ml

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 1, 2025 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultConfig 

func DefaultConfig() config.MLAnalysisConfig

DefaultConfig provides a default configuration for the ML analyzer.

Types

type AdaptiveResult 

type AdaptiveResult struct {
	Ecosystem            string                 `json:"ecosystem"`
	OriginalScore        float64                `json:"original_score"`
	AdjustedScore        float64                `json:"adjusted_score"`
	ThresholdUsed        float64                `json:"threshold_used"`
	ModelVersion         string                 `json:"model_version"`
	ConfidenceLevel      float64                `json:"confidence_level"`
	FeatureContributions map[string]float64     `json:"feature_contributions"`
	AdaptationApplied    bool                   `json:"adaptation_applied"`
	Details              map[string]interface{} `json:"details"`
}

AdaptiveResult represents the result of adaptive threshold analysis

type AdaptiveThresholdManager 

type AdaptiveThresholdManager struct {
	// contains filtered or unexported fields
}

AdaptiveThresholdManager manages ecosystem-specific ML thresholds

func NewAdaptiveThresholdManager 

func NewAdaptiveThresholdManager(config *config.Config, logger *logger.Logger) *AdaptiveThresholdManager

NewAdaptiveThresholdManager creates a new adaptive threshold manager

func (*AdaptiveThresholdManager) AdaptThresholds 

func (atm *AdaptiveThresholdManager) AdaptThresholds(ctx context.Context) error

AdaptThresholds adapts thresholds based on performance feedback

func (*AdaptiveThresholdManager) AnalyzeWithAdaptiveThresholds 

func (atm *AdaptiveThresholdManager) AnalyzeWithAdaptiveThresholds(ctx context.Context, pkg *types.Package, originalScore float64, threatType string) (*AdaptiveResult, error)

AnalyzeWithAdaptiveThresholds performs analysis with ecosystem-specific adaptations

func (*AdaptiveThresholdManager) GetAdaptiveThreshold 

func (atm *AdaptiveThresholdManager) GetAdaptiveThreshold(ecosystem, threatType string) float64

GetAdaptiveThreshold returns the adaptive threshold for a specific ecosystem and threat type

func (*AdaptiveThresholdManager) Initialize 

func (atm *AdaptiveThresholdManager) Initialize(ctx context.Context) error

Initialize sets up the adaptive threshold system

func (*AdaptiveThresholdManager) UpdatePerformanceStats 

func (atm *AdaptiveThresholdManager) UpdatePerformanceStats(ecosystem string, prediction, actual bool, score float64)

UpdatePerformanceStats updates performance statistics for threshold adaptation

type AdvancedAnomalyDetector 

type AdvancedAnomalyDetector struct {
	// contains filtered or unexported fields
}

AdvancedAnomalyDetector provides sophisticated anomaly detection

func NewAdvancedAnomalyDetector 

func NewAdvancedAnomalyDetector(threshold float64, windowSize int) *AdvancedAnomalyDetector

NewAdvancedAnomalyDetector creates a new anomaly detector

func (*AdvancedAnomalyDetector) DetectAnomaly 

func (aad *AdvancedAnomalyDetector) DetectAnomaly(score float64) bool

DetectAnomaly detects anomalies in threat scores

type AdvancedFeatureExtractor 

type AdvancedFeatureExtractor struct {
	// contains filtered or unexported fields
}

AdvancedFeatureExtractor implements sophisticated feature extraction for ML models

func NewAdvancedFeatureExtractor 

func NewAdvancedFeatureExtractor() *AdvancedFeatureExtractor

NewAdvancedFeatureExtractor creates a new advanced feature extractor

func (*AdvancedFeatureExtractor) ExtractFeatures 

func (e *AdvancedFeatureExtractor) ExtractFeatures(pkg *types.Package) (*PackageFeatures, error)

ExtractFeatures extracts comprehensive features from a package

func (*AdvancedFeatureExtractor) GetFeatureNames 

func (e *AdvancedFeatureExtractor) GetFeatureNames() []string

GetFeatureNames returns the names of all extracted features

func (*AdvancedFeatureExtractor) Initialize 

func (e *AdvancedFeatureExtractor) Initialize(config *config.Config) error

Initialize initializes the feature extractor with configuration and data

func (*AdvancedFeatureExtractor) NormalizeFeatures 

func (e *AdvancedFeatureExtractor) NormalizeFeatures(features *PackageFeatures) []float64

NormalizeFeatures normalizes features for ML model input

type AdvancedScorer 

type AdvancedScorer struct {
	// contains filtered or unexported fields
}

AdvancedScorer implements sophisticated ML-based scoring using ensemble methods

func NewAdvancedScorer 

func NewAdvancedScorer(config *ScorerConfig) (*AdvancedScorer, error)

NewAdvancedScorer creates a new advanced scorer with the given configuration

func (*AdvancedScorer) GetModelInfo 

func (s *AdvancedScorer) GetModelInfo() *ModelInfo

GetModelInfo returns information about the model

func (*AdvancedScorer) GetThresholds 

func (s *AdvancedScorer) GetThresholds() ScoringThresholds

GetThresholds returns the scoring thresholds

func (*AdvancedScorer) Score 

func (s *AdvancedScorer) Score(ctx context.Context, pkg *types.Package, features map[string]interface{}) (*ScoringResult, error)

Score calculates a comprehensive risk score using ensemble methods

func (*AdvancedScorer) UpdateModel 

func (s *AdvancedScorer) UpdateModel(modelData []byte) error

UpdateModel updates the scorer with new model parameters

type AggregatedFeatureStoreStats 

type AggregatedFeatureStoreStats struct {
	TotalEntries     int                           `json:"total_entries"`
	TotalCacheHits   int64                         `json:"total_cache_hits"`
	TotalCacheMisses int64                         `json:"total_cache_misses"`
	OverallHitRatio  float64                       `json:"overall_hit_ratio"`
	TotalMemoryUsage int64                         `json:"total_memory_usage_bytes"`
	RegistryStats    map[string]*FeatureStoreStats `json:"registry_stats"`
}

AggregatedFeatureStoreStats represents aggregated statistics

type AlertSeverity 

type AlertSeverity string

AlertSeverity represents alert severity levels 

const (
	AlertSeverityLow      AlertSeverity = "low"
	AlertSeverityMedium   AlertSeverity = "medium"
	AlertSeverityHigh     AlertSeverity = "high"
	AlertSeverityCritical AlertSeverity = "critical"
)

type AnalysisMetadata 

type AnalysisMetadata struct {
	AnalysisTime    time.Time `json:"analysis_time"`
	Duration        string    `json:"duration"`
	ModelsUsed      []string  `json:"models_used"`
	FeaturesUsed    []string  `json:"features_used"`
	DatasetVersion  string    `json:"dataset_version"`
	ModelVersion    string    `json:"model_version"`
	AnalysisVersion string    `json:"analysis_version"`
}

AnalysisMetadata holds metadata about the analysis.

type AnalysisOptions 

type AnalysisOptions struct {
	CheckSimilarity     bool    `json:"check_similarity"`
	CheckMalicious      bool    `json:"check_malicious"`
	SimilarityThreshold float64 `json:"similarity_threshold"`
	MaliciousThreshold  float64 `json:"malicious_threshold"`
	TopK                int     `json:"top_k"`
}

AnalysisOptions represents options for analysis

type AnalysisResult 

type AnalysisResult struct {
	SimilarityScore    float64            `json:"similarity_score"`
	MaliciousScore     float64            `json:"malicious_score"`
	ReputationScore    float64            `json:"reputation_score"`
	TyposquattingScore float64            `json:"typosquatting_score"`
	Features           map[string]float64 `json:"features"`
	Predictions        []Prediction       `json:"predictions"`
	SimilarPackages    []SimilarPackage   `json:"similar_packages"`
	AnomalyDetection   AnomalyDetection   `json:"anomaly_detection"`
	ReputationAnalysis ReputationAnalysis `json:"reputation_analysis"`
	BehavioralAnalysis BehavioralAnalysis `json:"behavioral_analysis"`
	RiskAssessment     RiskAssessment     `json:"risk_assessment"`
	Findings           []Finding          `json:"findings"`
	Recommendations    []string           `json:"recommendations"`
	Metadata           AnalysisMetadata   `json:"metadata"`
}

AnalysisResult holds the results of the ML analysis.

type AnomalyDetection 

type AnomalyDetection struct {
	IsAnomaly       bool            `json:"is_anomaly"`
	AnomalyScore    float64         `json:"anomaly_score"`
	AnomalyType     string          `json:"anomaly_type"`
	AnomalyFeatures []string        `json:"anomaly_features"`
	OutlierAnalysis OutlierAnalysis `json:"outlier_analysis"`
	PatternAnalysis PatternAnalysis `json:"pattern_analysis"`
}

AnomalyDetection holds anomaly detection results.

type AnomalyDetector 

type AnomalyDetector struct{}

func NewAnomalyDetector 

func NewAnomalyDetector() (*AnomalyDetector, error)

func (*AnomalyDetector) DetectAnomalies 

func (ad *AnomalyDetector) DetectAnomalies(ctx context.Context, features *EnhancedPackageFeatures) (*EnhancedAnomalyDetection, error)

func (*AnomalyDetector) GetMetrics 

func (ad *AnomalyDetector) GetMetrics(ctx context.Context) (map[string]interface{}, error)

func (*AnomalyDetector) Update 

func (ad *AnomalyDetector) Update(ctx context.Context) error

type AnomalyModel 

type AnomalyModel struct {
	// contains filtered or unexported fields
}

AnomalyModel implements anomaly detection for suspicious packages

func NewAnomalyModel 

func NewAnomalyModel(config config.MLModelConfig) *AnomalyModel

NewAnomalyModel creates a new anomaly detection model

func (*AnomalyModel) GetModelInfo 

func (m *AnomalyModel) GetModelInfo() *ModelInfo

GetModelInfo returns model information

func (*AnomalyModel) Initialize 

func (m *AnomalyModel) Initialize(ctx context.Context) error

Initialize initializes the anomaly detection model

func (*AnomalyModel) IsReady 

func (m *AnomalyModel) IsReady() bool

IsReady returns whether the model is ready

func (*AnomalyModel) Predict 

func (m *AnomalyModel) Predict(features []float64) (*Prediction, error)

Predict performs anomaly detection

func (*AnomalyModel) Train 

func (m *AnomalyModel) Train(data []TrainingData) error

Train trains the anomaly detection model

type AuthorFeatures 

type AuthorFeatures struct {
	AuthorName         string    `json:"author_name"`
	AuthorEmail        string    `json:"author_email"`
	AccountAge         int       `json:"account_age_days"`
	PublishedPackages  int       `json:"published_packages"`
	TotalDownloads     int64     `json:"total_downloads"`
	AverageRating      float64   `json:"average_rating"`
	VerifiedAccount    bool      `json:"verified_account"`
	HasGitHubProfile   bool      `json:"has_github_profile"`
	GitHubFollowers    int       `json:"github_followers"`
	GitHubRepos        int       `json:"github_repos"`
	LastActivity       time.Time `json:"last_activity"`
	SuspiciousPatterns []string  `json:"suspicious_patterns"`
}

