I
AE
S In
t
er
na
t
io
na
l J
o
urna
l o
f
Art
if
icia
l In
t
ellig
ence
(
I
J
-
AI)
Vo
l.
9
,
No
.
1
,
Ma
r
ch
2
0
2
0
,
p
p
.
137
~
145
I
SS
N:
2
2
5
2
-
8938
,
DOI
: 1
0
.
1
1
5
9
1
/i
j
ai.
v
9
.i
1
.
p
p
137
-
1
4
5
137
J
o
ur
na
l
ho
m
ep
a
g
e
:
h
ttp
:
//ij
a
i
.
ia
esco
r
e.
co
m
Feature
select
io
n
for DDoS
detec
tio
n using
clas
sifica
t
io
n
m
a
chine
learning
techniqu
es
Andi
M
a
s
la
n
1
,
K
a
m
a
ru
dd
i
n
M
a
lik
B
in M
o
ha
m
a
d
2
F
er
es
a
B
inti
M
o
hd
F
o
o
zy
3
1
T
e
k
n
ik
In
f
o
rm
a
ti
k
a
,
Un
iv
e
rsitas
P
u
tera
Ba
tam
,
Jl.
L
e
tj
e
n
S
o
e
p
ra
p
t
o
,
M
u
k
a
Ku
n
i
n
g
Ba
tam
,
2
9
4
3
2
,
I
n
d
o
n
e
sia
2
,3
Un
iv
e
rsity
T
u
n
Hu
ss
e
in
On
n
M
a
la
y
sia
U
T
HM
,
P
a
rit
Ra
ja,
J
o
h
o
r
Ba
ru
,
8
6
4
0
0
,
M
a
lay
sia
Art
icle
I
nfo
AB
ST
RAC
T
A
r
ticle
his
to
r
y:
R
ec
eiv
ed
No
v
1
7
,
2
0
1
9
R
ev
i
s
ed
Feb
1
2
,
2
0
20
A
cc
ep
ted
Feb
19
,
2
0
20
Co
m
p
u
ter
s
y
ste
m
s
e
c
u
rit
y
is
a
fa
c
to
r
th
a
t
n
e
e
d
s
to
b
e
c
o
n
sid
e
re
d
in
th
e
e
ra
o
f
in
d
u
strial
re
v
o
lu
ti
o
n
4
.
0
,
n
a
m
e
l
y
b
y
p
re
v
e
n
ti
n
g
v
a
rio
u
s
th
re
a
ts
to
th
e
s
y
ste
m
,
a
s
w
e
ll
a
s
b
e
in
g
a
b
le
to
d
e
tec
t
a
n
d
re
p
a
ir
a
n
y
d
a
m
a
g
e
th
a
t
o
c
c
u
rs
to
th
e
c
o
m
p
u
ter
s
y
ste
m
.
DD
o
S
a
tt
a
c
k
s
a
re
a
th
re
a
t
to
th
e
c
o
m
p
a
n
y
a
t
th
is
ti
m
e
b
e
c
a
u
se
th
is
a
tt
a
c
k
is
c
a
rried
o
u
t
b
y
m
a
k
in
g
v
e
r
y
l
a
rg
e
r
e
q
u
e
sts
f
o
r
a
site
o
r
w
e
b
site
s
e
rv
e
r
so
th
a
t
th
e
sy
ste
m
b
e
c
o
m
e
s
stu
c
k
a
n
d
c
a
n
n
o
t
f
u
n
c
ti
o
n
a
t
a
ll
.
DD
o
S
a
tt
a
c
k
s
in
In
d
o
n
e
sia
a
n
d
d
e
v
e
lo
p
e
d
c
o
u
n
tri
e
s
a
lwa
y
s
in
c
re
a
se
e
v
e
r
y
y
e
a
r
to
6
%
f
ro
m
o
n
ly
3
%
.
T
o
m
in
i
m
ize
th
e
a
tt
a
c
k
,
w
e
c
o
n
d
u
c
t
e
d
a
stu
d
y
u
sin
g
M
a
c
h
in
e
L
e
a
rn
in
g
tec
h
n
iq
u
e
s.
T
h
e
d
a
tas
e
t
is
o
b
tain
e
d
f
ro
m
t
h
e
re
su
lt
s
o
f
DD
o
S
a
tt
a
c
k
s
th
a
t
h
a
v
e
b
e
e
n
c
o
ll
e
c
ted
b
y
th
e
re
se
a
r
c
h
e
rs.
F
ro
m
th
e
d
a
tas
e
ts,
th
e
re
is
a
train
in
g
a
n
d
tes
ti
n
g
o
f
d
a
ta
u
si
n
g
f
iv
e
tec
h
n
iq
u
e
s
c
las
si
f
ica
ti
o
n
:
Ne
u
ra
l
Ne
t
w
o
rk
,
Na
ïv
e
B
a
y
e
s
a
n
d
Ra
n
d
o
m
F
o
re
st,
KN
N,
a
n
d
S
u
p
p
o
rt
V
e
c
to
r
M
a
c
h
i
n
e
(S
V
M
),
d
a
tas
e
ts
p
ro
c
e
ss
e
d
h
a
v
e
d
iff
e
re
n
t
p
e
rc
e
n
tag
e
s,
w
it
h
th
e
a
im
o
f
f
a
c
il
it
a
ti
n
g
in
c
l
a
ss
ify
in
g
.
F
ro
m
th
is
stu
d
y
it
c
a
n
b
e
c
o
n
c
lu
d
e
d
th
a
t
f
ro
m
th
e
f
iv
e
c
las
si
f
ica
ti
o
n
tec
h
n
iq
u
e
s
u
se
d
,
th
e
F
o
re
st
ra
n
d
o
m
c
las
sif
i
c
a
ti
o
n
tec
h
n
i
q
u
e
a
c
h
iev
e
d
th
e
h
ig
h
e
st
lev
e
l
o
f
a
c
c
u
ra
c
y
(9
8
.
7
0
%
)
w
it
h
a
W
e
ig
h
ted
A
v
g
9
8
.
4
%
.
T
h
is
m
e
a
n
s
th
a
t
th
e
tec
h
n
iq
u
e
c
a
n
d
e
tec
t
DD
o
S
a
tt
a
c
k
s a
c
c
u
ra
tel
y
o
n
th
e
a
p
p
li
c
a
ti
o
n
th
a
t
w
il
l
b
e
d
e
v
e
lo
p
e
d
.
K
ey
w
o
r
d
s
:
C
las
s
i
f
icatio
n
DDo
S
Featu
r
e
Select
io
n
Ma
ch
i
n
e
L
ea
r
n
i
n
g
Net
w
o
r
k
Secu
r
i
t
y
T
h
is i
s
a
n
o
p
e
n
a
c
c
e
ss
a
rticle
u
n
d
e
r th
e
CC B
Y
-
SA
li
c
e
n
se
.
C
o
r
r
e
s
p
o
nd
ing
A
uth
o
r
:
An
d
i M
asla
n
,
Dep
ar
t
m
en
t o
f
I
n
f
o
r
m
atic
,
P
u
ter
a
B
atam
U
n
i
v
er
s
it
y
,
J
l L
etj
en
So
ep
r
ap
to
,
Mu
k
a
Ku
n
in
g
B
ata
m
,
Kep
u
la
u
an
R
iau
,
I
n
d
o
n
eisa
.
E
m
ail:
L
a
n
m
a
s
co
@
g
m
ail.
co
m
1.
I
NT
RO
D
UCT
I
O
N
T
h
e
co
m
p
u
ter
s
ec
u
r
it
y
s
y
s
te
m
i
s
a
f
ac
to
r
th
at
n
ee
d
s
to
b
e
co
n
s
id
er
ed
in
t
h
e
er
a
o
f
in
d
u
s
tr
ial
r
ev
o
lu
tio
n
4
.
0
,
n
am
el
y
b
y
p
r
e
v
en
t
in
g
v
ar
io
u
s
th
r
ea
t
s
to
th
e
s
y
s
te
m
,
as
w
ell
as
b
ein
g
ab
le
to
d
etec
t
an
d
r
ep
ai
r
d
u
e
to
an
y
d
a
m
a
g
e
th
at
o
cc
u
r
s
.
A
cc
o
r
d
in
g
to
[
1
]
,
b
r
o
ad
ly
th
e
th
r
ea
t
to
in
f
o
r
m
atio
n
s
y
s
te
m
s
ca
n
b
e
d
iv
id
ed
in
to
t
w
o
t
y
p
e
s
,
n
a
m
el
y
ac
ti
v
e
th
r
ea
ts
an
d
p
ass
i
v
e
th
r
ea
ts
.
A
cti
v
e
t
h
r
ea
ts
in
cl
u
d
e
f
r
a
u
d
an
d
cr
i
m
es
ag
ai
n
s
t
co
m
p
u
ter
s
,
w
h
ile
p
ass
i
v
e
t
h
r
e
ats
in
cl
u
d
e
s
y
s
te
m
f
ail
u
r
e,
h
u
m
an
er
r
o
r
,
an
d
n
at
u
r
al
d
is
aste
r
s
.
S
y
s
te
m
f
ail
u
r
e
s
tates
f
ail
u
r
e
in
co
m
p
o
n
e
n
t
eq
u
ip
m
e
n
t
s
u
ch
as
h
ar
d
d
is
k
o
r
co
m
p
u
ter
n
et
w
o
r
k
its
el
f
.
Fro
m
th
i
s
co
n
ce
p
t,
co
m
p
u
ter
-
b
a
s
ed
s
y
s
te
m
s
an
d
n
et
w
o
r
k
s
s
o
m
eti
m
e
s
b
ec
o
m
e
v
u
l
n
er
ab
le
to
f
r
au
d
an
d
d
ata
th
ef
t.
On
e
t
y
p
e
o
f
attac
k
th
at
s
till
ex
i
s
ts
a
n
d
d
if
f
i
cu
lt
to
s
to
p
is
th
e
Dis
tr
ib
u
ted
Den
ial
o
f
Ser
v
ices
(
DDo
S)
attac
k
.
T
h
is
attac
k
is
ca
r
r
ied
o
u
t
b
y
m
a
k
i
n
g
m
an
y
r
eq
u
est
s
f
o
r
a
s
ite
o
r
w
eb
s
it
e
s
er
v
er
s
o
t
h
at
th
e
s
y
s
te
m
b
ec
o
m
e
s
s
t
u
ck
an
d
ca
n
n
o
t
f
u
n
ctio
n
a
t a
ll
.
