Research Article
An Approach Based on the Improved SVM Algorithm for Identifying Malware in Network Traffic
Table 2
Features after dimensionality reduction.
| | Feature name | Feature description |
| | origin_ip | Source IP address | | destination_ip | Destination IP address | | duration | Connection duration | | flag | Connection normal or error state, and this field is discrete type | | src_bytes | Number of bytes of data from the source host to the destination host | | dst_bytes | Number of bytes of data from the destination host to the source host | | wrong_fragment | Number of wrong fragments, and this field is continuous type | | mark_status | Mark status | | packet_rate | Packet sending rate | | max_pktLens | Maximum message length | | min_pktLens | Minimum message length | | same_srv_rate | Percentage of connections with the same service as the current connection | | dst_host_srv_count | Number of connections with the same destination host service as the current connection |
|
|