AuthorFeatures contains author-related features

type BasicFeatureExtractor 

type BasicFeatureExtractor struct {
	// contains filtered or unexported fields
}

BasicFeatureExtractor handles feature extraction from packages

type BasicMLScorer 

type BasicMLScorer struct {
	// contains filtered or unexported fields
}

BasicMLScorer implements a simple machine learning scoring algorithm for detecting malicious packages based on extracted features

func NewBasicMLScorer 

func NewBasicMLScorer() *BasicMLScorer

NewBasicMLScorer creates a new basic ML scorer with default configuration

func (*BasicMLScorer) ExtractFeatures 

func (bms *BasicMLScorer) ExtractFeatures(dep types.Dependency, metadata map[string]interface{}) BasicPackageFeatures

ExtractFeatures extracts features from a package dependency

func (*BasicMLScorer) GetModelInfo 

func (bms *BasicMLScorer) GetModelInfo() *ModelInfo

GetModelInfo implements the Scorer interface

func (*BasicMLScorer) GetThresholds 

func (bms *BasicMLScorer) GetThresholds() ScoringThresholds

GetThresholds implements the Scorer interface

func (*BasicMLScorer) Score 

func (bms *BasicMLScorer) Score(ctx context.Context, pkg *types.Package, features map[string]interface{}) (*ScoringResult, error)

Score implements the Scorer interface

func (*BasicMLScorer) ScorePackage 

func (bms *BasicMLScorer) ScorePackage(features BasicPackageFeatures) MLScore

ScorePackage calculates a malicious score for a package

func (*BasicMLScorer) UpdateFeatureStats 

func (bms *BasicMLScorer) UpdateFeatureStats(features []BasicPackageFeatures)

UpdateFeatureStats updates feature statistics for better normalization

func (*BasicMLScorer) UpdateModel 

func (bms *BasicMLScorer) UpdateModel(modelData []byte) error

UpdateModel implements the Scorer interface

type BasicPackageFeatures 

type BasicPackageFeatures struct {
	DownloadCount           float64
	MaintainerReputation    float64
	PackageAge              float64
	VersionCount            float64
	DescriptionLength       float64
	DependencyCount         float64
	TyposquattingSimilarity float64
	NameEntropy             float64
	UpdateFrequency         float64
	LicensePresent          float64
	ReadmePresent           float64
	HomepagePresent         float64
	RepositoryPresent       float64
	KeywordCount            float64
	MaintainerCount         float64
}

BasicPackageFeatures represents extracted features from a package for basic ML scoring

type BasicScorerConfig 

type BasicScorerConfig struct {
	MaliciousThreshold   float64
	SuspiciousThreshold  float64
	MinConfidence        float64
	FeatureWeights       map[string]float64
	NormalizationEnabled bool
}

BasicScorerConfig holds configuration for the basic ML scorer

type BatchAnalysisRequest 

type BatchAnalysisRequest struct {
	Packages []PackageToAnalyze `json:"packages"`
	Options  AnalysisOptions    `json:"options"`
}

BatchAnalysisRequest represents a batch analysis request

type BatchAnalysisResponse 

type BatchAnalysisResponse struct {
	Results []PackageAnalysisResult `json:"results"`
	Time    float64                 `json:"time_ms"`
}

BatchAnalysisResponse represents a batch analysis response

type BehavioralAnalysis 

type BehavioralAnalysis struct {
	InstallBehavior    InstallBehavior    `json:"install_behavior"`
	RuntimeBehavior    RuntimeBehavior    `json:"runtime_behavior"`
	NetworkBehavior    NetworkBehavior    `json:"network_behavior"`
	FileSystemBehavior FileSystemBehavior `json:"filesystem_behavior"`
}

BehavioralAnalysis holds behavioral analysis results.

type BehavioralAnalysisResult 

type BehavioralAnalysisResult struct {
	BehaviorScore       float64  `json:"behavior_score"`
	SuspiciousBehaviors []string `json:"suspicious_behaviors"`
	RiskFactors         []string `json:"risk_factors"`
	BehaviorPatterns    []string `json:"behavior_patterns"`
	AnomalousActivities []string `json:"anomalous_activities"`
	Confidence          float64  `json:"confidence"`
}

BehavioralAnalysisResult represents behavioral analysis results

type BehavioralAnalyzer 

type BehavioralAnalyzer struct {
	Config BehavioralConfig
}

BehavioralAnalyzer performs behavioral analysis on packages

func NewBehavioralAnalyzer 

func NewBehavioralAnalyzer() *BehavioralAnalyzer

NewBehavioralAnalyzer creates a new behavioral analyzer

func (*BehavioralAnalyzer) AnalyzeBehavior 

func (ba *BehavioralAnalyzer) AnalyzeBehavior(pkg *types.Package) BehavioralAnalysis

AnalyzeBehavior performs behavioral analysis on a package

func (*BehavioralAnalyzer) AnalyzeBehaviorEnhanced 

func (ba *BehavioralAnalyzer) AnalyzeBehaviorEnhanced(ctx context.Context, features *EnhancedPackageFeatures) (*BehavioralAnalysisResult, error)

AnalyzeBehaviorEnhanced is an adapter method for the enhanced detector interface

func (*BehavioralAnalyzer) GetMetrics 

func (ba *BehavioralAnalyzer) GetMetrics(ctx context.Context) (map[string]interface{}, error)

GetMetrics returns metrics for the behavioral analyzer

func (*BehavioralAnalyzer) Update 

func (ba *BehavioralAnalyzer) Update(ctx context.Context) error

Update updates the behavioral analyzer (placeholder for future ML model updates)

type BehavioralConfig 

type BehavioralConfig struct {
	InstallBehaviorWeight    float64
	RuntimeBehaviorWeight    float64
	NetworkBehaviorWeight    float64
	FileSystemBehaviorWeight float64
	SuspiciousScoreThreshold float64
}

BehavioralConfig contains configuration for behavioral analysis

func DefaultBehavioralConfig 

func DefaultBehavioralConfig() BehavioralConfig

DefaultBehavioralConfig returns the default configuration

type BehavioralMetrics 

type BehavioralMetrics struct {
	InstallationBehavior EnhancedInstallBehavior    `json:"installation_behavior"`
	RuntimeBehavior      EnhancedRuntimeBehavior    `json:"runtime_behavior"`
	NetworkBehavior      EnhancedNetworkBehavior    `json:"network_behavior"`
	FileSystemBehavior   EnhancedFileSystemBehavior `json:"file_system_behavior"`
	ProcessBehavior      EnhancedProcessBehavior    `json:"process_behavior"`
	AnomalyScore         float64                    `json:"anomaly_score"`
}

BehavioralMetrics represents behavioral analysis metrics

type CachedFeatures 

type CachedFeatures struct {
	Features  *PackageFeatures `json:"features"`
	Timestamp time.Time        `json:"timestamp"`
	TTL       time.Duration    `json:"ttl"`
	HitCount  int              `json:"hit_count"`
	Version   string           `json:"version"`
}

CachedFeatures represents cached package features with metadata

type CachedPrediction 

type CachedPrediction struct {
	Result    *ThreatPrediction `json:"result"`
	Timestamp time.Time         `json:"timestamp"`
	HitCount  int               `json:"hit_count"`
}

CachedPrediction represents a cached prediction result

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client provides an interface to the ML service

func NewClient 

func NewClient(baseURL string, apiKey string) *Client

NewClient creates a new ML client

func (*Client) BatchAnalyzePackages 

func (c *Client) BatchAnalyzePackages(ctx context.Context, packages []PackageToAnalyze, options AnalysisOptions) (*BatchAnalysisResponse, error)

BatchAnalyzePackages performs batch analysis of multiple packages

func (*Client) CheckMaliciousPackage 

func (c *Client) CheckMaliciousPackage(ctx context.Context, packageName, registry, version string) (*MaliciousResponse, error)

CheckMaliciousPackage checks if a package is malicious

func (*Client) ConvertToThreats 

func (c *Client) ConvertToThreats(analysisResult *PackageAnalysisResult) []types.Threat

ConvertToThreats converts ML analysis results to threats

func (*Client) FindSimilarPackages 

func (c *Client) FindSimilarPackages(ctx context.Context, packageName, registry string, topK int, threshold float64) (*SimilarityResponse, error)

FindSimilarPackages finds packages similar to the given package

func (*Client) GetModelInfo 

func (c *Client) GetModelInfo(ctx context.Context, modelName string) (*ModelInfo, error)

GetModelInfo retrieves information about a specific model

func (*Client) GetModels 

func (c *Client) GetModels(ctx context.Context) ([]ModelInfo, error)

GetModels retrieves information about available ML models

type CodeMetrics 

type CodeMetrics struct {
	LinesOfCode          int     `json:"lines_of_code"`
	CyclomaticComplexity float64 `json:"cyclomatic_complexity"`
	CodeDuplication      float64 `json:"code_duplication"`
	TestCoverage         float64 `json:"test_coverage"`
	DocumentationRatio   float64 `json:"documentation_ratio"`
	ObfuscationScore     float64 `json:"obfuscation_score"`
	MinificationScore    float64 `json:"minification_score"`
	CommentRatio         float64 `json:"comment_ratio"`
}

CodeMetrics represents code quality and complexity metrics

type Config 

type Config struct {
	Enabled             bool    `mapstructure:"enabled"`
	SimilarityThreshold float64 `mapstructure:"similarity_threshold"`
	MaliciousThreshold  float64 `mapstructure:"malicious_threshold"`
	ReputationThreshold float64 `mapstructure:"reputation_threshold"`
	ModelPath           string  `mapstructure:"model_path"`
	BatchSize           int     `mapstructure:"batch_size"`
	MaxFeatures         int     `mapstructure:"max_features"`
	CacheEmbeddings     bool    `mapstructure:"cache_embeddings"`
	ParallelProcessing  bool    `mapstructure:"parallel_processing"`
	GPUAcceleration     bool    `mapstructure:"gpu_acceleration"`
}

Config holds the configuration for the ML analyzer.

type DecisionNode 

type DecisionNode struct {
	Feature   string  `json:"feature"`
	Threshold float64 `json:"threshold"`
	Direction string  `json:"direction"`
	Impact    float64 `json:"impact"`
}

DecisionNode represents a node in the decision path

type Dependency 

type Dependency struct {
	Name       string  `json:"name"`
	Version    string  `json:"version"`
	Type       string  `json:"type"`
	Optional   bool    `json:"optional"`
	Dev        bool    `json:"dev"`
	Suspicious bool    `json:"suspicious"`
	RiskScore  float64 `json:"risk_score"`
}

