adulau/threatintel-attributes-compare
1
0
Fork 0
mirror of https://github.com/adulau/threatintel-attributes-compare.git synced 2024-05-20 15:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
A quick-and-dirty test to deduce the appropriate SimHash distance to use with a MISP dataset (per type).
1 commit 1 branch 0 tags 29 KiB
Python 100%
Go to file
Alexandre Dulaunoy 78b8ea3bb6
Initial import of my dirty script/test to calculate SimHash from MISP 
attributes and store it in Redis backend.
2018-06-10 21:04:50 +02:00
build_similarities.py Initial import of my dirty script/test to calculate SimHash from MISP 2018-06-10 21:04:50 +02:00
keys.py.sample Initial import of my dirty script/test to calculate SimHash from MISP 2018-06-10 21:04:50 +02:00
README.md Initial import of my dirty script/test to calculate SimHash from MISP 2018-06-10 21:04:50 +02:00

README.md

threatintel-attributes-compare

A quick-and-dirty test to deduce the appropriate SimHash distance to use with a MISP dataset (per type). The idea is to analyse existing types and defines a specific SimHash distance depending of the attribute type (such as sigma, yara, text, comment or what ever type supported) in MISP when the correlation engine will support it.

Usage

python3 build_similarities.py  --quiet --type=yara --distance=10

Requirements

  • Redis
  • SimHash Python library
  • PyMISP