forked from splunk/security_content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
__mlspl_unusual_commandline_detection.mlmodel
2 lines (2 loc) · 6.92 KB
/
__mlspl_unusual_commandline_detection.mlmodel
1
2
algo,model,options
LinearRegression,"{""__mlspl_type"": [""algos.LinearRegression"", ""LinearRegression""], ""dict"": {""estimator"": {""__mlspl_type"": [""sklearn.linear_model._base"", ""LinearRegression""], ""dict"": {""fit_intercept"": true, ""normalize"": false, ""copy_X"": true, ""n_jobs"": null, ""intercept_"": -1.2124304031951825, ""coef_"": {""__mlspl_type"": [""numpy"", ""ndarray""], ""npy"": ""k05VTVBZAQB2AHsnZGVzY3InOiAnPGY4JywgJ2ZvcnRyYW5fb3JkZXInOiBGYWxzZSwgJ3NoYXBlJzogKDM2LCksIH0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIApreM9kKtnhP0TDf2w1t+I/3qDHjxK61j8UkPlxGST1v/rMDbO+a8e/iv8JpC2l5T+6dz+pdS3nP0mN7wQ8eO0/UqU3sakDyD9ncnkR3LHzP/6iGnNrQO2/z3R1+fFX9D/5ZfOERzTQv+rvqnTxzfO/979MJJkR378n6CfDQdDYP2XRpM7gmNi/pOwWahfc5j+sabiuJ0vyv8l3R09uZf+/tJflJH4LC0AXzFbk2d7RP61rdIKV+AHAtoJRDnX89b8AAAAAAAAAAHjIjMQz+ec/tHGBbk/z8r8epfEwzMwNwFdDZaNuDOI/9b/zguLg5z/5me57PV71vy3iI7chKeg/aPI+jdvl6z94yIzEM/nnP1kSQcEw/NE/TItteBKa4T8=""}}}, ""columns"": [""unusual_cmdline_feature_for"", ""unusual_cmdline_feature_netsh"", ""unusual_cmdline_feature_readbytes"", ""unusual_cmdline_feature_set"", ""unusual_cmdline_feature_unrestricted"", ""unusual_cmdline_feature_winstations"", ""unusual_cmdline_feature_-value"", ""unusual_cmdline_feature_compression"", ""unusual_cmdline_feature_server"", ""unusual_cmdline_feature_set-mppreference"", ""unusual_cmdline_feature_terminal"", ""unusual_cmdline_feature_-name"", ""unusual_cmdline_feature_catch"", ""unusual_cmdline_feature_get-wmiobject"", ""unusual_cmdline_feature_hklm"", ""unusual_cmdline_feature_streamreader"", ""unusual_cmdline_feature_system32"", ""unusual_cmdline_feature_username"", ""unusual_cmdline_feature_webrequest"", ""unusual_cmdline_feature_count"", ""unusual_cmdline_feature_webclient"", ""unusual_cmdline_feature_writeallbytes"", ""unusual_cmdline_feature_convert"", ""unusual_cmdline_feature_create"", ""unusual_cmdline_feature_function"", ""unusual_cmdline_feature_net"", ""unusual_cmdline_feature_com"", ""unusual_cmdline_feature_http"", ""unusual_cmdline_feature_io"", ""unusual_cmdline_feature_system"", ""unusual_cmdline_feature_new-object"", ""unusual_cmdline_feature_if"", ""unusual_cmdline_feature_threading"", ""unusual_cmdline_feature_mutex"", ""unusual_cmdline_feature_cryptography"", ""unusual_cmdline_feature_computehash""], ""target_variable"": ""unusual_cmdline_logits"", ""feature_variables"": [""unusual_cmdline_feature_for"", ""unusual_cmdline_feature_netsh"", ""unusual_cmdline_feature_readbytes"", ""unusual_cmdline_feature_set"", ""unusual_cmdline_feature_unrestricted"", ""unusual_cmdline_feature_winstations"", ""unusual_cmdline_feature_-value"", ""unusual_cmdline_feature_compression"", ""unusual_cmdline_feature_server"", ""unusual_cmdline_feature_set-mppreference"", ""unusual_cmdline_feature_terminal"", ""unusual_cmdline_feature_-name"", ""unusual_cmdline_feature_catch"", ""unusual_cmdline_feature_get-wmiobject"", ""unusual_cmdline_feature_hklm"", ""unusual_cmdline_feature_streamreader"", ""unusual_cmdline_feature_system32"", ""unusual_cmdline_feature_username"", ""unusual_cmdline_feature_webrequest"", ""unusual_cmdline_feature_count"", ""unusual_cmdline_feature_webclient"", ""unusual_cmdline_feature_writeallbytes"", ""unusual_cmdline_feature_convert"", ""unusual_cmdline_feature_create"", ""unusual_cmdline_feature_function"", ""unusual_cmdline_feature_net"", ""unusual_cmdline_feature_com"", ""unusual_cmdline_