Skip to main content

Table 46 Features and descriptions

From: IoT information theft prediction using ensemble feature selection

Feature Description
pkSeqID Row identifier
stime Record start time
flgs Flow state flags seen in transactions
proto Textual representation of transaction protocol
saddr Source IP address
sport Source port number
daddr Destination IP address
dport Destination port number
pkts Total count of packets in transaction
bytes Total number of bytes in transaction
state Transaction state
ltime Record last time
seq Argus sequence number
dur Record total duration
mean Average duration of aggregated records
stddev Standard deviation of aggregated records
sum Total duration of aggregated records
min Minimum duration of aggregated records
max Maximum duration of aggregated records
spkts Source-to-destination packet count
dpkts Destination-to-source packet count
sbytes Source-to-destination byte count
dbytes Destination-to-source byte count
rate Total packets per second in transaction
srate Source-to-destination packets per second
drate Destination-to-source packets per second
attack* Class label: 0 for Normal traffic, 1 for Attack traffic
category* Traffic category
subcategory* Traffic subcategory
  1. * Dependent feature