Research Article
A SYN Flood Attack Detection Method Based on Hierarchical Multihead Self-Attention Mechanism
| | Features | Describe |
| | Source/destination port | Source/destination port | | Flow bytes/s | The number of packet bytes transmitted per second | | Flow packets/s | The number of packets transmitted per second | | Flow IAT mean | Average rate | | Fwd PSH flags | The number of times the PSH flag is set in a forward transmitted packet | | Bwd PSH flags | The number of times the PSH flag is set in a packet transmitted in reverse | | Fwd URG flags | The number of times the URG flag is set in a forward transmitted packet | | Bwd URG flags | The number of times the URG flag is set in reverse packet | | FIN flag count | The number of packages with FIN | | SYN flag count | The number of packages with SYN | | RST flag count | The number of packets with RST | | PSH flag count | The number of packages with PUSH | | ACK flag count | The number of packets with ACK | | URG flag count | The number of packages with URG | | act_data_pkt_fwd | Packets with a TCP data payload of at least 1 byte in the forward direction | | Active mean | Average time a stream is active before it is idle | | Active std | Standard deviation time for a stream to be active before it is idle |
|
|