Dependency represents a package dependency

type DetectionMetrics 

type DetectionMetrics struct {
	TotalDetections   int64     `json:"total_detections"`
	TruePositives     int64     `json:"true_positives"`
	FalsePositives    int64     `json:"false_positives"`
	TrueNegatives     int64     `json:"true_negatives"`
	FalseNegatives    int64     `json:"false_negatives"`
	AverageConfidence float64   `json:"average_confidence"`
	LastUpdated       time.Time `json:"last_updated"`
}

DetectionMetrics tracks model performance for fine-tuning

type EcosystemModel 

type EcosystemModel struct {
	Ecosystem       string                 `json:"ecosystem"`
	ModelVersion    string                 `json:"model_version"`
	ModelPath       string                 `json:"model_path"`
	FeatureWeights  map[string]float64     `json:"feature_weights"`
	TrainingMetrics TrainingMetrics        `json:"training_metrics"`
	LastTrained     time.Time              `json:"last_trained"`
	IsActive        bool                   `json:"is_active"`
	Metadata        map[string]interface{} `json:"metadata"`
}

EcosystemModel represents an ML model specific to a package ecosystem

type EnhancedAnomalyDetection 

type EnhancedAnomalyDetection struct {
	IsAnomalous       bool     `json:"is_anomalous"`
	AnomalyScore      float64  `json:"anomaly_score"`
	AnomalyType       string   `json:"anomaly_type"`
	Confidence        float64  `json:"confidence"`
	AnomalousFeatures []string `json:"anomalous_features"`
	BaselineDeviation float64  `json:"baseline_deviation"`
}

EnhancedAnomalyDetection represents enhanced anomaly detection results

type EnhancedFileSystemBehavior 

type EnhancedFileSystemBehavior struct {
	FilesCreated        int      `json:"files_created"`
	FilesModified       int      `json:"files_modified"`
	FilesDeleted        int      `json:"files_deleted"`
	SuspiciousLocations []string `json:"suspicious_locations"`
	HiddenFiles         int      `json:"hidden_files"`
	SystemFileAccess    bool     `json:"system_file_access"`
	TempFileUsage       int      `json:"temp_file_usage"`
}

FileSystemBehavior represents file system behavior

type EnhancedInstallBehavior 

type EnhancedInstallBehavior struct {
	PostInstallScript  bool    `json:"post_install_script"`
	PreInstallScript   bool    `json:"pre_install_script"`
	NetworkActivity    bool    `json:"network_activity"`
	FileModifications  int     `json:"file_modifications"`
	PermissionChanges  int     `json:"permission_changes"`
	SuspiciousCommands int     `json:"suspicious_commands"`
	InstallationTime   float64 `json:"installation_time"`
}

InstallBehavior represents installation-time behavior

type EnhancedMLConfig 

type EnhancedMLConfig struct {
	Enabled             bool               `yaml:"enabled"`
	SimilarityThreshold float64            `yaml:"similarity_threshold"`
	MalwareThreshold    float64            `yaml:"malware_threshold"`
	AnomalyThreshold    float64            `yaml:"anomaly_threshold"`
	TypoThreshold       float64            `yaml:"typo_threshold"`
	ReputationThreshold float64            `yaml:"reputation_threshold"`
	EnsembleWeights     map[string]float64 `yaml:"ensemble_weights"`
	ConfidenceThreshold float64            `yaml:"confidence_threshold"`
	ModelUpdateInterval time.Duration      `yaml:"model_update_interval"`
	BatchSize           int                `yaml:"batch_size"`
	MaxFeatures         int                `yaml:"max_features"`
	ParallelProcessing  bool               `yaml:"parallel_processing"`
	Verbose             bool               `yaml:"verbose"`
}

MLConfig contains ML detector configuration

func DefaultEnhancedMLConfig 

func DefaultEnhancedMLConfig() *EnhancedMLConfig

DefaultEnhancedMLConfig returns default enhanced ML configuration

type EnhancedMLDetector 

type EnhancedMLDetector struct {
	// contains filtered or unexported fields
}

EnhancedMLDetector provides comprehensive ML-based threat detection

func NewEnhancedMLDetector 

func NewEnhancedMLDetector(config *EnhancedMLConfig) (*EnhancedMLDetector, error)

NewEnhancedMLDetector creates a new enhanced ML detector

func (*EnhancedMLDetector) AnalyzePackage 

func (emd *EnhancedMLDetector) AnalyzePackage(ctx context.Context, features *EnhancedPackageFeatures) (*MLDetectionResult, error)

AnalyzePackage performs comprehensive ML-based analysis of a package with enhanced detection capabilities

func (*EnhancedMLDetector) BatchAnalyze 

func (emd *EnhancedMLDetector) BatchAnalyze(ctx context.Context, packages []*EnhancedPackageFeatures) ([]*MLDetectionResult, error)

BatchAnalyze performs batch analysis of multiple packages

func (*EnhancedMLDetector) DetectThreatSimple 

func (emd *EnhancedMLDetector) DetectThreatSimple(packageName, content string) (bool, float64, error)

DetectThreatSimple provides a simplified threat detection interface for fine-tuning

func (*EnhancedMLDetector) GetMetrics 

func (emd *EnhancedMLDetector) GetMetrics() *DetectionMetrics

GetMetrics returns current detection metrics

func (*EnhancedMLDetector) GetModelMetrics 

func (emd *EnhancedMLDetector) GetModelMetrics(ctx context.Context) (map[string]interface{}, error)

GetModelMetrics returns metrics for all models

func (*EnhancedMLDetector) UpdateMetrics 

func (emd *EnhancedMLDetector) UpdateMetrics(correct bool, confidence float64)

UpdateMetrics updates detection metrics

func (*EnhancedMLDetector) UpdateModels 

func (emd *EnhancedMLDetector) UpdateModels(ctx context.Context) error

UpdateModels updates all ML models

func (*EnhancedMLDetector) UpdateParameters 

func (emd *EnhancedMLDetector) UpdateParameters(params map[string]interface{}) error

UpdateParameters updates model parameters for fine-tuning

type EnhancedMLEngine 

type EnhancedMLEngine struct {
	// contains filtered or unexported fields
}

EnhancedMLEngine provides advanced ML capabilities

func NewEnhancedMLEngine 

func NewEnhancedMLEngine(client *Client, config *MLConfig) *EnhancedMLEngine

NewEnhancedMLEngine creates a new enhanced ML engine

func (*EnhancedMLEngine) AnalyzePackage 

func (e *EnhancedMLEngine) AnalyzePackage(ctx context.Context, packageName, registry string) (*MLAnalysisResult, error)

AnalyzePackage performs comprehensive ML analysis of a package

type EnhancedNetworkBehavior 

type EnhancedNetworkBehavior struct {
	OutboundConnections int      `json:"outbound_connections"`
	InboundConnections  int      `json:"inbound_connections"`
	SuspiciousHosts     []string `json:"suspicious_hosts"`
	UnusualPorts        []int    `json:"unusual_ports"`
	DataExfiltration    bool     `json:"data_exfiltration"`
	C2Communication     bool     `json:"c2_communication"`
	DNSTunneling        bool     `json:"dns_tunneling"`
}

NetworkBehavior represents network-related behavior

type EnhancedPackageFeatures 

type EnhancedPackageFeatures struct {
	Name              string                 `json:"name"`
	Registry          string                 `json:"registry"`
	Version           string                 `json:"version"`
	Description       string                 `json:"description"`
	Author            string                 `json:"author"`
	Maintainers       []string               `json:"maintainers"`
	Keywords          []string               `json:"keywords"`
	License           string                 `json:"license"`
	Homepage          string                 `json:"homepage"`
	Repository        string                 `json:"repository"`
	Downloads         int64                  `json:"downloads"`
	Stars             int                    `json:"stars"`
	Forks             int                    `json:"forks"`
	Issues            int                    `json:"issues"`
	CreationDate      time.Time              `json:"creation_date"`
	LastUpdated       time.Time              `json:"last_updated"`
	Dependencies      []Dependency           `json:"dependencies"`
	DevDependencies   []Dependency           `json:"dev_dependencies"`
	Scripts           map[string]string      `json:"scripts"`
	FileStructure     FileStructure          `json:"file_structure"`
	CodeMetrics       CodeMetrics            `json:"code_metrics"`
	SecurityMetrics   SecurityMetrics        `json:"security_metrics"`
	BehavioralMetrics BehavioralMetrics      `json:"behavioral_metrics"`
	Metadata          map[string]interface{} `json:"metadata"`
}

EnhancedPackageFeatures represents enhanced package features for ML analysis

type EnhancedProcessBehavior 

type EnhancedProcessBehavior struct {
	ChildProcesses      int      `json:"child_processes"`
	PrivilegeEscalation bool     `json:"privilege_escalation"`
	CodeInjection       bool     `json:"code_injection"`
	Hollowing           bool     `json:"hollowing"`
	DLLInjection        bool     `json:"dll_injection"`
	SuspiciousCommands  []string `json:"suspicious_commands"`
}

ProcessBehavior represents process-related behavior

type EnhancedReputationAnalysis 

type EnhancedReputationAnalysis struct {
	ReputationScore      float64  `json:"reputation_score"`
	TrustLevel           string   `json:"trust_level"`
	AuthorReputation     float64  `json:"author_reputation"`
	MaintainerReputation float64  `json:"maintainer_reputation"`
	CommunityTrust       float64  `json:"community_trust"`
	HistoricalIssues     []string `json:"historical_issues"`
	VerificationStatus   string   `json:"verification_status"`
}

EnhancedReputationAnalysis represents enhanced reputation analysis results

type EnhancedRuntimeBehavior 

type EnhancedRuntimeBehavior struct {
	CPUUsage               float64 `json:"cpu_usage"`
	MemoryUsage            float64 `json:"memory_usage"`
	NetworkConnections     int     `json:"network_connections"`
	FileOperations         int     `json:"file_operations"`
	ProcessSpawning        int     `json:"process_spawning"`
	AntiAnalysisTechniques bool    `json:"anti_analysis_techniques"`
	PersistenceMechanisms  bool    `json:"persistence_mechanisms"`
}

RuntimeBehavior represents runtime behavior

type EnhancedSimilarityResult 

type EnhancedSimilarityResult struct {
	SimilarPackage  string  `json:"similar_package"`
	SimilarityScore float64 `json:"similarity_score"`
	SimilarityType  string  `json:"similarity_type"`
	Confidence      float64 `json:"confidence"`
	Reason          string  `json:"reason"`
}

EnhancedSimilarityResult represents enhanced similarity analysis results

type EnsembleManager 

type EnsembleManager struct {
	// contains filtered or unexported fields
}

EnsembleManager manages multiple models for ensemble predictions

func NewEnsembleManager 

func NewEnsembleManager(models []*PredictionModel, weights map[string]float64, votingType VotingType) *EnsembleManager

