From a92eb971a96b4ee069b78260d4bf71a756e3f474 Mon Sep 17 00:00:00 2001 From: Bhargav Suryadevara Date: Mon, 26 Sep 2022 19:13:33 +0000 Subject: [PATCH 1/4] updated ransomware models treelite version to 2.4.0 --- .../ransomw-model-long-rf/1/checkpoint.tl | Bin 1004518 -> 1004518 bytes .../ransomw-model-medium-rf/1/checkpoint.tl | Bin 1670278 -> 1670278 bytes .../ransomw-model-short-rf/1/checkpoint.tl | Bin 2076038 -> 2076038 bytes 3 files changed, 0 insertions(+), 0 deletions(-) diff --git a/examples/ransomware_detection/models/ransomw-model-long-rf/1/checkpoint.tl b/examples/ransomware_detection/models/ransomw-model-long-rf/1/checkpoint.tl index 9e9c5a1e0f25787ea653a82cc168780f421287ff..62b5cce607a4c4aae2927c2fa0c8cba10b28548e 100644 GIT binary patch delta 61 zcmWN^IRSt$5CFj=WceROQGp_g)e;2=qKOWeZdxs^7E(my8|frTFIoN$GRh>gEV9Zb JyBrVadwt8s4j2Fc delta 61 zcmWN^IRSt$5CFj=Vfi0LQGp_g)e;2=qKOWeZdxs^7E(my8|frTmR|l2GRh>gEV9Zb JyBrVadwt844i^9b diff --git a/examples/ransomware_detection/models/ransomw-model-medium-rf/1/checkpoint.tl b/examples/ransomware_detection/models/ransomw-model-medium-rf/1/checkpoint.tl index 60a7bd4b55e566ebdc446ff19bd26dde6866624f..24afedf5d1da0ce4cca93a19494c89b82e3e01f4 100644 GIT binary patch delta 91 zcmWN^w*iAN002RO^$uhQuo+NW(5QGeVmNj9y4y?IOQH@T#Eeu@%SEF6dzG8qmWMRb%2QtQmXCDum0pI8abAB*i5OD= From 255e8a6bd67154f07c0b9473640768aaeee7bb4d Mon Sep 17 00:00:00 2001 From: Bhargav Suryadevara Date: Thu, 29 Sep 2022 22:16:11 +0000 Subject: [PATCH 2/4] Updated readme.md --- examples/ransomware_detection/README.md | 3 +++ examples/ransomware_detection/run.py | 11 +++-------- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/examples/ransomware_detection/README.md b/examples/ransomware_detection/README.md index 174a1f1b14..3a69adcc40 100644 --- a/examples/ransomware_detection/README.md +++ b/examples/ransomware_detection/README.md @@ -52,10 +52,13 @@ conda install dask==2022.7.0 distributed==2022.7.0 ## Run Pipeline Launch the example using the following +Input features for a short model can be taken from a sequence three of snapshots, such (1, 2, 3), or (2, 3, 4). The sliding window is a represents the number of subsequent snapshots that need to be taken into account when generating the input for a model. Sliding window for the medium model is `5` and for the long model it is `10`. + ```bash cd ${MORPHEUS_ROOT}/examples/ransomware_detection python run.py --server_url=localhost:8001 \ + --sliding_window=3 \ --model_name=ransomw-model-short-rf \ --conf_file=./config/ransomware_detection.yaml \ --input_glob=${MORPHEUS_ROOT}/examples/data/appshield/*/snapshot-*/*.json \ diff --git a/examples/ransomware_detection/run.py b/examples/ransomware_detection/run.py index c4f351fa74..2bd7c7b20c 100644 --- a/examples/ransomware_detection/run.py +++ b/examples/ransomware_detection/run.py @@ -61,12 +61,6 @@ type=click.IntRange(min=1), help="Max batch size to use for the model", ) -@click.option( - "--model_fea_length", - default=297, - type=click.IntRange(min=1), - help="Features length to use for the model", -) @click.option( "--conf_file", type=click.STRING, @@ -110,7 +104,6 @@ def run_pipeline(debug, n_dask_workers, threads_per_dask_worker, model_max_batch_size, - model_fea_length, conf_file, model_name, server_url, @@ -124,6 +117,8 @@ def run_pipeline(debug, else: configure_logging(log_level=logging.INFO) + snapshot_fea_length = 99 + CppConfig.set_should_use_cpp(use_cpp) # Its necessary to get the global config object and configure it for FIL mode @@ -133,7 +128,7 @@ def run_pipeline(debug, # Below properties are specified by the command line config.num_threads = num_threads config.model_max_batch_size = model_max_batch_size - config.feature_length = model_fea_length + config.feature_length = snapshot_fea_length * sliding_window config.class_labels = ["pred", "score"] # Create a linear pipeline object From 493374246b242001aed1a1d2278ea1a99db1a55f Mon Sep 17 00:00:00 2001 From: Bhargav Suryadevara Date: Thu, 29 Sep 2022 22:21:48 +0000 Subject: [PATCH 3/4] Updated README.md --- examples/ransomware_detection/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/ransomware_detection/README.md b/examples/ransomware_detection/README.md index 3a69adcc40..6a0c9f26d8 100644 --- a/examples/ransomware_detection/README.md +++ b/examples/ransomware_detection/README.md @@ -52,7 +52,7 @@ conda install dask==2022.7.0 distributed==2022.7.0 ## Run Pipeline Launch the example using the following -Input features for a short model can be taken from a sequence three of snapshots, such (1, 2, 3), or (2, 3, 4). The sliding window is a represents the number of subsequent snapshots that need to be taken into account when generating the input for a model. Sliding window for the medium model is `5` and for the long model it is `10`. +Input features for a short model can be taken from every three snapshots sequence, such as (1, 2, 3), or (2, 3, 4). The sliding window represents the number of subsequent snapshots that need to be taken into consideration when generating the input for a model. Sliding window for the medium model is `5` and for the long model it is `10`. ```bash cd ${MORPHEUS_ROOT}/examples/ransomware_detection From 4667db0343e5683a77b2bf8726d6e31f1605b230 Mon Sep 17 00:00:00 2001 From: Bhargav Suryadevara Date: Thu, 29 Sep 2022 22:52:53 +0000 Subject: [PATCH 4/4] style fix --- examples/ransomware_detection/run.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/ransomware_detection/run.py b/examples/ransomware_detection/run.py index 2bd7c7b20c..81cc3394fe 100644 --- a/examples/ransomware_detection/run.py +++ b/examples/ransomware_detection/run.py @@ -118,7 +118,7 @@ def run_pipeline(debug, configure_logging(log_level=logging.INFO) snapshot_fea_length = 99 - + CppConfig.set_should_use_cpp(use_cpp) # Its necessary to get the global config object and configure it for FIL mode