onuion 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- onuion-0.1.0/LICENSE +22 -0
- onuion-0.1.0/PKG-INFO +317 -0
- onuion-0.1.0/README.md +283 -0
- onuion-0.1.0/onuion/__init__.py +31 -0
- onuion-0.1.0/onuion/feature_extractor.py +331 -0
- onuion-0.1.0/onuion/huggingface.py +236 -0
- onuion-0.1.0/onuion/inference.py +197 -0
- onuion-0.1.0/onuion/model.py +504 -0
- onuion-0.1.0/onuion/risk_aggregator.py +133 -0
- onuion-0.1.0/onuion/rule_engine.py +291 -0
- onuion-0.1.0/onuion/train.py +171 -0
- onuion-0.1.0/onuion.egg-info/PKG-INFO +317 -0
- onuion-0.1.0/onuion.egg-info/SOURCES.txt +19 -0
- onuion-0.1.0/onuion.egg-info/dependency_links.txt +1 -0
- onuion-0.1.0/onuion.egg-info/requires.txt +9 -0
- onuion-0.1.0/onuion.egg-info/top_level.txt +1 -0
- onuion-0.1.0/pyproject.toml +61 -0
- onuion-0.1.0/setup.cfg +4 -0
- onuion-0.1.0/tests/test_feature_extractor.py +63 -0
- onuion-0.1.0/tests/test_inference.py +67 -0
- onuion-0.1.0/tests/test_rule_engine.py +130 -0
onuion-0.1.0/LICENSE
ADDED
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Onuion contributors
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
22
|
+
|
onuion-0.1.0/PKG-INFO
ADDED
|
@@ -0,0 +1,317 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: onuion
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Real-time Security Risk Analysis Model - Hybrid (Rule-based + ML) system for session data analysis
|
|
5
|
+
Author: onuion contributors
|
|
6
|
+
License: MIT
|
|
7
|
+
Project-URL: Homepage, https://github.com/onuion/onuion
|
|
8
|
+
Project-URL: Documentation, https://github.com/onuion/onuion/docs
|
|
9
|
+
Project-URL: Repository, https://github.com/onuion/onuion
|
|
10
|
+
Project-URL: Issues, https://github.com/onuion/onuion/issues
|
|
11
|
+
Keywords: security,risk-analysis,machine-learning,tensorflow,session-analysis
|
|
12
|
+
Classifier: Development Status :: 3 - Alpha
|
|
13
|
+
Classifier: Intended Audience :: Developers
|
|
14
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
15
|
+
Classifier: Programming Language :: Python :: 3
|
|
16
|
+
Classifier: Programming Language :: Python :: 3.8
|
|
17
|
+
Classifier: Programming Language :: Python :: 3.9
|
|
18
|
+
Classifier: Programming Language :: Python :: 3.10
|
|
19
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
20
|
+
Classifier: Topic :: Security
|
|
21
|
+
Classifier: Topic :: Software Development :: Libraries :: Python Modules
|
|
22
|
+
Requires-Python: >=3.8
|
|
23
|
+
Description-Content-Type: text/markdown
|
|
24
|
+
License-File: LICENSE
|
|
25
|
+
Requires-Dist: numpy>=1.21.0
|
|
26
|
+
Requires-Dist: tensorflow>=2.10.0
|
|
27
|
+
Provides-Extra: dev
|
|
28
|
+
Requires-Dist: pytest>=7.0.0; extra == "dev"
|
|
29
|
+
Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
|
|
30
|
+
Requires-Dist: black>=22.0.0; extra == "dev"
|
|
31
|
+
Requires-Dist: flake8>=5.0.0; extra == "dev"
|
|
32
|
+
Requires-Dist: mypy>=0.991; extra == "dev"
|
|
33
|
+
Dynamic: license-file
|
|
34
|
+
|
|
35
|
+
# onuion
|
|
36
|
+
|
|
37
|
+
**Real-time Security Risk Analysis Model**
|
|
38
|
+
|
|
39
|
+
Open-source hybrid (rule-based + ML) security risk analysis system for session data analysis with sub-millisecond inference time.
