@aikidosec/firewall/vulnerabilities/attack-wave-detection/AttackWaveDetector.d.ts

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

import type { Context } from "../../agent/Context";
export type SuspiciousRequest = {
    method: string;
    url: string;
};
export declare class AttackWaveDetector {
    private suspiciousRequests;
    private sentEventsMap;
    private readonly attackWaveThreshold;
    private readonly attackWaveTimeFrame;
    private readonly minTimeBetweenEvents;
    private readonly maxLRUEntries;
    private readonly maxSamplesPerIP;
    constructor(options?: {
        attackWaveThreshold?: number;
        attackWaveTimeFrame?: number;
        minTimeBetweenEvents?: number;
        maxLRUEntries?: number;
        maxSamplesPerIP?: number;
    });
    /**
     * Checks if the request is part of an attack wave
     * Will report to core once in a defined time frame when the threshold is exceeded
     * @returns true if an attack wave is detected and should be reported
     */
    check(context: Context): boolean;
    getSamplesForIP(ip: string): SuspiciousRequest[];
    trackSample(request: SuspiciousRequest, samples: SuspiciousRequest[]): SuspiciousRequest[];
}