Table 17 Â List of features in the CIC-IDS 2018 Dataset
From: A novel time efficient learning-based approach for smart intrusion detection system
Feature | Description | Feature | Description |
|---|---|---|---|
fl_dur | Flow duration | bw_iat_tot | Total time between two packets sent in the backward direction |
tot_fw_pk | Total packets in the forward direction | bw_iat_avg | Mean time between two packets sent in the backward direction |
tot_bw_pk | Total packets in the backward direction | bw_iat_std | Standard deviation time between two packets sent in the backward direction |
tot_l_fw_pkt | Total size of packet in forward direction | bw_iat_max | Maximum time between two packets sent in the backward direction |
fw_pkt_l_max | Maximum size of packet in forward direction | idl_max | Maximum time a flow was idle before becoming active |
fw_pkt_l_min | Minimum size of packet in forward direction | bw_iat_min | Minimum time between two packets sent in the backward direction |
fw_pkt_l_avg | Average size of packet in forward direction | fw_psh_flag | Number of times the PSH flag was set in packets travelling in the forward direction (0 for UDP) |
fw_pkt_l_std | Standard deviation size of packet in forward direction | bw_psh_flag | Number of times the PSH flag was set in packets travelling in the backward direction (0 for UDP) |
Bw_pkt_l_max | Maximum size of packet in backward direction | fw_urg_flag | Number of times the URG flag was set in packets travelling in the forward direction (0 for UDP) |
Bw_pkt_l_min | Minimum size of packet in backward direction | bw_urg_flag | Number of times the URG flag was set in packets travelling in the backward direction (0 for UDP) |
Bw_pkt_l_avg | Mean size of packet in backward direction | fw_hdr_len | Total bytes used for headers in the forward direction |
Bw_pkt_l_std | Standard deviation size of packet in backward direction | bw_hdr_len | Total bytes used for headers in the forward direction |
fl_byt_s | flow byte rate that is number of packets transferred per second | fw_pkt_s | Number of forward packets per second |
fl_pkt_s | flow packets rate that is number of packets transferred per second | bw_pkt_s | Number of backward packets per second |
fl_iat_avg | Average time between two flows | pkt_len_min | Minimum length of a flow |
fl_iat_std | Standard deviation time two flows | pkt_len_max | Maximum length of a flow |
fl_iat_max | Maximum time between two flows | pkt_len_avg | Mean length of a flow |
fl_iat_min | Minimum time between two flows | pkt_len_std | Standard deviation length of a flow |
fw_iat_tot | Total time between two packets sent in the forward direction | pkt_len_va | Minimum inter-arrival time of packet |
fw_iat_avg | Mean time between two packets sent in the forward direction | fin_cnt | Number of packets with FIN |
fw_iat_std | Standard deviation time between two packets sent in the forward direction | syn_cnt | Number of packets with SYN |
fw_iat_max | Maximum time between two packets sent in the forward direction | rst_cnt | Number of packets with RST |
fw_iat_min | Minimum time between two packets sent in the forward direction | pst_cnt | Number of packets with PUSH |
down_up_ratio | Download and upload ratio | ack_cnt | Number of packets with ACK |
pkt_size_avg | Average size of packet | urg_cnt | Number of packets with URG |
fw_seg_avg | Average size observed in the forward direction | cwe_cnt | Number of packets with CWE |
bw_seg_avg | Average size observed in the backward direction | ece_cnt | Number of packets with ECE |
fw_byt_blk_avg | Average number of bytes bulk rate in the forward direction | subfl_fw_byt | The average number of bytes in a sub flow in the forward direction |
fw_pkt_blk_avg | Average number of packets bulk rate in the forward direction | subfl_bw_pkt | The average number of packets in a sub flow in the backward direction |
fw_blk_rate_avg | Average number of bulk rates in the forward direction | subfl_bw_byt | The average number of bytes in a sub flow in the backward direction |
bw_byt_blk_avg | Average number of bytes bulk rate in the backward direction | fw_win_byt | Number of bytes sent in initial window in the forward direction |
bw_pkt_blk_avg | Average number of packets bulk rate in the backward direction | bw_win_byt | # of bytes sent in initial window in the backward direction |
bw_blk_rate_avg | Average number of bulk rate in the backward direction | Fw_act_pkt | # of packets with at least 1 byte of TCP data payload in the forward direction |
subfl_fw_pk | The average number of packets in a sub flow in the forward direction | fw_seg_min | Minimum segment size observed in the forward direction |
tot_l_fw_pkt | Total size of packet in forward direction | atv_avg | Mean time a flow was active before becoming idle |
fw_pkt_l_max | Maximum size of packet in forward direction | atv_std | Standard deviation time a flow was active before becoming idle |
atv_max | Maximum time a flow was active before becoming idle | idl_min | Minimum time a flow was idle before becoming active |
atv_min | Minimum time a flow was active before becoming idle | fl_dur | Flow duration |
idl_avg | Mean time a flow was idle before becoming active | tot_fw_pk | Total packets in the forward direction |
idl_std | Standard deviation time a flow was idle before becoming active | tot_bw_pk | Total packets in the backward direction |