From 09da5bfd5f39f6e49e35f4c08a425680b317861b Mon Sep 17 00:00:00 2001
From: panlei <2799247126@qq.com>
Date: 星期四, 15 八月 2019 18:17:11 +0800
Subject: [PATCH] 抽出入侵和人员异常算法
---
algorithm/intrusion/intrusion.go | 102 +++++++-------------
ruleserver/ruleToformula.go | 67 +++++++++++++
algorithm/personUnsual/personUnsual.go | 82 ++++++++++++++++
3 files changed, 186 insertions(+), 65 deletions(-)
diff --git a/algorithm/intrusion/intrusion.go b/algorithm/intrusion/intrusion.go
index 48aa741..208c2c4 100644
--- a/algorithm/intrusion/intrusion.go
+++ b/algorithm/intrusion/intrusion.go
@@ -7,81 +7,53 @@
"ruleprocess/structure"
"strconv"
)
-
-func Entrance() {
-
-}
-
-// 杩囨护瑙勫垯鍏堢瓫閫夊嚭绗﹀悎鏉′欢鐨勭洰鏍囨暟閲�
-func filterRule(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
- // 澶勭悊鐨勯兘鏄痽olo鏁版嵁
+//鍏ヤ镜绠楁硶
+func Entrance(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
if rule.PolygonId == am.AreaId { // 棣栧厛杩欐潯瑙勫垯寰楁槸杩欎釜绠楁硶鐨勮鍒欙紝鍏舵瑙勫垯鎵�瀵瑰簲鐨勫尯鍩焛d瑕佽窡鍖哄煙鏁版嵁鐨刬d瀵圭殑涓�
if rule.SdkArgAlias == "score" || rule.SdkArgAlias == "proportion" || rule.SdkArgAlias == "size" { // 鍒ゆ柇鐨勬槸鐩镐技鍊硷紝鍗犳瘮锛屽昂瀵哥瓑杩囨护鏉′欢锛屽鏋滃啀鏈夛紝杩樺彲浠ュ啀鍔�
- var args []*structure.Arg
- if rule.RuleWithPre == "&&" {
- args = am.FilterData
- } else {
- args = am.Args
- }
- // 鍏堟竻绌鸿繃婊ゅ悗鐨勬暟鎹紝鍐嶅線閲屽鏈杩囨护鍚庣殑鏁版嵁
- am.FilterData = am.FilterData[0:0]
- //logger.Debug("鐪嬬湅args锛氾細锛氾細锛�", args)
- for _, arg := range args {
- var formula string
- if rule.SdkArgAlias == "score" {
- formula = strconv.FormatFloat(arg.Score, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
- logger.Info("褰撳墠鐩镐技搴﹀皬鍏紡锛�", formula)
- } else if rule.SdkArgAlias == "proportion" {
- formula = strconv.FormatFloat(arg.Proportion, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
- logger.Info("褰撳墠鍗犳瘮灏忓叕寮忥細", formula)
- } else {
- formula = strconv.FormatFloat(arg.Size, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
- logger.Info("褰撳墠灏哄灏忓叕寮忥細", formula)
- }
- expression, _ := govaluate.NewEvaluableExpression(formula) // 寰楀埌鏁板鍏紡
- result, _ := expression.Evaluate(nil) // 寰楀埌鏁板鍏紡鐨勭粨鏋�
- if result.(bool) {
- am.FilterData = append(am.FilterData, arg) // 寰楀埌绗﹀悎鏉′欢鐨勮繃婊ゆ暟鎹�
- }
- }
- am.TargetNum = len(am.FilterData) // 鎶婄鍚堟潯浠剁殑鐩爣鏁伴噺鏇存柊鍒皌argetNum瀛楁
- if am.TargetNum > 0 {
- return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "true", rule.Sort}