NewEnsembleManager creates a new ensemble manager

func (*EnsembleManager) Predict 

func (em *EnsembleManager) Predict(features *FeatureVector) (*ThreatPrediction, error)

Predict performs ensemble prediction

type EnsembleModel 

type EnsembleModel struct{}

func NewEnsembleModel 

func NewEnsembleModel(weights map[string]float64) (*EnsembleModel, error)

func (*EnsembleModel) CombineResults 

func (em *EnsembleModel) CombineResults(ctx context.Context, result *MLDetectionResult) (*EnsembleResults, error)

func (*EnsembleModel) GetMetrics 

func (em *EnsembleModel) GetMetrics(ctx context.Context) (map[string]interface{}, error)

type EnsembleResults 

type EnsembleResults struct {
	FinalScore          float64            `json:"final_score"`
	ModelScores         map[string]float64 `json:"model_scores"`
	ModelWeights        map[string]float64 `json:"model_weights"`
	ConsensusLevel      float64            `json:"consensus_level"`
	DisagreementFactors []string           `json:"disagreement_factors"`
	Confidence          float64            `json:"confidence"`
}

EnsembleResults represents ensemble model results

type FeatureContribution 

type FeatureContribution struct {
	FeatureName  string  `json:"feature_name"`
	Contribution float64 `json:"contribution"`
	Value        float64 `json:"value"`
}

FeatureContribution represents feature importance in prediction

type FeatureDefinition 

type FeatureDefinition struct {
	Name        string      `json:"name"`
	Type        FeatureType `json:"type"`
	Description string      `json:"description"`
	Extractor   func(interface{}) float64
	Weight      float64 `json:"weight"`
	Normalize   bool    `json:"normalize"`
}

FeatureDefinition defines how to extract a feature

type FeatureDriftDetector 

type FeatureDriftDetector struct {
	// contains filtered or unexported fields
}

FeatureDriftDetector monitors feature distribution changes

func NewFeatureDriftDetector 

func NewFeatureDriftDetector(driftThreshold float64, windowSize int) *FeatureDriftDetector

NewFeatureDriftDetector creates a new feature drift detector

func (*FeatureDriftDetector) DetectDrift 

func (fdd *FeatureDriftDetector) DetectDrift(features map[string]float64) map[string]bool

DetectDrift detects feature drift

func (*FeatureDriftDetector) UpdateBaseline 

func (fdd *FeatureDriftDetector) UpdateBaseline(features map[string]float64)

UpdateBaseline updates the baseline statistics

type FeatureExtractor 

type FeatureExtractor interface {
	ExtractFeatures(pkg *types.Package) (*PackageFeatures, error)
	GetFeatureNames() []string
	NormalizeFeatures(features *PackageFeatures) []float64
}

FeatureExtractor extracts features from packages for ML analysis

type FeatureImportance 

type FeatureImportance struct {
	Feature    string  `json:"feature"`
	Importance float64 `json:"importance"`
	Value      float64 `json:"value"`
	Impact     string  `json:"impact"` // positive, negative, neutral
}

FeatureImportance represents feature importance in prediction

type FeatureStats 

type FeatureStats struct {
	Mean   float64
	StdDev float64
	Min    float64
	Max    float64
}

FeatureStats holds statistics for feature normalization

type FeatureStore 

type FeatureStore struct {
	// contains filtered or unexported fields
}

FeatureStore manages cached package features for ML analysis

func NewFeatureStore 

func NewFeatureStore(config *MLConfig) *FeatureStore

NewFeatureStore creates a new feature store

func (*FeatureStore) CleanupExpired 

func (fs *FeatureStore) CleanupExpired() int

CleanupExpired removes expired entries from the cache

func (*FeatureStore) Close 

func (fs *FeatureStore) Close()

Close stops the feature store and cleanup routines

func (*FeatureStore) ExportFeatures 

func (fs *FeatureStore) ExportFeatures() ([]byte, error)

ExportFeatures exports cached features to JSON

func (*FeatureStore) GetFeatures 

func (fs *FeatureStore) GetFeatures(packageName, registry string) *PackageFeatures

GetFeatures retrieves cached features for a package

func (*FeatureStore) GetStats 

func (fs *FeatureStore) GetStats() *FeatureStoreStats

GetStats returns feature store statistics

func (*FeatureStore) GetTopPackages 

func (fs *FeatureStore) GetTopPackages(limit int) []PackageAccessInfo

GetTopPackages returns most frequently accessed packages

func (*FeatureStore) ImportFeatures 

func (fs *FeatureStore) ImportFeatures(data []byte) error

ImportFeatures imports cached features from JSON

func (*FeatureStore) InvalidateAll 

func (fs *FeatureStore) InvalidateAll()

InvalidateAll clears all cached features

func (*FeatureStore) InvalidateFeatures 

func (fs *FeatureStore) InvalidateFeatures(packageName, registry string)

InvalidateFeatures removes cached features for a package

func (*FeatureStore) StoreFeatures 

func (fs *FeatureStore) StoreFeatures(features *PackageFeatures)

StoreFeatures stores package features in the cache

type FeatureStoreManager 

type FeatureStoreManager struct {
	// contains filtered or unexported fields
}

FeatureStoreManager manages multiple feature stores

func NewFeatureStoreManager 

func NewFeatureStoreManager() *FeatureStoreManager

NewFeatureStoreManager creates a new feature store manager

func (*FeatureStoreManager) CloseAll 

func (fsm *FeatureStoreManager) CloseAll()

CloseAll closes all feature stores

func (*FeatureStoreManager) GetAggregatedStats 

func (fsm *FeatureStoreManager) GetAggregatedStats() *AggregatedFeatureStoreStats

GetAggregatedStats returns aggregated statistics across all stores

func (*FeatureStoreManager) GetAllStores 

func (fsm *FeatureStoreManager) GetAllStores() map[string]*FeatureStore

GetAllStores returns all feature stores

func (*FeatureStoreManager) GetStore 

func (fsm *FeatureStoreManager) GetStore(registry string, config *MLConfig) *FeatureStore

GetStore returns a feature store for a specific registry

type FeatureStoreStats 

type FeatureStoreStats struct {
	TotalEntries int           `json:"total_entries"`
	CacheHits    int64         `json:"cache_hits"`
	CacheMisses  int64         `json:"cache_misses"`
	HitRatio     float64       `json:"hit_ratio"`
	AverageAge   time.Duration `json:"average_age"`
	OldestEntry  time.Time     `json:"oldest_entry"`
	NewestEntry  time.Time     `json:"newest_entry"`
	MemoryUsage  int64         `json:"memory_usage_bytes"`
	CleanupCount int64         `json:"cleanup_count"`
	LastCleanup  time.Time     `json:"last_cleanup"`
}

FeatureStoreStats represents feature store statistics

type FeatureType 

type FeatureType string

FeatureType represents the type of feature 

const (
	FeatureTypeNumerical   FeatureType = "numerical"
	FeatureTypeCategorical FeatureType = "categorical"
	FeatureTypeBoolean     FeatureType = "boolean"
	FeatureTypeText        FeatureType = "text"
	FeatureTypeTemporal    FeatureType = "temporal"
)

type FeatureVector 

type FeatureVector struct {
	PackageID   string             `json:"package_id"`
	Features    map[string]float64 `json:"features"`
	ExtractedAt time.Time          `json:"extracted_at"`
	Version     string             `json:"version"`
}

FeatureVector represents extracted features

type FeedbackData 

type FeedbackData struct {
	FeedbackEntries []FeedbackEntry `json:"feedback_entries"`
	LastUpdated     time.Time       `json:"last_updated"`
	TotalEntries    int             `json:"total_entries"`
	FalsePositives  int             `json:"false_positives"`
	FalseNegatives  int             `json:"false_negatives"`
	TruePositives   int             `json:"true_positives"`
	TrueNegatives   int             `json:"true_negatives"`
}

FeedbackData stores feedback information for continuous learning

type FeedbackEntry 

type FeedbackEntry struct {
	PackageName     string             `json:"package_name"`
	Version         string             `json:"version"`
	PredictedLabel  string             `json:"predicted_label"`
	ActualLabel     string             `json:"actual_label"`
	ConfidenceScore float64            `json:"confidence_score"`
	FeedbackSource  string             `json:"feedback_source"`
	Timestamp       time.Time          `json:"timestamp"`
	Features        map[string]float64 `json:"features,omitempty"`
}

FeedbackEntry represents a single feedback entry

type FeedbackLoop 

type FeedbackLoop struct {
	FeedbackDir     string
	FeedbackFile    string
	FeedbackData    FeedbackData
	LearningEnabled bool
	// contains filtered or unexported fields
}

FeedbackLoop implements a continuous learning system through user feedback

func NewFeedbackLoop 

func NewFeedbackLoop(feedbackDir string) (*FeedbackLoop, error)

NewFeedbackLoop creates a new feedback loop

func (*FeedbackLoop) AddFeedback 

func (fl *FeedbackLoop) AddFeedback(pkg *types.Package, predictedLabel, actualLabel string,
	confidenceScore float64, feedbackSource string, features map[string]float64) error

AddFeedback adds a new feedback entry

func (*FeedbackLoop) DisableLearning 

func (fl *FeedbackLoop) DisableLearning()

DisableLearning disables continuous learning

func (*FeedbackLoop) EnableLearning 

func (fl *FeedbackLoop) EnableLearning()

EnableLearning enables continuous learning

func (*FeedbackLoop) ExportFeedbackData 

func (fl *FeedbackLoop) ExportFeedbackData(exportFile string) error

ExportFeedbackData exports feedback data to a JSON file

func (*FeedbackLoop) GetFeedbackByDate 

func (fl *FeedbackLoop) GetFeedbackByDate(startDate, endDate time.Time) []FeedbackEntry

GetFeedbackByDate gets feedback entries within a date range

func (*FeedbackLoop) GetFeedbackForPackage 

func (fl *FeedbackLoop) GetFeedbackForPackage(packageName string) []FeedbackEntry

GetFeedbackForPackage gets all feedback entries for a specific package

func (*FeedbackLoop) GetFeedbackStats 

func (fl *FeedbackLoop) GetFeedbackStats() map[string]interface{}

GetFeedbackStats returns statistics about the feedback data

func (*FeedbackLoop) GetRecentFeedback 

func (fl *FeedbackLoop) GetRecentFeedback(limit int) []FeedbackEntry

GetRecentFeedback returns the most recent feedback entries

func (*FeedbackLoop) ImportFeedbackData 

func (fl *FeedbackLoop) ImportFeedbackData(importFile string) error

ImportFeedbackData imports feedback data from a JSON file

type FileStructure 

type FileStructure struct {
	TotalFiles         int      `json:"total_files"`
	JavaScriptFiles    int      `json:"javascript_files"`
	TypeScriptFiles    int      `json:"typescript_files"`
	ConfigFiles        int      `json:"config_files"`
	TestFiles          int      `json:"test_files"`
	DocumentationFiles int      `json:"documentation_files"`
	BinaryFiles        int      `json:"binary_files"`
	HiddenFiles        int      `json:"hidden_files"`
	SuspiciousFiles    []string `json:"suspicious_files"`
	LargeFiles         []string `json:"large_files"`
	UnusualExtensions  []string `json:"unusual_extensions"`
}