|
|
40
|
+
|
|
41
|
+
[](https://opensource.org/licenses/MIT)
|
|
42
|
+
[](https://www.python.org/downloads/)
|
|
43
|
+
[](https://huggingface.co/onuion/onuion)
|
|
44
|
+
|
|
45
|
+
## ๐ฏ Purpose
|
|
46
|
+
|
|
47
|
+
`onuion` is a production-ready risk analysis system that detects security risks by analyzing session data. Using a hybrid approach (rule-based + ML), it provides both fast detection with deterministic rules and sophisticated pattern recognition with machine learning.
|
|
48
|
+
|
|
49
|
+
## โก Features
|
|
50
|
+
|
|
51
|
+
- **Real-time Inference**: < 1ms inference time target
|
|
52
|
+
- **Hybrid System**: Rule-based + TensorFlow ML model
|
|
53
|
+
- **Small Model**: ~2,000 parameters, optimized for tabular data
|
|
54
|
+
- **Production-Ready**: Modular, tested, documented code
|
|
55
|
+
- **Open Source**: Licensed under MIT
|
|
56
|
+
|
|
57
|
+
## ๐๏ธ Architecture
|
|
58
|
+
|
|
59
|
+
```
|
|
60
|
+
Session Data
|
|
61
|
+
โ
|
|
62
|
+
[Feature Extractor] โ 25 numeric/categorical features
|
|
63
|
+
โ
|
|
64
|
+
[Rule Engine] โ Deterministic risk detection (< 0.1ms)
|
|
65
|
+
โ
|
|
66
|
+
[TensorFlow Model] โ ML-based risk probability (< 0.5ms)
|
|
67
|
+
โ
|
|
68
|
+
[Risk Aggregator] โ Final riskScore + risk array
|
|
69
|
+
โ
|
|
70
|
+
Risk Analysis Result
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
### Components
|
|
74
|
+
|
|
75
|
+
1. **Feature Extractor**: Converts session data into 25 features
|
|
76
|
+
- IP change metrics
|
|
77
|
+
- Geo-location differences
|
|
78
|
+
- Device fingerprint changes
|
|
79
|
+
- Request rates and patterns
|
|
80
|
+
- Session timing information
|
|
81
|
+
|
|
82
|
+
2. **Rule Engine**: Fast risk detection with deterministic rules
|
|
83
|
+
- `ip_mismatch`: IP change
|
|
84
|
+
- `session_hijacking`: Session hijacking indicators
|
|
85
|
+
- `bot_behavior`: Bot behavior patterns
|
|
86
|
+
- `geo_anomaly`: Geo-location anomaly
|
|
87
|
+
- `device_fingerprint_mismatch`: Device fingerprint mismatch
|
|
88
|
+
- `rapid_ip_change`: Rapid IP change
|
|
89
|
+
- `suspicious_request_pattern`: Suspicious request patterns
|
|
90
|
+
|
|
91
|
+
3. **TensorFlow Model**: Feed Forward Neural Network
|
|
92
|
+
- Input: 25 features
|
|
93
|
+
- 3 Dense layers (64 โ 32 โ 16 units)
|
|
94
|
+
- Output: Risk probability (0.0 - 1.0)
|
|
95
|
+
- Total parameters: ~2,000
|
|
96
|
+
|
|
97
|
+
4. **Risk Aggregator**: Combines rule and ML scores
|
|
98
|
+
- Weighted combination (Rule 40%, ML 60%)
|
|
99
|
+
- Final riskScore (0-100)
|
|
100
|
+
- Risk array generation
|
|
101
|
+
|
|
102
|
+
## ๐ฆ Installation
|
|
103
|
+
|
|
104
|
+
### Requirements
|
|
105
|
+
|
|
106
|
+
- Python 3.8+
|
|
107
|
+
- TensorFlow 2.10+
|
|
108
|
+
- NumPy 1.21+
|
|
109
|
+
|
|
110
|
+
### Installation Steps
|
|
111
|
+
|
|
112
|
+
```bash
|
|
113
|
+
# Clone repository
|
|
114
|
+
git clone https://github.com/onuion/onuion.git
|
|
115
|
+
cd onuion
|
|
116
|
+
|
|
117
|
+
# Create virtual environment (recommended)
|
|
118
|
+
python -m venv venv
|
|
119
|
+
source venv/bin/activate # Linux/Mac
|
|
120
|
+
# or
|
|
121
|
+
venv\Scripts\activate # Windows
|
|
122
|
+
|
|
123
|
+
# Install dependencies
|
|
124
|
+
pip install -r requirements.txt
|
|
125
|
+
|
|
126
|
+
# Install in development mode (optional)
|
|
127
|
+
pip install -e .