feature_http"", ""unusual_cmdline_feature_io"", ""unusual_cmdline_feature_system"", ""unusual_cmdline_feature_new-object"", ""unusual_cmdline_feature_if"", ""unusual_cmdline_feature_threading"", ""unusual_cmdline_feature_mutex"", ""unusual_cmdline_feature_cryptography"", ""unusual_cmdline_feature_computehash""]}}","{""args"": [""unusual_cmdline_logits"", ""unusual_cmdline_feature_for"", ""unusual_cmdline_feature_netsh"", ""unusual_cmdline_feature_readbytes"", ""unusual_cmdline_feature_set"", ""unusual_cmdline_feature_unrestricted"", ""unusual_cmdline_feature_winstations"", ""unusual_cmdline_feature_-value"", ""unusual_cmdline_feature_compression"", ""unusual_cmdline_feature_server"", ""unusual_cmdline_feature_set-mppreference"", ""unusual_cmdline_feature_terminal"", ""unusual_cmdline_feature_-name"", ""unusual_cmdline_feature_catch"", ""unusual_cmdline_feature_get-wmiobject"", ""unusual_cmdline_feature_hklm"", ""unusual_cmdline_feature_streamreader"", ""unusual_cmdline_feature_system32"", ""unusual_cmdline_feature_username"", ""unusual_cmdline_feature_webrequest"", ""unusual_cmdline_feature_count"", ""unusual_cmdline_feature_webclient"", ""unusual_cmdline_feature_writeallbytes"", ""unusual_cmdline_feature_convert"", ""unusual_cmdline_feature_create"", ""unusual_cmdline_feature_function"", ""unusual_cmdline_feature_net"", ""unusual_cmdline_feature_com"", ""unusual_cmdline_feature_http"", ""unusual_cmdline_feature_io"", ""unusual_cmdline_feature_system"", ""unusual_cmdline_feature_new-object"", ""unusual_cmdline_feature_if"", ""unusual_cmdline_feature_threading"", ""unusual_cmdline_feature_mutex"", ""unusual_cmdline_feature_cryptography"", ""unusual_cmdline_feature_computehash""], ""target_variable"": [""unusual_cmdline_logits""], ""feature_variables"": [""unusual_cmdline_feature_for"", ""unusual_cmdline_feature_netsh"", ""unusual_cmdline_feature_readbytes"", ""unusual_cmdline_feature_set"", ""unusual_cmdline_feature_unrestricted"", ""unusual_cmdline_feature_winstations"", ""unusual_cmdline_feature_-value"", ""unusual_cmdline_feature_compression"", ""unusual_cmdline_feature_server"", ""unusual_cmdline_feature_set-mppreference"", ""unusual_cmdline_feature_terminal"", ""unusual_cmdline_feature_-name"", ""unusual_cmdline_feature_catch"", ""unusual_cmdline_feature_get-wmiobject"", ""unusual_cmdline_feature_hklm"", ""unusual_cmdline_feature_streamreader"", ""unusual_cmdline_feature_system32"", ""unusual_cmdline_feature_username"", ""unusual_cmdline_feature_webrequest"", ""unusual_cmdline_feature_count"", ""unusual_cmdline_feature_webclient"", ""unusual_cmdline_feature_writeallbytes"", ""unusual_cmdline_feature_convert"", ""unusual_cmdline_feature_create"", ""unusual_cmdline_feature_function"", ""unusual_cmdline_feature_net"", ""unusual_cmdline_feature_com"", ""unusual_cmdline_feature_http"", ""unusual_cmdline_feature_io"", ""unusual_cmdline_feature_system"", ""unusual_cmdline_feature_new-object"", ""unusual_cmdline_feature_if"", ""unusual_cmdline_feature_threading"", ""unusual_cmdline_feature_mutex"", ""unusual_cmdline_feature_cryptography"", ""unusual_cmdline_feature_computehash""], ""model_name"": ""lm_avg_char_prob"", ""algo_name"": ""LinearRegression"", ""mlspl_limits"": {""handle_new_cat"": ""default"", ""max_distinct_cat_values"": ""100"", ""max_distinct_cat_values_for_classifiers"": ""100"", ""max_distinct_cat_values_for_scoring"": ""100"", ""max_fit_time"": ""600"", ""max_inputs"": ""100000"", ""max_memory_usage_mb"": ""1000"", ""max_model_size_mb"": ""15"", ""max_score_time"": ""600"", ""streaming_apply"": ""false"", ""use_sampling"": ""true""}, ""kfold_cv"": null}"