DefenSys
←   Back to Home

Performance & Tuning

Tips for optimizing DefenSys for high-traffic environments and reducing resource usage.

Rate Limiting

In Settings → Monitoring, adjust Rate Limit (packets per second). Lower values reduce CPU but may miss packets. Higher values increase load.

Data Retention

Settings → Database: Retention Days controls how long alerts and traffic logs are kept. Shorter retention reduces database size and improves query speed.

ML Thresholds

Stricter thresholds reduce false positives but may miss real threats. See ML Configuration. Tune mlAnomalyScore and mlConfidence based on your environment.

When to Retrain

  • Network topology or usage changes significantly
  • Model is older than 30 days (check ML status)
  • High false positive rate

Export training data, retrain with ml/train_model.py, then restart the app.

Flow Cache Cleanup

The feature extractor cleans flows older than 5 minutes. For very long-lived connections, consider increasing maxAge in cleanupOldFlows() if needed.

REST API Rate Limit

The API limits 100 requests per 15 minutes per IP. Adjust in backend/api/server.js if mobile or external tools need higher throughput.

Database

  • SQLite uses WAL mode for better concurrency
  • Indexes exist on timestamp, src_ip, dst_ip, severity
  • Enable compression in Settings if supported