Features
■ Col.1: Duration of connection
■ Col.2: Protocol (TCP, UDP, ICMP)
■ Col.3: Services (http, DNS request, email…)
■ Col. 4: Flags
■ Col.5-9: Header info
■ Col. 10-22: Connection-based info (from payload)
■ Col. 23-31: Time-based info (traffic analysed over a 2 sec. window)
■ Col. 32-42: Host-based info (over multiple connections)
13