/** * @fileoverview Predictive Security Analyzer * @module @nahisaho/musubix-security/intelligence/predictive-analyzer * * Provides security prediction, anomaly forecasting, risk projection, * and proactive security recommendations. */ import type { VulnerabilityStats, SecurityMetric } from './security-analytics.js'; import type { ThreatContext } from './threat-intelligence.js'; /** * Prediction confidence level */ export type PredictionConfidence = 'high' | 'medium' | 'low' | 'uncertain'; /** * Risk projection */ export interface RiskProjection { /** Projection ID */ id: string; /** Current risk score */ currentRisk: number; /** Projected risk score */ projectedRisk: number; /** Projection period (days) */ periodDays: number; /** Change direction */ direction: 'increasing' | 'decreasing' | 'stable'; /** Change magnitude */ magnitude: number; /** Confidence level */ confidence: PredictionConfidence; /** Confidence score (0-1) */ confidenceScore: number; /** Contributing factors */ factors: { name: string; impact: number; description: string; }[]; /** Recommendations */ recommendations: string[]; /** Projected at */ projectedAt: Date; } /** * Vulnerability prediction */ export interface VulnerabilityPrediction { /** Prediction ID */ id: string; /** Vulnerability type */ type: string; /** Predicted count */ predictedCount: number; /** Current count */ currentCount: number; /** Change */ change: number; /** Likelihood (0-1) */ likelihood: number; /** Confidence */ confidence: PredictionConfidence; /** Time frame (days) */ timeFrame: number; /** Risk level if materialized */ riskLevel: 'critical' | 'high' | 'medium' | 'low'; /** Prevention strategies */ preventionStrategies: string[]; } /** * Security anomaly */ export interface SecurityAnomaly { /** Anomaly ID */ id: string; /** Anomaly type */ type: 'spike' | 'drop' | 'pattern-break' | 'unusual-activity'; /** Metric affected */ metric: string; /** Expected value */ expectedValue: number; /** Actual value */ actualValue: number; /** Deviation */ deviation: number; /** Severity */ severity: 'critical' | 'high' | 'medium' | 'low'; /** Detection confidence */ confidence: number; /** Detected at */ detectedAt: Date; /** Possible causes */ possibleCauses: string[]; /** Recommended actions */ recommendedActions: string[]; } /** * Proactive alert */ export interface ProactiveAlert { /** Alert ID */ id: string; /** Alert type */ type: 'risk-increase' | 'vulnerability-surge' | 'pattern-detected' | 'threshold-breach'; /** Alert title */ title: string; /** Alert message */ message: string; /** Severity */ severity: 'critical' | 'high' | 'medium' | 'low'; /** Confidence */ confidence: PredictionConfidence; /** Time to impact (hours) */ timeToImpact?: number; /** Recommended actions */ actions: string[]; /** Related predictions */ relatedPredictions: string[]; /** Created at */ createdAt: Date; } /** * Security forecast */ export interface SecurityForecast { /** Forecast ID */ id: string; /** Forecast period */ period: { start: Date; end: Date; }; /** Risk projections */ riskProjections: RiskProjection[]; /** Vulnerability predictions */ vulnerabilityPredictions: VulnerabilityPrediction[]; /** Expected trends */ expectedTrends: { metric: string; direction: 'up' | 'down' | 'stable'; magnitude: number; confidence: number; }[]; /** Key risks */ keyRisks: string[]; /** Opportunities */ opportunities: string[]; /** Recommendations */ recommendations: string[]; /** Generated at */ generatedAt: Date; } /** * Historical data point */ export interface HistoricalDataPoint { timestamp: Date; value: number; metadata?: Record; } /** * Predictive Analyzer options */ export interface PredictiveAnalyzerOptions { /** Historical data lookback (days) */ lookbackDays?: number; /** Forecast horizon (days) */ forecastDays?: number; /** Anomaly detection sensitivity (0-1) */ anomalySensitivity?: number; /** Alert thresholds */ alertThresholds?: { riskIncrease: number; vulnerabilitySurge: number; deviationPercent: number; }; /** Enable proactive alerts */ enableProactiveAlerts?: boolean; } /** * Predictive Security Analyzer */ export declare class PredictiveAnalyzer { private options; private historicalData; private alerts; private anomalies; constructor(options?: PredictiveAnalyzerOptions); /** * Add historical data point */ addDataPoint(metric: string, dataPoint: HistoricalDataPoint): void; /** * Add multiple historical data points */ addDataPoints(metric: string, dataPoints: HistoricalDataPoint[]): void; /** * Prune old data */ private pruneOldData; /** * Import data from metrics */ importFromMetrics(metrics: SecurityMetric[]): void; /** * Import data from vulnerability stats */ importFromVulnStats(stats: VulnerabilityStats, timestamp?: Date): void; /** * Project future risk */ projectRisk(currentRiskScore: number, threatContext?: ThreatContext): RiskProjection; /** * Forecast a value using simple linear regression */ private forecastValue; /** * Calculate confidence level */ private calculateConfidence; /** * Generate risk recommendations */ private generateRiskRecommendations; /** * Predict vulnerabilities */ predictVulnerabilities(): VulnerabilityPrediction[]; /** * Get prevention strategies */ private getPreventionStrategies; /** * Detect anomalies */ detectAnomalies(): SecurityAnomaly[]; /** * Detect anomaly in a metric */ private detectMetricAnomaly; /** * Get possible causes for anomaly */ private getPossibleCauses; /** * Get recommended actions for anomaly */ private getAnomalyActions; /** * Create proactive alert */ private createAlert; /** * Get all alerts */ getAlerts(): ProactiveAlert[]; /** * Get alerts by severity */ getAlertsBySeverity(severity: ProactiveAlert['severity']): ProactiveAlert[]; /** * Clear old alerts */ clearOldAlerts(maxAgeDays?: number): number; /** * Generate security forecast */ generateForecast(): SecurityForecast; /** * Get statistics */ getStatistics(): { dataPointsCount: number; metricsTracked: number; alertsCount: number; anomaliesCount: number; oldestData: Date | null; latestData: Date | null; }; /** * Get anomalies */ getAnomalies(): SecurityAnomaly[]; /** * Export data */ exportData(): { historicalData: Record; alerts: ProactiveAlert[]; anomalies: SecurityAnomaly[]; }; /** * Import data */ importData(data: { historicalData?: Record; alerts?: ProactiveAlert[]; anomalies?: SecurityAnomaly[]; }): void; } /** * Create a PredictiveAnalyzer instance */ export declare function createPredictiveAnalyzer(options?: PredictiveAnalyzerOptions): PredictiveAnalyzer; /** * Quick risk projection */ export declare function projectRisk(currentRisk: number, historicalData: HistoricalDataPoint[]): RiskProjection; /** * Quick vulnerability prediction */ export declare function predictVulnerabilities(vulnStats: VulnerabilityStats[]): VulnerabilityPrediction[]; /** * Quick anomaly detection */ export declare function detectAnomalies(metrics: SecurityMetric[]): SecurityAnomaly[]; //# sourceMappingURL=predictive-analyzer.d.ts.map