Crates.io | dectree-rs |
lib.rs | dectree-rs |
version | 0.1.1 |
source | src |
created_at | 2024-05-03 01:04:22.508308 |
updated_at | 2024-05-03 01:22:09.428945 |
description | A decision tree implementation in Rust |
homepage | |
repository | https://github.com/clementwanjau/dectree-rs |
max_upload_size | |
id | 1228274 |
size | 25,249 |
A byte and mask based decision engine for creating byte sequences (and potential comparison masks) for general purpose signature matching implemented in pure rust.
Features:
[dependencies]
dectree-rs = "0.1.1"
Example:
use dectree_rs::SignatureDecisionTree;
fn main() {
let signature_base = vec![0x55, 0xe9, 0xd8, 0x01, 0xfe, 0xff, 0x32, 0x77, 0x89, 0x4f, 0x55];
let mut tree = SignatureDecisionTree::new();
tree.add_signature(signature_base.clone(), None, None);
tree.get_signature(vec![0x55, 0xe9], None);
tree.add_signature(signature_base.clone().into_iter().take(7).collect(), None, Some(signature_base.clone().into_iter().take(7).collect()));
tree.add_signature(signature_base.clone().into_iter().take(4).collect(), None, Some(signature_base.clone().into_iter().take(4).collect()));
tree.add_signature([signature_base.clone(), vec![0xfe, 0x38]].concat(), None, Some([signature_base.clone(), vec![0xfe, 0x38]].concat()));
assert_eq!(tree.get_signature(vec![0x55, 0xe9, 0xd8, 0x01, 0xfe, 0xff, 0x32, 0x00, 0x99, 0x36, 0x5f, 0x21, 0xfd], None), Some(signature_base.clone().into_iter().take(7).collect()));
assert_eq!(tree.get_signature(vec![0x55, 0xe9, 0xd8, 0x01, 0xfe, 0xff, 0x32], None), Some(signature_base.clone().into_iter().take(7).collect()));
assert_eq!(tree.get_signature(vec![0x55, 0xe9, 0xd8, 0x01, 0xfe, 0x00], None), Some(signature_base.clone().into_iter().take(4).collect()));
assert_eq!(tree.get_signature(vec![0x55], None), None);
}
This project is licensed under the Apache License 2.0
- see the LICENSE file for details