An
o
t
h
er
attac
k
th
at
is
also
v
er
y
d
an
g
er
o
u
s
i
s
a
s
n
i
f
f
er
attac
k
tec
h
n
iq
u
e.
T
h
is
tech
n
iq
u
e
is
i
m
p
le
m
e
n
ted
b
y
cr
ea
ti
n
g
a
p
r
o
g
r
am
th
at
tr
ac
k
s
s
o
m
eo
n
e
'
s
d
ata
p
ac
k
e
t
w
h
en
t
h
e
p
ac
k
et
cr
o
s
s
e
s
t
h
e
in
ter
n
e
t,
ca
p
tu
r
es
p
ass
w
o
r
d
s
o
r
ca
p
tu
r
es
co
n
ten
ts
.
An
d
th
at
i
s
n
o
t
less
i
m
p
o
r
ta
n
t
is
th
e
tec
h
n
iq
u
e
o
f
s
p
o
o
f
i
n
g
Evaluation Warning : The document was created with Spire.PDF for Python.
I
SS
N
:
2
2
5
2
-
8938
I
n
t J
A
r
ti
f
I
n
tell
,
Vo
l.
9
,
No
.
1
,
Ma
r
ch
20
20
:
137
–
1
4
5
138
attac
k
s
,
th
i
s
tec
h
n
iq
u
e
i
s
d
o
n
e
b
y
f
a
ls
i
f
y
in
g
e
-
m
ail
ad
d
r
es
s
es
o
r
th
e
w
eb
in
o
r
d
er
to
tr
ap
u
s
er
s
to
e
n
ter
i
m
p
o
r
tan
t
i
n
f
o
r
m
atio
n
s
u
c
h
a
s
p
ass
w
o
r
d
s
o
r
cr
ed
it
ca
r
d
n
u
m
b
er
s
.
Of
t
h
e
v
ar
io
u
s
t
y
p
e
s
o
f
l
ea
r
n
in
g
,
t
h
is
s
t
u
d
y
f
o
cu
s
es o
n
DDo
S a
ttac
k
s
.
DDo
S
attac
k
s
i
n
I
n
d
o
n
e
s
ia
h
av
e
b
ee
n
i
n
cr
ea
s
i
n
g
r
ec
en
tl
y
.
Data
s
h
o
w
ed
t
h
at
7
9
%
o
f
to
tal
DDOS
attac
k
s
i
n
t
h
e
f
o
u
r
th
q
u
ar
ter
o
f
2
0
1
7
w
er
e
in
te
n
d
ed
f
o
r
g
a
m
e
ap
p
licatio
n
s
.
A
c
tu
al
l
y
,
th
e
f
i
g
u
r
e
f
ell
th
r
ee
p
er
ce
n
t
co
m
p
ar
ed
to
th
e
atta
ck
in
t
h
e
p
r
ev
io
u
s
q
u
ar
ter
.
W
h
ile
telec
o
m
m
u
n
icatio
n
an
d
in
t
er
n
et
ap
p
licatio
n
s
in
cr
ea
s
ed
to
6
%
f
r
o
m
o
n
l
y
3
%,
also
t
h
e
ap
p
licatio
n
o
f
f
in
a
n
cial
s
er
v
ice
s
r
o
s
e
2
%
to
4
%
i
n
t
h
e
la
s
t
q
u
ar
ter
o
f
2
0
1
7
.
D
o
S
is
a
f
o
r
m
o
f
Do
S
attac
k
w
h
e
n
an
attac
k
er
m
a
k
es
t
h
e
n
et
w
o
r
k
in
ac
ce
s
s
ib
le
(
s
lo
w
i
n
g
d
o
w
n
o
r
lo
s
in
g
d
ata)
b
y
attac
k
i
n
g
u
s
i
n
g
m
o
r
e
t
h
a
n
o
n
e
P
r
o
to
co
l
(
I
P)
I
n
ter
n
et
ad
d
r
ess
.
T
h
is
ca
u
s
e
s
a
f
lo
o
d
o
f
tr
af
f
ic
m
ak
in
g
i
t
d
if
f
ic
u
lt
to
id
en
ti
f
y
t
h
e
attac
k
er
.
DDo
S
at
tack
s
ar
e
v
er
y
d
etr
i
m
e
n
tal
b
o
th
o
p
er
atio
n
all
y
a
n
d
f
i
n
an
cia
ll
y
.
I
n
t
h
e
B
2
B
I
n
ter
n
atio
n
al
s
u
r
v
e
y
in
co
llab
o
r
atio
n
w
it
h
Kasp
er
s
k
y
L
ab
,
e
n
titl
e
d
Glo
b
al
C
o
r
p
o
r
ate
I
T
Secu
r
ity
R
is
k
s
2
0
1
5
,
it
ca
n
id
en
tify
t
h
at
a
DDo
S
attac
k
o
n
an
o
n
li
n
e
r
eso
u
r
ce
ca
n
ca
u
s
e
f
i
n
a
n
cial
lo
s
s
e
s
s
tar
tin
g
at
t
h
e
US $
5
3
-
4
1
7
th
o
u
s
an
d
.
T
o
an
ticip
ate
a
ttack
s
b
y
n
et
wo
r
k
s
ec
u
r
it
y
,
r
esear
c
h
er
s
al
w
a
y
s
lo
o
k
in
g
f
o
r
th
e
b
est
tec
h
n
i
q
u
es
f
o
r
d
etec
tin
g
DDo
S
attac
k
s
,
s
u
c
h
as
r
esear
c
h
co
n
d
u
c
ted
[
2
]
,
h
o
w
to
d
etec
t
DDo
S
attac
k
s
b
y
d
ev
elo
p
in
g
s
tatis
t
ical
-
b
ased
DDo
S
d
etec
tio
n
s
y
s
te
m
s
u
s
i
n
g
M
u
lti
v
ar
ia
te
C
o
r
r
elativ
e
An
al
y
s
is
(
MC
A
)
.
MC
A
u
s
e
s
t
h
e
T
r
ian
g
le
-
A
r
ea
-
Ma
p
(
T
A
M)
r
e
p
r
esen
tatio
n
tec
h
n
iq
u
e
to
d
escr
ib
e
th
e
r
elatio
n
s
h
ip
b
et
w
ee
n
ea
ch
tr
af
f
ic
f
ea
t
u
r
e
b
y
ca
lcu
lat
in
g
t
h
e
d
is
ta
n
ce
o
f
o
n
e
f
ea
t
u
r
e
v
a
lu
e
to
an
o
th
er
f
ea
t
u
r
e
v
al
u
e
f
o
r
ea
ch
f
ea
tu
r
e
ex
tr
ac
ted
.
Data
f
r
o
m
M
C
A
p
r
o
ce
s
s
in
g
r
es
u
lt
s
w
er
e
a
n
a
l
y
ze
d
b
y
u
s
i
n
g
M
ah
alan
o
b
is
Dis
tan
ce
to
b
e
u
s
ed
as
r
ef
er
e
n
ce
o
r
o
b
s
er
v
atio
n
d
ata.
T
h
e
d
etec
tio
n
p
r
o
ce
s
s
o
f
th
e
o
b
s
er
v
ed
th
r
esh
o
ld
-
b
ased
d
ata
f
r
o
m
th
e
r
ef
e
r
en
ce
d
ata
an
d
th
e
an
o
m
al
y
clas
s
i
f
icatio
n
p
r
o
ce
s
s
u
s
in
g
Ma
h
alan
o
b
is
D
is
ta
n
c
e
an
d
C
o
s
i
n
e
Dis
tan
ce
to
ca
l
cu
late
t
h
e
d
is
ta
n
ce
b
et
w
ee
n
th
e
v
a
lu
e
s
o
f
th
e
T
AM
tr
af
f
ic
f
ea
tu
r
e
o
b
s
er
v
ed
w
it
h
th
e
T
A
M
r
ef
er
e
n
ce
tr
af
f
ic.
S
y
s
te
m
te
s
ti
n
g
w
a
s
d
o
n
e
b
y
m
ea
s
u
r
i
n
g
th
e
ac
cu
r
ac
y
o
f
th
e
al
g
o
r
ith
m
,
b
ased
o
n
t
h
e
r
es
u
lt
s
o
f
t
h
e
s
y
s
te
m
w
i
th
p
ar
a
m
eter
s
Dete
ctio
n
R
a
te
(
DR
)
,
Fals
e
P
o
s
iti
v
e
R
ate
(
FP
R
)
an
d
A
cc
u
r
ac
y
(
AC
C
)
.
I
n
r
esear
ch
[
3
]
,
in
h
is
r
esear
c
h
d
ev
elo
p
ed
a
d
etec
tio
n
m
eth
o
d
b
y
lo
o
k
i
n
g
a
t
DDo
S
attac
k
p
atter
n
s
u
s
i
n
g
n
et
w
o
r
k
p
ac
k
et
a
n
al
y
s
i
s
an
d
u
tili
zi
n
g
m
ac
h
in
e
lear
n
in
g
tech
n
iq
u
e
s
to
s
tu
d
y
DDo
S
a
ttack
p
atter
n
s
.
I
n
h
is
r
esear
c
h
,
to
an
al
y
ze
a
lar
g
e
n
u
m
b
er
o
f
n
e
t
w
o
r
k
p
ac
k
a
g
e
s
p
r
o
v
id
ed
b
y
t
h
e
A
p
p
lied
I
n
ter
n
et
Data
An
al
y
s
is
C
en
tr
e
a
n
d
i
m
p
le
m
en
t
a
d
ete
ctio
n
s
y
s
te
m
u
s
i
n
g
Vec
to
r
M
ac
h
in
e
S
u
p
p
o
r
t
(
SVM)
w
it
h
r
ad
ial
(
Gau
s
s
ian
)
k
er
n
el
b
asic
f
u
n
ct
io
n
s
.
A
cc
u
r
a
te
d
etec
tio
n
s
y
s
te
m
f
o
r
d
etec
ti
n
g
D
Do
S
attac
k
s
.
