code_public/ja4-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3429c74e0381d4df910fdf0537242742ca65f4f6
ja4-platform/docs/thesis
History
Jacquin Antoine f0c8fe81c6 feat(ja4ebpf): add multi-interface TC, LPM_TRIE ignore_src, unit tests, and fix bugs 
- Add multi-interface TC attachment (default "any" = all UP interfaces)
- Add BPF LPM_TRIE map ignored_src for kernel-side CIDR filtering
- Add userspace ignore_src filtering for SSL/accept4 path via net.IPNet.Contains()
- Add AcceptCache for fd→SessionKey correlation with TTL and Close()
- Add 5 test files covering writer, procutil, dispatcher, accept_cache, and cmd
- Fix formatTCPOptions infinite loop on EOL (case 0 break→return)
- Fix pseudoOrderToShort panic on empty slice (negative cap)
- Fix AcceptCache goroutine leak (add done channel + Close())
- Update config.yml.example with interfaces, listen_ports, ignore_src
- Rewrite docs/services/ja4ebpf.md (was massively stale: XDP, RingBuffer, etc.)
- Fix stale XDP/RingBuffer references in docs/architecture.md, thesis, tls.go

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 01:49:26 +02:00
..
00_resume.md
feat(e2e): add distributed E2E test framework with parametric traffic generation
2026-04-15 00:09:32 +02:00
01_introduction.md
feat(e2e): add distributed E2E test framework with parametric traffic generation
2026-04-15 00:09:32 +02:00
02_etat_de_lart.md
feat(e2e): add distributed E2E test framework with parametric traffic generation
2026-04-15 00:09:32 +02:00
03_architecture.md
feat(ja4ebpf): add multi-interface TC, LPM_TRIE ignore_src, unit tests, and fix bugs
2026-04-16 01:49:26 +02:00
04_browser_matcher.md
docs: restructure thesis into chapter files with corrected references
2026-04-13 13:51:38 +02:00
05_features.md
feat(ml): replace NetworkX/Louvain with PyTorch Geometric GraphSAGE for fleet detection
2026-04-13 15:45:34 +02:00
06_techniques_avancees.md
feat(ml): replace NetworkX/Louvain with PyTorch Geometric GraphSAGE for fleet detection
2026-04-13 15:45:34 +02:00
07_discussion_limites.md
feat(e2e): add distributed E2E test framework with parametric traffic generation
2026-04-15 00:09:32 +02:00
08_conclusion_references.md
feat(e2e): add distributed E2E test framework with parametric traffic generation
2026-04-15 00:09:32 +02:00
README.md
docs: restructure thesis into chapter files with corrected references
2026-04-13 13:51:38 +02:00

README.md

Détection et Classification du Trafic HTTP Malveillant

Document technique — Avril 2026 — Version 4.0

Ce document est divisé en 9 parties :

Fichier Contenu Lignes
00_resume.md Titre, résumé, table des matières 75
01_introduction.md Section 1 — Introduction, contexte, générations de défenses 50
02_etat_de_lart.md Section 2 — État de l'art (règles statiques, fingerprinting, ML) 208
03_architecture.md Section 3.13.8 — Architecture multi-couches, pipeline ML 767
04_browser_matcher.md Section 3.9 — Browser Signature Detection (browser_matcher) 481
05_features.md Section 4 — Taxonomie des 96 features (8 familles) 682
06_techniques_avancees.md Section 5 — Techniques comportementales avancées (§5.15.8) 669
07_discussion_limites.md Section 6 — Discussion, limites, scalabilité, RGPD 207
08_conclusion_references.md Sections 78 — Conclusion et références 277