FileStructure represents package file structure metrics

type FileSystemBehavior 

type FileSystemBehavior struct {
	FileCreation     []string `json:"file_creation"`
	FileDeletion     []string `json:"file_deletion"`
	FileModification []string `json:"file_modification"`
	DirectoryAccess  []string `json:"directory_access"`
}

FileSystemBehavior holds file system behavior analysis.

type Finding 

type Finding struct {
	Type        string  `json:"type"`
	Severity    string  `json:"severity"`
	Confidence  float64 `json:"confidence"`
	Description string  `json:"description"`
	Evidence    string  `json:"evidence"`
	Model       string  `json:"model"`
}

Finding represents a specific ML finding.

type InstallBehavior 

type InstallBehavior struct {
	SuspiciousCommands []string `json:"suspicious_commands"`
	NetworkRequests    []string `json:"network_requests"`
	FileModifications  []string `json:"file_modifications"`
	PermissionChanges  []string `json:"permission_changes"`
}

InstallBehavior holds install-time behavior analysis.

type MLAnalysisResult 

type MLAnalysisResult struct {
	PackageName       string    `json:"package_name"`
	Registry          string    `json:"registry"`
	AnalysisTimestamp time.Time `json:"analysis_timestamp"`

	// Feature analysis
	Features PackageFeatures `json:"features"`

	// Similarity analysis
	SimilarPackages   []SimilarPackage `json:"similar_packages"`
	TyposquattingRisk float64          `json:"typosquatting_risk"`

	// Malicious detection
	MaliciousScore      float64              `json:"malicious_score"`
	MaliciousIndicators []MaliciousIndicator `json:"malicious_indicators"`

	// Reputation scoring
	ReputationScore   float64            `json:"reputation_score"`
	ReputationFactors []ReputationFactor `json:"reputation_factors"`

	// Overall assessment
	RiskLevel      string   `json:"risk_level"`
	Confidence     float64  `json:"confidence"`
	Recommendation string   `json:"recommendation"`
	Warnings       []string `json:"warnings"`

	// Model information
	ModelVersions  map[string]string `json:"model_versions"`
	ProcessingTime time.Duration     `json:"processing_time"`
}

MLAnalysisResult represents comprehensive ML analysis results

type MLAnalyzer 

type MLAnalyzer struct {
	Config             config.MLAnalysisConfig
	Client             *Client
	BehavioralAnalyzer *BehavioralAnalyzer
	FeedbackLoop       *FeedbackLoop
}

MLAnalyzer performs machine learning-based analysis for typosquatting detection.

func NewMLAnalyzer 

func NewMLAnalyzer(cfg config.MLAnalysisConfig) *MLAnalyzer

NewMLAnalyzer creates a new instance of the MLAnalyzer.

func NewMLAnalyzerWithClient 

func NewMLAnalyzerWithClient(cfg config.MLAnalysisConfig, client *Client) *MLAnalyzer

NewMLAnalyzerWithClient creates a new ML analyzer with a specific client

func (*MLAnalyzer) Analyze 

func (a *MLAnalyzer) Analyze(ctx context.Context, pkg *types.Package) (*AnalysisResult, error)

Analyze performs ML-based analysis on a package.

func (*MLAnalyzer) DisableLearning 

func (a *MLAnalyzer) DisableLearning()

DisableLearning disables continuous learning

func (*MLAnalyzer) EnableLearning 

func (a *MLAnalyzer) EnableLearning()

EnableLearning enables continuous learning

func (*MLAnalyzer) GetFeedbackStats 

func (a *MLAnalyzer) GetFeedbackStats() map[string]interface{}

GetFeedbackStats returns statistics about the feedback system

func (*MLAnalyzer) ProvideFeedback 

func (a *MLAnalyzer) ProvideFeedback(pkg *types.Package, predictedLabel, actualLabel string,
	confidenceScore float64, feedbackSource string) error

ProvideFeedback allows users to provide feedback on analysis results for continuous learning

type MLConfig 

type MLConfig struct {
	EmbeddingModel      string  `yaml:"embedding_model"`
	MaliciousModel      string  `yaml:"malicious_model"`
	ReputationModel     string  `yaml:"reputation_model"`
	SimilarityThreshold float64 `yaml:"similarity_threshold"`
	MaliciousThreshold  float64 `yaml:"malicious_threshold"`
	ReputationThreshold float64 `yaml:"reputation_threshold"`
	FeatureStoreEnabled bool    `yaml:"feature_store_enabled"`
	FeatureStoreTTL     string  `yaml:"feature_store_ttl"`
	BatchSize           int     `yaml:"batch_size"`
	MaxRetries          int     `yaml:"max_retries"`
	Timeout             string  `yaml:"timeout"`
}

MLConfig contains ML engine configuration

func DefaultMLConfig 

func DefaultMLConfig() *MLConfig

DefaultMLConfig returns default ML configuration

type MLDetectionResult 

type MLDetectionResult struct {
	PackageName           string                     `json:"package_name"`
	Registry              string                     `json:"registry"`
	AnalysisTimestamp     time.Time                  `json:"analysis_timestamp"`
	OverallRiskScore      float64                    `json:"overall_risk_score"`
	ConfidenceScore       float64                    `json:"confidence_score"`
	ThreatLevel           string                     `json:"threat_level"`
	IsMalicious           bool                       `json:"is_malicious"`
	IsTyposquatting       bool                       `json:"is_typosquatting"`
	IsAnomalous           bool                       `json:"is_anomalous"`
	SimilarityResults     []EnhancedSimilarityResult `json:"similarity_results"`
	MalwareClassification MalwareClassification      `json:"malware_classification"`
	AnomalyDetection      EnhancedAnomalyDetection   `json:"anomaly_detection"`
	TypoDetection         TypoDetection              `json:"typo_detection"`
	ReputationAnalysis    EnhancedReputationAnalysis `json:"reputation_analysis"`
	BehavioralAnalysis    BehavioralAnalysisResult   `json:"behavioral_analysis"`
	EnsembleResults       EnsembleResults            `json:"ensemble_results"`
	Recommendations       []string                   `json:"recommendations"`
	Metadata              map[string]interface{}     `json:"metadata"`
}

MLDetectionResult represents the result of ML-based detection

type MLModel 

type MLModel interface {
	Predict(features []float64) (*Prediction, error)
	Train(data []TrainingData) error
	GetModelInfo() *ModelInfo
	IsReady() bool
}

MLModel represents a machine learning model interface

type MLPipeline 

type MLPipeline struct {
	// contains filtered or unexported fields
}

MLPipeline represents the machine learning pipeline for threat detection

func NewMLPipeline 

func NewMLPipeline(config *config.Config) *MLPipeline

NewMLPipeline creates a new ML pipeline instance

func (*MLPipeline) AnalyzePackage 

func (p *MLPipeline) AnalyzePackage(ctx context.Context, pkg *types.Package) (*Prediction, error)

AnalyzePackage performs comprehensive ML analysis on a package

func (*MLPipeline) AnalyzePackages 

func (p *MLPipeline) AnalyzePackages(ctx context.Context, packages []*types.Package) ([]*Prediction, error)

AnalyzePackages performs batch analysis on multiple packages

func (*MLPipeline) GetModelInfo 

func (p *MLPipeline) GetModelInfo() map[string]*ModelInfo

GetModelInfo returns information about loaded models

func (*MLPipeline) GetModels 

func (p *MLPipeline) GetModels() map[string]MLModel

GetModels returns the models for training purposes

func (*MLPipeline) GetStats 

func (p *MLPipeline) GetStats() map[string]interface{}

GetStats returns pipeline statistics

func (*MLPipeline) Initialize 

func (p *MLPipeline) Initialize(ctx context.Context) error

Initialize initializes the ML pipeline with models and configurations

func (*MLPipeline) IsReady 

func (p *MLPipeline) IsReady() bool

IsReady returns whether the ML pipeline is ready for analysis

func (*MLPipeline) UpdateModel 

func (p *MLPipeline) UpdateModel(name string, model MLModel) error

UpdateModel updates or adds a new model to the pipeline

type MLScore 

type MLScore struct {
	MaliciousScore      float64
	Confidence          float64
	RiskLevel           string
	Features            BasicPackageFeatures
	ContributingFactors []string
	Recommendation      string
	Timestamp           time.Time
}

MLScore represents the output of the ML scoring algorithm

type MaliciousIndicator 

type MaliciousIndicator struct {
	Type        string  `json:"type"`
	Description string  `json:"description"`
	Severity    string  `json:"severity"`
	Confidence  float64 `json:"confidence"`
	Evidence    string  `json:"evidence"`
}

MaliciousIndicator represents indicators of malicious behavior

type MaliciousRequest 

type MaliciousRequest struct {
	PackageName string                 `json:"package_name"`
	Registry    string                 `json:"registry"`
	Version     string                 `json:"version,omitempty"`
	Features    map[string]interface{} `json:"features,omitempty"`
}

MaliciousRequest represents a request to check if a package is malicious

type MaliciousResponse 

type MaliciousResponse struct {
	IsMalicious bool                   `json:"is_malicious"`
	Score       float64                `json:"score"`
	Confidence  float64                `json:"confidence"`
	Reasons     []string               `json:"reasons"`
	Features    map[string]interface{} `json:"features"`
	Model       string                 `json:"model"`
	Time        float64                `json:"time_ms"`
}

MaliciousResponse represents a response from the malicious detection service

type MalwareClassification 

type MalwareClassification struct {
	IsMalware            bool               `json:"is_malware"`
	MalwareType          string             `json:"malware_type"`
	MalwareFamily        string             `json:"malware_family"`
	Confidence           float64            `json:"confidence"`
	FeatureImportance    map[string]float64 `json:"feature_importance"`
	ClassificationReason string             `json:"classification_reason"`
}

MalwareClassification represents malware classification results

type MalwareClassifier 

type MalwareClassifier struct{}

func NewMalwareClassifier 

func NewMalwareClassifier() (*MalwareClassifier, error)

func (*MalwareClassifier) ClassifyMalware 

func (mc *MalwareClassifier) ClassifyMalware(ctx context.Context, features *EnhancedPackageFeatures) (*MalwareClassification, error)

func (*MalwareClassifier) GetMetrics 

func (mc *MalwareClassifier) GetMetrics(ctx context.Context) (map[string]interface{}, error)

func (*MalwareClassifier) Update 

func (mc *MalwareClassifier) Update(ctx context.Context) error

type MetadataFeatures 

type MetadataFeatures struct {
	HasDescription     bool    `json:"has_description"`
	DescriptionLength  int     `json:"description_length"`
	DescriptionQuality float64 `json:"description_quality"`
	HasHomepage        bool    `json:"has_homepage"`
	HasRepository      bool    `json:"has_repository"`
	HasLicense         bool    `json:"has_license"`
	LicenseType        string  `json:"license_type"`
	HasKeywords        bool    `json:"has_keywords"`
	KeywordCount       int     `json:"keyword_count"`
	VersionCount       int     `json:"version_count"`
	LatestVersion      string  `json:"latest_version"`
	VersionPattern     string  `json:"version_pattern"`
	UnusualVersionJump bool    `json:"unusual_version_jump"`
	PublicationRecency int     `json:"publication_recency_days"`
}

