Research Article
Towards a Scalable and Adaptive Learning Approach for Network Intrusion Detection
Table 1
The list of selected attributes.
| SNO | Attributes | Data type | Description |
| 1 | num_failed_logins | Continuous | Number of failed login attempts | 2 | logged_in | Discrete | 1 if successfully logged in, 0 otherwise | 3 | Urgent | Continuous | Number of urgent packets | 4 | dst_bytes | Continuous | No. of data bytes from destination to source | 5 | root_shell | Discrete | 1 if root shell is received, 0 otherwise | 6 | dst_host_srv_diff_host_rate | Continuous | % of connections to different destination machines, among the connections aggregated in dst_host_srv_count | 7 | Service | Discrete | Network service on destination like http and telnet | 8 | serror_rate | Continuous | % of connection with SYN errors | 9 | srv_serror_rate | Continuous | % of same connection with SYN errors | 10 | same_srv_rate | Continuous | % of connection with same services | 11 | rerror_rate | Continuous | % of connection with REJ errors | 12 | Count | Continuous | No. of cons to same host as the current con in past 2 sec | 13 | protocol_type | Discrete | Type of protocol like tcp and udp | 14 | num_file_creations | Continuous | No. of file creations | 15 | srv_diff_host_rate | Continuous | % of con to diff. host | 16 | Duration | Continuous | Length of connections in seconds | 17 | is_guest_login | Discrete | 1 if guest is logged in, 0 otherwise | 18 | wrong_fragment | Continuous | No. of wrong fragments | 19 | is_host_login | Discrete | 1 if host is logged in, 0 otherwise |
|
|