W
h
ile
t
h
e
r
esu
lt
s
o
f
t
h
e
s
t
u
d
y
[
4
]
ex
p
lain
ed
th
at
t
h
e
att
ac
k
er
s
(
h
ac
k
er
s
)
ca
n
d
o
m
o
r
e
DO
S
attac
k
s
w
it
h
zo
m
b
ie
h
o
s
ts
(
co
m
p
u
ter
s
th
a
t
h
a
v
e
b
ee
n
in
j
ec
ted
w
it
h
th
e
r
e
m
o
t
e
co
n
tr
o
l
s
cr
ip
t/b
o
tn
et)
o
n
tar
g
ets
d
is
tr
ib
u
ted
an
d
s
i
m
u
ltan
eo
u
s
l
y
s
o
th
at
t
h
e
ef
f
ec
t
o
f
t
h
is
attac
k
i
s
a
n
ab
ili
t
y
to
k
n
o
ck
o
u
t
th
e
tar
g
et
q
u
ic
k
l
y
.
B
ased
o
n
a
n
u
m
b
er
o
f
s
t
u
d
ies,
th
e
C
U
SUM
alg
o
r
ith
m
is
r
ec
o
g
n
ized
as
h
a
v
in
g
a
n
ac
cu
r
ac
y
p
o
in
t
t
h
at
i
s
q
u
ite
r
eliab
le
in
d
etec
tin
g
DDOS
attac
k
s
t
h
at
o
f
ten
o
cc
u
r
to
d
a
y
.
UDP
Flo
o
d
attac
k
s
also
d
o
m
i
n
ated
s
ev
er
al
m
aj
o
r
attac
k
s
i
n
th
e
w
o
r
ld
.
B
ased
o
n
th
e
p
r
o
b
lem
o
f
t
h
e
f
ac
t
t
h
at
t
h
e
UDP
f
lo
o
d
d
o
m
i
n
ates
t
h
e
c
u
r
r
en
t
attac
k
s
,
t
h
e
au
t
h
o
r
w
an
t
ed
to
cr
ea
te
an
I
DS
(
I
n
tr
u
s
io
n
Dete
ctio
n
S
y
s
te
m
)
u
s
i
n
g
th
e
C
USU
M
alg
o
r
it
h
m
.
I
t is ex
p
ec
ted
th
at
t
h
e
ap
p
licati
o
n
o
f
th
e
C
USU
M
alg
o
r
ith
m
o
n
t
h
e
I
DS
s
y
s
te
m
is
ab
le
to
d
etec
t
UDP
Flo
o
d
attac
k
s
b
y
ap
p
r
o
ac
h
in
g
h
ig
h
ac
cu
r
ac
y
an
d
f
ast
d
etec
tio
n
ti
m
e.
I
n
r
esear
c
h
[
5
]
ai
m
ed
to
d
ev
elo
p
a
n
e
w
ap
p
r
o
ac
h
to
d
etec
t
DDo
S
attac
k
s
,
b
ased
o
n
n
et
w
o
r
k
lo
g
s
th
a
t
w
er
e
s
tat
is
tical
l
y
a
n
a
l
y
ze
d
w
i
th
t
h
e
f
u
n
c
tio
n
o
f
t
h
e
n
eu
r
al
n
et
w
o
r
k
as
a
d
etec
tio
n
m
et
h
o
d
.
T
r
ain
in
g
d
ata
an
d
test
in
g
w
er
e
ta
k
en
f
r
o
m
C
A
I
D
A
DDo
S
A
ttac
k
2
0
0
7
an
d
in
d
ep
en
d
en
t
s
i
m
u
l
atio
n
s
.
T
esti
n
g
o
f
s
tatis
t
ical
a
n
al
y
s
i
s
m
et
h
o
d
s
o
n
n
et
w
o
r
k
lo
g
s
w
it
h
n
eu
r
al
n
et
w
o
r
k
f
u
n
ctio
n
s
a
s
d
etec
tio
n
m
eth
o
d
s
r
es
u
lted
in
an
av
er
ag
e
p
er
ce
n
ta
g
e
o
f
r
ec
o
g
n
itio
n
o
f
t
h
r
ee
n
et
w
o
r
k
co
n
d
itio
n
s
(
n
o
r
m
al,
s
lo
w
DDo
S,
an
d
DDo
S)
o
f
9
0
.
5
2
%.
T
h
e
n
e
w
ap
p
r
o
ac
h
to
d
etec
t
DDo
S
attac
k
s
w
as
ex
p
ec
ted
to
b
e
a
c
o
m
p
le
m
e
n
t
to
th
e
I
n
tr
u
s
io
n
Dete
ctio
n
S
y
s
te
m
(
I
DS)
s
y
s
te
m
in
p
r
ed
icti
n
g
DDo
S a
t
tack
s
.
I
n
r
esear
ch
[6
-
7]
t
h
e
b
y
te
le
v
e
l a
n
al
y
s
i
s
o
f
HT
T
P
tr
af
f
ic
o
f
f
e
r
s
a
p
r
ac
tical
s
o
lu
tio
n
to
t
h
e
p
r
o
b
lem
o
f
n
et
w
o
r
k
in
tr
u
s
io
n
d
etec
tio
n
an
d
tr
af
f
ic
a
n
al
y
s
i
s
.
Su
c
h
an
ap
p
r
o
ac
h
d
o
es
n
o
t
r
e
q
u
ir
e
an
y
k
n
o
w
led
g
e
o
f
ap
p
licatio
n
s
r
u
n
n
in
g
o
n
w
eb
s
er
v
er
s
o
r
an
y
p
r
e
-
p
r
o
ce
s
s
in
g
o
f
i
n
co
m
i
n
g
d
ata.
I
n
t
h
is
p
r
o
j
ec
t,
h
e
ap
p
lie
d
th
r
ee
N
-
g
r
a
m
b
ased
tec
h
n
iq
u
e
s
to
th
e
p
r
o
b
le
m
o
f
HT
T
P
attac
k
d
etec
tio
n
.
T
h
e
g
o
al
o
f
s
u
ch
t
ec
h
n
iq
u
es
w
as
to
p
r
o
v
id
e
th
e
f
ir
s
t
li
n
e
o
f
d
e
f
en
s
e
b
y
f
i
lter
in
g
o
u
t
t
h
e
v
a
s
t
m
a
j
o
r
ity
o
f
b
en
i
g
n
HT
T
P
t
r
af
f
ic.
T
h
is
tech
n
iq
u
e
in
ter
m
s
o
f
ac
c
u
r
ac
y
o
f
attac
k
d
e
tectio
n
a
n
d
p
er
f
o
r
m
a
n
ce
.
T
ec
h
n
iq
u
es
p
r
o
v
id
e
m
o
r
e
ac
c
u
r
at
e
d
etec
tin
g
a
n
d
ar
e
m
o
r
e
e
f
f
icie
n
t in
co
m
p
ar
i
s
o
n
t
o
a
p
r
ev
io
u
s
l
y
a
n
al
y
ze
d
HM
M
-
b
ased
tech
n
iq
u
e.
R
esear
ch
co
n
d
u
c
ted
b
y
[
3
]
d
ev
elo
p
ed
an
i
n
tel
lig
e
n
t
s
y
s
te
m
f
o
r
d
etec
ti
n
g
DDo
S
a
ttack
p
atter
n
s
u
s
i
n
g
n
et
w
o
r
k
p
ac
k
et
a
n
al
y
s
i
s
an
d
u
tili
zi
n
g
m
ac
h
in
e
lear
n
in
g
tech
n
iq
u
e
s
to
s
tu
d
y
DDo
S
a
ttack
p
atter
n
s
.
I
n
th
is
s
t
u
d
y
,
Kl
y
u
e
v
a
n
al
y
ze
d
a
lar
g
e
n
u
m
b
er
o
f
n
et
w
o
r
k
p
ac
k
ag
e
s
p
r
o
v
id
ed
b
y
t
h
e
A
p
p
lied
I
n
ter
n
et
Data
An
al
y
s
i
s
C
e
n
tr
e
an
d
i
m
p
le
m
en
ted
a
d
etec
tio
n
s
y
s
te
m
u
s
i
n
g
S
VM
w
it
h
a
r
ad
ial
Ker
n
el
(
Gau
s
s
ia
n
)
b
ase
f
u
n
ctio
n
.
T
h
is
r
esear
ch
p
r
ep
ar
e
d
th
r
ee
ty
p
es
o
f
d
atase
ts
t
h
at
Kl
y
u
e
v
u
s
e
d
w
i
th
t
h
r
ee
an
d
f
i
v
e
f
ea
t
u
r
e
s
.
Dete
ctio
n
s
y
s
te
m
w
as
m
o
r
e
t
h
an
8
5
%
ac
c
u
r
ate
w
i
th
all
t
y
p
e
s
o
f
d
atase
ts
a
n
d
9
8
.
7
%
ac
cu
r
ate
w
i
th
f
iv
e
f
ea
t
u
r
es.
T
h
e
s
tr
ateg
y
f
o
r
d
ev
elo
p
in
g
DDo
S
attac
k
d
etec
ti
o
n
s
y
s
te
m
s
s
h
o
w
ed
t
h
at
s
y
s
t
e
m
d
etec
tio
n
w
it
h
SVM
w
as
tr
ai
n
ed
u
s
i
n
g
th
e
p
r
o
p
o
s
ed
f
ea
tu
r
e
to
s
u
cc
e
s
s
f
u
ll
y
d
etec
t D
Do
S a
ttack
s
w
i
th
h
i
g
h
ac
cu
r
ac
y
.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
n
t J
A
r
ti
f
I
n
tell
I
SS
N:
2252
-
8938
F
ea
tu
r
e
s
elec
tio
n
fo
r
DDo
S
d
e
tectio
n
u
s
in
g
cla
s
s
ifica
tio
n
ma
ch
in
e
lea
r
n
in
g
...
(
A
n
d
i Ma
s
la
n
)
139
I
n
[
8
]
th
at
Fas
t
E
n
tr
o
p
y
a
n
d
f
lo
w
-
b
ased
s
h
o
w
ed
a
s
i
g
n
i
f
ic
an
t
r
ed
u
ctio
n
in
co
m
p
u
tati
o
n
al
ti
m
e
co
m
p
ar
ed
to
co
n
v
e
n
tio
n
al
E
n
tr
o
p
y
co
m
p
u
tat
io
n
w
h
i
le
m
ai
n
tai
n
in
g
g
o
o
d
d
etec
tio
n
ac
cu
r
ac
y
.
T
h
e
n
et
w
o
r
k
tr
af
f
ic
w
as
an
a
l
y
ze
d
a
n
d
f
ast
t
h
e
e
n
tr
o
p
y
o
f
r
eq
u
est
s
p
er
-
f
lo
w
w
as
ca
lcu
la
ted
.
