perf: optimize CASE_INSENSITIVE_ORDER logic23.11

author: gujinkai <[email protected]> 2023-11-22 18:19:18 +0800
committer: gujinkai <[email protected]> 2023-11-22 18:19:18 +0800
commit: 7645c957651096bef77a6f735864e1ff54362668 (patch)
tree: 276756df037449b54b5d467906c2e4f3e5c7142e
parent: fab8d4354db127a3b6c9cbe1cd105c153fba6b7e (diff)
2 files changed, 26 insertions, 18 deletions
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
index f7167ce..6f077d0 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
@@ -1,12 +1,12 @@
 package com.zdjizhi.etl.utils;
 
 import com.zdjizhi.base.common.CnRecordLog;
-import com.zdjizhi.base.rule.cache.RuleCache;
 import com.zdjizhi.base.rule.info.RuleInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.*;
+import java.util.HashMap;
+import java.util.Map;
 
 public class IocDarkWebUtils {
 
@@ -15,7 +15,7 @@ public class IocDarkWebUtils {
     private static HashMap<String, String> ipMap = new HashMap<>();
     private static HashMap<String, String> domainMap = new HashMap<>();
 
-    private static TreeMap<String, Long> tagRuleIdMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+    private static final HashMap<String, Long> tagRuleIdMap = new HashMap<>();
 
     public static void readIocDarkWebCsv(HighCsvReader csvReader) {
         try {
@@ -51,21 +51,24 @@ public class IocDarkWebUtils {
         String serverIp = cnRecordLog.getCommon_server_ip();
         if (ipMap.containsKey(serverIp)) {
             String ipTag = ipMap.get(serverIp);
-            if (tagRuleIdMap.containsKey(ipTag)) {
-                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTag), "ip");
+            String ipTagLowerCase = ipTag.toLowerCase();
+            if (tagRuleIdMap.containsKey(ipTagLowerCase)) {
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTagLowerCase), "ip");
             }
             cnRecordLog.putServer_ip_tag(ipTag);
         }
         String domainTag = getDomainTag(cnRecordLog.getDomain());
         if (domainTag != null) {
-            if (tagRuleIdMap.containsKey(domainTag)) {
-                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTag), "domain");
+            String domainTagLowerCase = domainTag.toLowerCase();
+            if (tagRuleIdMap.containsKey(domainTagLowerCase)) {
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTagLowerCase), "domain");
             }
             cnRecordLog.putDomain_tag(domainTag);
         }
     }
 
     public static void updateInternalRuleId(Long key, RuleInfo ruleInfo) {
+        ruleInfo.setName(ruleInfo.getName().toLowerCase());
         if (tagRuleIdMap.containsValue(ruleInfo.getRuleId())) {
             if (tagRuleIdMap.containsKey(ruleInfo.getName())) {
                 //id and name not change
@@ -102,7 +105,7 @@ public class IocDarkWebUtils {
     }
 
     public static void removeInternalRuleId(Long key, RuleInfo ruleInfo) {
-        tagRuleIdMap.remove(ruleInfo.getName());
+        tagRuleIdMap.remove(ruleInfo.getName().toLowerCase());
         System.out.println(TimeUtils.getCurrentTime() + ": ioc dark web remove rule : " + ruleInfo.getName() + ":" + ruleInfo.getRuleId());
     }
 
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
index 362f244..1035484 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
@@ -1,12 +1,13 @@
 package com.zdjizhi.etl.utils;
 
 import com.zdjizhi.base.common.CnRecordLog;
-import com.zdjizhi.base.rule.cache.RuleCache;
 import com.zdjizhi.base.rule.info.RuleInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.*;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 public class IocMalwareUtils {
 
@@ -15,7 +16,7 @@ public class IocMalwareUtils {
     private static HashMap<String, String> ipMap = new HashMap<>();
     private static HashMap<String, String> domainMap = new HashMap<>();
     private static Trie<String> urlTrie = new Trie<>();
-    private static TreeMap<String, Long> tagRuleIdMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+    private static final HashMap<String, Long> tagRuleIdMap = new HashMap<>();
 
     public static void readIocMalwareCsv(HighCsvReader csvReader) {
         try {
@@ -56,29 +57,33 @@ public class IocMalwareUtils {
         if (ipMap.containsKey(serverIp)) {
             String ipTag = ipMap.get(serverIp);
             if (ipTag != null) {
+                String ipTagLowerCase = ipTag.toLowerCase();
                 cnRecordLog.putServer_ip_tag(ipTag);
-                if (tagRuleIdMap.containsKey(ipTag)) {
-                    cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTag), "ip");
+                if (tagRuleIdMap.containsKey(ipTagLowerCase)) {
+                    cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTagLowerCase), "ip");
                 }
             }
         }
         String domainTag = getDomainTags(cnRecordLog.getDomain());
         if (domainTag != null) {
+            String domainTagLowerCase = domainTag.toLowerCase();
             cnRecordLog.putDomain_tag(domainTag);
-            if (tagRuleIdMap.containsKey(domainTag)) {
-                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTag), "domain");
+            if (tagRuleIdMap.containsKey(domainTagLowerCase)) {
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTagLowerCase), "domain");
             }
         }
         List<String> urlTags = getUrlTags(cnRecordLog.getHttp_url());
         for (String urlTag : urlTags) {
-            if (tagRuleIdMap.containsKey(urlTag)) {
-                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(urlTag), "url");
+            String urlTagLowerCase = urlTag.toLowerCase();
+            if (tagRuleIdMap.containsKey(urlTagLowerCase)) {
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(urlTagLowerCase), "url");
             }
             //url only need to detection
         }
     }
 
     public static void updateInternalRuleId(Long key, RuleInfo ruleInfo) {
+        ruleInfo.setName(ruleInfo.getName().toLowerCase());
         if (tagRuleIdMap.containsValue(ruleInfo.getRuleId())) {
             if (tagRuleIdMap.containsKey(ruleInfo.getName())) {
                 //id and name not change
@@ -115,7 +120,7 @@ public class IocMalwareUtils {
     }
 
     public static void removeInternalRuleId(Long key, RuleInfo ruleInfo) {
-        tagRuleIdMap.remove(ruleInfo.getName());
+        tagRuleIdMap.remove(ruleInfo.getName().toLowerCase());
         System.out.println(TimeUtils.getCurrentTime() + ": ioc malware remove rule : " + ruleInfo.getName() + ":" + ruleInfo.getRuleId());
     }
author	gujinkai <[email protected]>	2023-11-22 18:19:18 +0800
committer	gujinkai <[email protected]>	2023-11-22 18:19:18 +0800
commit	7645c957651096bef77a6f735864e1ff54362668 (patch)
tree	276756df037449b54b5d467906c2e4f3e5c7142e
parent	fab8d4354db127a3b6c9cbe1cd105c153fba6b7e (diff)