Patent attributes
The present disclosure describes dynamic intrusion detection and prevention in computer networks. The method includes generation of clusters of network sites based on a plurality of parameters related to operational features and network threats associated with the network sites. Data models are trained upon the clusters developed through the clustering. The data models are executed to predict a threat frequency of each network threat for each cluster. A difference between the predicted threat frequency of each network threat and corresponding baseline frequencies is determined. Dynamic rulesets are configured, based on the difference between the predicted threat frequency of each network threat and the corresponding baseline frequencies, for each cluster by integrating rules applicable to prevent each network threat.
