To protect the computer network of a large organization, network engineers monitor and compare network traffic to a list of known computer addresses. Which data mining method is employed for network protection?
Computers and Technology · Middle School · Thu Feb 04 2021
Answered on
The data mining method employed for network protection when monitoring and comparing network traffic to a list of known computer addresses is called Anomaly Detection.
Anomaly detection is a technique used to identify patterns in a given dataset that do not conform to an established normal behavior. The anomalies could indicate potential threats such as network intrusions, fraud, or system failures. In the context of network security, anomaly detection systems (ADS) are employed to monitor network traffic continuously. These systems learn what normal traffic looks like and can then flag abnormal traffic, which could be an indication of a security threat like a cyber attack or unauthorized access.