code_public/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor ASN scoring logic and entity routes; add new frontend utilities

Browse Source 
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
SOC Analyst
2026-03-20 10:00:06 +01:00
parent bd33fbad01
commit 799e8f1c1e
16 changed files with 161 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/routes/detections.py
View File

@ -8,6 +8,19 @@ from ..models import DetectionsListResponse, Detection
router = APIRouter(prefix="/api/detections", tags=["detections"])
# Mapping label ASN → score float (0 = très suspect, 1 = légitime)
_ASN_LABEL_SCORES: dict[str, float] = {
'human': 0.9, 'bot': 0.05, 'proxy': 0.25, 'vpn': 0.3,
'tor': 0.1, 'datacenter': 0.4, 'scanner': 0.05, 'malicious': 0.05,
}
def _label_to_score(label: str) -> float | None:
"""Convertit un label de réputation ASN en score numérique."""
if not label:
return None
return _ASN_LABEL_SCORES.get(label.lower(), 0.5)
@router.get("", response_model=DetectionsListResponse)
async def get_detections(
@ -154,12 +167,6 @@ async def get_detections(
params["offset"] = offset
gresult = db.query(grouped_query, params)
def _label_to_score(label: str) -> float | None:
if not label: return None
mapping = {'human': 0.9, 'bot': 0.05, 'proxy': 0.25, 'vpn': 0.3,
'tor': 0.1, 'datacenter': 0.4, 'scanner': 0.05, 'malicious': 0.05}
return mapping.get(label.lower(), 0.5)
detections = []
for row in gresult.result_rows:
# row: src_ip, first_seen, last_seen, detection_count, unique_ja4s, unique_hosts,
@ -252,21 +259,6 @@ async def get_detections(
params["offset"] = offset
result = db.query(main_query, params)
def _label_to_score(label: str) -> float | None:
if not label:
return None
mapping = {
'human': 0.9,
'bot': 0.05,
'proxy': 0.25,
'vpn': 0.3,
'tor': 0.1,
'datacenter': 0.4,
'scanner': 0.05,
'malicious': 0.05,
}
return mapping.get(label.lower(), 0.5)
detections = [
Detection(