@iota-big3/sdk-security/dist/forensics/analyzers/network-analyzer.d.ts

Advanced security features including zero trust, quantum-safe crypto, and ML threat detection

/**
 * Network Forensics Analyzer
 * Analyzes network captures for malicious traffic, data exfiltration, and IOCs
 */
import { EventEmitter } from 'events';
import { AnalysisResult, Artifact, ForensicAnalysisType, ForensicAnalyzer, ForensicEvidence } from '../types';
export declare class NetworkAnalyzer extends EventEmitter implements ForensicAnalyzer {
    readonly type = ForensicAnalysisType.NETWORK;
    private maliciousIPs;
    private maliciousDomains;
    private suspiciousPorts;
    private knownC2Patterns;
    constructor();
    /**
     * Analyze network capture
     */
    analyze(evidence: ForensicEvidence): Promise<AnalysisResult>;
    /**
     * Validate network capture
     */
    validate(evidence: ForensicEvidence): Promise<boolean>;
    /**
     * Extract artifacts from network traffic
     */
    extract(evidence: ForensicEvidence, options?: any): Promise<Artifact[]>;
    /**
     * Generate report
     */
    generateReport(analysis: AnalysisResult): Promise<string>;
    /**
     * Export findings
     */
    exportFindings(analysis: AnalysisResult, format: string): Promise<Buffer>;
    /**
     * Private helper methods
     */
    private parseNetworkCapture;
    private analyzeTrafficPatterns;
    private analyzeConversations;
    private analyzeSuspiciousTraffic;
    private analyzeDNSQueries;
    private analyzeHTTPRequests;
    private analyzeExtractedFiles;
    private analyzeCredentials;
    private calculateIntervals;
    private isBeaconing;
    private isDGA;
    private isSuspiciousUserAgent;
    private isSuspiciousFileType;
    private getArtifactTypeFromMime;
    private generateConclusion;
    private formatBytes;
    private exportToSnortRules;
    private exportToYaraRules;
    private readHeader;
    private extractTransferredFiles;
    private extractSSLCertificates;
    private extractPayloads;
    private generateMockProtocolStats;
    private generateMockEndpointStats;
    private generateMockConversations;
    private generateMockSuspiciousTraffic;
    private generateMockExtractedFiles;
    private generateMockCredentials;
    private generateMockDNSQueries;
    private generateMockHTTPRequests;
    private generateRandomDGA;
}
//# sourceMappingURL=network-analyzer.d.ts.map