|
|
128
|
+
```
|
|
129
|
+
|
|
130
|
+
## ๐ Usage
|
|
131
|
+
|
|
132
|
+
### Basic Usage
|
|
133
|
+
|
|
134
|
+
```python
|
|
135
|
+
from onuion import analyze_risk
|
|
136
|
+
|
|
137
|
+
# Session data
|
|
138
|
+
session_data = {
|
|
139
|
+
"current_ip": "192.168.1.100",
|
|
140
|
+
"initial_ip": "192.168.1.50",
|
|
141
|
+
"ip_history": ["192.168.1.50", "192.168.1.100"],
|
|
142
|
+
"current_geo": {"country": "TR", "city": "Istanbul"},
|
|
143
|
+
"initial_geo": {"country": "TR", "city": "Ankara"},
|
|
144
|
+
"current_device": {"fingerprint": "fp123"},
|
|
145
|
+
"initial_device": {"fingerprint": "fp123"},
|
|
146
|
+
"current_browser": {},
|
|
147
|
+
"initial_browser": {},
|
|
148
|
+
"requests": [
|
|
149
|
+
{"timestamp": 1706000000, "method": "GET", "endpoint": "/api/users"}
|
|
150
|
+
],
|
|
151
|
+
"session_duration_seconds": 10.0,
|
|
152
|
+
"current_session_id": "sess_123",
|
|
153
|
+
"initial_session_id": "sess_123",
|
|
154
|
+
"current_cookies": {},
|
|
155
|
+
"initial_cookies": {},
|
|
156
|
+
"current_referrer": "",
|
|
157
|
+
"initial_referrer": ""
|
|
158
|
+
}
|
|
159
|
+
|
|
160
|
+
# Risk analysis
|
|
161
|
+
result = analyze_risk(session_data)
|
|
162
|
+
|
|
163
|
+
# Results
|
|
164
|
+
print(f"Risk Score: {result.riskScore}/100")
|
|
165
|
+
print(f"Risks: {result.risk}")
|
|
166
|
+
print(f"Inference Time: {result.inference_time_ms:.3f} ms")
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
### Output Format
|
|
170
|
+
|
|
171
|
+
```python
|
|
172
|
+
{
|
|
173
|
+
"riskScore": 45.2, # Risk score (0-100)
|
|
174
|
+
"risk": ["ip_mismatch", "geo_anomaly"], # Detected risk types
|
|
175
|
+
"rule_score": 40.0, # Rule engine score
|
|
176
|
+
"ml_score": 48.0, # ML model score
|
|
177
|
+
"confidence": 92.0, # Confidence score
|
|
178
|
+
"inference_time_ms": 0.856 # Inference time (ms)
|
|
179
|
+
}
|
|
180
|
+
```
|
|
181
|
+
|
|
182
|
+
### Examples
|
|
183
|
+
|
|
184
|
+
See the `examples/` directory for more examples:
|
|
185
|
+
|
|
186
|
+
- `examples/basic_usage.py`: Basic usage example
|
|
187
|
+
- `examples/load_from_json.py`: Load from JSON file
|
|
188
|
+
- `examples/sample_session.json`: Example session data
|
|
189
|
+
|
|
190
|
+
## ๐งช Model Training
|
|
191
|
+
|
|
192
|
+
### Training with Synthetic Data (for testing)
|
|
193
|
+
|
|
194
|
+
```bash
|
|
195
|
+
python -m onuion.train --synthetic --epochs 50 --output-dir models/onuion_model
|
|
196
|
+
```
|
|
197
|
+
|
|
198
|
+
### Training with Real Data
|
|
199
|
+
|
|
200
|
+
```bash
|
|
201
|
+
# Data format: .npz file
|
|
202
|
+
# Contents: X_train, y_train, X_val, y_val (numpy arrays)
|
|
203
|
+
|
|
204
|
+
python -m onuion.train --data-path data/training_data.npz --epochs 100
|
|
205
|
+
```
|
|
206
|
+
|
|
207
|
+
### Hugging Face Integration
|
|
208
|
+
|
|
209
|
+
onuion supports Hugging Face Hub for model sharing and deployment.
