Research Article
An Approach Based on the Improved SVM Algorithm for Identifying Malware in Network Traffic
Table 2
Features after dimensionality reduction.
| Feature name | Feature description |
| origin_ip | Source IP address | destination_ip | Destination IP address | duration | Connection duration | flag | Connection normal or error state, and this field is discrete type | src_bytes | Number of bytes of data from the source host to the destination host | dst_bytes | Number of bytes of data from the destination host to the source host | wrong_fragment | Number of wrong fragments, and this field is continuous type | mark_status | Mark status | packet_rate | Packet sending rate | max_pktLens | Maximum message length | min_pktLens | Minimum message length | same_srv_rate | Percentage of connections with the same service as the current connection | dst_host_srv_count | Number of connections with the same destination host service as the current connection |
|
|