CPC H04L 63/1458 (2013.01) [H04L 63/0263 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
1. A method performed by hardware processing circuitry, comprising:
obtaining a first time series of operational parameter values of a device attached to a network;
determining that the operational parameter values of the first time series are within a first parameter value range;
based on determining that the operational parameter values of the first time series are within the first parameter value range, selecting, from a plurality of distributions, a first distribution;
determining a first probability at which the operational parameter values of the first time series occur in the selected distribution;
based on the first time series, adjusting a boundary between the first parameter value range and a second parameter value range resulting in an updated first parameter value range and an updated second parameter value range; and
determining, based on the updated first parameter value range or the updated second parameter value range, a likelihood of a brute force attack.
|