Currently all DDoS targets are given the same "weight" when ranking source IPs for frequency, BPS, or PPS.
That is, a source IP that targets 50 different residential customers to reduce their ping times for online gaming will show up higher in a organization's ASN report than a source IP that's implicated in attacks against 40 different educational, government, and/or banking services.
We can consider applying weights to source IPs based on the attack upload client, particular CIDRs, and/or arbitrary criteria that could be customized in the monitoring client.
Currently all DDoS targets are given the same "weight" when ranking source IPs for frequency, BPS, or PPS.
That is, a source IP that targets 50 different residential customers to reduce their ping times for online gaming will show up higher in a organization's ASN report than a source IP that's implicated in attacks against 40 different educational, government, and/or banking services.
We can consider applying weights to source IPs based on the attack upload client, particular CIDRs, and/or arbitrary criteria that could be customized in the monitoring client.