Trends

The "Trend" is an attempt to put a number to the increase in activity for a given port. Right now, I am comparing the last 24 hours to the last 30 days. So if we see a rise in activity compared to the last 30 days, the trend is high.

The following formula is used to calculate the trend:
sqrt( (S-s)^2/s + (T-t)^2/t ) )
S: number of source IPs hitting this port last 24 hrs.
s: average number of source IPs hitting this port each day (last 30 days).
T/t: same for target IPs detecting scans on this port.

PortTrendService
444447.77
5566.9
70203.48
70133.41
433.32
18433.32
70213.19
70153.12
70143.08
70123.07
70113.06
70032.99
18872.92
24252.87
70062.76
70082.6
232.51
70092.45
99992.33
70022.27
70072.23
90002.21
70042.2
70102.09
531.98
1611.84
100001.78
70051.78
33891.61
73731.52
33701.46
93971.26
29671.23
84431.2
8081.17
1231.12
71.03
20420.92
12070.89
19540.86
20160.85
20230.84
940.83
19600.83
15000.82
19460.81
12170.81
20480.81
20460.81
20130.8
20220.79
20170.78
17760.77
20450.77
19670.76
19230.75
19170.74
20120.74
15370.74
19550.74
20190.73
20270.73
16510.72
19570.72
18980.72
20100.72
12310.72
20350.71
20440.71
20330.7
20320.69
17060.69
20470.69
20180.68
19560.66
19200.66
19580.65
19650.65
12360.65
19400.65
20260.65
18630.65
18690.64
250010.64
18790.64
19210.64
19720.64
20210.63
19620.63
18210.63
19320.63
20140.63
20300.63
19160.62
20050.62
20410.62
18880.61
19680.61
19640.61
19260.61