code_public/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8fb054c8b7d35d3a504657591df8918a2ec4e5a9
dashboard/backend/routes
History
SOC Analyst 8fb054c8b7 feat(clustering): ajout features headers HTTP (Accept-Language, Accept-Encoding, Sec-Fetch, nb headers) 
- SQL: LEFT JOIN sur view_dashboard_entities pour extraire la présence des headers
  Accept-Encoding, Sec-Fetch-* et le nombre de headers par src_ip/ja4 (via subquery)
- SQL: ajout avg(ml.has_accept_language) depuis ml_detected_anomalies
- FEATURES: 23 → 27 dimensions
  [23] Accept-Language  (0=absent=bot-like)
  [24] Accept-Encoding  (0=absent=bot-like)
  [25] Sec-Fetch-*      (1=vrai navigateur)
  [26] Nb Headers       (normalisé /20; 3=bot, 15=browser)
- risk_score_from_centroid(): poids réajustés (somme=1.0), 4 nouveaux termes header
  absence Accept-Language ×0.05, absence Accept-Encoding ×0.05,
  absence Sec-Fetch ×0.04, peu de headers ×0.04
- name_cluster(): nouveau label 'Bot UA simulé' (ua_ch mismatch + sec_fetch absent)
  et 'Scanner pur (no headers)' + 'Navigateur légitime' + 'Headless (no Sec-Fetch)'
- Fix: %% dans les LIKE ClickHouse (échappement paramètres Python %-format)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-19 11:04:08 +01:00
..
__init__.py
Initial commit: Bot Detector Dashboard for SOC Incident Response
2026-03-14 21:33:55 +01:00
analysis.py
fix: correct CampaignsView, analysis.py IPv4 split, entities date filter
2026-03-15 23:10:35 +01:00
attributes.py
Initial commit: Bot Detector Dashboard for SOC Incident Response
2026-03-14 21:33:55 +01:00
audit.py
feat(phase3): Classification en masse, Export STIX, Audit Logs
2026-03-14 21:55:52 +01:00
botnets.py
feat: ajout de 7 nouveaux dashboards d'analyse avancée
2026-03-15 23:57:27 +01:00
bruteforce.py
fix: correction de 7 bugs UI/API sur les dashboards avancés
2026-03-16 00:24:53 +01:00
clustering.py
feat(clustering): ajout features headers HTTP (Accept-Language, Accept-Encoding, Sec-Fetch, nb headers)
2026-03-19 11:04:08 +01:00
detections.py
maj cumulative
2026-03-18 13:56:39 +01:00
entities.py
fix: correct CampaignsView, analysis.py IPv4 split, entities date filter
2026-03-15 23:10:35 +01:00
fingerprints.py
suite des maj
2026-03-18 09:00:47 +01:00
header_fingerprint.py
feat: ajout de 7 nouveaux dashboards d'analyse avancée
2026-03-15 23:57:27 +01:00
heatmap.py
feat: ajout de 7 nouveaux dashboards d'analyse avancée
2026-03-15 23:57:27 +01:00
incidents.py
fix: correct CampaignsView, analysis.py IPv4 split, entities date filter
2026-03-15 23:10:35 +01:00
investigation_summary.py
feat: clustering multi-métriques + TCP fingerprinting amélioré
2026-03-18 18:22:57 +01:00
metrics.py
feat: 6 améliorations SOC — synthèse IP, baseline, sophistication, chasse proactive, badge ASN, 2 nouveaux onglets rotation
2026-03-16 00:43:27 +01:00
ml_features.py
maj cumulative
2026-03-18 13:56:39 +01:00
reputation.py
feat: Réputation IP depuis bases publiques (sans clé API)
2026-03-15 18:15:01 +01:00
rotation.py
suite des maj
2026-03-18 09:00:47 +01:00
search.py
maj cumulative
2026-03-18 13:56:39 +01:00
tcp_spoofing.py
feat: clustering multi-métriques + TCP fingerprinting amélioré
2026-03-18 18:22:57 +01:00
variability.py
maj cumulative
2026-03-18 13:56:39 +01:00