synapse_pingora/payload/
config.rs

1//! Configuration for the Payload Profiling subsystem.
2
3use serde::{Deserialize, Serialize};
4use std::collections::HashMap;
5
6use super::anomaly::PayloadAnomalyType;
7
8/// Configuration for payload profiling.
9#[derive(Debug, Clone, Serialize, Deserialize)]
10pub struct PayloadConfig {
11    /// Enable payload profiling
12    pub enabled: bool,
13    /// Window duration in milliseconds (default: 60000 = 1 minute)
14    pub window_duration_ms: u64,
15    /// Maximum number of windows to keep (default: 60 = 1 hour)
16    pub max_windows: usize,
17    /// Maximum endpoints to track (LRU eviction)
18    pub max_endpoints: usize,
19    /// Maximum entities to track (LRU eviction)
20    pub max_entities: usize,
21    /// Threshold for oversized payload detection (multiplier of p99)
22    pub oversize_threshold: f64,
23    /// Threshold for bandwidth spike detection (multiplier of avg)
24    pub bandwidth_spike_threshold: f64,
25    /// Minimum requests before anomaly detection activates
26    pub warmup_requests: u32,
27    /// Threshold for exfiltration pattern (response/request ratio)
28    pub exfiltration_ratio_threshold: f64,
29    /// Threshold for upload pattern (request/response ratio)
30    pub upload_ratio_threshold: f64,
31    /// Minimum payload size to flag as large (bytes)
32    pub min_large_payload_bytes: u64,
33    /// Maximum timeline buckets for bandwidth history
34    pub timeline_max_buckets: usize,
35    /// Risk scores per anomaly type
36    pub anomaly_risk: HashMap<PayloadAnomalyType, f64>,
37}
38
39impl Default for PayloadConfig {
40    fn default() -> Self {
41        let mut anomaly_risk = HashMap::new();
42        anomaly_risk.insert(PayloadAnomalyType::OversizedRequest, 20.0);
43        anomaly_risk.insert(PayloadAnomalyType::OversizedResponse, 15.0);
44        anomaly_risk.insert(PayloadAnomalyType::BandwidthSpike, 25.0);
45        anomaly_risk.insert(PayloadAnomalyType::ExfiltrationPattern, 40.0);
46        anomaly_risk.insert(PayloadAnomalyType::UploadPattern, 35.0);
47
48        Self {
49            enabled: true,
50            window_duration_ms: 60_000,
51            max_windows: 60,
52            max_endpoints: 5_000,
53            max_entities: 10_000,
54            oversize_threshold: 3.0,
55            bandwidth_spike_threshold: 5.0,
56            warmup_requests: 100,
57            exfiltration_ratio_threshold: 100.0,
58            upload_ratio_threshold: 100.0,
59            min_large_payload_bytes: 100_000,
60            timeline_max_buckets: 1_440,
61            anomaly_risk,
62        }
63    }
64}
synapse_pingora/payload/config.rs

synapse_pingora/payload/
config.rs
