If you got some research data, for example, ttl data in two categories (malicious and benign), how can we find the difference between two categories of data?
Firstly, we can go for 'pdf' , then we will find a gap between two lines.
Secondly, do 'hist', and then you can draw the two nomal diagram which might be apparent.