|
|
210
|
+
|
|
211
|
+
**Model Hub**: [https://huggingface.co/onuion/onuion](https://huggingface.co/onuion/onuion)
|
|
212
|
+
|
|
213
|
+
**Upload a model to Hugging Face Hub:**
|
|
214
|
+
|
|
215
|
+
```python
|
|
216
|
+
from onuion.huggingface import upload_to_hub
|
|
217
|
+
|
|
218
|
+
# Upload a saved model
|
|
219
|
+
upload_to_hub(
|
|
220
|
+
model_path="models/onuion_model",
|
|
221
|
+
repo_id="onuion/onuion",
|
|
222
|
+
token="your_hf_token", # Optional, can use huggingface-cli login
|
|
223
|
+
private=False
|
|
224
|
+
)
|
|
225
|
+
```
|
|
226
|
+
|
|
227
|
+
**Download a model from Hugging Face Hub:**
|
|
228
|
+
|
|
229
|
+
```python
|
|
230
|
+
from onuion.huggingface import download_from_hub
|
|
231
|
+
from onuion import analyze_risk
|
|
232
|
+
|
|
233
|
+
# Download model
|
|
234
|
+
model = download_from_hub(
|
|
235
|
+
repo_id="onuion/onuion",
|
|
236
|
+
local_dir="models/downloaded_model"
|
|
237
|
+
)
|
|
238
|
+
|
|
239
|
+
# Use with inference
|
|
240
|
+
model.save("models/downloaded_model")
|
|
241
|
+
result = analyze_risk(session_data, model_path="models/downloaded_model")
|
|
242
|
+
```
|
|
243
|
+
|
|
244
|
+
**Install Hugging Face dependencies:**
|
|
245
|
+
|
|
246
|
+
```bash
|
|
247
|
+
pip install huggingface_hub
|
|
248
|
+
```
|
|
249
|
+
|
|
250
|
+
See `examples/huggingface_upload.py` and `examples/huggingface_download.py` for complete examples.
|
|
251
|
+
|
|
252
|
+
## ๐ Performance
|
|
253
|
+
|
|
254
|
+
### Inference Time
|
|
255
|
+
|
|
256
|
+
- **Target**: < 1ms
|
|
257
|
+
- **Average**: ~0.5-0.8ms (CPU)
|
|
258
|
+
- **P95**: < 1.5ms
|
|
259
|
+
- **Throughput**: ~1,000-2,000 requests/second
|
|
260
|
+
|
|
261
|
+
### Benchmark
|
|
262
|
+
|
|
263
|
+
```bash
|
|
264
|
+
python benchmark/benchmark.py
|
|
265
|
+
```
|
|
266
|
+
|
|
267
|
+
## ๐งช Testing
|
|
268
|
+
|
|
269
|
+
```bash
|
|
270
|
+
# Run all tests
|
|
271
|
+
pytest tests/
|
|
272
|
+
|
|
273
|
+
# With coverage
|
|
274
|
+
pytest tests/ --cov=onuion --cov-report=html
|
|
275
|
+
```
|
|
276
|
+
|
|
277
|
+
## ๐ Diagrams
|
|
278
|
+
|
|
279
|
+

|
|
280
|
+
|
|
281
|
+
|
|
282
|
+
## ๐ Documentation
|
|
283
|
+
|
|
284
|
+
See the `docs/` directory for detailed documentation:
|
|
285
|
+
|
|
286
|
+
- `docs/model.md`: Model architecture details
|
|
287
|
+
- `docs/risk_types.md`: Risk type descriptions
|
|
288
|
+
- `docs/api.md`: API reference
|
|
289
|
+
|
|
290
|
+
## ๐ค Contributing
|
|
291
|
+
|
|
292
|
+
We welcome your contributions! Please:
|
|
293
|
+
|
|
294
|
+
1. Fork the repository
|
|
295
|
+
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
|
|
296
|
+
3. Commit your changes (`git commit -m 'Add amazing feature'`)
|
|
297
|
+
4. Push to the branch (`git push origin feature/amazing-feature`)
|
|
298
|
+
5. Open a Pull Request
|
|
299
|
+
|
|
300
|
+
## ๐ License
|
|
301
|
+
|
|
302
|
+
This project is licensed under the MIT License. See the `LICENSE` file for details.
