Fix learning method matches for the detected events - Githubissues

petabi / review-database

Storage subsystem for REview

Apache License 2.0

1 stars 7 forks source link

Fix learning method matches for the detected events #322

Open syncpark opened 3 months ago

syncpark commented 3 months ago

In src/event.rs, the learning methods are defined as follows:

/// in src/event.rs
/// Machine Learning Method.
#[derive(Clone, Copy, Eq, PartialEq, Deserialize, Serialize)]
pub enum LearningMethod {
    Unsupervised,
    SemiSupervised,
}

After the EventCategory::HttpThreat is replaced to EventCategory::Reconnaissance, the following code in src/event/common.rs may return incorrect results. https://github.com/petabi/review-database/blob/2eda8f9ea7ddc8027df6a7ed5991af7db4a80990/src/event/common.rs#L163-L172

Tasks:

The matching code must be modified to return correct results.
And the learning methods of the detected events need to be assigned when the detected events are generated.

syncpark commented 4 weeks ago

To solve this issue, all event structures must contain LearningMethod value and implement learning_method() function.