Advances, Systems and Applications
Table 1 Post processing feature list
From: Multi-level host-based intrusion detection system for Internet of things
Feature | Type | Description |
|---|---|---|
filename | string | Filename manipulated by the syscall |
source_port | int | Port of the source network packet |
dest_port | int | Port of the destination network packet |
p_name | string | Name of the process that created the event |
protocol | int | Value representing the used network protocol |
parent_comm | string | Parent’s process name |
child_comm | string | Children’s process name |
pathname | string | Pathname manipulated by the syscall |
ret | int | Value of return of the syscall |
saddr | string | Address of the source network packet |
daddr | string | Address of the destination network packet |
d_timestamp | int | Event duration |
a_nomEvent | string | Event name |