mirror of
https://github.com/adulau/threatintel-attributes-compare.git
synced 2024-12-12 03:47:22 +00:00
A quick-and-dirty test to deduce the appropriate SimHash distance to use with a MISP dataset (per type).
|
||
---|---|---|
build_similarities.py | ||
keys.py.sample | ||
README.md |
threatintel-attributes-compare
A quick-and-dirty test to deduce the appropriate SimHash distance to use with a MISP dataset (per type). The idea is to analyse existing types and defines a specific SimHash distance depending of the attribute type (such as sigma, yara, text, comment or what ever type supported) in MISP when the correlation engine will support it.
Usage
python3 build_similarities.py --quiet --type=yara --distance=10
Requirements
- Redis
- SimHash Python library
- PyMISP