Active prioritization of investigation targets in network security
In one embodiment, a device analyzes network traffic data using a clustering process, to
identify a cluster of addresses associated with the network traffic data for which the asso
ciated network traffic has similar behavioral characteristics. The device calculates a set of
rankings for the cluster by comparing the cluster to different sets of malicious addresses. The
device aggregates the set of rankings into a final ranking by setting the rankings in the set as
current rankings and iteratively calculating an average of any subset of the current rankings …
identify a cluster of addresses associated with the network traffic data for which the asso
ciated network traffic has similar behavioral characteristics. The device calculates a set of
rankings for the cluster by comparing the cluster to different sets of malicious addresses. The
device aggregates the set of rankings into a final ranking by setting the rankings in the set as
current rankings and iteratively calculating an average of any subset of the current rankings …
以上显示的是最相近的搜索结果。 查看全部搜索结果