By saiiman
This package offers the possibility of exfiltration detection through statistical analysis methods. For this purpose, all connections are added to a baseline, subdivided according to their source ip address and destination port. The baseline is then used to perform statistical anomaly detection. Anomalies in the baseline are considered as data exfiltrations. The severity of the anomaly is recorded using a score between 0 and 1.
Page 1 of 1, showing 1 record(s) out of 1 total