- } else {
- return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "false", rule.Sort}
- }
-
+ return filterRule(rule,am)
} else {
return structure.LittleRuleResult{}
}
-
} else {
return structure.LittleRuleResult{}
}
}
-// 缁欐暟鎹簱鐨勮鍒欒〃杈惧紡浠e弬 args: 涓�鏉″瓙瑙勫垯锛屽尯鍩熸暟鎹�
-func transferParameters(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
- if rule.PolygonId == am.AreaId { // 棣栧厛瑙勫垯鎵�瀵瑰簲鐨勫尯鍩焛d瑕佽窡鍖哄煙鏁版嵁鐨刬d瀵圭殑涓�
- if rule.SdkArgAlias == "objCount" { // 濡傛灉鍙傛暟鏄鍖哄煙鍐呯洰鏍囨暟閲� 鍗硑olo 浜鸿劯涓嶄細鏈夋暟閲�
- //logger.Info("褰撳墠灏忚鍒欐槸锛�---------", rule)
- //logger.Info("寰楀嚭缁撴灉闃舵", "姣旇緝鐨勮鍒欐槸锛�", rule)
- if rule.Operator == "" {
- return structure.LittleRuleResult{am.SdkName, strconv.Itoa(am.TargetNum) + "" + rule.RuleWithPre, rule.Sort} // 濡傛灉鍚庨潰涓嶈窡鎿嶄綔绗﹀氨鐩存帴杩斿洖鏁伴噺 姣斿瑕佽窡涓嬩竴涓尯鍩熸瘮杈冩暟閲忕殑灏辩洿鎺ヨ繑鍥炴湰鍖哄煙鐨勬暟閲�
- }
- //args := am.targetNum targetNum 宸叉垚鎵�鏈夌洰鏍囩殑鎬绘暟閲忥紝杩欓噷鍙畻yolo鐨�
- var num int = 0
- for _, data := range am.FilterData {
- if data.IsYolo {
- num++
- }
- }
- formula := strconv.Itoa(num) + " " + rule.Operator + " " + rule.SdkArgValue
- expression, _ := govaluate.NewEvaluableExpression(formula) // 寰楀埌鏁板鍏紡
- result, _ := expression.Evaluate(nil) // 寰楀埌鏁板鍏紡鐨勭粨鏋�
- return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + " " + strconv.FormatBool(result.(bool)), rule.Sort}
- // 鍔犱笂鍏充簬绠楁硶鐨勫垽鏂潯浠讹紝涓嶈兘鍙湁鍏充簬瑙勫垯鐨勶紝鏈夌殑绠楁硶鏈韩灏辨槸涓�涓鍒欙紝濡備釜浣撻潤姝紝闈犲彸琛�,鎵�浠ワ紝鎷垮埌褰撳墠瀛愯鍒欑殑sdkid鏉ュ垽鏂槸鍚︽槸閭d簺鐗规畩鐨勮鍒�
+// 杩囨护瑙勫垯鍏堢瓫閫夊嚭绗﹀悎鏉′欢鐨勭洰鏍囨暟閲�
+func filterRule(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
+ // 澶勭悊鐨勯兘鏄痽olo鏁版嵁
+ var args []*structure.Arg
+ if rule.RuleWithPre == "&&" {
+ args = am.FilterData
+ } else {
+ args = am.Args
+ }
+ // 鍏堟竻绌鸿繃婊ゅ悗鐨勬暟鎹紝鍐嶅線閲屽鏈杩囨护鍚庣殑鏁版嵁
+ am.FilterData = am.FilterData[0:0]
+ //logger.Debug("鐪嬬湅args锛氾細锛氾細锛�", args)
+ for _, arg := range args {
+ var formula string
+ if rule.SdkArgAlias == "score" {
+ formula = strconv.FormatFloat(arg.Score, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠鐩镐技搴﹀皬鍏紡锛�", formula)
+ } else if rule.SdkArgAlias == "proportion" {
+ formula = strconv.FormatFloat(arg.Proportion, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠鍗犳瘮灏忓叕寮忥細", formula)
+ } else {
+ formula = strconv.FormatFloat(arg.Size, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠灏哄灏忓叕寮忥細", formula)
+ }