MetadataFeatures contains package metadata features

type ModelExplainer 

type ModelExplainer struct {
	// contains filtered or unexported fields
}

ModelExplainer provides model interpretability

func NewModelExplainer 

func NewModelExplainer() *ModelExplainer

NewModelExplainer creates a new model explainer

func (*ModelExplainer) ExplainPrediction 

func (me *ModelExplainer) ExplainPrediction(features *FeatureVector, prediction *ThreatPrediction) *PredictionExplanation

ExplainPrediction generates explanation for a prediction

func (*ModelExplainer) UpdateFeatureImportance 

func (me *ModelExplainer) UpdateFeatureImportance(importance map[string]float64)

UpdateFeatureImportance updates feature importance scores

type ModelInfo 

type ModelInfo struct {
	Name         string                 `json:"name"`
	Version      string                 `json:"version"`
	Description  string                 `json:"description"`
	Type         string                 `json:"type"`
	TrainedAt    time.Time              `json:"trained_at"`
	Accuracy     float64                `json:"accuracy"`
	Precision    float64                `json:"precision"`
	Recall       float64                `json:"recall"`
	F1Score      float64                `json:"f1_score"`
	FeatureCount int                    `json:"feature_count"`
	Metadata     map[string]interface{} `json:"metadata"`
}

ModelInfo contains information about an ML model

type ModelMetrics 

type ModelMetrics struct {
	Accuracy  float64     `json:"accuracy"`
	Precision float64     `json:"precision"`
	Recall    float64     `json:"recall"`
	F1Score   float64     `json:"f1_score"`
	Status    ModelStatus `json:"status"`
	TrainedAt time.Time   `json:"trained_at"`
}

ModelMetrics represents model performance metrics

type ModelPerformanceMonitor 

type ModelPerformanceMonitor struct {
	// contains filtered or unexported fields
}

ModelPerformanceMonitor tracks model performance metrics

func NewModelPerformanceMonitor 

func NewModelPerformanceMonitor(monitoringInterval time.Duration) *ModelPerformanceMonitor

NewModelPerformanceMonitor creates a new performance monitor

func (*ModelPerformanceMonitor) GetAlerts 

func (mpm *ModelPerformanceMonitor) GetAlerts() []PerformanceAlert

GetAlerts returns current alerts

func (*ModelPerformanceMonitor) GetMetrics 

func (mpm *ModelPerformanceMonitor) GetMetrics(modelID string) *PerformanceMetrics

GetMetrics returns performance metrics for a model

func (*ModelPerformanceMonitor) SetThreshold 

func (mpm *ModelPerformanceMonitor) SetThreshold(metric string, threshold float64)

SetThreshold sets a performance threshold

func (*ModelPerformanceMonitor) UpdateMetrics 

func (mpm *ModelPerformanceMonitor) UpdateMetrics(modelID string, metrics *PerformanceMetrics)

UpdateMetrics updates performance metrics for a model

type ModelStatus 

type ModelStatus string

ModelStatus represents the status of a model 

const (
	ModelStatusTraining   ModelStatus = "training"
	ModelStatusReady      ModelStatus = "ready"
	ModelStatusDeprecated ModelStatus = "deprecated"
	ModelStatusFailed     ModelStatus = "failed"
)

type ModelType 

type ModelType string

ModelType represents the type of ML model 

const (
	ModelTypeLogisticRegression ModelType = "logistic_regression"
	ModelTypeRandomForest       ModelType = "random_forest"
	ModelTypeNeuralNetwork      ModelType = "neural_network"
	ModelTypeEnsemble           ModelType = "ensemble"
	ModelTypeAnomalyDetection   ModelType = "anomaly_detection"
)

type NetworkBehavior 

type NetworkBehavior struct {
	OutboundConnections []string `json:"outbound_connections"`
	DNSQueries          []string `json:"dns_queries"`
	DataExfiltration    []string `json:"data_exfiltration"`
	C2Communication     []string `json:"c2_communication"`
}

NetworkBehavior holds network behavior analysis.

type NormalizationParams 

type NormalizationParams struct {
	Means   []float64 `json:"means"`
	StdDevs []float64 `json:"std_devs"`
	Mins    []float64 `json:"mins"`
	Maxs    []float64 `json:"maxs"`
}

NormalizationParams contains parameters for feature normalization

type OutlierAnalysis 

type OutlierAnalysis struct {
	IsOutlier       bool    `json:"is_outlier"`
	OutlierScore    float64 `json:"outlier_score"`
	IsolationForest float64 `json:"isolation_forest"`
	LocalOutlier    float64 `json:"local_outlier"`
	OneClassSVM     float64 `json:"one_class_svm"`
}

OutlierAnalysis holds outlier detection results.

type PackageAccessInfo 

type PackageAccessInfo struct {
	PackageName string        `json:"package_name"`
	Registry    string        `json:"registry"`
	HitCount    int           `json:"hit_count"`
	LastAccess  time.Time     `json:"last_access"`
	CacheAge    time.Duration `json:"cache_age"`
}

PackageAccessInfo represents package access information

type PackageAnalysisResult 

type PackageAnalysisResult struct {
	Package        PackageToAnalyze   `json:"package"`
	Similarities   []SimilarityResult `json:"similarities,omitempty"`
	MaliciousCheck *MaliciousResponse `json:"malicious_check,omitempty"`
	Threats        []types.Threat     `json:"threats,omitempty"`
	Errors         []string           `json:"errors,omitempty"`
}

PackageAnalysisResult represents the analysis result for a single package

type PackageFeatures 

type PackageFeatures struct {
	PackageName string `json:"package_name"`
	Registry    string `json:"registry"`
	Version     string `json:"version,omitempty"`
	PackageType string `json:"package_type,omitempty"`

	// Name-based features
	NameEmbedding  []float64 `json:"name_embedding"`
	NameLength     int       `json:"name_length"`
	NameComplexity float64   `json:"name_complexity"`
	NameEntropy    float64   `json:"name_entropy"`

	// Direct access fields for compatibility
	VersionComplexity  float64 `json:"version_complexity"`
	DescriptionLength  int     `json:"description_length"`
	DependencyCount    int     `json:"dependency_count"`
	DownloadCount      int64   `json:"download_count"`
	StarCount          int     `json:"star_count"`
	ForkCount          int     `json:"fork_count"`
	ContributorCount   int     `json:"contributor_count"`
	AgeInDays          int     `json:"age_in_days"`
	TyposquattingScore float64 `json:"typosquatting_score"`
	SuspiciousKeywords int     `json:"suspicious_keywords"`
	VersionSpoofing    float64 `json:"version_spoofing"`
	DomainReputation   float64 `json:"domain_reputation"`
	UpdateFrequency    float64 `json:"update_frequency"`
	MaintainerCount    int     `json:"maintainer_count"`
	IssueCount         int     `json:"issue_count"`
	LicenseScore       float64 `json:"license_score"`

	// Author features
	AuthorFeatures AuthorFeatures `json:"author_features"`

	// Package metadata features
	MetadataFeatures MetadataFeatures `json:"metadata_features"`

	// Repository features
	RepositoryFeatures RepositoryFeatures `json:"repository_features"`

	// Download and popularity features
	PopularityFeatures PopularityFeatures `json:"popularity_features"`

	// Security features
	SecurityFeatures SecurityFeatures `json:"security_features"`

	// Computed scores
	MaliciousScore  float64 `json:"malicious_score"`
	ReputationScore float64 `json:"reputation_score"`
	OverallRisk     float64 `json:"overall_risk"`

	// Metadata
	Timestamp      time.Time         `json:"timestamp"`
	ModelVersions  map[string]string `json:"model_versions"`
	FeatureVersion string            `json:"feature_version"`
}

PackageFeatures represents comprehensive package features

type PackageToAnalyze 

type PackageToAnalyze struct {
	Name     string `json:"name"`
	Registry string `json:"registry"`
	Version  string `json:"version,omitempty"`
}

PackageToAnalyze represents a package to analyze

type PatternAnalysis 

type PatternAnalysis struct {
	UnusualPatterns []string `json:"unusual_patterns"`
	PatternScore    float64  `json:"pattern_score"`
	FrequencyScore  float64  `json:"frequency_score"`
	SequenceScore   float64  `json:"sequence_score"`
}

PatternAnalysis holds pattern analysis results.

type PerformanceAlert 

type PerformanceAlert struct {
	ModelID   string        `json:"model_id"`
	Metric    string        `json:"metric"`
	Value     float64       `json:"value"`
	Threshold float64       `json:"threshold"`
	Timestamp time.Time     `json:"timestamp"`
	Severity  AlertSeverity `json:"severity"`
}

PerformanceAlert represents a performance degradation alert

type PerformanceMetrics 

type PerformanceMetrics struct {
	Accuracy   float64       `json:"accuracy"`
	Precision  float64       `json:"precision"`
	Recall     float64       `json:"recall"`
	F1Score    float64       `json:"f1_score"`
	Latency    time.Duration `json:"latency"`
	Throughput float64       `json:"throughput"`
	Timestamp  time.Time     `json:"timestamp"`
}

PerformanceMetrics contains model performance data

type PerformanceStats 

type PerformanceStats struct {
	Ecosystem      string    `json:"ecosystem"`
	TruePositives  int       `json:"true_positives"`
	FalsePositives int       `json:"false_positives"`
	TrueNegatives  int       `json:"true_negatives"`
	FalseNegatives int       `json:"false_negatives"`
	Precision      float64   `json:"precision"`
	Recall         float64   `json:"recall"`
	F1Score        float64   `json:"f1_score"`
	Accuracy       float64   `json:"accuracy"`
	LastCalculated time.Time `json:"last_calculated"`
}

PerformanceStats tracks model performance metrics

type PopularityFeatures 

type PopularityFeatures struct {
	TotalDownloads    int64   `json:"total_downloads"`
	WeeklyDownloads   int64   `json:"weekly_downloads"`
	MonthlyDownloads  int64   `json:"monthly_downloads"`
	DownloadTrend     string  `json:"download_trend"`
	DownloadVelocity  float64 `json:"download_velocity"`
	PopularityRank    int     `json:"popularity_rank"`
	DependentPackages int     `json:"dependent_packages"`
	DependencyRank    int     `json:"dependency_rank"`
	CommunityScore    float64 `json:"community_score"`
	MaintenanceScore  float64 `json:"maintenance_score"`
}

