aimless-sdk/dist/rasp/anomaly-detector.d.ts

Enhanced Runtime Application Self-Protection (RASP) and API Fuzzing Engine with advanced threat detection, behavioral analysis, and intelligent response scoring for Node.js applications

import { SecurityThreat } from '../types';
export declare class AnomalyDetector {
    private requestHistory;
    private rateLimitMap;
    private ipReputation;
    private fingerprints;
    private readonly maxHistorySize;
    private readonly timeWindow;
    private readonly maxRequestsPerMinute;
    private readonly reputationDecayRate;
    private readonly suspiciousPatterns;
    constructor();
    /**
     * Enhanced anomaly detection with behavioral analysis
     */
    detect(ip: string, method: string, path: string, userAgent?: string, bodySize?: number, statusCode?: number, responseTime?: number): SecurityThreat[];
    private checkRateLimit;
    private checkRequestPatterns;
    private storeRequest;
    /**
     * Update IP reputation (decay over time)
     */
    private updateReputation;
    /**
     * Penalize IP reputation
     */
    private penalizeReputation;
    /**
     * Generate fingerprint from IP and user agent
     */
    private generateFingerprint;
    /**
     * Track fingerprint frequency
     */
    private trackFingerprint;
    /**
     * Check request velocity (rapid changes)
     */
    private checkVelocity;
    clearHistory(ip?: string): void;
    /**
     * Get IP reputation score
     */
    getReputationScore(ip: string): number;
    /**
     * Block or unblock an IP
     */
    setIPBlocked(ip: string, blocked: boolean): void;
    /**
     * Get statistics for monitoring
     */
    getStats(): {
        totalIPs: number;
        blockedIPs: number;
        totalRequests: number;
        uniqueFingerprints: number;
    };
}
//# sourceMappingURL=anomaly-detector.d.ts.map