+ expression, _ := govaluate.NewEvaluableExpression(formula) // 寰楀埌鏁板鍏紡
+ result, _ := expression.Evaluate(nil) // 寰楀埌鏁板鍏紡鐨勭粨鏋�
+ if result.(bool) {
+ am.FilterData = append(am.FilterData, arg) // 寰楀埌绗﹀悎鏉′欢鐨勮繃婊ゆ暟鎹�
}
}
- return structure.LittleRuleResult{}
+ am.TargetNum = len(am.FilterData) // 鎶婄鍚堟潯浠剁殑鐩爣鏁伴噺鏇存柊鍒皌argetNum瀛楁
+ if am.TargetNum > 0 {
+ return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "true", rule.Sort}
+ } else {
+ return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "false", rule.Sort}
+ }
}
\ No newline at end of file
diff --git a/algorithm/personUnsual/personUnsual.go b/algorithm/personUnsual/personUnsual.go
new file mode 100644
index 0000000..944a7ea
--- /dev/null
+++ b/algorithm/personUnsual/personUnsual.go
@@ -0,0 +1,82 @@
+package main
+
+import (
+ "basic.com/pubsub/protomsg.git"
+ "github.com/knetic/govaluate"
+ "ruleprocess/logger"
+ "ruleprocess/structure"
+ "strconv"
+)
+// 浜哄憳寮傚父绠楁硶
+func Entrance(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
+ if rule.PolygonId == am.AreaId { // 棣栧厛杩欐潯瑙勫垯寰楁槸杩欎釜绠楁硶鐨勮鍒欙紝鍏舵瑙勫垯鎵�瀵瑰簲鐨勫尯鍩焛d瑕佽窡鍖哄煙鏁版嵁鐨刬d瀵圭殑涓�
+ if rule.SdkArgAlias == "score" || rule.SdkArgAlias == "proportion" || rule.SdkArgAlias == "size" { // 鍒ゆ柇鐨勬槸鐩镐技鍊硷紝鍗犳瘮锛屽昂瀵哥瓑杩囨护鏉′欢锛屽鏋滃啀鏈夛紝杩樺彲浠ュ啀鍔�
+ return filterRule(rule,am)
+ } else if rule.SdkArgAlias == "objCount" {
+ return transferParameters(rule,am)
+ } else {
+ return structure.LittleRuleResult{}
+ }
+ } else {
+ return structure.LittleRuleResult{}
+ }
+}
+
+// 杩囨护瑙勫垯鍏堢瓫閫夊嚭绗﹀悎鏉′欢鐨勭洰鏍囨暟閲�
+func filterRule(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
+ // 澶勭悊鐨勯兘鏄痽olo鏁版嵁
+ var args []*structure.Arg
+ if rule.RuleWithPre == "&&" {
+ args = am.FilterData
+ } else {
+ args = am.Args
+ }
+ // 鍏堟竻绌鸿繃婊ゅ悗鐨勬暟鎹紝鍐嶅線閲屽鏈杩囨护鍚庣殑鏁版嵁
+ am.FilterData = am.FilterData[0:0]
+ //logger.Debug("鐪嬬湅args锛氾細锛氾細锛�", args)
+ for _, arg := range args {
+ var formula string
+ if rule.SdkArgAlias == "score" {
+ formula = strconv.FormatFloat(arg.Score, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠鐩镐技搴﹀皬鍏紡锛�", formula)
+ } else if rule.SdkArgAlias == "proportion" {
+ formula = strconv.FormatFloat(arg.Proportion, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠鍗犳瘮灏忓叕寮忥細", formula)
+ } else {
+ formula = strconv.FormatFloat(arg.Size, 'f', -1, 64) + " " + rule.Operator + " " + rule.SdkArgValue // 寰楀埌瀛楃涓插叕寮�
+ logger.Info("褰撳墠灏哄灏忓叕寮忥細", formula)
+ }
+ expression, _ := govaluate.NewEvaluableExpression(formula) // 寰楀埌鏁板鍏紡
+ result, _ := expression.Evaluate(nil) // 寰楀埌鏁板鍏紡鐨勭粨鏋�
+ if result.(bool) {
+ am.FilterData = append(am.FilterData, arg) // 寰楀埌绗﹀悎鏉′欢鐨勮繃婊ゆ暟鎹�
+ }
+ }
+ am.TargetNum = len(am.FilterData) // 鎶婄鍚堟潯浠剁殑鐩爣鏁伴噺鏇存柊鍒皌argetNum瀛楁
+ if am.TargetNum > 0 {
+ return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "true", rule.Sort}
+ } else {
+ return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + "" + "false", rule.Sort}
+ }
+}
+
+// 缁欐暟鎹簱鐨勮鍒欒〃杈惧紡浠e弬 args: 涓�鏉″瓙瑙勫垯锛屽尯鍩熸暟鎹�
+func transferParameters(rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult {
+ //logger.Info("褰撳墠灏忚鍒欐槸锛�---------", rule)
+ //logger.Info("寰楀嚭缁撴灉闃舵", "姣旇緝鐨勮鍒欐槸锛�", rule)
+ if rule.Operator == "" {
+ return structure.LittleRuleResult{am.SdkName, strconv.Itoa(am.TargetNum) + "" + rule.RuleWithPre, rule.Sort} // 濡傛灉鍚庨潰涓嶈窡鎿嶄綔绗﹀氨鐩存帴杩斿洖鏁伴噺 姣斿瑕佽窡涓嬩竴涓尯鍩熸瘮杈冩暟閲忕殑灏辩洿鎺ヨ繑鍥炴湰鍖哄煙鐨勬暟閲�
+ }
+ //args := am.targetNum targetNum 宸叉垚鎵�鏈夌洰鏍囩殑鎬绘暟閲忥紝杩欓噷鍙畻yolo鐨�
+ var num int = 0
+ for _, data := range am.FilterData {
+ if data.IsYolo {
+ num++
+ }
+ }
+ formula := strconv.Itoa(num) + " " + rule.Operator + " " + rule.SdkArgValue
+ expression, _ := govaluate.NewEvaluableExpression(formula) // 寰楀埌鏁板鍏紡
+ result, _ := expression.Evaluate(nil) // 寰楀埌鏁板鍏紡鐨勭粨鏋�
+ return structure.LittleRuleResult{am.SdkName, rule.RuleWithPre + " " + strconv.FormatBool(result.(bool)), rule.Sort}
+ // 鍔犱笂鍏充簬绠楁硶鐨勫垽鏂潯浠讹紝涓嶈兘鍙湁鍏充簬瑙勫垯鐨勶紝鏈夌殑绠楁硶鏈韩灏辨槸涓�涓鍒欙紝濡備釜浣撻潤姝紝闈犲彸琛�,鎵�浠ワ紝鎷垮埌褰撳墠瀛愯鍒欑殑sdkid鏉ュ垽鏂槸鍚︽槸閭d簺鐗规畩鐨勮鍒�
+}
diff --git a/ruleserver/ruleToformula.go b/ruleserver/ruleToformula.go
index 97bd829..8ddec65 100644
--- a/ruleserver/ruleToformula.go
+++ b/ruleserver/ruleToformula.go
@@ -1,6 +1,7 @@
package ruleserver
import (
+ "plugin"
"ruleprocess/cache"
"ruleprocess/logger"
"ruleprocess/structure"
@@ -63,6 +64,72 @@
}
}
+func RunRule1(args *structure.SdkDatas, groupRule *protomsg.GroupRule, taskId string, message *protomsg.SdkMessage, label structure.Others) bool {
+ defer func() {
+ if err := recover(); err != nil {
+ logger.Error("姣斿瑙勫垯鏈夎", err)
+ }
+ }()
+ logger.Info("+++++++++++瑙勫垯寮�濮嬭繍琛�+++++++++++++++++褰撳墠澶ц鍒�--锛�", (*groupRule).GroupText)
