-v

Author: Jovonni Pharr

.gitignore

@@ -6,7 +6,13 @@ core/.mypy_cache/*
 *.pyc
 __pycache__/*
 .mypy_cache/*
+.mypy_cache
+*.mypy_cache
 /core/__pycache__/*
 /core/.mypy_cache/*
 core/__pycache__/*
 core/.mypy_cache/*
+interface/dist/
+/interface/dist/
+*.DS_Store
+

Makefile

@@ -29,12 +29,16 @@ check:
 	--ignore-missing-imports ;
 profile_model:
 	cd core/ ; python3.7 core.py profile_model ${model_name};
-uis: #ui server
-	cd interface/ ; node server.js
 rd: # react development server
 	cd interface/ ; npm run start
 rb: # react build
 	cd interface/ ; npm run build
+electron: # launch electron
+	cd interface/ ; npm run start-electron
+electron_static: # launch electron static react
+	cd interface/ ; npm run start-electron-static
+package: #package react
+	cd interface/ ; npm run package;
 save_dev:
 	git add * -v ; git commit -am ${M}-v ; git push origin master:main_dev_branch -v;
 test:

README.md

@@ -39,17 +39,21 @@ To Build a lightweight, SIEM Agnostic, UEBA Framework focused on providing:
   - Feedback Loop for continuous model training
   - "Shadow Mode" for model and risk score experimentation
   - Simple model configuration workflow
+  - Model groups
+  - Single-fire & Sequential models
 - Dashboard
   - Modern stack
   - Modular components
   - Live updating
+  - Global state, and component state
 - Features
   - Rule Storage/Management
   - Case Management
   - Peer-oriented/community intel
   - Lightweight, SIEM-agnostic architecture
   - Flexible/open dataset support
   - Alerting/Ticketing system
+  - Browser & desktop applications
 
 ## Stack
 - Client Dashboard
@@ -96,6 +100,13 @@ The interface is meant to observe system events, and anomalies
 - Modeling
 - Settings
 
+# Model Library
+OpenUBA implements a model library purposed with hosting ready-to-use models, both developed by us, and the community. For starters, we host the default model repository, similar to any popular package manager (npm, cargo, etc). However, developers can host their own model repository for use in their own instance of OpenUBA.
+
+Model installation currently works as follows:
+<img src="images/model_library_workflow.png" width="750px" />
+
+
 ## Installation/Usage
 Go to [INSTALL.md](https://github.com/GACWR/OpenUBA/blob/master/docs/INSTALL.md)
 

core/.DS_Store

@@ -1 +1 @@
-{"data_mtime": 1587529195, "dep_lines": [16, 17, 18, 19, 20, 21, 22, 23, 1, 1, 1, 1, 1, 1], "dep_prios": [10, 5, 5, 5, 5, 5, 10, 10, 5, 30, 30, 30, 30, 30], "dependencies": ["logging", "entity", "user", "enum", "display", "typing", "requests", "json", "builtins", "abc", "database", "json.encoder", "requests.models", "types"], "hash": "f96afb2a96e224f2b66fae496eec40da", "id": "api", "ignore_all": false, "interface_hash": "46a418b7569afd0dec40bea940888dff", "mtime": 1586530946, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "api.py", "plugin_data": null, "size": 3260, "suppressed": [], "version_id": "0.761"}
+{"data_mtime": 1587529195, "dep_lines": [16, 17, 18, 19, 20, 21, 22, 23, 1, 1, 1, 1, 1], "dep_prios": [10, 5, 5, 5, 5, 5, 10, 10, 5, 30, 30, 30, 30], "dependencies": ["logging", "entity", "user", "enum", "display", "typing", "requests", "json", "builtins", "abc", "database", "json.encoder", "requests.models"], "hash": "098e9deec1c9ac21b880dfc19daebc92", "id": "api", "ignore_all": false, "interface_hash": "46a418b7569afd0dec40bea940888dff", "mtime": 1588890541, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "api.py", "plugin_data": null, "size": 3311, "suppressed": [], "version_id": "0.761"}

core/.mypy_cache/3.7/api.meta.json

@@ -1 +1 @@
-{"data_mtime": 1587530483, "dep_lines": [21, 23, 24, 25, 26, 27, 28, 29, 30, 32, 33, 33, 1, 1, 1, 1, 1, 1, 1, 22, 34], "dep_prios": [5, 10, 10, 10, 5, 5, 5, 5, 5, 10, 10, 10, 5, 30, 30, 30, 30, 30, 30, 5, 10], "dependencies": ["flask", "logging", "threading", "time", "model", "test", "process", "api", "display", "unittest", "trace", "sys", "builtins", "abc", "flask.app", "flask.helpers", "flask.json", "types", "typing"], "hash": "871acc3803dc2b0457d8d2c9ef043b2b", "id": "core", "ignore_all": false, "interface_hash": "7faa962fd68d1c95d1608c6eac535168", "mtime": 1587141805, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "core.py", "plugin_data": null, "size": 4651, "suppressed": ["flask_cors", "coloredlogs"], "version_id": "0.761"}
+{"data_mtime": 1589323988, "dep_lines": [21, 23, 24, 25, 26, 27, 28, 29, 30, 32, 33, 33, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 22, 34], "dep_prios": [5, 10, 10, 10, 5, 5, 5, 5, 5, 10, 10, 10, 5, 30, 30, 30, 30, 30, 30, 30, 30, 30, 5, 10], "dependencies": ["flask", "logging", "threading", "time", "model", "test", "process", "api", "display", "unittest", "trace", "sys", "builtins", "abc", "flask.app", "flask.helpers", "flask.json", "flask.wrappers", "types", "typing", "werkzeug", "werkzeug.wrappers"], "hash": "db04b1b93d39ddab75b28e809b09a276", "id": "core", "ignore_all": false, "interface_hash": "dc34ae40aaef734a42a2d43bbbccea51", "mtime": 1589323979, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "core.py", "plugin_data": null, "size": 5178, "suppressed": ["flask_cors", "coloredlogs"], "version_id": "0.761"}

