An Abnormal IP Access Detection Method Based on K-means
This article mainly discusses the problems presented in the detection of malicious attack events based on UEBA technology and SNORT rules.based on this it is proposed that through statistical learning,combining network traffic data at the host level with security log data at the host side,the clustering analysis algorithm was solved using K-means iteration,method for detecting abnormal IP access in the network.