| 0 | Duration | Protocol Type | Service | Flag | Src Bytes | Dst Bytes | Land | Wrong Fragment | Urgent | Hot | Num Failed Logins | Logged In | Num Compromised | Root Shell | Su Attempted | Num Root | Num File Creations | Num Shells | Num Access Files | Num Outbound Cmds | Is Hot Logins | Is Guest Login | Count | Srv Count | Serror Rate | Srv Serror Rate | Rerror Rate | Srv Rerror Rate | Same Srv Rate | Label | Score |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0 | tcp | ftp_data | SF | 491 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 2 | 2 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 150 |
| 1 | udp | other | SF | 146 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 13 | 123 | 6 | 1 | 1 | 0 | 1 | 0 | 0 | 150 |
| 2 | tcp | private | S0 | 0 | 232 | 199 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 5 | 5 | 0.2 | 0.2 | 0 | 0 | 1 | 0 | 0 | 0 |
Description: Length of time duration of the connection
Type: Continuous
Value Type: Integers
Range: 0 - 54451
Description: Protocol used in the connection
Type: Categorical
Value Type: String
Description: Destination networ service used
Type: Categorical
Value Type: String
Description: Status of the connection - Normal or Error
Type: Categorical
Value Type: String
Description: Number of data bytes transferred from source to destination in single connection
Type: Continuous
Value Type: Integers
Range: 0 - 1379963888
Description: Number of data bytes transferred from source to destination in single connection
Type: Continuous
Value Type: Integers
Range: 0 - 309937401
Description: If source and destination IP addresses and port numbers are equal then, this variable takes value 1 else 0
Type: Binary
Value Type: Integers
Description: Total number of wrong fragments in this connection
Type: Discrete
Value Type: Integers
Description: Number of urgent packtes in this connection. Urgent packets are packets with the urgent bit activated
Type: Discrete
Value Type: Integers
Description: Number of "hot" indicators inn this content such as: entering a system directory, creating programs and executing programs
Type: Continuous
Value Type: Integers
Range: 0 - 101
Description: Count of failed login attempts
Type: Continuous
Value Type: Integers
Range: 0 - 4
Description: Login Status : 1 if successfully logged in else 0
Type: Binary
Value Type: Integers
Description: Number of "compromised" conditions
Type: Continous
Value Type: Integers
Range: 7479
Description: 1 if root shell is obtained else 0
Type: Binary
Value Type: Integers
Description: 1 if "su root" command attempted or used else 0
Type: Discrete (Dataset contains '2' value
Value Type: Integers
Range: 0 - 2
Description: Number of "root" accesses or number of operatins performed as a root in the connection
Type: Continuous
Value Type: Integers
Range: 0 - 7468
Description: Number of file creation operations in the connection
Type: Continuous
Value Type: Integers
Range: 0 - 100
Description: Number of shell prompts
Type: Continuous
Value Type: Integers
Range: 0 - 2
Description: Number of operations on access control files
Type: Continuous
Value Type: Integers
Range: 0 - 9
Description: Number of outbound commands in an ftp session
Type: Continuous
Value Type: Integers
Range: 0
Description: 1 if the login belongs to the "hot" list i.e., root or admin else 0
Type: Binary
Value Type: Integers
Range: 0 - 1
Description: 1 if the login is a "guest" login; else 0
Type: Binary
Value Type: Integers
Range: 0 - 1
Description: Number of connections to the same destination host as the current connection in the past two seconds
Type: Discrete
Value Type: Integers
Range: 0 - 511
Description: Number of connections to the same service (port number) as the current connection in the past two seconds
Type: Discrete
Value Type: Integers
Range: 0 - 511
Description: The percentage of connections that have activated the flag (4) s0, s1, s2 or s3, among the connections aggregated in count(23)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) s0, s1, s2 or s3, among the connections aggregated in srv_count (24)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) REJ, among the connections aggregated in count (23)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) REJ, among the connections aggregated in srv_count (24)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that were to the same service, among the connections aggregated in count (23)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that were to different services, among the connections aggregated in count (23)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: The percentage of connections that were to different destination machines among the connections aggregated in srv_count (24)
Type: Discrete
Value Type: Floats (hundredths of decimal
Range: 0 - 1
Description: Number of connections having the same destination host IP address
Type: Discrete
Value Type: Integers
Range: 0 - 255
Description: Number of connections having the same port number
Type: Discrete
Value Type: Integers
Range: 0 - 255
Description: The percentage of connections that were to different services, among the connections aggregated in dst_host_count (32)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that were to different services, among the connections aggregated in dst_host_count (32)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that were to the same source port, among the connections aggregated in dst_host_srv_count (33)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that were to different destination machines, among the connections aggregated in dst_host_srv_count (33)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) s0, s1, s2 or s3, among the connections aggregated in dst_host_count (32)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percent of connections that have activated the flag (4) s0, s1, s2 or s3, among the connections aggregated in dst_host_srv_count (33)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) REJ, among the connections aggregated in dst_host_count (32)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: The percentage of connections that have activated the flag (4) REJ, among the connections aggregated in dst_host_srv_count (33)
Type: Discrete
Value Type: Floats (hundredths of a decimal)
Range: 0 - 1
Description: Classification of the traffic input
Type: Categorical
Value Type: Strings
Description: Difficulty level
Type: Discrete
Value Type: Integers
Range: 0 - 21