T
h
e
DDo
S
attac
k
w
a
s
d
etec
ted
w
h
e
n
t
h
e
d
if
f
er
e
n
ce
b
et
w
ee
n
t
h
e
e
n
tr
o
p
y
o
f
f
lo
w
co
u
n
t
s
a
n
d
th
e
m
ea
n
v
alu
e
o
f
e
n
tr
o
p
y
i
n
th
at
t
i
m
e
in
ter
v
al
w
a
s
t
h
at
t
h
e
t
h
r
es
h
o
ld
v
al
u
e
w
a
s
u
p
d
ated
ad
ap
tiv
el
y
b
as
ed
o
n
tr
af
f
ic
p
atter
n
co
n
d
itio
n
s
to
i
m
p
r
o
v
e
t
h
e
d
etec
tio
n
ac
cu
r
ac
y
.
I
n
d
etec
ti
n
g
DDo
S
attac
k
s
t
h
i
s
r
esear
c
h
p
r
o
p
o
s
e
d
th
r
ee
m
eth
o
d
s
,
n
a
m
el
y
f
a
s
t
E
n
tr
o
p
y
,
f
lo
w
ag
g
r
eg
at
io
n
,
an
d
ad
ap
tiv
e
T
h
r
esh
o
ld
.
I
n
[
9
]
th
i
s
p
ap
er
,
h
e
co
llected
a
n
e
w
d
ata
s
et
t
h
at
in
c
lu
d
e
d
m
o
d
er
n
t
y
p
es
o
f
attac
k
s
,
w
h
ich
w
er
e
n
o
t
u
s
ed
i
n
p
r
ev
io
u
s
r
esear
ch
.
T
h
e
d
ataset
co
n
tain
ed
2
7
f
ea
t
u
r
es
an
d
f
i
v
e
c
lass
e
s
.
A
n
et
w
o
r
k
s
i
m
u
lato
r
(
NS2
)
w
a
s
u
s
ed
in
t
h
is
w
o
r
k
b
ec
a
u
s
e
NS2
co
u
ld
b
e
u
s
ed
w
ith
h
i
g
h
r
eliab
ilit
y
a
n
d
r
ea
s
o
n
ab
le
r
esu
lts
th
a
t
r
ef
lecte
d
a
r
ea
l e
n
v
ir
o
n
m
en
t.
I
n
[
1
0
-
12]
A
ttac
k
o
r
i
n
tr
u
s
io
n
i
n
to
a
s
y
s
t
e
m
i
s
s
o
m
et
h
i
n
g
th
at
is
al
m
o
s
t
ce
r
tain
l
y
h
ap
p
en
ed
in
t
h
e
w
o
r
ld
n
o
w
d
a
y
o
f
in
f
o
r
m
atio
n
tec
h
n
o
lo
g
y
.
T
o
o
v
er
co
m
e
t
h
i
s
,
t
h
er
e
ar
e
s
ev
er
al
tech
n
o
lo
g
ies
t
h
at
ca
n
b
e
u
s
ed
,
s
u
c
h
a
s
f
ir
e
w
all
s
o
r
i
n
t
r
u
s
io
n
d
etec
tio
n
s
y
s
te
m
s
(
I
D
S).
Un
l
ik
e
f
ir
e
w
a
lls
th
a
t
o
n
l
y
in
s
p
ec
t
i
n
co
m
i
n
g
p
ac
k
ets
b
ased
o
n
I
P
ad
d
r
ess
an
d
p
o
r
t,
I
DS
w
o
r
k
b
y
m
o
n
ito
r
in
g
t
h
e
p
a
y
lo
ad
s
o
f
t
h
e
p
ac
k
et
th
at
co
m
e
in
to
a
co
m
p
u
ter
to
t
h
e
n
d
e
cid
e
w
h
et
h
er
t
h
e
i
n
co
m
i
n
g
p
ac
k
et
is
m
a
licio
u
s
o
r
n
o
t.
An
e
x
a
m
p
le
o
f
I
DS
ap
p
licatio
n
i
s
Sn
o
r
t
I
DS,
a
n
o
p
en
-
s
o
u
r
ce
ap
p
licatio
n
t
h
at
u
s
es
s
tr
i
n
g
m
a
tc
h
in
g
to
d
etec
t
m
al
icio
u
s
ac
ti
v
i
t
y
.
O
n
e
w
ea
k
n
e
s
s
o
f
s
tr
in
g
-
m
atch
i
n
g
I
DS
is
t
h
e
o
cc
u
r
r
en
ce
o
f
a
s
tr
in
g
in
a
p
ac
k
et
m
u
s
t
b
e
an
ex
ac
t
m
atch
,
j
u
s
t
a
s
li
g
h
t
d
if
f
er
e
n
ce
ca
n
m
ak
e
a
n
attac
k
co
m
e
s
u
n
d
etec
ted
,
m
a
k
in
g
it
d
if
f
ic
u
lt
to
d
etec
t
attac
k
s
t
h
at
h
av
e
s
i
m
ilar
f
lo
w
b
u
t
d
if
f
er
en
t
p
atter
n
.
T
h
er
ef
o
r
e,
th
is
p
ap
er
p
r
o
p
o
s
ed
an
in
tr
u
s
io
n
d
etec
tio
n
m
et
h
o
d
u
s
i
n
g
n
-
g
r
a
m
a
n
d
co
s
in
e
s
i
m
ilar
it
y
to
s
ee
k
s
i
m
ilar
i
t
y
o
f
a
co
u
p
le
o
f
p
ac
k
e
t
s
eq
u
e
n
ce
s
,
th
u
s
t
h
e
s
ea
r
c
h
i
n
g
is
co
n
d
u
ct
ed
b
y
lo
o
k
in
g
f
o
r
th
e
s
i
m
ilar
it
y
b
et
w
ee
n
p
a
y
lo
a
d
an
d
ex
is
ti
n
g
s
ig
n
at
u
r
e.
I
n
c
o
n
tr
ast
to
Sn
o
r
t,
t
h
o
s
e
p
ac
k
et
s
ar
e
n
o
t
m
atch
ed
w
it
h
th
e
p
atter
n
o
f
attac
k
s
,
b
u
t
r
ath
er
t
h
e
p
atter
n
o
f
leg
i
ti
m
a
t
e
ac
ce
s
s
to
a
w
eb
p
ag
e
d
o
n
e
b
y
le
g
iti
m
ate
u
s
er
s
,
s
o
p
ac
k
ets
t
h
at
h
av
e
a
h
i
g
h
s
i
m
ilar
it
y
ar
e
r
e
g
ar
d
ed
as
b
en
i
g
n
,
w
h
ile
t
h
e
lo
w
o
n
es
w
ill
b
e
r
eg
ar
d
ed
as
an
attac
k
.
Fro
m
t
h
e
te
s
t
r
es
u
lt
s
with
a
d
if
f
er
en
t
v
a
lu
e
o
f
t
h
e
t
h
r
esh
o
ld
,
t
h
en
w
e
o
b
tain
ed
t
h
e
v
alu
e
o
f
0
.
8
w
it
h
n
=
3
g
av
e
th
e
b
est
ac
cu
r
ac
y
.
T
h
is
in
tr
u
s
io
n
d
etec
tio
n
s
y
s
te
m
is
also
ca
p
ab
le
o
f
d
etec
tin
g
v
ar
io
u
s
t
y
p
es
o
f
attac
k
s
w
i
th
o
u
t h
a
v
i
n
g
to
d
ef
i
n
e
ex
i
s
ti
n
g
at
tack
s
in
ad
v
a
n
ce
,
m
ak
i
n
g
it
m
o
r
e
r
esi
s
tan
t to
ze
r
o
-
d
a
y
attac
k
s
.
A
cc
o
r
d
in
g
to
t
h
e
r
e
s
ea
r
ch
co
n
d
u
cted
b
y
[
5
]
,
[
1
3
-
14]
th
at
Di
s
tr
ib
u
ted
d
en
ial
-
of
-
s
er
v
ice
(
D
D
o
S)
is
a
n
attac
k
-
t
y
p
e
i
n
w
h
ich
v
o
lu
m
e
,
in
ten
s
it
y
,
a
n
d
m
it
ig
at
io
n
c
o
s
ts
co
n
ti
n
u
e
to
r
is
e
w
it
h
a
g
r
o
w
i
n
g
s
ca
le
o
f
o
r
g
an
izatio
n
.
T
h
is
s
tu
d
y
h
as
t
h
e
o
b
j
ec
tiv
e
to
d
ev
e
lo
p
a
n
e
w
ap
p
r
o
ac
h
to
d
etec
t
DDO
at
tack
s
,
b
ased
o
n
t
h
e
ch
ar
ac
ter
is
tic
s
o
f
n
et
w
o
r
k
ac
t
iv
it
y
u
s
i
n
g
a
n
e
u
r
al
n
et
w
o
r
k
w
it
h
t
h
e
f
u
n
ctio
n
al
it
y
o
f
f
i
x
e
d
m
o
v
in
g
a
v
er
ag
e
w
i
n
d
o
w
s
(
FM
A
W
)
as
a
d
etec
tio
n
m
eth
o
d
.
Data
w
er
e
ta
k
e
n
f
r
o
m
t
h
e
tr
ai
n
i
n
g
a
n
d
tes
tin
g
o
f
DDo
S
A
t
t
ac
k
C
aid
a
2
0
0
7
an
d
s
tan
d
alo
n
e
s
i
m
u
lat
io
n
.
T
esti
n
g
o
f
m
et
h
o
d
s
p
r
o
d
u
ce
d
th
e
d
etec
tio
n
p
er
ce
n
tag
e
o
f
t
h
r
ee
n
et
w
o
r
k
co
n
d
itio
n
s
(
n
o
r
m
al,
s
lo
w
DDo
S,
a
n
d
DDo
S)
a
m
o
u
n
ted
to
9
0
.
5
2
%.
A
n
e
w
ap
p
r
o
ac
h
in
d
etec
ti
n
g
DDS
attac
k
s
,
a
s
y
s
te
m
t
h
at
p
r
ed
icts
th
e
o
cc
u
r
r
en
ce
o
f
D
DS a
ttack
s
.
I
n
[
1
5
]
.
T
h
is
s
tu
d
y
clas
s
i
f
ies
n
et
w
o
r
k
tr
af
f
ic
i
n
f
o
r
m
atio
n
w
h
ich
co
n
tain
s
b
o
tn
ets
u
s
i
n
g
th
e
K
-
Nea
r
est
Neig
h
b
o
u
r
alg
o
r
it
h
m
.