|
|
303
|
+
|
|
304
|
+
## ๐ Acknowledgments
|
|
305
|
+
|
|
306
|
+
- TensorFlow team
|
|
307
|
+
- Open source community
|
|
308
|
+
- All contributors
|
|
309
|
+
|
|
310
|
+
## ๐ง Contact
|
|
311
|
+
|
|
312
|
+
You can open an issue or send a pull request for questions.
|
|
313
|
+
|
|
314
|
+
---
|
|
315
|
+
|
|
316
|
+
**Note**: This project is prepared for production use, but it is recommended to use a model trained with real data. The default model is only for testing inference purposes.
|
|
317
|
+
|
onuion-0.1.0/README.md
ADDED
|
@@ -0,0 +1,283 @@
|
|
|
1
|
+
# onuion
|
|
2
|
+
|
|
3
|
+
**Real-time Security Risk Analysis Model**
|
|
4
|
+
|
|
5
|
+
Open-source hybrid (rule-based + ML) security risk analysis system for session data analysis with sub-millisecond inference time.
|
|
6
|
+
|
|
7
|
+
[](https://opensource.org/licenses/MIT)
|
|
8
|
+
[](https://www.python.org/downloads/)
|
|
9
|
+
[](https://huggingface.co/onuion/onuion)
|
|
10
|
+
|
|
11
|
+
## ๐ฏ Purpose
|
|
12
|
+
|
|
13
|
+
`onuion` is a production-ready risk analysis system that detects security risks by analyzing session data. Using a hybrid approach (rule-based + ML), it provides both fast detection with deterministic rules and sophisticated pattern recognition with machine learning.
|
|
14
|
+
|
|
15
|
+
## โก Features
|
|
16
|
+
|
|
17
|
+
- **Real-time Inference**: < 1ms inference time target
|
|
18
|
+
- **Hybrid System**: Rule-based + TensorFlow ML model
|
|
19
|
+
- **Small Model**: ~2,000 parameters, optimized for tabular data
|
|
20
|
+
- **Production-Ready**: Modular, tested, documented code
|
|
21
|
+
- **Open Source**: Licensed under MIT
|
|
22
|
+
|
|
23
|
+
## ๐๏ธ Architecture
|
|
24
|
+
|
|
25
|
+
```
|
|
26
|
+
Session Data
|
|
27
|
+
โ
|
|
28
|
+
[Feature Extractor] โ 25 numeric/categorical features
|
|
29
|
+
โ
|
|
30
|
+
[Rule Engine] โ Deterministic risk detection (< 0.1ms)
|
|
31
|
+
โ
|
|
32
|
+
[TensorFlow Model] โ ML-based risk probability (< 0.5ms)
|
|
33
|
+
โ
|
|
34
|
+
[Risk Aggregator] โ Final riskScore + risk array
|
|
35
|
+
โ
|
|
36
|
+
Risk Analysis Result
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
### Components
|
|
40
|
+
|
|
41
|
+
1. **Feature Extractor**: Converts session data into 25 features
|
|
42
|
+
- IP change metrics
|
|
43
|
+
- Geo-location differences
|
|
44
|
+
- Device fingerprint changes
|
|
45
|
+
- Request rates and patterns
|
|
46
|
+
- Session timing information
|
|
47
|
+
|
|
48
|
+
2. **Rule Engine**: Fast risk detection with deterministic rules
|
|
49
|
+
- `ip_mismatch`: IP change
|
|
50
|
+
- `session_hijacking`: Session hijacking indicators
|
|
51
|
+
- `bot_behavior`: Bot behavior patterns
|
|
52
|
+
- `geo_anomaly`: Geo-location anomaly
|
|
53
|
+
- `device_fingerprint_mismatch`: Device fingerprint mismatch
|
|
54
