Threshold range for Tn and Tx

The following table details the range of Tn and Tx for each attack type. When manually adjusting the threshold values, the values must fall within the specified ranges.

Attack Type type_id Variable A (Range) Variable B (Range) Variable C (Range) Variable D (Range)
REST API
Data Exfiltration 1 Tn = [1-32] Tx = [2-33] Tn = [1-19] Tx = [2-20] Tn = [1-99] Tx = [2-100] NA
Single Client Login 2 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] NA NA
Multi Client Login 3 Tn = [1-100] Tx = “na” NA NA NA
Stolen Cookie / Access Token 4 Tn = [2-10] Tn = [1-19], Tx = [2-20] NA NA
API Memory Attack Type 1 5 Tn = [1-32] Tx = [2-33] Tn = [1-19] Tx = [2-20] Tn = [1-99] Tx = [2-100] NA
API Memory Attack Type 2 6 Tn = [1-32] Tx = [2-33] Tn = [1-19] Tx = [2-20] Tn = [1-99] Tx = [2-100] NA
Cookie DoS 7 Tn = [1-9] Tx = [2-10] Tn = [1-19] Tx = [2-20] NA NA
API Probing Replay 8 Tn = [1-99] Tx = [2-100] NA NA NA
API DoS Attack Type 1 9 Tn = [1-100] Tx = “[2-100]” NA NA NA
Extreme Client Activity 10 Tn = [1-19] Tx = [2-20] NA NA NA
Extreme App Activity 11 Tn = [1-19] Tx = [2-20] NA NA NA
API DoS Attack 12 Tn = [1- 100] Tx = “na” NA NA NA
API DDoS Attack Type 2 13 NA NA NA NA
Data Deletion 14 Tn = [1- 19] Tx = [2-20] Tn = [1-99] Tx = [2-100] NA NA
Data Poisoning 15 Tn = [1- 19] Tx = [2-20] Tn = [1-99] Tx = [2-100] Tn = [1-32] Tx = [2-33] NA
Stolen Token Attack Type 2 16 Tn = [2-10] Tx = “na” Tn = [1-100] Tn = [1-100] NA
Stolen Cookie Attack Type 2 17 Tn = [2-10] Tx = “na” Tn = [1-100] Tn = [1-100] NA
API Probing Replay Attack 2 (client identifier: cookie) 18 Tn = [1-99] Tx = [2-100] Tn = [1-19] Tx = [2-20] NA NA
API Probing Replay Attack 2 (client identifier: token) 19 Tn = [1-99] Tx = [2-100] Tn = [1-19] Tx = [2-20] NA NA
API Probing Replay Attack 2 (client identifier: IP address) 20 Tn = [1-99] Tx = [2-100] Tn = [1-19] Tx = [2-20] NA NA
Data Exfiltration Attack Type 2 21 Tn = [1-42] Tx = [2-43] Tn = [0-30]

Tn = [1-100]

NA
Excessive Client Connections (client identifier : cookie) 22 Tn = [1-19], Tx =[2-20] NA NA NA
Excessive Client Connections (client identifier : token) 23 Tn = [1-19], Tx =[2-20] NA NA NA
Excessive Client Connections (client identifier : IP address) 24 Tn = [1-19], Tx =[2-20] NA NA NA
Content Scraping Type 1 (client identifier : cookie) 25 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20]
Content Scraping Type 1 (client identifier : token) 26 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20]
Content Scraping Type 1 (client identifier : IP address) 27 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20]
Content Scraping Type 2 28 Tn = [1-29] Tx = [2-30] Tn = [1-100] NA NA
Unauthorized client attack (client identifier: IP address) 29 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] NA NA
Single Client Login Attack Type 2 (client identifier: IP address) 30 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] NA NA
Stolen API Key Attack- API Key 31 Tn = [1-100] Tx = NA Tn = [1-100] Tx = NA Tn = [1-100] Tx = NA Tn = [1-100] Tx = NA
Probing Replay Attack - API Key 32 Tn = [1-100] Tx = NA Tn = [1-100] Tx = NA NA NA
Extended Probing Replay Attack - API Key 33 Tn = [1-100] Tx = NA Tn = [1-100] Tx = NA NA NA
User Probing Type 1 34 Tn = [1-99] Tx = [2-100] Tn = [1-99] Tx = [2-100] Tn = [1-9] Tx = [2-10] Tn = [1-9] Tx = [2-20]
User Probing Type 2 35 Tn = [1-99] Tx = [2-100] Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] Tn = [1-29] Tx = [2-30]
Sequence attack 36 Tn = [1-19] Tx = [2-20] NA NA NA
Header Manipulation 37 Tn = [1-99] Tx = [2-100] Tn = [1-20] Tx = NA Tn = [1-29] Tx = [2-30] Tn = [1-100] Tx = NA
Account Takeover -UBA 38 Tn = [1-100] Tx = NA Tn = [1-99] Tx = [2-100] NA NA
User Data Exfiltration Type 2 39 Tn = [1-32] Tx = [2-33] Tn = [1-32] Tx = [2-33] Tn = [1-19] Tx = [2-20] NA
User Data Injection 40 Tn = [1-32] Tx = [2-33] Tn = [1-19] Tx = [2-20] NA NA
Query Manipulation Attack 41 Tn = [1-20] Tx = NA Tn = [1-2] Tx = NA Tn = [1-2] Tx = NA Tn = [1-100] Tx = NA
WebSocket API
WS Cookie Attack 50 Tn = [1-99] Tx = [2-100] Tn = [1-19] Tx= [2-20] NA NA
WS Identity Attack 51 Tn = [1-19] Tx = [2-20] Tn = [1-19] Tx = [2-20] NA NA
WS DoS Attack 53 Tn = [1- 100] Tx = “na” NA NA NA
WS Data Exfiltration Attack 54 Tn = [1- 100] Tx = “na” NA NA NA