39 lines
1021 B
Plaintext
39 lines
1021 B
Plaintext
======================
|
|
AVERAGE/HIGH PRIORITY:
|
|
======================
|
|
|
|
- Web interface
|
|
- Bayesian network
|
|
- Modules for correlation coefficients
|
|
- Code profiling
|
|
- Comment all the code!!!
|
|
- Saving packet flows as .pcap
|
|
- Neural network for computing k
|
|
- Testing more scenarios, making more hyperalert models
|
|
|
|
=============
|
|
LOW PRIORITY:
|
|
=============
|
|
|
|
- Managing clusters for addresses, timestamps (and more?)
|
|
- Splitting the distinct subgraphs of the output graph
|
|
- libgc support
|
|
|
|
=====
|
|
DONE:
|
|
=====
|
|
|
|
+ PostgreSQL support
|
|
+ Regex comp cache
|
|
+ Managing hyperalert graph connection inside the alert structure itself
|
|
+ Keeping track of all the streams and alerts even after clustered
|
|
+ Dynamic cluster_min_size algorithm
|
|
+ Add alerts' history serialization to db.c as well
|
|
+ Bayesian learning among alerts in alert log
|
|
+ Split bayesian correlation out of correlation.c
|
|
+ Clustering alerts with time constraints
|
|
+ Save clusters and correlations to db
|
|
+ Uniformed error messages format
|
|
+ Full PostgreSQL support for output db
|
|
|