|
+
- `rapid_ip_change`: Rapid IP change
|
|
55
|
+
- `suspicious_request_pattern`: Suspicious request patterns
|
|
56
|
+
|
|
57
|
+
3. **TensorFlow Model**: Feed Forward Neural Network
|
|
58
|
+
- Input: 25 features
|
|
59
|
+
- 3 Dense layers (64 โ 32 โ 16 units)
|
|
60
|
+
- Output: Risk probability (0.0 - 1.0)
|
|
61
|
+
- Total parameters: ~2,000
|
|
62
|
+
|
|
63
|
+
4. **Risk Aggregator**: Combines rule and ML scores
|
|
64
|
+
- Weighted combination (Rule 40%, ML 60%)
|
|
65
|
+
- Final riskScore (0-100)
|
|
66
|
+
- Risk array generation
|
|
67
|
+
|
|
68
|
+
## ๐ฆ Installation
|
|
69
|
+
|
|
70
|
+
### Requirements
|
|
71
|
+
|
|
72
|
+
- Python 3.8+
|
|
73
|
+
- TensorFlow 2.10+
|
|
74
|
+
- NumPy 1.21+
|
|
75
|
+
|
|
76
|
+
### Installation Steps
|
|
77
|
+
|
|
78
|
+
```bash
|
|
79
|
+
# Clone repository
|
|
80
|
+
git clone https://github.com/onuion/onuion.git
|
|
81
|
+
cd onuion
|
|
82
|
+
|
|
83
|
+
# Create virtual environment (recommended)
|
|
84
|
+
python -m venv venv
|
|
85
|
+
source venv/bin/activate # Linux/Mac
|
|
86
|
+
# or
|
|
87
|
+
venv\Scripts\activate # Windows
|
|
88
|
+
|
|
89
|
+
# Install dependencies
|
|
90
|
+
pip install -r requirements.txt
|
|
91
|
+
|
|
92
|
+
# Install in development mode (optional)
|
|
93
|
+
pip install -e .
|
|
94
|
+
```
|
|
95
|
+
|
|
96
|
+
## ๐ Usage
|
|
97
|
+
|
|
98
|
+
### Basic Usage
|
|
99
|
+
|
|
100
|
+
```python
|
|
101
|
+
from onuion import analyze_risk
|
|
102
|
+
|
|
103
|
+
# Session data
|
|
104
|
+
session_data = {
|
|
105
|
+
"current_ip": "192.168.1.100",
|
|
106
|
+
"initial_ip": "192.168.1.50",
|
|
107
|
+
"ip_history": ["192.168.1.50", "192.168.1.100"],
|
|
108
|
+
"current_geo": {"country": "TR", "city": "Istanbul"},
|
|
109
|
+
"initial_geo": {"country": "TR", "city": "Ankara"},
|
|
110
|
+
"current_device": {"fingerprint": "fp123"},
|
|
111
|
+
"initial_device": {"fingerprint": "fp123"},
|
|
112
|
+
"current_browser": {},
|
|
113
|
+
"initial_browser": {},
|
|
114
|
+
"requests": [
|
|
115
|
+
{"timestamp": 1706000000, "method": "GET", "endpoint": "/api/users"}
|
|
116
|
+
],
|
|
117
|
+
"session_duration_seconds": 10.0,
|
|
118
|
+
"current_session_id": "sess_123",
|
|
119
|
+
"initial_session_id": "sess_123",
|
|
120
|
+
"current_cookies": {},
|
|
121
|
+
"initial_cookies": {},
|
|
122
|
+
"current_referrer": "",
|
|
123
|
+
"initial_referrer": ""
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
# Risk analysis
|
|
127
|
+
result = analyze_risk(session_data)
|
|
128
|
+
|
|
129
|
+
# Results
|
|
130
|
+
print(f"Risk Score: {result.riskScore}/100")
|
|
131
|
+
print(f"Risks: {result.risk}")
|
|
132
|
+
print(f"Inference Time: {result.inference_time_ms:.3f} ms")
|
|
133
|
+
```
|
|
134
|
+
|
|
135
|
+
### Output Format
|
|
136
|
+
|
|
137
|
+
```python
|
|
138
|
+
{
|
