`
ObservedValue float64 `json:"observed_value"`
ExpectedValue float64 `json:"expected_value"`
Deviation float64 `json:"deviation"`
ZScore float64 `json:"z_score"`
Probability float64 `json:"probability"`
}
StatisticalAnomaly represents statistical anomalies
type StrengthMetric ¶
type StrengthRule ¶
type SupplyChainAnalyzer ¶
type SupplyChainAnalyzer struct {
// contains filtered or unexported fields
}
type SupplyChainRisk ¶
type SupplyChainRisk struct {
RiskType string `json:"risk_type"`
RiskLevel string `json:"risk_level"`
AffectedChain []string `json:"affected_chain"`
ImpactRadius int `json:"impact_radius"`
Mitigation []string `json:"mitigation"`
}
SupplyChainRisk represents supply chain risks
type SuspiciousChange ¶
type SuspiciousChange struct {
FromVersion string `json:"from_version"`
ToVersion string `json:"to_version"`
ChangeType string `json:"change_type"`
Suspicion float64 `json:"suspicion"`
Indicators []string `json:"indicators"`
}
SuspiciousChange represents a suspicious change across versions
type SuspiciousDomain ¶
type SuspiciousDomain struct {
Domain string `json:"domain"`
SuspicionLevel string `json:"suspicion_level"`
SuspicionScore float64 `json:"suspicion_score"`
Reasons []string `json:"reasons"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
ThreatType string `json:"threat_type"`
}
SuspiciousDomain represents suspicious domains
type SuspiciousGradient ¶
type SuspiciousGradient struct {
LayerName string `json:"layer_name"`
GradientValue float64 `json:"gradient_value"`
AnomalyScore float64 `json:"anomaly_score"`
Description string `json:"description"`
}
SuspiciousGradient represents suspicious gradient patterns
type SuspiciousPattern ¶
type SuspiciousPattern struct {
PatternID string `json:"pattern_id"`
SuspicionLevel string `json:"suspicion_level"`
SuspicionScore float64 `json:"suspicion_score"`
Reasons []string `json:"reasons"`
Evidence []string `json:"evidence"`
FirstDetected time.Time `json:"first_detected"`
Persistence bool `json:"persistence"`
}
SuspiciousPattern represents suspicious behavioral patterns
type SuspiciousUser ¶
type SuspiciousUser struct {
UserID string `json:"user_id"`
SuspicionLevel string `json:"suspicion_level"`
SuspicionScore float64 `json:"suspicion_score"`
SuspiciousActions []string `json:"suspicious_actions"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
BotProbability float64 `json:"bot_probability"`
}
SuspiciousUser represents suspicious users
type SynchronizedEvent ¶
type SynchronizedEvent struct {
EventType string `json:"event_type"`
Timestamp time.Time `json:"timestamp"`
Ecosystem string `json:"ecosystem"`
PackageName string `json:"package_name"`
Severity string `json:"severity"`
}
SynchronizedEvent represents synchronized attack events
type TamperingDetection ¶
type TamperingDetection struct {
TamperingEvents []TamperingEvent `json:"tampering_events"`
TamperingPatterns []TamperingPattern `json:"tampering_patterns"`
TamperingIndicators []TamperingIndicator `json:"tampering_indicators"`
TamperingRisk string `json:"tampering_risk"`
}
TamperingDetection represents tampering detection
type TamperingEvent ¶
type TamperingEvent struct {
EventID string `json:"event_id"`
EventType string `json:"event_type"`
DetectionTime time.Time `json:"detection_time"`
FilePath string `json:"file_path"`
TamperingMethod string `json:"tampering_method"`
Evidence []string `json:"evidence"`
Severity string `json:"severity"`
}
TamperingEvent represents tampering events
type TamperingIndicator ¶
type TamperingIndicator struct {
IndicatorID string `json:"indicator_id"`
