Low-rate DoS attack detection based on two-step cluster analysis and UTR analysis | Synapse