Research Article
A SYN Flood Attack Detection Method Based on Hierarchical Multihead Self-Attention Mechanism
| Features | Describe |
| Source/destination port | Source/destination port | Flow bytes/s | The number of packet bytes transmitted per second | Flow packets/s | The number of packets transmitted per second | Flow IAT mean | Average rate | Fwd PSH flags | The number of times the PSH flag is set in a forward transmitted packet | Bwd PSH flags | The number of times the PSH flag is set in a packet transmitted in reverse | Fwd URG flags | The number of times the URG flag is set in a forward transmitted packet | Bwd URG flags | The number of times the URG flag is set in reverse packet | FIN flag count | The number of packages with FIN | SYN flag count | The number of packages with SYN | RST flag count | The number of packets with RST | PSH flag count | The number of packages with PUSH | ACK flag count | The number of packets with ACK | URG flag count | The number of packages with URG | act_data_pkt_fwd | Packets with a TCP data payload of at least 1 byte in the forward direction | Active mean | Average time a stream is active before it is idle | Active std | Standard deviation time for a stream to be active before it is idle |
|
|