主权项 |
1. A method, comprising:
detecting, at a first network device, a potential network attack by executing a classifier, wherein the classifier is configured to select a label from among a plurality of labels based on a set of input features; sending voting requests that identify the potential network attack to a plurality of neighboring network devices, wherein the voting requests include a set of values for the set of input features that were used to detect the potential attack at the first network device, and wherein a particular neighboring network device determines input features for a local classifier and uses the local classifier to generate a vote regarding the potential network attack; receiving, from each of the one or more of the neighboring network devices, a vote regarding the potential network attack; confirming, by the first network device, that the network attack is present based on the received votes; and generating, by the first network device, an alert that an attack has been detected. |