PopularityFeatures contains popularity and download features

type Prediction 

type Prediction struct {
	Model       string  `json:"model"`
	Probability float64 `json:"probability"`
	Label       string  `json:"label"`
	Confidence  float64 `json:"confidence"`
}

Prediction represents a model prediction.

type PredictionCache 

type PredictionCache struct {
	// contains filtered or unexported fields
}

PredictionCache caches prediction results for performance

func NewPredictionCache 

func NewPredictionCache(ttl time.Duration, maxSize int) *PredictionCache

NewPredictionCache creates a new prediction cache

func (*PredictionCache) Get 

func (pc *PredictionCache) Get(key string) (*ThreatPrediction, bool)

Get retrieves a cached prediction

func (*PredictionCache) GetStats 

func (pc *PredictionCache) GetStats() (hitRate float64, size int)

GetStats returns cache statistics

func (*PredictionCache) Set 

func (pc *PredictionCache) Set(key string, prediction *ThreatPrediction)

Set stores a prediction in cache

type PredictionExplanation 

type PredictionExplanation struct {
	TopFeatures       []FeatureContribution `json:"top_features"`
	ShapValues        map[string]float64    `json:"shap_values"`
	DecisionPath      []DecisionNode        `json:"decision_path"`
	ConfidenceFactors []string              `json:"confidence_factors"`
}

PredictionExplanation provides interpretability for predictions

type PredictionMetrics 

type PredictionMetrics struct {
	// contains filtered or unexported fields
}

PredictionMetrics tracks prediction performance

func NewPredictionMetrics 

func NewPredictionMetrics() *PredictionMetrics

type PredictionModel 

type PredictionModel struct {
	ID              string                 `json:"id"`
	Name            string                 `json:"name"`
	Type            ModelType              `json:"type"`
	Version         string                 `json:"version"`
	Accuracy        float64                `json:"accuracy"`
	Precision       float64                `json:"precision"`
	Recall          float64                `json:"recall"`
	F1Score         float64                `json:"f1_score"`
	TrainedAt       time.Time              `json:"trained_at"`
	Features        []string               `json:"features"`
	Weights         map[string]float64     `json:"weights"`
	Thresholds      map[string]float64     `json:"thresholds"`
	Hyperparameters map[string]interface{} `json:"hyperparameters"`
	Status          ModelStatus            `json:"status"`
}

PredictionModel represents a trained ML model for threat prediction

type PredictorConfig 

type PredictorConfig struct {
	ModelsEnabled      []ModelType        `json:"models_enabled"`
	RetrainingInterval time.Duration      `json:"retraining_interval"`
	MinTrainingSamples int                `json:"min_training_samples"`
	ValidationSplit    float64            `json:"validation_split"`
	FeatureSelection   bool               `json:"feature_selection"`
	EnsembleWeights    map[string]float64 `json:"ensemble_weights"`
	Thresholds         map[string]float64 `json:"thresholds"`
	CacheEnabled       bool               `json:"cache_enabled"`
	CacheTTL           time.Duration      `json:"cache_ttl"`
	MetricsEnabled     bool               `json:"metrics_enabled"`
}

PredictorConfig configures the threat predictor

type RealtimeLearner 

type RealtimeLearner struct {
	// contains filtered or unexported fields
}

RealtimeLearner enables continuous learning from new data

func NewRealtimeLearner 

func NewRealtimeLearner(bufferSize int, updateInterval time.Duration) *RealtimeLearner

NewRealtimeLearner creates a new realtime learner

func (*RealtimeLearner) AddExample 

func (rl *RealtimeLearner) AddExample(example TrainingExample)

AddExample adds a training example to the buffer

func (*RealtimeLearner) GetTrainingData 

func (rl *RealtimeLearner) GetTrainingData() []TrainingExample

GetTrainingData returns current training data

func (*RealtimeLearner) ShouldUpdate 

func (rl *RealtimeLearner) ShouldUpdate() bool

ShouldUpdate checks if model should be updated

func (*RealtimeLearner) UpdateComplete 

func (rl *RealtimeLearner) UpdateComplete()

UpdateComplete marks update as complete

type RepositoryFeatures 

type RepositoryFeatures struct {
	HasRepository        bool               `json:"has_repository"`
	RepositoryURL        string             `json:"repository_url"`
	RepositoryType       string             `json:"repository_type"`
	StarCount            int                `json:"star_count"`
	ForkCount            int                `json:"fork_count"`
	IssueCount           int                `json:"issue_count"`
	CommitCount          int                `json:"commit_count"`
	ContributorCount     int                `json:"contributor_count"`
	LastCommit           time.Time          `json:"last_commit"`
	HasReadme            bool               `json:"has_readme"`
	ReadmeLength         int                `json:"readme_length"`
	HasTests             bool               `json:"has_tests"`
	TestCoverage         float64            `json:"test_coverage"`
	HasCI                bool               `json:"has_ci"`
	LanguageDistribution map[string]float64 `json:"language_distribution"`
	SuspiciousFiles      []string           `json:"suspicious_files"`
}

RepositoryFeatures contains repository-related features

type ReputationAnalysis 

type ReputationAnalysis struct {
	OverallScore      float64            `json:"overall_score"`
	MaintainerScore   float64            `json:"maintainer_score"`
	DownloadScore     float64            `json:"download_score"`
	AgeScore          float64            `json:"age_score"`
	CommunityScore    float64            `json:"community_score"`
	SecurityScore     float64            `json:"security_score"`
	ReputationSources []ReputationSource `json:"reputation_sources"`
}

ReputationAnalysis holds reputation analysis results.

type ReputationAnalyzer 

type ReputationAnalyzer struct{}

func NewReputationAnalyzer 

func NewReputationAnalyzer() (*ReputationAnalyzer, error)

func (*ReputationAnalyzer) AnalyzeReputation 

func (ra *ReputationAnalyzer) AnalyzeReputation(ctx context.Context, features *EnhancedPackageFeatures) (*EnhancedReputationAnalysis, error)

func (*ReputationAnalyzer) GetMetrics 

func (ra *ReputationAnalyzer) GetMetrics(ctx context.Context) (map[string]interface{}, error)

func (*ReputationAnalyzer) Update 

func (ra *ReputationAnalyzer) Update(ctx context.Context) error

type ReputationFactor 

type ReputationFactor struct {
	Factor      string  `json:"factor"`
	Score       float64 `json:"score"`
	Weight      float64 `json:"weight"`
	Description string  `json:"description"`
}

ReputationFactor represents factors affecting reputation score

type ReputationModel 

type ReputationModel struct {
	// contains filtered or unexported fields
}

ReputationModel implements package reputation scoring

func NewReputationModel 

func NewReputationModel(config config.MLModelConfig) *ReputationModel

NewReputationModel creates a new reputation scoring model

func (*ReputationModel) GetModelInfo 

func (m *ReputationModel) GetModelInfo() *ModelInfo

GetModelInfo returns model information

func (*ReputationModel) Initialize 

func (m *ReputationModel) Initialize(ctx context.Context) error

Initialize initializes the reputation model

func (*ReputationModel) IsReady 

func (m *ReputationModel) IsReady() bool

IsReady returns whether the model is ready

func (*ReputationModel) Predict 

func (m *ReputationModel) Predict(features []float64) (*Prediction, error)

Predict performs reputation prediction

func (*ReputationModel) Train 

func (m *ReputationModel) Train(data []TrainingData) error

Train trains the reputation model

type ReputationSource 

type ReputationSource struct {
	Source string  `json:"source"`
	Score  float64 `json:"score"`
	Weight float64 `json:"weight"`
}

ReputationSource represents a source of reputation information.

type RiskAssessment 

type RiskAssessment struct {
	OverallRisk     string       `json:"overall_risk"`
	RiskScore       float64      `json:"risk_score"`
	RiskFactors     []RiskFactor `json:"risk_factors"`
	Mitigations     []string     `json:"mitigations"`
	ConfidenceLevel float64      `json:"confidence_level"`
}

RiskAssessment holds overall risk assessment.

type RiskFactor 

type RiskFactor struct {
	Factor      string  `json:"factor"`
	Severity    string  `json:"severity"`
	Score       float64 `json:"score"`
	Description string  `json:"description"`
}

RiskFactor represents a specific risk factor.

type RuntimeBehavior 

type RuntimeBehavior struct {
	ProcessSpawning   []string `json:"process_spawning"`
	SystemCalls       []string `json:"system_calls"`
	ResourceUsage     []string `json:"resource_usage"`
	EnvironmentAccess []string `json:"environment_access"`
}

RuntimeBehavior holds runtime behavior analysis.

type Scorer 

type Scorer interface {
	// Score calculates a risk score for a package based on extracted features
	Score(ctx context.Context, pkg *types.Package, features map[string]interface{}) (*ScoringResult, error)

	// GetModelInfo returns information about the underlying model
	GetModelInfo() *ModelInfo

	// UpdateModel updates the scorer with new model parameters
	UpdateModel(modelData []byte) error

	// GetThresholds returns the scoring thresholds used by this scorer
	GetThresholds() ScoringThresholds
}

Scorer defines the interface for ML-based package scoring

type ScorerConfig 

type ScorerConfig struct {
	Thresholds     ScoringThresholds      `json:"thresholds"`
	FeatureWeights map[string]float64     `json:"feature_weights"`
	Normalization  bool                   `json:"normalization"`
	ModelPath      string                 `json:"model_path"`
	UpdateInterval string                 `json:"update_interval"`
	Metadata       map[string]interface{} `json:"metadata,omitempty"`
}

ScorerConfig provides configuration for scorers

type ScoringResult 

type ScoringResult struct {
	Score          float64                `json:"score"`
	Confidence     float64                `json:"confidence"`
	RiskLevel      string                 `json:"risk_level"`
	FeatureScores  map[string]float64     `json:"feature_scores"`
	Explanation    string                 `json:"explanation"`
	ModelVersion   string                 `json:"model_version"`
	ProcessingTime float64                `json:"processing_time_ms"`
	Metadata       map[string]interface{} `json:"metadata,omitempty"`
}

ScoringResult represents the output of a scoring operation

type ScoringThresholds 

type ScoringThresholds struct {
	Malicious     float64 `json:"malicious"`
	Suspicious    float64 `json:"suspicious"`
	MinConfidence float64 `json:"min_confidence"`
}