IndicatorType string `json:"indicator_type"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
Evidence []string `json:"evidence"`
RiskLevel string `json:"risk_level"`
}
TamperingIndicator represents tampering indicators
type TamperingPattern ¶
type TamperingPattern struct {
PatternID string `json:"pattern_id"`
PatternType string `json:"pattern_type"`
Description string `json:"description"`
Frequency int `json:"frequency"`
AffectedFiles []string `json:"affected_files"`
Methods []string `json:"methods"`
}
TamperingPattern represents tampering patterns
type TechnicalAnalyzer ¶
type TechnicalAnalyzer struct {
// contains filtered or unexported fields
}
type TechnicalCorrelation ¶
type TechnicalCorrelation struct {
TechnicalIndicator string `json:"technical_indicator"`
IndicatorType string `json:"indicator_type"`
CorrelationStrength float64 `json:"correlation_strength"`
AffectedPackages []string `json:"affected_packages"`
AttackTechniques []string `json:"attack_techniques"`
}
TechnicalCorrelation represents technical attack correlations
type TemporalAnalysisResult ¶
type TemporalAnalysisResult struct {
TemporalPatterns []TemporalPattern `json:"temporal_patterns"`
SeasonalPatterns []SeasonalPattern `json:"seasonal_patterns"`
CyclicalPatterns []CyclicalPattern `json:"cyclical_patterns"`
TemporalAnomalies []TemporalAnomaly `json:"temporal_anomalies"`
TrendAnalysis *TrendAnalysis `json:"trend_analysis"`
ForecastAnalysis *ForecastAnalysis `json:"forecast_analysis"`
}
TemporalAnalysisResult represents temporal analysis results
type TemporalAnalyzer ¶
type TemporalAnalyzer struct {
// contains filtered or unexported fields
}
type TemporalAnomaly ¶
type TemporalAnomaly struct {
AnomalyID string `json:"anomaly_id"`
AnomalyType string `json:"anomaly_type"`
DetectionTime time.Time `json:"detection_time"`
TimeFrame string `json:"time_frame"`
Description string `json:"description"`
Deviation float64 `json:"deviation"`
Significance float64 `json:"significance"`
Evidence []string `json:"evidence"`
}
TemporalAnomaly represents temporal anomalies
type TemporalAnomalyDetector ¶
type TemporalAnomalyDetector struct {
// contains filtered or unexported fields
}
type TemporalAnomalyRecord ¶
type TemporalAnomalyRule ¶
type TemporalBehaviorAnalyzer ¶
type TemporalBehaviorAnalyzer struct {
// contains filtered or unexported fields
}
type TemporalCorrelation ¶
type TemporalCorrelation struct {
TimeWindow time.Duration `json:"time_window"`
AttackCount int `json:"attack_count"`
CorrelationScore float64 `json:"correlation_score"`
SynchronizedEvents []SynchronizedEvent `json:"synchronized_events"`
}
TemporalCorrelation represents temporal attack correlations
type TemporalDetector ¶
type TemporalDetector struct {
// contains filtered or unexported fields
}
TemporalDetector provides advanced temporal threat detection capabilities Addresses critical vulnerabilities identified in adversarial assessment: - Time-bomb malware with extended delays (18+ months) - Astronomical event triggers - Seasonal activation patterns - Gradual payload deployment across versions
func NewTemporalDetector ¶
func NewTemporalDetector(config *TemporalDetectorConfig, logger logger.Logger) *TemporalDetector
NewTemporalDetector creates a new temporal detector
func (*TemporalDetector) AnalyzeTemporalThreats ¶
func (td *TemporalDetector) AnalyzeTemporalThreats(ctx context.Context, pkg *types.Package) (*TemporalThreat, error)
AnalyzeTemporalThreats performs comprehensive temporal threat analysis
type TemporalDetectorConfig ¶
type TemporalDetectorConfig struct {
MaxAnalysisWindow time.Duration `yaml:"max_analysis_window"` // 24 months