T
h
e
alg
o
r
ith
m
ca
lc
u
late
s
th
e
d
is
tan
ce
o
n
ea
c
h
f
ea
t
u
r
e
i
n
th
e
d
ataset
an
d
th
e
n
id
en
ti
f
ies
t
h
e
t
y
p
e
o
f
f
lo
w
b
as
ed
o
n
th
e
m
aj
o
r
it
y
o
f
ce
r
tain
n
eig
h
b
o
r
v
al
u
es
(
k
v
al
u
e
s
)
.
T
h
e
test
r
esu
lt
s
in
th
i
s
s
tu
d
y
ar
e
9
2
.
5
7
%
w
h
er
e
t
h
e
k
v
al
u
e
i
s
d
eter
m
i
n
ed
ac
co
r
d
in
g
to
t
h
e
s
y
s
te
m
d
e
f
a
u
lt,
n
a
m
el
y
5
.
T
h
e
b
est
k
v
alu
e
in
th
is
s
tu
d
y
ca
n
n
o
t
b
e
d
eter
m
in
ed
b
ec
au
s
e
t
h
e
tes
t
is
d
o
n
e
to
d
eter
m
i
n
e
th
e
v
al
u
e
o
f
k
to
g
et
a
r
esu
lt
w
it
h
a
d
if
f
er
e
n
ce
in
v
al
u
e
th
at
is
q
u
ite
f
ar
.
Fro
m
th
e
p
r
o
b
le
m
s
th
a
t h
a
v
e
b
ee
n
d
escr
ib
ed
,
th
e
p
r
o
b
lem
to
b
e
s
o
lv
ed
in
t
h
i
s
s
t
u
d
y
i
s
to
ad
d
r
ess
th
e
n
u
m
b
er
o
f
f
ea
t
u
r
es
i
n
th
e
d
at
aset
s
o
th
at
it
ca
n
f
i
n
d
o
u
t
th
e
n
u
m
b
er
o
f
f
ea
t
u
r
es
th
a
t
ar
e
m
o
s
t
i
m
p
o
r
tan
t
in
d
etec
tin
g
DDo
S
attac
k
s
.
T
o
f
in
d
o
u
t
th
e
le
v
el
o
f
d
etec
tio
n
o
f
DDo
S
attac
k
s
,
t
h
is
s
t
u
d
y
u
s
e
s
C
las
s
i
f
icatio
n
M
ac
h
i
n
e
L
ea
r
n
i
n
g
A
l
g
o
r
ith
m
s
s
u
c
h
as
Nai
v
e
B
a
y
e
s
,
n
e
u
r
al
n
et
w
o
r
k
s
,
S
VN,
KNN,
an
d
R
an
d
o
m
Fo
r
est.
O
f
th
e
f
i
v
e
alg
o
r
it
h
m
s
u
s
ed
,
t
h
e
ex
p
ec
ted
en
d
r
es
u
lt
i
s
to
b
e
ab
le
to
co
m
p
ar
e
w
h
ic
h
alg
o
r
it
h
m
i
s
m
o
s
t
ac
cu
r
ate
in
d
etec
tin
g
DDo
S a
ttac
k
s
w
it
h
th
e
f
ea
t
u
r
es selecte
d
.
2.
RE
S
E
ARCH
M
E
T
H
O
D
I
n
t
h
is
s
t
u
d
y
th
e
d
ataset
u
s
ed
w
as
d
ata
o
b
tai
n
ed
f
r
o
m
r
ese
ar
ch
[
9
]
,
th
e
d
ata
s
et
i
n
t
h
e
s
t
u
d
y
w
as
7
3
4
,
6
2
7
,
w
h
ile
in
t
h
i
s
s
t
u
d
y
t
h
e
d
ataset
u
s
ed
f
o
r
tr
ain
i
n
g
w
a
s
5
8
9
9
an
d
f
o
r
test
in
g
a
s
m
an
y
as
1
7
7
0
.
T
h
e
s
tep
s
in
t
h
i
s
s
t
u
d
y
w
er
e
as
f
o
ll
o
w
s
a
n
d
Fig
u
r
e
1
s
h
o
w
s
r
e
s
ea
r
ch
p
r
o
ce
s
s
:
Data
co
llectio
n
is
ca
r
r
ied
o
u
t i
n
an
o
n
-
g
o
in
g
n
e
t
w
o
r
k
t
h
at
is
ca
p
tu
r
ed
u
s
i
n
g
W
ir
es
h
ar
k
.
T
h
e
d
ata
is
th
en
co
n
v
er
ted
to
C
SV
Featu
r
e
Select
io
n
m
o
d
el
r
eg
r
e
s
s
io
n
A
ttrib
u
tes t
h
at
ar
e
n
o
t
u
s
ed
w
i
ll b
e
f
ix
ed
; a
ttrib
u
tes
t
h
at
ar
e
n
o
t u
s
ed
w
ill b
e
r
e
m
o
v
ed
.
Af
ter
t
h
at,
an
a
n
al
y
s
i
s
u
s
i
n
g
a
d
ata
m
in
i
n
g
to
o
l
w
ill
b
e
an
al
y
ze
d
a
n
d
u
s
e
s
o
m
e
al
g
o
r
ith
m
m
ac
h
i
n
e
lear
n
in
g
Evaluation Warning : The document was created with Spire.PDF for Python.
I
SS
N
:
2
2
5
2
-
8938
I
n
t J
A
r
ti
f
I
n
tell
,
Vo
l.
9
,
No
.
1
,
Ma
r
ch
20
20
:
137
–
1
4
5
140
T
r
a
n
s
f
o
r
m
a
t
i
o
n
D
a
t
a
a
n
d
C
l
e
a
n
i
n
g
D
a
t
a
D
a
t
a
T
r
a
i
n
i
n
g
D
a
t
a
T
e
s
t
i
n
g
L
i
v
e
D
a
t
a
s
e
t
S
R
C
_
A
D
D
,
D
E
S
_
A
D
D
,
P
K
T
_
I
D
…
.
N
(
2
5
F
e
a
t
u
r
e
)
N
a
ï
v
e
B
a
y
e
s
F
e
a
t
u
r
e
S
e
l
e
c
t
i
o
n
P
r
e
p
r
o
c
e
s
s
i
n
g
N
e
u
r
a
l
N
e
t
w
o
r
k
S
V
M
K
N
N
R
a
n
d
o
m
F
o
r
e
s
t
A
l
g
o
r
i
t
h
m
M
a
c
h
i
n
e
L
e
a
r
n
i
n
g
I
n
c
o
m
i
n
g
P
a
c
k
e
t
D
a
t
a
s
e
t
V
A
L
I
D
I
T
I
O
N
A
N
D
R
E
S
U
L
T
S
A
c
c
u
r
a
c
y
,
T
r
u
e
P
o
s
i
t
i
v
e
F
a
l
s
e
P
o
s
i
t
i
v
e
R
e
c
a
l
l
P
r
e
c
i
s
i
o
n
F
-
M
e
a
s
u
r
e
C
o
n
f
u
s
i
o
n
M
a
t
r
i
x
D
D
o
S
a
t
t
a
c
k
D
e
t
e
c
t
i
o
n
·
S
m
u
r
f
A
t
t
a
c
k
·
U
D
P
F
l
o
o
d
·
S
Q
L
i
n
j
e
c
t
i
o
n
·
H
T
T
P
F
l
o
o
d
·
N
o
r
m
a
l
·
C
l
a
s
s
i
f
i
c
a
t
i
o
n
Fig
u
r
e
1
.
R
esear
ch
p
r
o
ce
s
s
Fro
m
t
h
is
s
tep
,
i
t
ca
n
b
e
s
ee
n
th
at
th
e
clas
s
if
icatio
n
tech
n
iq
u
e
u
s
ed
to
d
etec
t
DDo
S
attac
k
s
(
S
m
u
r
t
A
ttac
k
,
UDP
Flo
o
d
,
SQ
L
I
n
j
ec
tio
n
an
d
HT
T
P
Flo
o
d
)
an
d
No
r
m
a
l
P
ac
k
ets
u
s
e
s
5
clas
s
if
ica
tio
n
m
o
d
els
n
a
m
e
l
y
Naïv
e
B
a
y
es
,
Ne
u
r
al
Net
w
o
r
k
,
SVM,
K
NN,
an
d
R
an
d
o
m
Fo
r
est.
T
o
f
in
d
o
u
t
th
e
ac
c
u
r
ac
y
o
f
d
etec
tio
n
,
th
e
p
ar
a
m
e
ter
s
T
F,
FP
,
R
ec
all,
P
r
e
cisi
o
n
,
an
d
F
-
Me
asu
r
e
ar
e
u
s
ed
.
2
.
1
.
Da
t
a
s
et
T
h
e
f
ea
t
u
r
es
u
s
ed
i
n
th
i
s
s
tu
d
y
w
er
e
2
5
f
ea
tu
r
es
o
b
tain
ed
f
r
o
m
t
h
e
r
es
u
lt
s
o
f
a
r
ea
l
-
ti
m
e
attac
k
s
i
m
u
lat
io
n
ca
r
r
ied
o
u
t
f
o
r
3
d
a
y
s
w
it
h
4
h
o
u
r
s
ea
ch
v
is
i
t.
W
h
en
s
i
m
u
lati
n
g
th
e
n
u
m
b
er
o
f
f
ea
t
u
r
e
attac
k
s
as
m
an
y
as
2
7
f
ea
t
u
r
es
[
1
6
]
,
th
en
e
x
tr
ac
ti
n
g
t
h
e
m
u
s
i
n
g
t
h
e
C
a
n
ad
ian
I
n
s
tit
u
te
f
o
r
C
y
b
er
s
ec
u
r
it
y
C
I
C
Flo
w
Me
ter
-
V3
o
n
li
n
e
a
p
p
licatio
n
,
b
ec
au
s
e
t
h
er
e
ar
e
to
o
m
a
n
y
f
ea
t
u
r
es,
f
ea
tu
r
es
th
at
h
a
v
e
th
e
ap
p
r
o
p
r
iate
v
alu
e
ar
e
ex
p
ec
t
ed
to
b
e
r
em
o
v
ed
.
