Well the attack constantly changes, there are basically infinite ways they can attack the network, this would (could) help by automating that process to identify the attack pattern instead of the manual process we currently have