Hogzilla is an open source Intrusion Detection System (IDS) supported by Snort, SFlows, GrayLog, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detection. Hogzilla also gives visibility of the network.
The video on side illustrates the K-means clustering, which is one of many methods that Hogzilla can use to identify malicious activity.