首页>
外国专利>
Modeling and outlier detection in threat management system data
Modeling and outlier detection in threat management system data
展开▼
机译:威胁管理系统数据中的建模和异常值检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods, systems, and computer-readable media for identifying potential threats on a network based on anomalous behavior in communication between endpoints are provided. Traffic data for a network is accumulated over some period of time. The traffic data is grouped by one or more keys, such as source IP address, and sets of metric values are calculated for the keys. A mixture distribution, such as a negative binomial mixture distribution, is fitted to each set of metric values, and outlying metric values are determined based on the mixture distribution(s). A list of outliers is then generated comprising key values having outlying metric values in one or more of the sets of metric values.
展开▼