|
139
|
+
"riskScore": 45.2, # Risk score (0-100)
|
|
140
|
+
"risk": ["ip_mismatch", "geo_anomaly"], # Detected risk types
|
|
141
|
+
"rule_score": 40.0, # Rule engine score
|
|
142
|
+
"ml_score": 48.0, # ML model score
|
|
143
|
+
"confidence": 92.0, # Confidence score
|
|
144
|
+
"inference_time_ms": 0.856 # Inference time (ms)
|
|
145
|
+
}
|
|
146
|
+
```
|
|
147
|
+
|
|
148
|
+
### Examples
|
|
149
|
+
|
|
150
|
+
See the `examples/` directory for more examples:
|
|
151
|
+
|
|
152
|
+
- `examples/basic_usage.py`: Basic usage example
|
|
153
|
+
- `examples/load_from_json.py`: Load from JSON file
|
|
154
|
+
- `examples/sample_session.json`: Example session data
|
|
155
|
+
|
|
156
|
+
## ๐งช Model Training
|
|
157
|
+
|
|
158
|
+
### Training with Synthetic Data (for testing)
|
|
159
|
+
|
|
160
|
+
```bash
|
|
161
|
+
python -m onuion.train --synthetic --epochs 50 --output-dir models/onuion_model
|
|
162
|
+
```
|
|
163
|
+
|
|
164
|
+
### Training with Real Data
|
|
165
|
+
|
|
166
|
+
```bash
|
|
167
|
+
# Data format: .npz file
|
|
168
|
+
# Contents: X_train, y_train, X_val, y_val (numpy arrays)
|
|
169
|
+
|
|
170
|
+
python -m onuion.train --data-path data/training_data.npz --epochs 100
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
### Hugging Face Integration
|
|
174
|
+
|
|
175
|
+
onuion supports Hugging Face Hub for model sharing and deployment.
|
|
176
|
+
|
|
177
|
+
**Model Hub**: [https://huggingface.co/onuion/onuion](https://huggingface.co/onuion/onuion)
|
|
178
|
+
|
|
179
|
+
**Upload a model to Hugging Face Hub:**
|
|
180
|
+
|
|
181
|
+
```python
|
|
182
|
+
from onuion.huggingface import upload_to_hub
|
|
183
|
+
|
|
184
|
+
# Upload a saved model
|
|
185
|
+
upload_to_hub(
|
|
186
|
+
model_path="models/onuion_model",
|
|
187
|
+
repo_id="onuion/onuion",
|
|
188
|
+
token="your_hf_token", # Optional, can use huggingface-cli login
|
|
189
|
+
private=False
|
|
190
|
+
)
|
|
191
|
+
```
|
|
192
|
+
|
|
193
|
+
**Download a model from Hugging Face Hub:**
|
|
194
|
+
|
|
195
|
+
```python
|
|
196
|
+
from onuion.huggingface import download_from_hub
|
|
197
|
+
from onuion import analyze_risk
|
|
198
|
+
|
|
199
|
+
# Download model
|
|
200
|
+
model = download_from_hub(
|
|
201
|
+
repo_id="onuion/onuion",
|
|
202
|
+
local_dir="models/downloaded_model"
|
|
203
|
+
)
|
|
204
|
+
|
|
205
|
+
# Use with inference
|
|
206
|
+
model.save("models/downloaded_model")
|
|
207
|
+
result = analyze_risk(session_data, model_path="models/downloaded_model")
|
|
208
|
+
```
|
|
209
|
+
|
|
210
|
+
**Install Hugging Face dependencies:**
|
|
211
|
+
|
|
212
|
+
```bash
|
|
213
|
+
pip install huggingface_hub
|
|
214
|
+
```
|
|
215
|
+
|
|
216
|
+
See `examples/huggingface_upload.py` and `examples/huggingface_download.py` for complete examples.