SuspicionThreshold float64 `yaml:"suspicion_threshold"` // 0.7
VersionTrackingDepth int `yaml:"version_tracking_depth"` // 50 versions
AstronomicalChecks bool `yaml:"astronomical_checks"` // true
SeasonalAnalysis bool `yaml:"seasonal_analysis"` // true
GradualDeploymentScan bool `yaml:"gradual_deployment_scan"` // true
Enabled bool `yaml:"enabled"` // true
}
TemporalDetectorConfig configures temporal detection parameters
func DefaultTemporalDetectorConfig ¶
func DefaultTemporalDetectorConfig() *TemporalDetectorConfig
DefaultTemporalDetectorConfig returns default configuration
type TemporalInstallation ¶
type TemporalInstallation struct {
TimeWindow string `json:"time_window"`
InstallationCount int `json:"installation_count"`
Rate float64 `json:"rate"`
Trend string `json:"trend"`
Anomalous bool `json:"anomalous"`
}
TemporalInstallation represents temporal installation data
type TemporalInstallationAnalyzer ¶
type TemporalInstallationAnalyzer struct {
// contains filtered or unexported fields
}
type TemporalMonitor ¶
type TemporalMonitor struct {
// contains filtered or unexported fields
}
type TemporalPattern ¶
type TemporalPattern struct {
Name string
Pattern *regexp.Regexp
Severity types.Severity
Description string
Indicators []string
}
TemporalPattern represents suspicious temporal patterns
type TemporalPatternAnalyzer ¶
type TemporalPatternAnalyzer struct {
// contains filtered or unexported fields
}
type TemporalPatternRule ¶
type TemporalRule ¶
type TemporalThreat ¶
type TemporalThreat struct {
ThreatID string `json:"threat_id"`
PackageName string `json:"package_name"`
ThreatType string `json:"threat_type"`
Severity types.Severity `json:"severity"`
ConfidenceScore float64 `json:"confidence_score"`
DetectedPatterns []string `json:"detected_patterns"`
PredictedTriggers []PredictedTrigger `json:"predicted_triggers"`
VersionAnalysis *VersionAnalysisResult `json:"version_analysis"`
Recommendations []string `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
TemporalThreat represents a detected temporal threat
type TemporalTrend ¶
type TemporalTrendAnalyzer ¶
type TemporalTrendAnalyzer struct {
// contains filtered or unexported fields
}
type TemporalTrendRule ¶
type ThreatActor ¶
type ThreatActor struct {
ActorID string `json:"actor_id"`
ActorName string `json:"actor_name"`
ThreatLevel string `json:"threat_level"`
Capabilities []string `json:"capabilities"`
KnownTTPs []string `json:"known_ttps"`
LastActivity time.Time `json:"last_activity"`
Attribution float64 `json:"attribution"`
}
ThreatActor represents identified threat actors
type ThreatDetectionRule ¶
type ThreatDetector ¶
type ThreatDetector struct {
// contains filtered or unexported fields
}
type ThreatEvent ¶
type ThreatEvent struct {
EventID string `json:"event_id"`
EventType string `json:"event_type"`
Timestamp time.Time `json:"timestamp"`
Description string `json:"description"`
Severity string `json:"severity"`
Indicators []string `json:"indicators"`
}
ThreatEvent represents threat timeline events
type ThreatFeed ¶
type ThreatFeed struct {
FeedID string `json:"feed_id"`
FeedName string `json:"feed_name"`
FeedURL string `json:"feed_url"`
FeedType string `json:"feed_type"`
LastUpdate time.Time `json:"last_update"`
RecordCount int `json:"record_count"`
Enabled bool `json:"enabled"`
}
ThreatFeed represents threat intelligence feeds
type ThreatIndicator ¶
type ThreatIndicator struct {
IndicatorType string `json:"indicator_type"`
IndicatorValue string `json:"indicator_value"`
Confidence float64 `json:"confidence"`
ThreatLevel string `json:"threat_level"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