+ //logger.Warn("浼犺繘鍘讳箣鍚庢槸浠�涔堝痉琛岋細",args.RuleResult["yolo"])
+ Compare(args, groupRule)
+ resultSplice := []*structure.LittleRuleResult{}
+ sdkNames := ""
+ polygonId := ""
+ // 鍏堣繃瀹屾潯浠惰鍒�
+ for j := 0; j < len(groupRule.Rules); j++ {
+ for _, sdkData := range args.Sdkdata {
+ // 鏍规嵁瑙勫垯鐨剆dkId鏌ュ嚭鍏跺搴旂殑ipcId锛岀敤ipcId鍘绘壘璇ユ瘮瀵圭殑鏁版嵁
+ sdk, err := cache.GetSdkById(groupRule.Rules[j].SdkId)
+ if err != nil {
+ logger.Error("娌℃煡鍒皊dk鐨勪俊鎭�---", err)
+ }
+ ipcId := sdk.IpcId
+ sdkName := sdk.SdkName
+ //logger.Info("瑙勫垯鐨刬pcId涓巗dkData鐨処pcId:", ipcId, "===", sdkData.IpcId)
+ if ipcId == sdkData.IpcId {
+ //logger.Info("褰撳墠璧扮殑瑙勫垯鏄�--锛�", sdkName, "---","")
+ for _, areaMap := range sdkData.AreaMapList {
+ ruleResult := CallSo(sdk.Id,groupRule.Rules[j],areaMap)
+ //ruleResult := filterRule(groupRule.Rules[j], areaMap)
+ if ruleResult.Result != "" {
+ logger.Info("鏉′欢瑙勫垯缁撴灉锛�", ruleResult.Result)
+ // 濡傛灉缁撴灉涓虹湡锛屾妸杩欐潯瑙勫垯涓殑鍖哄煙缃负鏈夋晥
+ if strings.Contains(ruleResult.Result, "true") {
+ areaMap.IsEffective = true
+ }
+ // 濡傛灉姝ょ粨鏋滀负鐪熶笖褰撳墠杩囩殑鏄痽olo绠楁硶锛屽簲璁颁笅姝よ鍒欐墍瀵瑰簲鐨剆dkName,鍙﹀锛岃繕瑕佸幓閲� (鍚庡姞锛氭妸姝ゆ潯瑙︾鐨勫尯鍩焛d涔熻褰曚笅鏉�)
+ if strings.Contains(ruleResult.Result, "true") && ipcId == "02D54B61-0F16-C604-8567-FC4BE493C523" && !strings.Contains(sdkNames, sdkName) {
+ sdkNames = sdkName + ","
+ polygonId = groupRule.Rules[j].PolygonId + ","
+ }
+ if strings.Contains(ruleResult.Result, "true") && ipcId == "02D54B61-0F16-C604-8567-FC4BE493C523" && !strings.Contains(polygonId, groupRule.Rules[j].PolygonId) {
+ polygonId = groupRule.Rules[j].PolygonId + ","
+ }
+ resultSplice = append(resultSplice, &ruleResult)
+ }
+ }
+ }
+ }
+ }
+
+}
+
+func CallSo(sdkId string,rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult{
+ // 鏍规嵁sdkId鏌ュ嚭鍏跺搴旂殑sdk鐨剆oName锛岃皟鐢ㄧ浉搴攕o鐨凟ntrance鏂规硶
+ var soName = "intrusion.so"
+ p,err := plugin.Open("../algorithm/"+soName)
+ if err != nil {
+ panic(err)
+ }
+ f,err1 := p.Lookup("Entrance")
+ if err1 != nil {
+ panic("娌℃湁鎵惧埌鍏ュ彛鍑芥暟")
+ }
+ ruleResult := f.(func(rule *protomsg.Rule, am *structure.AreaMap))(rule,am)
+ return ruleResult
+}
+
func RunRule(args *structure.SdkDatas, groupRule *protomsg.GroupRule, taskId string, message *protomsg.SdkMessage, label structure.Others) bool {
defer func() {
if err := recover(); err != nil {
--
Gitblit v1.8.0