T
h
e
m
et
h
o
d
u
s
ed
to
m
ax
i
m
ize
th
e
f
ea
tu
r
es
u
s
i
n
g
t
h
e
R
eg
r
es
s
io
n
m
o
d
el
w
it
h
SP
SS
ap
p
licatio
n
s
,
th
u
s
th
e
f
ea
t
u
r
es
u
s
ed
f
o
r
th
e
tr
ai
n
in
g
a
n
d
test
i
n
g
p
r
o
ce
s
s
i
n
t
h
i
s
s
tu
d
y
ar
e
as
f
o
llo
w
s
o
n
T
ab
le
1
.
T
ab
le
1
.
Featu
r
e
o
f
d
ataset
V
a
r
i
a
b
l
e
N
o
F
e
a
t
u
r
e
S
e
l
e
c
t
i
o
n
Ty
p
e
V
a
r
i
a
b
l
e
No
F
e
a
t
u
r
e
S
e
l
e
c
t
i
o
n
Ty
p
e
1
S
o
u
r
c
e
A
d
d
r
e
s
s
S
t
r
i
n
g
13
P
a
c
k
e
t
i
n
S
t
r
i
n
g
2
D
e
st
i
n
a
t
i
o
n
A
d
d
r
e
ss
S
t
r
i
n
g
14
P
a
c
k
e
t
o
u
t
S
t
r
i
n
g
3
P
a
c
k
e
t
I
D
S
t
r
i
n
g
15
P
a
c
k
e
t
T
r
a
n
sm
i
t
i
o
n
S
t
r
i
n
g
4
F
r
o
m
N
o
d
e
S
t
r
i
n
g
16
P
a
c
k
e
t
d
e
l
a
y
n
o
t
e
S
t
r
i
n
g
5
T
o
N
o
d
e
S
t
r
i
n
g
17
P
a
c
k
e
t
R
a
t
e
S
t
r
i
n
g
6
P
a
c
k
e
t
T
y
p
e
S
t
r
i
n
g
18
b
y
t
e
r
a
t
e
S
t
r
i
n
g
7
P
a
c
k
e
t
S
i
z
e
S
t
r
i
n
g
19
P
k
t
A
v
g
S
i
z
e
S
t
r
i
n
g
8
S
q
u
e
n
c
i
a
l
N
u
m
b
e
r
S
t
r
i
n
g
20
U
t
i
l
i
z
a
t
i
o
n
S
t
r
i
n
g
9
N
u
m
b
e
r
o
f
P
a
c
k
e
t
s
S
t
r
i
n
g
21
P
a
c
k
e
t
D
e
l
a
y
S
t
r
i
n
g
10
N
u
mb
e
r
o
f
b
y
t
e
s
S
t
r
i
n
g
22
P
a
c
k
e
t
se
n
d
t
i
me
S
t
r
i
n
g
11
N
o
d
e
n
a
me
f
r
o
m
S
y
mb
o
l
i
c
23
P
a
c
k
e
t
r
e
se
r
v
e
d
t
i
me
S
t
r
i
n
g
12
N
o
d
e
N
a
me
T
o
S
y
mb
o
l
i
c
24
T
h
e
f
i
r
st
p
a
c
k
e
t
S
e
n
t
S
t
r
i
n
g
25
t
h
e
l
a
st
p
a
c
k
e
t
r
e
se
r
v
e
d
S
t
r
i
n
g
2
.
2
.
F
e
a
t
ure
s
elec
t
io
n
T
o
f
in
d
o
u
t
t
h
e
m
o
s
t
o
p
ti
m
al
f
ea
tu
r
e
v
al
u
e
in
d
etec
ti
n
g
D
Do
S
attac
k
s
,
d
atase
t
an
al
y
s
i
s
is
u
s
ed
to
u
s
e
li
n
ea
r
r
eg
r
ess
io
n
w
it
h
th
e
f
o
r
w
ar
d
m
et
h
o
d
.
I
n
ter
m
s
o
f
m
u
tu
a
l
in
f
o
r
m
atio
n
,
th
e
p
u
r
p
o
s
e
o
f
f
ea
t
u
r
e
Evaluation Warning : The document was created with Spire.PDF for Python.
I
n
t J
A
r
ti
f
I
n
tell
I
SS
N:
2252
-
8938
F
ea
tu
r
e
s
elec
tio
n
fo
r
DDo
S
d
e
tectio
n
u
s
in
g
cla
s
s
ifica
tio
n
ma
ch
in
e
lea
r
n
in
g
...
(
A
n
d
i Ma
s
la
n
)
141
s
elec
tio
n
i
s
to
f
in
d
a
f
ea
t
u
r
e
s
et
S
w
it
h
m
f
ea
t
u
r
es
{x
i},
w
h
ic
h
j
o
in
tl
y
h
as
th
e
lar
g
est
d
ep
en
d
en
c
y
o
n
th
e
tar
g
et
clas
s
c.
T
h
is
s
ch
e
m
e,
ca
lled
Ma
x
-
Dep
en
d
en
c
y
,
h
a
s
th
e
f
o
llo
w
in
g
f
o
r
m
u
la
[
1
7
]
.
(
1
)
Ob
v
io
u
s
l
y
,
w
h
e
n
m
eq
u
als
1
,
th
e
s
o
lu
tio
n
i
s
t
h
e
f
ea
t
u
r
e
t
h
at
m
ax
i
m
izes
I
{
xj
;
c
}
(
1
<
=
j
<=
M
}
.
W
h
en
m
>
1
,
a
s
i
m
p
le
i
n
cr
e
m
en
ta
l
s
ea
r
ch
s
ch
e
m
e
is
to
ad
d
o
n
e
f
ea
tu
r
e
at
o
n
e
ti
m
e:
g
iv
e
n
t
h
e
s
et
w
it
h
m
-
1
f
ea
tu
r
es,
S
m
-
1
,
th
e
m
th
f
ea
tu
r
e
ca
n
b
e
d
eter
m
i
n
ed
as th
e
o
n
e
t
h
at
co
n
tr
ib
u
tes to
t
h
e
lar
g
es
t in
cr
ea
s
e
o
f
I
{
S;c
}.
2
.
3
.
Alg
o
rit
h
m
s
m
a
c
hin
e
lea
rning
2
.
3
.
1
.
N
a
ï
v
e
b
a
y
e
s
Naiv
e
B
a
y
e
s
C
las
s
i
f
ier
is
a
co
llectio
n
w
i
th
a
s
ta
tis
tica
l
m
o
d
el
f
o
r
ca
lc
u
lati
n
g
clas
s
es
th
at
h
av
e
ea
ch
g
r
o
u
p
o
f
attr
ib
u
tes
th
at
e
x
is
t,
an
d
d
eter
m
i
n
e
w
h
ic
h
clas
s
i
s
th
e
m
o
s
t
o
p
ti
m
al.
I
n
th
is
m
e
t
h
o
d
,
all
attr
ib
u
tes
w
il
l
co
n
tr
ib
u
t
e
to
d
ec
is
io
n
m
ak
in
g
,
w
i
th
th
e
s
a
m
e
i
m
p
o
r
tan
t
i
m
p
o
r
tan
ce
w
ei
g
h
ts
a
n
d
ea
ch
a
ttrib
u
te
i
s
in
d
ep
en
d
en
t o
f
ea
ch
o
th
er
[
1
8
]
.
T
h
e
eq
u
atio
n
o
f
th
e
B
a
y
es t
h
eo
r
y
i
s
:
(
|
)
=
(
|
.
(
)
(
)
(
2
)
X:
Data
w
ith
cla
s
s
e
s
th
a
t h
a
v
e
n
'
t k
n
o
w
n
H:
Data
h
y
p
o
t
h
esi
s
is
a
s
p
ec
i
f
i
c
class
P
(
H|
X)
: T
h
e
p
r
o
b
ab
ilit
y
o
f
h
y
p
o
th
esis
H
i
s
b
ased
o
n
co
n
d
iti
o
n
X
(
p
r
io
r
p
r
o
b
a
b
ilit
y
)
P
(
H)
:
P
r
o
b
ab
ilit
y
o
f
h
y
p
o
t
h
es
is
H
(
p
r
io
r
p
r
o
b
a
b
ilit
y
)
P
(
X|
H)
: P
r
o
b
ab
ilit
y
X
b
ased
o
n
co
n
d
itio
n
o
n
t
h
e
h
y
p
o
th
e
s
is
H
P
(
X)
:
P
r
o
b
ab
ilit
y
X
2
.
3
.
2
.
Ra
n
do
m
f
o
r
e
s
t
R
an
d
o
m
f
o
r
est
is
a
n
en
s
e
m
b
le
lear
n
in
g
m
et
h
o
d
th
at
was
f
ir
s
t
p
r
o
p
o
s
ed
b
y
[
1
9
]
w
h
ich
i
s
a
co
m
b
i
n
atio
n
o
f
cla
s
s
i
f
icatio
n
tr
ee
s
in
s
u
c
h
a
w
a
y
t
h
at
ea
ch
tr
ee
d
ep
en
d
s
o
n
th
e
r
a
n
d
o
m
v
alu
e
o
f
t
h
e
s
a
m
p
le
v
ec
to
r
in
d
ep
en
d
e
n
tl
y
a
n
d
w
it
h
t
h
e
s
a
m
e
d
is
tr
ib
u
t
io
n
f
o
r
a
ll
tr
ee
s
i
n
th
e
f
o
r
est.
R
a
n
d
o
m
Fo
r
est
h
a
s
b
ee
n
w
id
el
y
u
s
ed
b
o
th
f
o
r
class
if
ic
atio
n
a
n
d
r
eg
r
es
s
io
n
b
ec
au
s
e
o
f
it
s
s
u
p
er
io
r
p
er
f
o
r
m
an
ce
an
d
s
i
m
p
le
s
tr
u
ctu
r
e.
T
o
h
an
d
le
u
n
b
ala
n
ce
d
d
ata
,
th
e
R
F
al
g
o
r
ith
m
u
n
d
er
g
o
es
a
s
lig
h
t
m
o
d
if
icatio
n
i
n
t
h
e
s
e
lectio
n
o
f
tr
ai
n
i
n
g
d
ata,
n
a
m
el
y
b
y
b
ala
n
cin
g
t
h
e
n
u
m
b
er
o
f
r
ec
o
r
d
s
in
th
e
m
aj
o
r
an
d
m
i
n
o
r
class
es.
T
h
is
t
ec
h
n
iq
u
e
is
ca
lled
B
alan
ce
d
R
an
d
o
m
Fo
r
est (
B
R
F).