Sources []string `json:"sources"`
}
ThreatIndicator represents threat indicators
type ThreatIntelRecord ¶
type ThreatIntelRecord struct {
RecordID string `json:"record_id"`
ThreatType string `json:"threat_type"`
Indicator string `json:"indicator"`
IndicatorType string `json:"indicator_type"`
Confidence float64 `json:"confidence"`
Severity string `json:"severity"`
Description string `json:"description"`
Source string `json:"source"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
Tags []string `json:"tags"`
Context map[string]interface{} `json:"context"`
}
ThreatIntelRecord represents threat intelligence records
type ThreatIntelResult ¶
type ThreatIntelResult struct {
MatchedThreats []ThreatMatch `json:"matched_threats"`
ThreatScore float64 `json:"threat_score"`
IntelligenceSources []string `json:"intelligence_sources"`
LastUpdate time.Time `json:"last_update"`
Recommendations []string `json:"recommendations"`
}
ThreatIntelResult represents threat intelligence analysis results
type ThreatIntelligence ¶
type ThreatIntelligence struct {
// contains filtered or unexported fields
}
func NewThreatIntelligence ¶
func NewThreatIntelligence() *ThreatIntelligence
type ThreatIntelligenceResult ¶
type ThreatIntelligenceResult struct {
IntelligenceScore float64 `json:"intelligence_score"`
ThreatActors []ThreatActor `json:"threat_actors"`
AttackCampaigns []AttackCampaign `json:"attack_campaigns"`
ThreatIndicators []ThreatIndicator `json:"threat_indicators"`
AttributionAnalysis *AttributionAnalysis `json:"attribution_analysis"`
}
ThreatIntelligenceResult represents threat intelligence analysis
type ThreatIntelligenceService ¶
type ThreatIntelligenceService struct {
// contains filtered or unexported fields
}
ThreatIntelligenceService provides threat intelligence capabilities
type ThreatMatch ¶
type ThreatMatch struct {
ThreatRecord ThreatIntelRecord `json:"threat_record"`
MatchType string `json:"match_type"`
MatchConfidence float64 `json:"match_confidence"`
MatchedValue string `json:"matched_value"`
}
ThreatMatch represents matched threat intelligence
type ThreatMetric ¶
type ThreatMetric struct {
MetricID string `json:"metric_id"`
ThreatType string `json:"threat_type"`
DetectionCount int `json:"detection_count"`
FalsePositives int `json:"false_positives"`
TruePositives int `json:"true_positives"`
Accuracy float64 `json:"accuracy"`
}
ThreatMetric represents threat metrics
type ThreatModel ¶
type ThreatPropagationModel ¶
type ThreatPropagationModel struct {
// contains filtered or unexported fields
}
type ThreatRecord ¶
type TimeSeriesPoint ¶
type TokenExpirationManager ¶
type TokenExpirationManager struct {
// contains filtered or unexported fields
}
type TokenValidationRule ¶
type TokenValidator ¶
type TokenValidator struct {
// contains filtered or unexported fields
}
type TrafficAnalysis ¶
type TrafficAnalysis struct {
TotalTraffic int64 `json:"total_traffic"`
InboundTraffic int64 `json:"inbound_traffic"`
OutboundTraffic int64 `json:"outbound_traffic"`
TrafficRate float64 `json:"traffic_rate"`
PeakTrafficTime time.Time `json:"peak_traffic_time"`
TrafficDistribution map[string]float64 `json:"traffic_distribution"`
UnusualTraffic bool `json:"unusual_traffic"`
}
TrafficAnalysis represents traffic analysis
type TrafficAnalyzer ¶
type TrafficAnalyzer struct {
// contains filtered or unexported fields
}
type TrafficAnomaly ¶
type TrafficAnomalyDetector ¶
type TrafficAnomalyDetector struct {
// contains filtered or unexported fields
}
type TrafficAnomalyModel ¶
type TrafficMetric ¶
type TrafficPattern ¶
type TrainingDataPoint ¶
