gfwleak/galaxy-tsg-olap-dos-detection-job
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加一元组作为基线生成数据源

Browse Source
This commit is contained in:
wanglihui
2021-09-13 14:14:58 +08:00
parent 4f8807dfa1
commit 8cfb442c44
3 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/zdjizhi/etl/DosDetection.java
View File

@@ -108,7 +108,8 @@ public class DosDetection extends RichMapFunction<DosSketchLog, DosEventLog> {
Tuple2<ArrayList<Integer>, Integer> floodTypeTup = baselineMap.get(destinationIp).get(attackType);
Integer base = getBaseValue(floodTypeTup, value);
long sketchSessions = value.getSketch_sessions();
return sketchSessions > CommonConfig.SENSITIVITY_THRESHOLD ? getDosEventLog(value, base, sketchSessions - base, "baseline"):Tuple2.of(Severity.NORMAL, null);
return sketchSessions > CommonConfig.SENSITIVITY_THRESHOLD ?
getDosEventLog(value, base, sketchSessions - base, "baseline") : Tuple2.of(Severity.NORMAL, null);
}
private Tuple2<Severity, DosEventLog> getDosEventLogByStaticThreshold(DosSketchLog value, Map<String, DosDetectionThreshold> thresholdMap) {