Skip to main content
Goline Logo
Goline It Services Logo

Home

About Us

Services

Solutions

Systems Architecture

Support

FAQ

News

  • GOLINE SA Announces Strategic Partnership with NetApp November 7th, 2025
    GOLINE SA is excited to announce a new partnership with NetApp, a global leader in cloud data services and storage solutions. This collaboration aims to help organizations modernize their IT infrastructure, streamline data management, and enhance performance across cloud and hybrid environments. Modern Data Solutions for Businesses Through this partnership, GOLINE integrates advanced data management solutions, enabling businesses to securely store, manage, and access critical information across cloud, on-premises, or hybrid setups. Clients can benefit from: Flexible and scalable storage solutions to meet growing data needs Simplified management of cloud and on-premises environments Enterprise-grade security for sensitive and mission-critical data...
  • GOLINE SA Announces Partnership with Omnissa November 7th, 2025
    GOLINE SA is proud to announce a new strategic partnership with Omnissa, a global leader in digital workspace platforms and Horizon Cloud Service solutions. This collaboration marks a significant step forward in helping organizations embrace secure, flexible, and high-performance work environments. Why Choose Omnissa for Your Business? The platform enables virtual desktops, applications, and unified endpoint management. Organizations can deploy scalable workspaces across cloud, hybrid, or on-premises setups. Key benefits include: Easy access to desktops and apps on any device Centralized management for Windows, macOS, iOS, Android, and ChromeOS Strong security with access controls and multi-factor authentication Automated scaling to...
  • GOLINE SA partners with Cloudflare November 6th, 2025
    Goline is proud to announce a strategic partnership with Cloudflare, the world leader in web performance and security solutions. This collaboration aims to provide goline.ch customers with state-of-the-art protection against cyber threats while delivering lightning-fast website performance. Through this partnership, Goline integrates Cloudflare’s advanced services, including DDoS protection, CDN caching, DNS security, and edge computing, allowing businesses to secure and optimize their websites effortlessly. Users will benefit from improved page load speed, enhanced reliability, and robust defense against malicious attacks. This partnership with Cloudflare enables goline to offer unmatched security and performance solutions to clients. By leveraging Cloudflare’s cutting-edge technology,...

RoutePulse — ML Brain — 18-Model Machine Learning Pipeline

  1. RoutePulse — BGP Analytics & Security Intelligence

Back to RoutePulse Overview

RoutePulse — ML Brain — 18-Model Machine Learning Pipeline

ML Brain — 18-Model Machine Learning Pipeline

The ML Brain is a 18-model ensemble detection pipeline comprising three tiers: Core (Adaptive Baseline, Isolation Forest, Markov Chain, K-Means, Holt-Winters, Latency Baseline, Threat Intel, Temporal Analyzer, Beaconing Detector, Graph Change), Specialized (Carpet Bomb, DNS Tunnel, Reflector Detection), and Tier 1 Threat Detectors (QUIC Anomaly, Protocol Mismatch, BGP-Traffic Correlation, DGA/Fast-Flux, Encrypted C2 Profiler). The Neural Brain Canvas renders a biologically accurate HTML5 Canvas visualization at 60fps with 1200 ambient neurons, a 25-edge pipeline graph, event-driven synaptic sparks, detection flash rings, and training ripple animations, while the AI Core energy glow responds proportionally to correlation buffer activity.

Adaptive Ensemble Weights automatically adjust model weights based on true-positive and false-positive operator feedback using F1-inspired scoring. The Correlation Engine v5 applies 12 cross-model rules that detect patterns no single model catches, including Host Escalation, Prefix Under Attack, Silent Drop, and AS Instability. ML scores contribute up to 30 points to the 5-pillar Unified Threat Score. Training schedules vary by model: Baseline (1h), IsoForest (30min), Markov (1h), K-Means (2h), Holt-Winters (6h), Latency (continuous), and ThreatIntel (6h). Closed-loop learning ensures detections trigger Claude analysis that auto-generates AI Tuning rules through an operator approval workflow. The system includes 42 built-in ML flow detection rules across 8 behavioral categories — scanning, brute-force, DDoS, exfiltration, C2, lateral movement, protocol abuse, and reconnaissance. A Retrain All button purges tuning rules and retrains every model from scratch, while the model status dashboard tracks per-model health, last training time, detection count, and ensemble weight. The brain canvas legend provides a collapsible panel with data sources, model descriptions, signal semantics, and an ASCII DAG.

18
ML Models
1200
Neural Neurons
12
Correlation Rules
42
Flow Detection Rules

Key Capabilities

  • 18-model ensemble: Adaptive Baseline, Isolation Forest, Markov Chain, K-Means, Holt-Winters, Latency Baseline, and Threat Intel Model
  • Neural Brain Canvas with biologically accurate HTML5 Canvas visualization at 60fps featuring 1200 ambient neurons and 25-edge pipeline graph
  • Event-driven synaptic sparks, detection flash rings, training ripple animations, and AI Core energy glow proportional to correlation buffer activity
  • Adaptive Ensemble Weights that auto-adjust based on TP/FP operator feedback using F1-inspired scoring
  • Correlation Engine v5 with 12 cross-model rules: Host Escalation, Prefix Under Attack, Silent Drop, AS Instability, and more
  • ML scores contribute up to 30 points to the 5-pillar Unified Threat Score
  • Training schedules: Baseline (1h), IsoForest (30min), Markov (1h), K-Means (2h), Holt-Winters (6h), Latency (continuous), ThreatIntel (6h)
  • Closed-loop learning: detections trigger Claude analysis, auto-generate AI Tuning rules, and enter operator approval workflow
  • 42 built-in ML flow detection rules across 8 behavioral categories: scanning, brute-force, DDoS, exfiltration, C2, lateral movement, protocol abuse, and reconnaissance
  • Retrain All button to purge tuning rules and retrain all models from scratch
  • Model status dashboard with per-model health, last training time, detection count, and ensemble weight
  • Brain canvas legend with collapsible panel showing data sources, model descriptions, signal semantics, and ASCII DAG

Engineered and operated by the GOLINE SOC & Network Engineering team.

Explore all RoutePulse features →
70 / 100 SEO Score