Research Article
Towards a Scalable and Adaptive Learning Approach for Network Intrusion Detection
Table 1
The list of selected attributes.
| | SNO | Attributes | Data type | Description |
| | 1 | num_failed_logins | Continuous | Number of failed login attempts | | 2 | logged_in | Discrete | 1 if successfully logged in, 0 otherwise | | 3 | Urgent | Continuous | Number of urgent packets | | 4 | dst_bytes | Continuous | No. of data bytes from destination to source | | 5 | root_shell | Discrete | 1 if root shell is received, 0 otherwise | | 6 | dst_host_srv_diff_host_rate | Continuous | % of connections to different destination machines, among the connections aggregated in dst_host_srv_count | | 7 | Service | Discrete | Network service on destination like http and telnet | | 8 | serror_rate | Continuous | % of connection with SYN errors | | 9 | srv_serror_rate | Continuous | % of same connection with SYN errors | | 10 | same_srv_rate | Continuous | % of connection with same services | | 11 | rerror_rate | Continuous | % of connection with REJ errors | | 12 | Count | Continuous | No. of cons to same host as the current con in past 2 sec | | 13 | protocol_type | Discrete | Type of protocol like tcp and udp | | 14 | num_file_creations | Continuous | No. of file creations | | 15 | srv_diff_host_rate | Continuous | % of con to diff. host | | 16 | Duration | Continuous | Length of connections in seconds | | 17 | is_guest_login | Discrete | 1 if guest is logged in, 0 otherwise | | 18 | wrong_fragment | Continuous | No. of wrong fragments | | 19 | is_host_login | Discrete | 1 if host is logged in, 0 otherwise |
|
|
