Research Article
Deep Learning-Based Framework for the Detection of Cyberattack Using Feature Engineering
Table 2
Content features within a connection suggested by domain knowledge.
| Feature name | Description | Type |
| hot | Number of “hot” indicators | Continuous | num_failed_logins | Amount of unsuccessful login attempts | Continuous | logged_in | 1 if signed in successfully; 0 otherwise | Discrete | num_compromised | Amount of “committed” conditions | Continuous | root_shell | 1 if root shell has been obtained; 0 otherwise | Discrete | su_attempted | 1 if the “your root” command was attempted; 0 otherwise | Discrete | num_root | Number of kinds of “root” access | Continuous | num_file_creations | Number of file generation operations | Continuous | num_shells | Range of prompts for shell | Continuous | num_access_files | Amount of access control files operations | Continuous | num_outbound_cmds | Number of outbound commands in the ftp session | Continuous | is_hot_login | 1 if the username is a “hot” login; 0 otherwise | Discrete | is_guest_login | 1 if the username is a “guest” login; 0 otherwise | Discrete |
|
|