|
|
217
|
+
|
|
218
|
+
## ๐ Performance
|
|
219
|
+
|
|
220
|
+
### Inference Time
|
|
221
|
+
|
|
222
|
+
- **Target**: < 1ms
|
|
223
|
+
- **Average**: ~0.5-0.8ms (CPU)
|
|
224
|
+
- **P95**: < 1.5ms
|
|
225
|
+
- **Throughput**: ~1,000-2,000 requests/second
|
|
226
|
+
|
|
227
|
+
### Benchmark
|
|
228
|
+
|
|
229
|
+
```bash
|
|
230
|
+
python benchmark/benchmark.py
|
|
231
|
+
```
|
|
232
|
+
|
|
233
|
+
## ๐งช Testing
|
|
234
|
+
|
|
235
|
+
```bash
|
|
236
|
+
# Run all tests
|
|
237
|
+
pytest tests/
|
|
238
|
+
|
|
239
|
+
# With coverage
|
|
240
|
+
pytest tests/ --cov=onuion --cov-report=html
|
|
241
|
+
```
|
|
242
|
+
|
|
243
|
+
## ๐ Diagrams
|
|
244
|
+
|
|
245
|
+

|
|
246
|
+
|
|
247
|
+
|
|
248
|
+
## ๐ Documentation
|
|
249
|
+
|
|
250
|
+
See the `docs/` directory for detailed documentation:
|
|
251
|
+
|
|
252
|
+
- `docs/model.md`: Model architecture details
|
|
253
|
+
- `docs/risk_types.md`: Risk type descriptions
|
|
254
|
+
- `docs/api.md`: API reference
|
|
255
|
+
|
|
256
|
+
## ๐ค Contributing
|
|
257
|
+
|
|
258
|
+
We welcome your contributions! Please:
|
|
259
|
+
|
|
260
|
+
1. Fork the repository
|
|
261
|
+
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
|
|
262
|
+
3. Commit your changes (`git commit -m 'Add amazing feature'`)
|
|
263
|
+
4. Push to the branch (`git push origin feature/amazing-feature`)
|
|
264
|
+
5. Open a Pull Request
|
|
265
|
+
|
|
266
|
+
## ๐ License
|
|
267
|
+
|
|
268
|
+
This project is licensed under the MIT License. See the `LICENSE` file for details.
|
|
269
|
+
|
|
270
|
+
## ๐ Acknowledgments
|
|
271
|
+
|
|
272
|
+
- TensorFlow team
|
|
273
|
+
- Open source community
|
|
274
|
+
- All contributors
|
|
275
|
+
|
|
276
|
+
## ๐ง Contact
|
|
277
|
+
|
|
278
|
+
You can open an issue or send a pull request for questions.
|
|
279
|
+
|
|
280
|
+
---
|
|
281
|
+
|
|
282
|
+
**Note**: This project is prepared for production use, but it is recommended to use a model trained with real data. The default model is only for testing inference purposes.
|
|
283
|
+
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"""
|
|
2
|
+
onuion - Real-time Security Risk Analysis Model
|
|
3
|
+
|
|
4
|
+
Open-source hybrid (rule-based + ML) security risk analysis system
|
|
5
|
+
for session data analysis with sub-millisecond inference time.
|
|
6
|
+
"""
|
|
7
|
+
|
|
8
|
+
__version__ = "0.1.0"
|
|
9
|
+
__author__ = "onuion contributors"
|
|
10
|
+
|
|
11
|
+
from onuion.inference import analyze_risk, RiskAnalysisResult
|
|
12
|
+
from onuion.model import RiskModel
|
|
13
|
+
|
|
14
|
+
# Optional Hugging Face integration
|
|
15
|
+
try:
|
|
16
|
+
from onuion.huggingface import HuggingFaceIntegration, upload_to_hub, download_from_hub
|
|
17
|
+
|
|
18
|
+
__all__ = [
|
|
19
|
+
"analyze_risk",
|
|
20
|
+
"RiskAnalysisResult",
|
|
21
|
+
"RiskModel",
|
|
22
|
+
"HuggingFaceIntegration",
|
|
23
|
+
"upload_to_hub",
|
|
24
|
+
"download_from_hub",
|
|
25
|
+
]
|
|
26
|
+
except ImportError:
|
|
27
|
+
__all__ = [
|
|
28
|
+
"analyze_risk",
|
|
29
|
+
"RiskAnalysisResult",
|
|
30
|
+
"RiskModel",
|
|
31
|
+
]
|