Research Article
Network Traffic Anomaly Detection Based on ML-ESN for Power Metering System
Table 1
Some important metadata information.
| | ID | Name | Type | Length | Description |
| | 1 | EventID | String | 64 | Event ID | | 2 | ReceiveTime | Long | 8 | Receive time | | 3 | OccurTime | Long | 8 | Occur time | | 4 | RecentTime | Long | 8 | Recent time | | 5 | ReporterID | Long | 8 | Reporter ID | | 6 | ReporterIP | IPstring | 128 | Reporter IP | | 7 | EventSrcIP | IPstring | 128 | Event source IP | | 8 | EventSrcName | String | 128 | Event source name | | 9 | EventSrcCategory | String | 128 | Event source category | | 10 | EventSrcType | String | 128 | Event source type | | 11 | EventType | Enum | 128 | Event type | | 12 | EventName | String | 1024 | Event name | | 13 | EventDigest | String | 1024 | Event digest | | 14 | EventLevel | Enum | 4 | Event level | | 15 | SrcIP | IPstring | 1024 | Source IP | | 16 | SrcPort | String | 1024 | Source port | | 17 | DestIP | IPstring | 1024 | Destination IP | | 18 | DestPort | String | 1024 | Destination port | | 19 | NatSrcIP | IPstring | 1024 | NAT translated source IP | | 20 | NatSrcPort | String | 1024 | NAT translated source port | | 21 | NatDestIP | IPstring | 1024 | NAT translated destination IP | | 22 | NatDestPort | String | 1024 | NAT translated destination port | | 23 | SrcMac | String | 1024 | Source MAC address | | 24 | DestMac | String | 1024 | Destination MAC address | | 25 | Duration | Long | 8 | Duration (second) | | 26 | UpBytes | Long | 8 | Up traffic bytes | | 27 | DownBytes | Long | 8 | Down traffic bytes | | 28 | Protocol | String | 128 | Protocol | | 29 | AppProtocol | String | 1024 | Application protocol |
|
|
