Skip to main content

Advances, Systems and Applications

Table 1 Post processing feature list

From: Multi-level host-based intrusion detection system for Internet of things

Feature Type Description
filename string Filename manipulated by the syscall
source_port int Port of the source network packet
dest_port int Port of the destination network packet
p_name string Name of the process that created the event
protocol int Value representing the used network protocol
parent_comm string Parent’s process name
child_comm string Children’s process name
pathname string Pathname manipulated by the syscall
ret int Value of return of the syscall
saddr string Address of the source network packet
daddr string Address of the destination network packet
d_timestamp int Event duration
a_nomEvent string Event name