Spaces:
Sleeping
Sleeping
Update env.py
Browse files
env.py
CHANGED
|
@@ -470,11 +470,11 @@ class APIGatewayDefender:
|
|
| 470 |
|
| 471 |
def get_task_grader_score(self) -> float:
|
| 472 |
"""
|
| 473 |
-
Programmatic grader β returns score 0
|
| 474 |
-
Returns
|
| 475 |
"""
|
| 476 |
if not self._rules:
|
| 477 |
-
return 0.
|
| 478 |
return self._grade().score
|
| 479 |
|
| 480 |
# ββ Private Helpers ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
|
@@ -526,6 +526,10 @@ class APIGatewayDefender:
|
|
| 526 |
f"Check for injection payloads."
|
| 527 |
)
|
| 528 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 529 |
def _grade(self) -> Reward:
|
| 530 |
"""
|
| 531 |
Apply all active rules to the hidden test traffic set and compute a score.
|
|
@@ -534,31 +538,34 @@ class APIGatewayDefender:
|
|
| 534 |
detection_rate = malicious_blocked / total_malicious
|
| 535 |
fp_rate = legitimate_blocked / total_legitimate
|
| 536 |
if fp_rate > FALSE_POSITIVE_THRESHOLD:
|
| 537 |
-
score =
|
| 538 |
else:
|
| 539 |
-
score = clamp(detection_rate - fp_rate * 5.0,
|
|
|
|
|
|
|
| 540 |
"""
|
| 541 |
malicious = [r for r in self._test_traffic if r["is_malicious"]]
|
| 542 |
legit = [r for r in self._test_traffic if not r["is_malicious"]]
|
| 543 |
|
| 544 |
-
mal_blocked
|
| 545 |
-
legit_blocked = sum(1 for r in legit
|
| 546 |
|
| 547 |
-
total_mal
|
| 548 |
total_legit = len(legit)
|
| 549 |
|
| 550 |
detection_rate = mal_blocked / total_mal if total_mal > 0 else 0.0
|
| 551 |
fp_rate = legit_blocked / total_legit if total_legit > 0 else 0.0
|
| 552 |
|
| 553 |
if fp_rate > FALSE_POSITIVE_THRESHOLD:
|
| 554 |
-
score =
|
| 555 |
message = (
|
| 556 |
-
f"Score
|
| 557 |
f"{FALSE_POSITIVE_THRESHOLD:.0%} threshold. Rules are too broad β "
|
| 558 |
f"legitimate users are being blocked."
|
| 559 |
)
|
| 560 |
else:
|
| 561 |
-
|
|
|
|
| 562 |
message = (
|
| 563 |
f"Blocked {mal_blocked}/{total_mal} malicious requests "
|
| 564 |
f"({detection_rate:.1%} detection rate) with "
|
|
|
|
| 470 |
|
| 471 |
def get_task_grader_score(self) -> float:
|
| 472 |
"""
|
| 473 |
+
Programmatic grader β returns score strictly in (0, 1) for the current episode.
|
| 474 |
+
Returns the minimum non-zero score if no rules have been applied yet.
|
| 475 |
"""
|
| 476 |
if not self._rules:
|
| 477 |
+
return 0.001
|
| 478 |
return self._grade().score
|
| 479 |
|
| 480 |
# ββ Private Helpers ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
|
|
|
|
| 526 |
f"Check for injection payloads."
|
| 527 |
)
|
| 528 |
|
| 529 |
+
# Validator requires scores strictly between 0 and 1 (exclusive)
|
| 530 |
+
_SCORE_MIN = 0.001
|
| 531 |
+
_SCORE_MAX = 0.999
|
| 532 |
+
|
| 533 |
def _grade(self) -> Reward:
|
| 534 |
"""
|
| 535 |
Apply all active rules to the hidden test traffic set and compute a score.
|
|
|
|
| 538 |
detection_rate = malicious_blocked / total_malicious
|
| 539 |
fp_rate = legitimate_blocked / total_legitimate
|
| 540 |
if fp_rate > FALSE_POSITIVE_THRESHOLD:
|
| 541 |
+
score = _SCORE_MIN β too many false positives
|
| 542 |
else:
|
| 543 |
+
score = clamp(detection_rate - fp_rate * 5.0, _SCORE_MIN, _SCORE_MAX)
|
| 544 |
+
|
| 545 |
+
The final score is always strictly in (0, 1) as required by the validator.
|
| 546 |
"""
|
| 547 |
malicious = [r for r in self._test_traffic if r["is_malicious"]]
|
| 548 |
legit = [r for r in self._test_traffic if not r["is_malicious"]]
|
| 549 |
|
| 550 |
+
mal_blocked = sum(1 for r in malicious if any(rule.blocks(r) for rule in self._rules))
|
| 551 |
+
legit_blocked = sum(1 for r in legit if any(rule.blocks(r) for rule in self._rules))
|
| 552 |
|
| 553 |
+
total_mal = len(malicious)
|
| 554 |
total_legit = len(legit)
|
| 555 |
|
| 556 |
detection_rate = mal_blocked / total_mal if total_mal > 0 else 0.0
|
| 557 |
fp_rate = legit_blocked / total_legit if total_legit > 0 else 0.0
|
| 558 |
|
| 559 |
if fp_rate > FALSE_POSITIVE_THRESHOLD:
|
| 560 |
+
score = self._SCORE_MIN
|
| 561 |
message = (
|
| 562 |
+
f"Score floored: {fp_rate:.1%} false positive rate exceeds "
|
| 563 |
f"{FALSE_POSITIVE_THRESHOLD:.0%} threshold. Rules are too broad β "
|
| 564 |
f"legitimate users are being blocked."
|
| 565 |
)
|
| 566 |
else:
|
| 567 |
+
raw = detection_rate - fp_rate * 5.0
|
| 568 |
+
score = max(self._SCORE_MIN, min(self._SCORE_MAX, raw))
|
| 569 |
message = (
|
| 570 |
f"Blocked {mal_blocked}/{total_mal} malicious requests "
|
| 571 |
f"({detection_rate:.1%} detection rate) with "
|