FlowRadar v1
Overview
FlowRadar v1 evaluates a miner's ability to detect VPN usage using network flow features. Each request contains a single flow represented as JSON. Your model must return a boolean is_vpn value.
For general challenge context, data description, and links, see the FlowRadar README.
Input/Output Format
Request
{
"products": {
"fwd_num_pkts": 120,
"bwd_num_pkts": 98,
"fwd_sum_pkt_len": 31400,
"bwd_sum_pkt_len": 38100,
"flow_duration": 2500
...
}
}
Response
Notes:
- The
productsobject is a single CSV row serialized as JSON. - Fields and counts can vary by dataset version.
Scoring
Scoring uses F1 score based on true positives, false positives, true negatives, and false negatives.
- Typical scores in early iterations may be 0.7-0.8, but FlowRadar v1 requires >= 0.9 to be eligible for emissions.
- F1 is computed across the full scoring dataset.
The dashboard also surfaces a confusion matrix (TP, FP, TN, FN) as JSON for debugging and evaluation. See: Dashboard
Performance Constraints
- Per-request time limit: 0.5 seconds
- Scoring stops early if too many requests fail or time out
Submission Requirements
- Single file only:
submission.py - Line limit: 1000 lines max
- No external libraries: only Python built-ins
- Must expose a VPN detection function that returns a boolean
Acceptance Criteria
Limits and Acceptance Criteria
- F1 score >= 0.9 for eligibility
- Request time <= 0.5 seconds
- One file only:
submission.py - Maximum 1000 lines
- No additional libraries (Python built-ins only)
Example Logic (Simplified)
def detect_vpn(features: dict) -> bool:
# Example heuristic only
fwd = features.get("fwd_sum_pkt_len", 0)
bwd = features.get("bwd_sum_pkt_len", 0)
if fwd > 0 and (bwd / fwd) > 1.2:
return True
return False
This illustrates the expected shape and return type. Production submissions should use more robust logic to reach the required F1 threshold.