2
.
3
.
3
.
N
e
u
r
a
l
n
e
t
w
o
r
k
Neu
r
al
Net
w
o
r
k
h
as
m
a
n
y
ad
v
an
tag
e
s
co
m
p
ar
ed
to
o
th
er
ca
l
cu
latio
n
m
et
h
o
d
s
,
n
a
m
el
y
t
h
e
ab
ilit
y
to
ac
q
u
ir
e
k
n
o
w
led
g
e
e
v
e
n
i
f
t
h
er
e
ar
e
d
is
tu
r
b
an
ce
s
a
n
d
u
n
ce
r
tain
ties
.
T
h
i
s
is
b
ec
a
u
s
e
th
e
n
eu
r
al
n
et
w
o
r
k
ca
n
g
en
er
alize
ab
s
tr
ac
t
io
n
an
d
e
x
t
r
ac
tio
n
o
f
s
tati
s
tical
p
r
o
p
er
ties
f
r
o
m
d
ata.
I
n
ad
d
itio
n
,
th
e
n
e
u
r
al
n
et
w
o
r
k
also
ca
n
p
r
esen
t
ca
p
ab
ilit
ie
s
in
a
f
le
x
ib
le
m
a
n
n
er
;
a
n
eu
r
al
n
et
w
o
r
k
ca
n
cr
ea
te
its
o
w
n
r
ep
r
esen
tat
io
n
t
h
r
o
u
g
h
s
elf
-
r
eg
u
lat
io
n
o
r
s
el
f
-
o
r
g
a
n
i
zin
g
s
k
ill
s
.
An
d
t
h
er
e
ar
e
m
an
y
o
th
er
ad
v
an
tag
e
s
p
o
s
s
e
s
s
ed
b
y
t
h
e
n
e
u
r
al
n
et
w
o
r
k
it
s
el
f
.
T
h
e
F
ig
u
r
e
2
f
o
r
ar
ch
itectu
r
e
n
e
u
r
al
n
e
t
w
o
r
k
:
Fig
u
r
e
2
.
A
r
ch
itectu
r
e
n
eu
r
al
n
et
w
o
r
k
2
.
3
.
4
.
S
u
p
p
o
r
t
v
e
c
t
o
r
m
a
c
h
i
n
e
T
h
e
co
n
ce
p
t
o
f
SVM
ca
n
b
e
ex
p
lai
n
ed
o
n
l
y
as
a
n
atte
m
p
t
to
f
i
n
d
t
h
e
b
e
s
t
h
y
p
er
p
l
an
e
2
t
h
at
f
u
n
ctio
n
s
as
a
s
ep
ar
ato
r
o
f
t
wo
class
es
i
n
t
h
e
i
n
p
u
t
s
p
ac
e.
F
ig
u
r
e
3
s
h
o
w
s
s
ev
er
al
p
atter
n
s
th
at
ar
e
m
e
m
b
er
s
Evaluation Warning : The document was created with Spire.PDF for Python.
I
SS
N
:
2
2
5
2
-
8938
I
n
t J
A
r
ti
f
I
n
tell
,
Vo
l.
9
,
No
.
1
,
Ma
r
ch
20
20
:
137
–
1
4
5
142
o
f
t
w
o
clas
s
es:
+1
a
n
d
–
1
.
P
at
ter
n
s
t
h
at
ar
e
j
o
in
ed
in
c
l
ass
1
ar
e
r
ep
r
esen
ted
as
r
ed
(
s
q
u
ar
es),
w
h
ile
p
atter
n
s
in
clas
s
+1
ar
e
r
ep
r
esen
ted
as a
y
e
llo
w
(
cir
cle
s
)
.
T
h
e
ca
lcif
ic
atio
n
p
r
o
ce
s
s
is
as s
h
o
w
n
:
Fig
u
r
e
3
.
H
y
p
er
p
lan
e
SVM
T
h
is
p
r
o
b
lem
ca
n
b
e
s
o
lv
ed
b
y
v
ar
io
u
s
co
m
p
u
tatio
n
al
tec
h
n
iq
u
es,
in
c
lu
d
i
n
g
L
a
g
r
an
g
e
Mu
ltip
lier
.
(
,
,
)
=
1
2
‖
‖
2
−
∑
⌈
(
−
)
−
1
⌉
−
1
(
3
)
α
i
i
s
L
a
g
r
an
g
e
m
u
ltip
lier
s
,
w
h
ic
h
ar
e
ze
r
o
o
r
p
o
s
iti
v
e
(
ai≥
0
)
.
T
h
e
o
p
tim
al
v
a
lu
e
o
f
th
e
eq
u
atio
n
ca
n
b
e
ca
lcu
lated
b
y
m
in
i
m
izin
g
L
ag
ain
s
t
w
a
n
d
b
an
d
m
a
x
i
m
izi
n
g
L
ag
a
in
s
t α
i.
2
.
3
.
5
.
K
n
e
a
r
e
s
t
n
e
i
g
h
b
o
u
r
T
h
e
K
-
Nea
r
est
Nei
g
h
b
o
r
alg
o
r
ith
m
is
a
m
e
th
o
d
th
at
u
s
e
s
a
s
u
p
er
v
i
s
ed
alg
o
r
ith
m
[
2
0
]
.
K
-
Nea
r
est
Neig
h
b
o
r
in
cl
u
d
es
in
s
ta
n
ce
-
b
ased
lear
n
i
n
g
g
r
o
u
p
s
.
T
h
e
K
-
Nea
r
est
Nei
g
h
b
o
r
al
g
o
r
ith
m
is
s
i
m
p
le,
w
o
r
k
s
b
ased
o
n
th
e
s
i
m
i
lar
it
y
o
f
t
h
e
t
est s
a
m
p
le
to
th
e
tr
ai
n
i
n
g
s
a
m
p
le
(
tr
ain
in
g
s
a
m
p
le)
to
d
eter
m
i
n
e
th
e
K
-
Nea
r
est
Neig
h
b
o
r
[
2
1
]
K
-
Nea
r
est
Neig
h
b
o
r
is
d
o
n
e
b
y
f
i
n
d
in
g
g
r
o
u
p
s
o
f
k
o
b
j
ec
ts
in
th
e
tr
ain
i
n
g
d
ata
t
h
e
clo
s
e
s
t
(
s
i
m
ilar
)
to
t
h
e
o
b
j
ec
t
o
n
n
e
w
d
ata
o
r
tes
tin
g
d
ata
[
2
2
]
.
K
Nea
r
est
Nei
g
h
b
o
r
is
a
s
i
m
p
le
cla
s
s
i
f
icatio
n
tech
n
iq
u
e,
b
u
t
it
h
as
g
o
o
d
w
o
r
k
r
esu
lts
[
2
3
]
.
I
n
g
e
n
er
al,
to
d
ef
in
e
th
e
d
i
s
tan
ce
b
et
w
ee
n
t
w
o
x
an
d
y
o
b
j
ec
ts
,
th
e
E
u
cl
id
ea
n
d
is
ta
n
ce
f
o
r
m
u
l
a
is
u
s
ed
i
n
th
e
f
o
llo
w
i
n
g
eq
u
a
tio
n
:
=
√
∑
(
−
)
2
=
1
(
4
)
KNN
h
as
s
ev
er
al
ad
v
a
n
tag
e
s
,
n
a
m
e
l
y
to
u
g
h
n
e
s
s
to
tr
ain
i
n
g
d
ata
th
at
h
a
v
e
a
lo
t
o
f
n
o
is
e
a
n
d
is
ef
f
ec
ti
v
e
w
h
e
n
th
e
tr
ai
n
i
n
g
d
ata
ar
e
lar
g
e.
Me
an
w
h
ile,
t
h
e
w
ea
k
n
es
s
o
f
KNN
i
s
KN
N
n
ee
d
t
h
e
v
al
u
e
o
f
t
h
e
p
ar
a
m
eter
k
(
n
u
m
b
er
o
f
clo
s
es
t
n
ei
g
h
b
o
r
s
)
,
u
n
clea
r
d
is
ta
n
ce
-
b
ased
tr
ain
in
g
o
n
w
h
at
t
y
p
e
o
f
d
i
s
tan
c
e
to
u
s
e
a
n
d
w
h
ic
h
attr
ib
u
tes
s
h
o
u
ld
b
e
u
s
ed
to
g
e
t th
e
b
est r
e
s
u
l
ts
,
a
n
d
co
m
p
u
ti
n
g
co
s
ts
ar
e
h
i
g
h
b
ec
au
s
e
ca
lc
u
latio
n
s
ar
e
n
ee
d
ed
d
is
tan
ce
f
r
o
m
ea
ch
q
u
er
y
i
n
s
ta
n
ce
in
t
h
e
w
h
o
le
tr
ai
n
i
n
g
s
a
m
p
l
e
[
1
5
]
.
2.
4
.
E
v
a
lua
t
i
o
n
m
et
rics
E
f
f
ec
tiv
e
d
etec
t
io
n
i
s
t
h
e
cr
u
x
o
f
o
u
r
w
o
r
k
;
th
e
w
r
o
n
g
d
etec
tio
n
ca
n
p
r
ev
en
t
g
e
n
u
in
e
p
ac
k
ets
f
r
o
m
r
ea
ch
in
g
t
h
eir
d
esti
n
a
tio
n
s
.
W
e
w
a
n
t
to
ca
lcu
late
t
h
e
ac
c
u
r
ac
y
o
f
o
u
r
d
etec
tio
n
m
ec
h
a
n
i
s
m
f
o
r
g
e
n
u
i
n
e
an
d
attac
k
tr
a
f
f
ic
a
n
d
th
e
n
co
m
p
ar
e
it
w
i
th
o
t
h
er
s
i
m
ilar
r
esear
ch
th
at
h
a
s
r
ep
o
r
ted
ac
cu
r
ac
y
.
T
h
e
p
er
f
o
r
m
a
n
ce
o
f
th
e
class
if
ier
s
is
ev
al
u
ated
,
an
d
co
m
p
ar
ativ
e
an
a
l
y
s
is
h
a
s
b
ee
n
ca
r
r
ied
o
u
t.
