PingIntelligence AI training depends on a set of parameters configured in the
abs_init.js
file. These parameters should be configured before
starting the system. It is recommended that you review the variables and configure the
best values for your environment. Frequent updates to the training variables may lead to
a change in behavior of the AI system. Following are the parameters that need to be
configured:
-
attack_initial_training
-
attack_update_interval
-
continuous_learning
-
window_length
The following table describes the various training variables:
Variable | Description |
attack_initial_training
|
The number of hours that you want to train the AI model before it moves to the prediction mode. The default value is 24-hours. The minimum value is 1-hour. |
attack_update_interval
|
The time interval in hours at which you would want the model thresholds to
be updated. The default value is 24-hours. The minimum value is 1-hour. The
value in this variable takes effect only when
|
continuous_learning
|
Setting this value to true configures the AI model
to learn continuously based on the live traffic. If it is set to
false, the AI model detects attack based on the
initial training. |
window_length
|
The maximum time period that the AI model uses to detect attacks
across APIs. The default and maximum value for
window_length is 24-hours. The training period
should be longer than the window_length period. |
root_api_attack
|
Configure as true if you want AI engine to detect
attacks on the root API. Set it to false if you do not
wish the AI engine to detect attacks on the root API. The default value
is false . |
session_inactivity_duration
|
The time in minutes for an inactive user session after which ABS
decides that the session has terminated. Default value is 30-minutes.
You can configure it to any value in minutes. Note: This variable only
applies to account take over attack.
|
Following is a snippet from the abs_init.js
file showing the
variables:
db.global_config.insert({
"poc": false,
"attack_initial_training": "24",
"attack_update_interval": "24",
"url_limit": "100",
"response_size": "100",
"job_frequency" : "10",
"window_length" : "24",
"enable_ssl": true,
"api_discovery": true,
"discovery_initial_period" : "1",
"discovery_subpath": "1",
"continuous_learning": true,
"discovery_update_interval": "1",
"attack_list_count": "500000",
"resource_monitor_interval" : "10",
"percentage_diskusage_limit" : "80",
"root_api_attack" : false,
"session_inactivity_duration" : "30"
});
Variable | Description |
response_size
|
Maximum size in MB of the data fetched by external calls to ABS REST APIs. The default value is 100 MB. |
enable_ssl
|
When true, SSL communication is enabled between ASE
and ABS, and for external systems making rest API calls to ABS. See
Configure SSLon page 10 for more
information. |