type TransitionRule ¶
type TrendAnalysis ¶
type TrendAnalysis struct {
OverallTrend string `json:"overall_trend"`
TrendDirection string `json:"trend_direction"`
TrendStrength float64 `json:"trend_strength"`
TrendStability float64 `json:"trend_stability"`
ChangePoints []ChangePoint `json:"change_points"`
TrendComponents []TrendComponent `json:"trend_components"`
}
TrendAnalysis represents trend analysis
type TrendComponent ¶
type TrendComponent struct {
ComponentID string `json:"component_id"`
ComponentType string `json:"component_type"`
Description string `json:"description"`
Contribution float64 `json:"contribution"`
Significance float64 `json:"significance"`
}
TrendComponent represents trend components
type TrendRecord ¶
type TrustFactor ¶
type TrustFactor struct {
Factor string `json:"factor"`
Weight float64 `json:"weight"`
Score float64 `json:"score"`
Evidence []string `json:"evidence"`
Reliability string `json:"reliability"`
}
TrustFactor represents factors contributing to trust
type TrustValidationResult ¶
type TrustValidationResult struct {
PackageName string `json:"package_name"`
OverallTrustScore float64 `json:"overall_trust_score"`
SuspicionScore float64 `json:"suspicion_score"`
TrustLevel string `json:"trust_level"`
ValidationResults map[string]ValidationResult `json:"validation_results"`
SocialEngineeringRisk *SocialEngineeringRisk `json:"social_engineering_risk"`
TrustFactors []TrustFactor `json:"trust_factors"`
RedFlags []RedFlag `json:"red_flags"`
Recommendations []string `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata"`
}
TrustValidationResult represents trust validation results
type TrustValidator ¶
type TrustValidator struct {
// contains filtered or unexported fields
}
TrustValidator provides comprehensive trust validation capabilities Addresses critical vulnerabilities identified in adversarial assessment: - Authority impersonation (federal security directive) - Maintainer reputation hijacking (emergency patch) - Corporate backing fabrication (enterprise security mandate) - Security researcher impersonation (vulnerability fix) - Compliance certification forgery (ISO certified framework) - Community manipulation (grassroots endorsed tool)
func NewTrustValidator ¶
func NewTrustValidator(config *TrustValidatorConfig, logger logger.Logger) *TrustValidator
NewTrustValidator creates a new trust validator
func (*TrustValidator) ValidateTrust ¶
func (tv *TrustValidator) ValidateTrust(ctx context.Context, pkg *types.Package) (*TrustValidationResult, error)
ValidateTrust performs comprehensive trust validation
type TrustValidatorConfig ¶
type TrustValidatorConfig struct {
EnableAuthorityValidation bool `yaml:"enable_authority_validation"` // true
EnableMaintainerValidation bool `yaml:"enable_maintainer_validation"` // true
EnableCorporateValidation bool `yaml:"enable_corporate_validation"` // true
EnableResearcherValidation bool `yaml:"enable_researcher_validation"` // true
EnableComplianceValidation bool `yaml:"enable_compliance_validation"` // true
EnableCommunityValidation bool `yaml:"enable_community_validation"` // true
EnableSocialEngineering bool `yaml:"enable_social_engineering"` // true
TrustThreshold float64 `yaml:"trust_threshold"` // 0.7
SuspicionThreshold float64 `yaml:"suspicion_threshold"` // 0.3
ValidationTimeout time.Duration `yaml:"validation_timeout"` // 30s
RequireMultipleValidation bool `yaml:"require_multiple_validation"` // true
ZeroTrustMode bool `yaml:"zero_trust_mode"` // false
Enabled bool `yaml:"enabled"` // true
}
TrustValidatorConfig configures trust validation parameters
func DefaultTrustValidatorConfig ¶
