Research Article
Towards Accurate Node-Based Detection of P2P Botnets
Table 2
Features for node-based analysis.
| | Feature | Description |
| | (1) Node | Computer address for transmitting information | | (2) NP | Number of protocols used for time interval | | (3) NF | Number of flows used for time interval | | (4) NPS | Number of packets sent for time interval | | (5) ALPS | Average length of packets sent | | (6) RNP | Ratio of number of packets sent to number of packets received for time interval | | (7) RLP | Ratio of average sending packets length to average receiving packets length for time interval |
|
|