ScoringThresholds defines the thresholds for different risk levels

func DefaultScoringThresholds 

func DefaultScoringThresholds() ScoringThresholds

DefaultScoringThresholds returns sensible default thresholds

func (ScoringThresholds) GetRiskLevel 

func (t ScoringThresholds) GetRiskLevel(score float64) string

GetRiskLevel determines the risk level based on score and thresholds

type SecurityFeatures 

type SecurityFeatures struct {
	KnownVulnerabilities int      `json:"known_vulnerabilities"`
	SecurityScore        float64  `json:"security_score"`
	HasSecurityPolicy    bool     `json:"has_security_policy"`
	SignedReleases       bool     `json:"signed_releases"`
	SigstoreVerified     bool     `json:"sigstore_verified"`
	SLSALevel            int      `json:"slsa_level"`
	HasSBOM              bool     `json:"has_sbom"`
	SupplyChainRisk      float64  `json:"supply_chain_risk"`
	MalwareIndicators    []string `json:"malware_indicators"`
	SuspiciousScripts    []string `json:"suspicious_scripts"`
}

SecurityFeatures contains security-related features

type SecurityMetrics 

type SecurityMetrics struct {
	VulnerabilityCount    int     `json:"vulnerability_count"`
	HighSeverityVulns     int     `json:"high_severity_vulns"`
	CriticalSeverityVulns int     `json:"critical_severity_vulns"`
	SuspiciousPatterns    int     `json:"suspicious_patterns"`
	ObfuscatedCode        bool    `json:"obfuscated_code"`
	NetworkCalls          int     `json:"network_calls"`
	FileSystemAccess      int     `json:"file_system_access"`
	ProcessExecution      int     `json:"process_execution"`
	CryptographicUsage    int     `json:"cryptographic_usage"`
	DangerousFunctions    int     `json:"dangerous_functions"`
	SecurityScore         float64 `json:"security_score"`
}

SecurityMetrics represents security-related metrics

type SimilarPackage 

type SimilarPackage struct {
	Name           string  `json:"name"`
	Similarity     float64 `json:"similarity"`
	Distance       int     `json:"distance"`
	Algorithm      string  `json:"algorithm"`
	Registry       string  `json:"registry"`
	Downloads      int64   `json:"downloads"`
	LastUpdated    string  `json:"last_updated"`
	Maintainer     string  `json:"maintainer"`
	SuspiciousFlag bool    `json:"suspicious_flag"`
}

SimilarPackage represents a package similar to the analyzed one.

type SimilarityModel 

type SimilarityModel struct{}

Placeholder model interfaces - these would be implemented separately

func NewSimilarityModel 

func NewSimilarityModel() (*SimilarityModel, error)

Placeholder implementations

func (*SimilarityModel) AnalyzeSimilarity 

func (sm *SimilarityModel) AnalyzeSimilarity(ctx context.Context, features *EnhancedPackageFeatures) ([]EnhancedSimilarityResult, error)

func (*SimilarityModel) GetMetrics 

func (sm *SimilarityModel) GetMetrics(ctx context.Context) (map[string]interface{}, error)

Metrics methods

func (*SimilarityModel) Update 

func (sm *SimilarityModel) Update(ctx context.Context) error

Update methods

type SimilarityRequest 

type SimilarityRequest struct {
	PackageName string   `json:"package_name"`
	Registry    string   `json:"registry"`
	TopK        int      `json:"top_k"`
	Threshold   float64  `json:"threshold"`
	Exclude     []string `json:"exclude,omitempty"`
}

SimilarityRequest represents a request to find similar packages

type SimilarityResponse 

type SimilarityResponse struct {
	Results []SimilarityResult `json:"results"`
	Model   string             `json:"model"`
	Time    float64            `json:"time_ms"`
}

SimilarityResponse represents a response from the similarity service

type SimilarityResult 

type SimilarityResult struct {
	PackageName string  `json:"package_name"`
	Registry    string  `json:"registry"`
	Score       float64 `json:"score"`
	Distance    float64 `json:"distance"`
	Rank        int     `json:"rank"`
}

SimilarityResult represents a single similarity result

type ThreatFeatureExtractor 

type ThreatFeatureExtractor struct {
	// contains filtered or unexported fields
}

ThreatFeatureExtractor extracts features for ML prediction

func NewThreatFeatureExtractor 

func NewThreatFeatureExtractor() *ThreatFeatureExtractor

func (*ThreatFeatureExtractor) ExtractFeatures 

func (fe *ThreatFeatureExtractor) ExtractFeatures(packageInfo interface{}) (*FeatureVector, error)

type ThreatPrediction 

type ThreatPrediction struct {
	PackageID      string                 `json:"package_id"`
	ThreatScore    float64                `json:"threat_score"`
	Confidence     float64                `json:"confidence"`
	ThreatTypes    []string               `json:"threat_types"`
	Explanation    *PredictionExplanation `json:"explanation"`
	ModelVersions  map[string]string      `json:"model_versions"`
	PredictionTime time.Time              `json:"prediction_time"`
	FeatureVector  *FeatureVector         `json:"feature_vector"`
}

ThreatPrediction represents a threat prediction result

type ThreatPredictor 

type ThreatPredictor struct {
	// contains filtered or unexported fields
}

ThreatPredictor provides ML-based threat prediction capabilities with advanced analytics

func NewThreatPredictor 

func NewThreatPredictor(config *PredictorConfig) *ThreatPredictor

NewThreatPredictor creates a new threat predictor

func (*ThreatPredictor) AddTrainingSample 

func (tp *ThreatPredictor) AddTrainingSample(sample *TrainingSample) error

AddTrainingSample adds a new training sample

func (*ThreatPredictor) GetModelMetrics 

func (tp *ThreatPredictor) GetModelMetrics() map[string]*ModelMetrics

GetModelMetrics returns metrics for all models

func (*ThreatPredictor) PredictThreat 

func (tp *ThreatPredictor) PredictThreat(ctx context.Context, packageInfo interface{}) (*ThreatPrediction, error)

PredictThreat predicts threats for a package

func (*ThreatPredictor) TrainModels 

func (tp *ThreatPredictor) TrainModels(ctx context.Context) error

TrainModels trains or retrains ML models

type ThresholdChange 

type ThresholdChange struct {
	ThreatType      string    `json:"threat_type"`
	OldThreshold    float64   `json:"old_threshold"`
	NewThreshold    float64   `json:"new_threshold"`
	Reason          string    `json:"reason"`
	Timestamp       time.Time `json:"timestamp"`
	PerformanceGain float64   `json:"performance_gain"`
}

ThresholdChange represents a threshold adaptation event

type ThresholdSet 

type ThresholdSet struct {
	Ecosystem              string            `json:"ecosystem"`
	TyposquattingThreshold float64           `json:"typosquatting_threshold"`
	ConfusionThreshold     float64           `json:"confusion_threshold"`
	SupplyChainThreshold   float64           `json:"supply_chain_threshold"`
	MalwareThreshold       float64           `json:"malware_threshold"`
	ConfidenceLevel        float64           `json:"confidence_level"`
	LastUpdated            time.Time         `json:"last_updated"`
	AdaptationHistory      []ThresholdChange `json:"adaptation_history"`
}

ThresholdSet represents adaptive thresholds for different threat types

type TrainingData 

type TrainingData struct {
	Features []float64              `json:"features"`
	Label    float64                `json:"label"`
	Metadata map[string]interface{} `json:"metadata"`
}

TrainingData represents training data for ML models

type TrainingDataset 

type TrainingDataset struct {
	// contains filtered or unexported fields
}

TrainingDataset manages training data for ML models

func NewTrainingDataset 

func NewTrainingDataset() *TrainingDataset

type TrainingExample 

type TrainingExample struct {
	Features  *FeatureVector `json:"features"`
	Label     float64        `json:"label"`
	Weight    float64        `json:"weight"`
	Timestamp time.Time      `json:"timestamp"`
}

TrainingExample represents a single training example

type TrainingMetrics 

type TrainingMetrics struct {
	Accuracy       float64       `json:"accuracy"`
	Precision      float64       `json:"precision"`
	Recall         float64       `json:"recall"`
	F1Score        float64       `json:"f1_score"`
	TrainingLoss   float64       `json:"training_loss"`
	ValidationLoss float64       `json:"validation_loss"`
	TrainingTime   time.Duration `json:"training_time"`
	DatasetSize    int           `json:"dataset_size"`
}

TrainingMetrics represents model training performance

type TrainingSample 

type TrainingSample struct {
	ID         string                 `json:"id"`
	Features   map[string]float64     `json:"features"`
	Label      string                 `json:"label"`
	ThreatType types.ThreatType       `json:"threat_type"`
	Severity   types.Severity         `json:"severity"`
	Confidence float64                `json:"confidence"`
	Timestamp  time.Time              `json:"timestamp"`
	Metadata   map[string]interface{} `json:"metadata"`
	Validated  bool                   `json:"validated"`
}

TrainingSample represents a training sample

type TypoDetection 

type TypoDetection struct {
	IsTyposquatting    bool     `json:"is_typosquatting"`
	TargetPackage      string   `json:"target_package"`
	TypoType           string   `json:"typo_type"`
	EditDistance       int      `json:"edit_distance"`
	SimilarityScore    float64  `json:"similarity_score"`
	Confidence         float64  `json:"confidence"`
	SuspiciousPatterns []string `json:"suspicious_patterns"`
}

TypoDetection represents typosquatting detection results

type TypoDetector 

type TypoDetector struct{}

func NewTypoDetector 

func NewTypoDetector() (*TypoDetector, error)

func (*TypoDetector) DetectTyposquatting 

func (td *TypoDetector) DetectTyposquatting(ctx context.Context, features *EnhancedPackageFeatures) (*TypoDetection, error)

func (*TypoDetector) GetMetrics 

func (td *TypoDetector) GetMetrics(ctx context.Context) (map[string]interface{}, error)

func (*TypoDetector) Update 

func (td *TypoDetector) Update(ctx context.Context) error

type TyposquattingModel 

type TyposquattingModel struct {
	// contains filtered or unexported fields
}

TyposquattingModel implements typosquatting detection using ML

func NewTyposquattingModel 

func NewTyposquattingModel(config config.MLModelConfig) *TyposquattingModel

NewTyposquattingModel creates a new typosquatting detection model

func (*TyposquattingModel) GetModelInfo 

func (m *TyposquattingModel) GetModelInfo() *ModelInfo

GetModelInfo returns model information

func (*TyposquattingModel) Initialize 

func (m *TyposquattingModel) Initialize(ctx context.Context) error

Initialize initializes the typosquatting model

func (*TyposquattingModel) IsReady 

func (m *TyposquattingModel) IsReady() bool

IsReady returns whether the model is ready for predictions

func (*TyposquattingModel) Predict 

func (m *TyposquattingModel) Predict(features []float64) (*Prediction, error)

Predict performs typosquatting prediction

func (*TyposquattingModel) Train 

func (m *TyposquattingModel) Train(data []TrainingData) error

Train trains the typosquatting model using heuristic-based learning

type VotingType 

type VotingType string

VotingType represents ensemble voting strategy 

const (
	VotingTypeMajority VotingType = "majority"
	VotingTypeWeighted VotingType = "weighted"
	VotingTypeStacking VotingType = "stacking"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.