core/.mypy_cache/3.7/core.data.json

@@ -1 +1 @@
-{"data_mtime": 1587532244, "dep_lines": [16, 17, 18, 19, 19, 20, 21, 22, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 1, 1, 1, 1, 1, 1, 1, 248], "dep_prios": [10, 10, 10, 10, 20, 10, 10, 10, 10, 10, 10, 10, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 30, 30, 30, 30, 30, 30, 20], "dependencies": ["logging", "threading", "time", "urllib.request", "urllib", "sys", "os", "os.path", "shutil", "io", "json", "model_modules", "database", "dataset", "user", "encode", "hash", "utility", "typing", "api", "enum", "builtins", "_importlib_modulespec", "abc", "json.decoder", "model_modules.local_pandas", "model_modules.local_pandas.local_pandas", "types"], "hash": "8a1669a0c7b4d2e899b12975ef52c114", "id": "model", "ignore_all": false, "interface_hash": "ecda04a38f0cfa8a4e83722d9ca2f94b", "mtime": 1587532234, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "model.py", "plugin_data": null, "size": 17906, "suppressed": ["MODEL"], "version_id": "0.761"}
+{"data_mtime": 1589324546, "dep_lines": [16, 17, 18, 19, 19, 20, 21, 22, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 1, 1, 1, 1, 1, 1, 1, 273], "dep_prios": [10, 10, 10, 10, 20, 10, 10, 10, 10, 10, 10, 10, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 30, 30, 30, 30, 30, 30, 20], "dependencies": ["logging", "threading", "time", "urllib.request", "urllib", "sys", "os", "os.path", "shutil", "io", "json", "model_modules", "database", "dataset", "user", "encode", "hash", "utility", "typing", "api", "enum", "builtins", "_importlib_modulespec", "abc", "json.decoder", "model_modules.local_pandas", "model_modules.local_pandas.local_pandas", "types"], "hash": "d4849e0b168af209336fae718aa24be3", "id": "model", "ignore_all": false, "interface_hash": "7b12e2779bec9c72bc7d21f18fb5ce81", "mtime": 1589325241, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "model.py", "plugin_data": null, "size": 19147, "suppressed": ["MODEL"], "version_id": "0.761"}

core/.mypy_cache/3.7/core.meta.json

@@ -1 +1 @@
-{"data_mtime": 1587529195, "dep_lines": [16, 17, 18, 19, 1, 1, 1, 20, 22], "dep_prios": [10, 5, 5, 5, 5, 30, 30, 5, 10], "dependencies": ["logging", "database", "dataset", "typing", "builtins", "abc", "types"], "hash": "494fb01422a17891d06e00880a46517b", "id": "user", "ignore_all": false, "interface_hash": "2f15577ebb851ecfbed21c452a2fa655", "mtime": 1587486992, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "user.py", "plugin_data": null, "size": 5105, "suppressed": ["pandas", "numpy"], "version_id": "0.761"}
+{"data_mtime": 1587529195, "dep_lines": [16, 17, 18, 19, 1, 1, 1, 20, 22], "dep_prios": [10, 5, 5, 5, 5, 30, 30, 5, 10], "dependencies": ["logging", "database", "dataset", "typing", "builtins", "abc", "types"], "hash": "b36b78a1383b6ed86044b4c6374bd9f3", "id": "user", "ignore_all": false, "interface_hash": "2f15577ebb851ecfbed21c452a2fa655", "mtime": 1588910827, "options": {"allow_redefinition": false, "allow_untyped_globals": false, "always_false": [], "always_true": [], "bazel": false, "check_untyped_defs": false, "disallow_any_decorated": false, "disallow_any_explicit": false, "disallow_any_expr": false, "disallow_any_generics": false, "disallow_any_unimported": false, "disallow_incomplete_defs": false, "disallow_subclassing_any": false, "disallow_untyped_calls": false, "disallow_untyped_decorators": false, "disallow_untyped_defs": false, "follow_imports": "normal", "follow_imports_for_stubs": false, "ignore_errors": false, "ignore_missing_imports": true, "implicit_reexport": true, "local_partial_types": false, "mypyc": false, "no_implicit_optional": false, "platform": "darwin", "plugins": [], "show_none_errors": true, "strict_equality": false, "strict_optional": true, "strict_optional_whitelist": null, "warn_no_return": true, "warn_return_any": false, "warn_unreachable": false, "warn_unused_ignores": false}, "path": "user.py", "plugin_data": null, "size": 5184, "suppressed": ["pandas", "numpy"], "version_id": "0.761"}