func DefaultTrustValidatorConfig() *TrustValidatorConfig
DefaultTrustValidatorConfig returns default configuration
type UnusualPermission ¶
type UnusualPermission struct {
FilePath string `json:"file_path"`
Permissions string `json:"permissions"`
UnusualAspect string `json:"unusual_aspect"`
RiskLevel string `json:"risk_level"`
Recommendations []string `json:"recommendations"`
}
UnusualPermission represents unusual permissions
type UpdateRecord ¶
type UpdateRule ¶
type UserAction ¶
type UserAction struct {
ActionID string `json:"action_id"`
ActionType string `json:"action_type"`
Timestamp time.Time `json:"timestamp"`
Description string `json:"description"`
Context map[string]interface{} `json:"context"`
Result string `json:"result"`
Suspicious bool `json:"suspicious"`
}
UserAction represents user actions
type UserAnalyzer ¶
type UserAnalyzer struct {
// contains filtered or unexported fields
}
type UserAnomaly ¶
type UserAnomalyDetector ¶
type UserAnomalyDetector struct {
// contains filtered or unexported fields
}
type UserAnomalyModel ¶
type UserAuthenticationAnalyzer ¶
type UserAuthenticationAnalyzer struct {
// contains filtered or unexported fields
}
type UserBehaviorAnalysis ¶
type UserBehaviorAnalysis struct {
UserTypes []UserType `json:"user_types"`
BehaviorPatterns []UserBehaviorPattern `json:"behavior_patterns"`
SuspiciousUsers []SuspiciousUser `json:"suspicious_users"`
UserEngagement *UserEngagement `json:"user_engagement"`
}
UserBehaviorAnalysis represents user behavior analysis
type UserBehaviorAnalyzer ¶
type UserBehaviorAnalyzer struct {
// contains filtered or unexported fields
}
type UserBehaviorModel ¶
type UserBehaviorPattern ¶
type UserBehaviorPattern struct {
PatternID string `json:"pattern_id"`
PatternName string `json:"pattern_name"`
UserCount int `json:"user_count"`
Frequency float64 `json:"frequency"`
Typical bool `json:"typical"`
RiskIndicators []string `json:"risk_indicators"`
}
UserBehaviorPattern represents user behavior patterns
type UserBehaviorProfile ¶
type UserBehaviorProfile struct {
UserID string `json:"user_id"`
ProfileType string `json:"profile_type"`
BehaviorCharacteristics []string `json:"behavior_characteristics"`
TypicalPatterns []string `json:"typical_patterns"`
RiskLevel string `json:"risk_level"`
LastUpdated time.Time `json:"last_updated"`
Confidence float64 `json:"confidence"`
}
UserBehaviorProfile represents user behavior profiles
type UserCredential ¶
type UserEngagement ¶
type UserEngagement struct {
ActiveUsers int `json:"active_users"`
EngagementRate float64 `json:"engagement_rate"`
AverageSessionTime time.Duration `json:"average_session_time"`
ReturnUserRate float64 `json:"return_user_rate"`
EngagementTrend string `json:"engagement_trend"`
}
UserEngagement represents user engagement metrics
type UserInteraction ¶
type UserInteractionAnalysisResult ¶
type UserInteractionAnalysisResult struct {
InteractionPatterns []InteractionPattern `json:"interaction_patterns"`
UserSessions []UserSession `json:"user_sessions"`
InteractionAnomalies []InteractionAnomaly `json:"interaction_anomalies"`
UserBehaviorProfile *UserBehaviorProfile `json:"user_behavior_profile"`
EngagementMetrics *EngagementMetrics `json:"engagement_metrics"`
}
UserInteractionAnalysisResult represents user interaction analysis results
type UserInteractionAnalyzer ¶
type UserInteractionAnalyzer struct {
// contains filtered or unexported fields
}
type UserInteractionMonitor ¶
type UserInteractionMonitor struct {
// contains filtered or unexported fields
}
type UserProfile ¶
type UserProfileManager ¶
type UserProfileManager struct {
// contains filtered or unexported fields
}
type UserSession ¶
type UserSession struct {
SessionID string `json:"session_id"`
UserID string `json:"user_id"`
StartTime time.Time `json:"start_time"`
EndTime *time.Time `json:"end_time"`
Duration time.Duration `json:"duration"`
Actions []UserAction `json:"actions"`
Suspicious bool `json:"suspicious"`
}
UserSession represents user sessions
type UserSessionAnalyzer ¶
type UserSessionAnalyzer struct {
// contains filtered or unexported fields
}
type UserType ¶
type UserType struct {
TypeID string `json:"type_id"`
TypeName string `json:"type_name"`
Percentage float64 `json:"percentage"`
Characteristics []string `json:"characteristics"`
RiskLevel string `json:"risk_level"`
}
UserType represents user types
type ValidationMetrics ¶
type ValidationMetrics struct {
TotalInputs int `json:"total_inputs"`
ValidInputs int `json:"valid_inputs"`
AnomalousInputs int `json:"anomalous_inputs"`
ValidationRate float64 `json:"validation_rate"`
AnomalyRate float64 `json:"anomaly_rate"`
}
ValidationMetrics represents input validation metrics
type ValidationResult ¶
type ValidationResult struct {
ValidationType string `json:"validation_type"`
Score float64 `json:"score"`
Confidence float64 `json:"confidence"`
Status string `json:"status"`
Evidence []string `json:"evidence"`
Warnings []string `json:"warnings"`
Timestamp time.Time `json:"timestamp"`
}
ValidationResult represents individual validation results
type ValidationRule ¶
type VerificationMethod ¶
type VersionAnalysisResult ¶
type VersionAnalysisResult struct {
TotalVersions int `json:"total_versions"`
SuspiciousVersions int `json:"suspicious_versions"`
GradualDeployment bool `json:"gradual_deployment"`
PayloadAssembly bool `json:"payload_assembly"`
VersionProgression []VersionProgression `json:"version_progression"`
SuspiciousChanges []SuspiciousChange `json:"suspicious_changes"`
}
VersionAnalysisResult represents version analysis results
type VersionEntry ¶
type VersionEntry struct {
Version string
ReleaseDate time.Time
CodeHash string
Suspicious bool
Changes []CodeChange
}
VersionEntry represents a package version entry
type VersionProgression ¶
type VersionProgression struct {
Version string `json:"version"`
Date time.Time `json:"date"`
Suspicion float64 `json:"suspicion"`
Changes int `json:"changes"`
Indicators []string `json:"indicators"`
}
VersionProgression tracks progression across versions
type VersionTracker ¶
type VersionTracker struct {
// contains filtered or unexported fields
}
VersionTracker tracks package versions for gradual deployment detection
func NewVersionTracker ¶
func NewVersionTracker(maxEntries int) *VersionTracker
Helper functions for version tracking
func (*VersionTracker) GetVersionHistory ¶
func (vt *VersionTracker) GetVersionHistory(packageName string) []VersionEntry
type VulnerabilityScanResult ¶
type VulnerabilityScanRule ¶
type WeakEncryption ¶
type WeakEncryption struct {
Protocol string `json:"protocol"`
Weakness string `json:"weakness"`
RiskLevel string `json:"risk_level"`
Recommendations []string `json:"recommendations"`
}
WeakEncryption represents weak encryption
type WeaknessArea ¶
type WeaknessArea struct {
Area string `json:"area"`
Severity string `json:"severity"`
Description string `json:"description"`
VulnerabilityScore float64 `json:"vulnerability_score"`
Recommendations []string `json:"recommendations"`
}
WeaknessArea represents identified model weakness areas
type WeaknessDetectionRule ¶
type WeaknessDetector ¶
type WeaknessDetector struct {
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.