C
lass
i
f
icatio
n
a
cc
u
r
ac
y
is
u
s
ed
as
a
p
r
im
ar
y
p
er
f
o
r
m
an
ce
m
ea
s
u
r
e
f
o
r
ev
alu
ati
n
g
t
h
e
class
if
ier
s
an
d
is
m
ea
s
u
r
ed
as
th
e
r
atio
o
f
th
e
n
u
m
b
er
o
f
co
r
r
ec
tly
clas
s
i
f
ied
in
s
tan
ce
s
i
n
th
e
te
s
t
d
ataset
an
d
t
h
e
to
tal
n
u
m
b
er
o
f
test
ca
s
e
s
.
T
h
e
p
e
r
f
o
r
m
an
ce
s
o
f
t
h
e
tr
ain
ed
m
o
d
els
ar
e
ev
al
u
ated
b
ased
o
n
th
e
cr
iter
i
a
o
f
p
r
ec
is
i
o
n
,
r
ec
all,
f
-
m
ea
s
u
r
e
a
n
d
ac
cu
r
ac
y
u
s
i
n
g
1
0
-
f
o
ld
cr
o
s
s
v
alid
atio
n
[
2
4
]
.
f
o
r
m
u
la
f
o
r
ca
lcu
lati
n
g
ac
c
u
r
ac
y
is
s
h
o
w
n
in
(
1
)
A
cc
u
r
ac
y
=
+
+
+
+
x
1
0
0
%
(
5
)
Evaluation Warning : The document was created with Spire.PDF for Python.
I
n
t J
A
r
ti
f
I
n
tell
I
SS
N:
2252
-
8938
F
ea
tu
r
e
s
elec
tio
n
fo
r
DDo
S
d
e
tectio
n
u
s
in
g
cla
s
s
ifica
tio
n
ma
ch
in
e
lea
r
n
in
g
...
(
A
n
d
i Ma
s
la
n
)
143
f
o
r
m
u
la
f
o
r
ca
lcu
lati
n
g
R
ec
all
is
s
h
o
w
n
i
n
(
2
)
R
ec
all
=
+
x
1
0
0
%
(
6
)
f
o
r
m
u
la
f
o
r
ca
lcu
lati
n
g
P
r
ec
is
i
o
n
is
s
h
o
w
n
i
n
(
3
)
P
r
ec
is
io
n
=
+
x
1
0
0
%
(
7
)
f
o
r
m
u
la
f
o
r
ca
lcu
lati
n
g
F
-
Me
a
s
u
r
e
is
s
h
o
w
n
in
(
4
)
F =
2
*
(
P
r
ec
is
io
n
*
R
ec
all)
/(
P
r
ec
is
io
n
*
R
ec
all)
(
8
)
3.
RE
SU
L
T
S
A
ND
D
I
SCU
SS
I
O
N
3
.
1
.
F
e
a
t
ure
s
elec
t
io
n
Af
ter
a
n
al
y
z
in
g
DDo
S
d
ata
s
et
w
h
ic
h
h
as
2
5
f
ea
t
u
r
es
o
r
f
ea
t
u
r
es,
T
ab
le
2
s
h
o
w
s
t
h
e
an
a
l
y
s
is
r
es
u
lt
s
ar
e
o
b
tain
ed
.
T
o
d
etec
t
DDo
S
attac
k
s
,
t
h
e
id
ea
l
f
ea
t
u
r
es
a
r
e
p
ac
k
et
d
ela
y
,
p
ac
k
et
o
r
ig
i
n
(
f
r
o
m
t
h
e
n
o
d
e)
,
d
esti
n
atio
n
p
ac
k
et
(
to
n
o
d
e)
an
d
s
o
u
r
ce
I
P
A
d
d
r
ess
.
Of
t
h
e
2
5
attr
ib
u
tes
co
n
tain
ed
i
n
t
h
e
d
ataset,
o
n
l
y
4
attr
ib
u
tes
ca
n
b
e
u
s
ed
to
d
etec
t
DDo
S
attac
k
s
,
w
h
er
ea
s
th
e
r
est
d
id
n
o
t
m
ee
t
t
h
e
cr
iter
ia
to
b
e
u
s
ed
as
a
to
o
l
f
o
r
C
las
s
i
f
icatio
n
i
n
Ma
ch
in
e
L
ea
r
n
i
n
g
T
ec
h
n
iq
u
es.
T
o
f
in
d
o
u
t
t
h
e
v
a
lu
e
o
f
R
Sq
u
ar
e
o
n
ea
ch
attr
ib
u
te
ca
n
b
e
ex
p
lain
ed
in
T
ab
le
3
as f
o
llo
w
s
.
T
ab
le
2
.
Featu
r
e
s
elec
tio
n
o
p
tim
al
r
es
u
lts
M
o
d
e
l
V
a
r
i
a
b
l
e
s E
n
t
e
r
e
d
V
a
r
i
a
b
l
e
s R
e
mo
v
e
d
M
e
t
h
o
d
1
P
K
T
_
D
E
L
A
Y
.
F
o
r
w
a
r
d
(
C
r
i
t
e
r
i
o
n
:
P
r
o
b
a
b
i
l
i
t
y
-
of
-
F
-
to
-
e
n
t
e
r
<
=
,
0
5
0
)
2
F
R
O
M
_
N
O
D
E
.
F
o
r
w
a
r
d
(
C
r
i
t
e
r
i
o
n
:
P
r
o
b
a
b
i
l
i
t
y
-
of
-
F
-
to
-
e
n
t
e
r
<
=
,
0
5
0
)
3
T
O
_
N
O
D
E
.
F
o
r
w
a
r
d
(
C
r
i
t
e
r
i
o
n
:
P
r
o
b
a
b
i
l
i
t
y
-
of
-
F
-
to
-
e
n
t
e
r
<
=
,
0
5
0
)
4
S
R
C
_
A
D
D
.
F
o
r
w
a
r
d
(
C
r
i
t
e
r
i
o
n
:
P
r
o
b
a
b
i
l
i
t
y
-
of
-
F
-
to
-
e
n
t
e
r
<
=
,
0
5
0
)
a
.
D
e
p
e
n
d
e
n
t
V
a
r
i
a
b
l
e
:
P
K
T
_
C
L
A
S
S
T
ab
le
3
.
Dete
ct
s
ig
n
i
f
ica
n
t v
a
l
u
e
u
s
in
g
f
o
r
w
ar
d
f
ea
t
u
r
e
s
elec
tio
n
r
eg
r
es
s
io
n
(
A
NOV
A
)
M
o
d
e
l
S
u
m o
f
S
q
u
a
r
e
s
df
M
e
a
n
S
q
u
a
r
e
F
S
i
g
.
1
R
e
g
r
e
ssi
o
n
1
1
,
5
8
2
1
1
1
,
5
8
2
7
3
9
,
8
5
8
,
0
0
0
a
R
e
si
d
u
a
l
5
8
,
0
6
0
3
7
0
9
,
0
1
6
T
o
t
a
l
6
9
,
6
4
2
3
7
1
0
2
R
e
g
r
e
ssi
o
n
1
1
,
7
6
8
2
5
,
8
8
4
3
7
6
,
9
8
6
,
0
0
0
b
R
e
si
d
u
a
l
5
7
,
8
7
4
3
7
0
8
,
0
1
6
T
o
t
a
l
6
9
,
6
4
2
3
7
1
0
3
R
e
g
r
e
ssi
o
n
1
1
,
8
4
7
3
3
,
9
4
9
2
5
3
,
2
9
3
,
0
0
0
c
R
e
si
d
u
a
l
5
7
,
7
9
5
3
7
0
7
,
0
1
6
T
o
t
a
l
6
9
,
6
4
2
3
7
1
0
4
R
e
g
r
e
ssi
o
n
1
1
,
9
0
8
4
2
,
9
7
7
1
9
1
,
1
0
6
,
0
0
0
d
R
e
si
d
u
a
l
5
7
,
7
3
3
3
7
0
6
,
0
1
6
T
o
t
a
l
6
9
,
6
4
2
3
7
1
0
a
.
P
re
d
icto
rs:
(Co
n
sta
n
t),
P
KT
_
D
EL
A
Y
b
.
P
re
d
icto
rs:
(C
o
n
sta
n
t),
P
KT
_
D
EL
A
Y,
F
ROM_
NO
DE
c
.
P
re
d
icto
rs:
(Co
n
sta
n
t),
P
KT
_
D
EL
A
Y,
F
ROM_
NO
DE,
T
O_
NO
DE
d
.
P
re
d
icto
rs:
(C
o
n
sta
n
t),
P
KT
_
D
EL
A
Y,
F
ROM_
NO
DE,
T
O_
NO
DE,
S
RC_
A
DD
e
.
De
p
e
n
d
e
n
t
V
a
riab
le:
P
KT
_
CL
A
S
S
I
t
ca
n
b
e
ex
p
lain
ed
t
h
at
ea
ch
a
ttrib
u
te
h
a
s
a
s
i
g
v
al
u
e
le
s
s
t
h
an
0
.
0
5
(
0
,
0
0
0
<0
.
0
5
)
,
m
ea
n
i
n
g
th
a
t
th
e
P
K
T
_
DE
L
A
Y,
FR
OM
_
NO
D
E
,
T
O
_
NODE
,
SR
C
_
A
DD
at
t
r
ib
u
tes
ar
e
v
er
y
s
i
g
n
i
f
ica
n
t
i
n
d
etec
tin
g
t
y
p
es
o
f
DDo
S a
ttack
s
s
u
ch
as
S
m
u
r
t
A
ttac
k
,
UDP
Flo
o
d
,
SQL
I
n
j
ec
tio
n
an
d
HT
T
P
Flo
o
d
)
.
3
.
2
.
Alg
o
rit
m
a
m
a
c
hin
e
lea
r
nin
g
Fro
m
th
e
a
ttrib
u
te
s
th
a
t
h
a
v
e
b
ee
n
s
elec
ted
,
tr
ain
i
n
g
an
d
te
s
tin
g
ar
e
ca
r
r
ied
o
u
t
o
n
a
d
atas
et
w
i
th
5
alg
o
r
ith
m
s
i
n
ac
co
r
d
an
ce
w
it
h
th
e
m
et
h
o
d
s
th
at
h
av
e
b
ee
n
d
eter
m
i
n
ed
ca
n
b
e
s
ee
n
i
n
th
e
T
ab
le
4
an
d
Fig
u
r
e
4
-
7
as f
o
llo
w
s
:
Evaluation Warning : The document was created with Spire.PDF for Python.
I
SS
N
:
2
2
5
2
-
8938
I
n
t J
A
r
ti
f
I
n
tell
,
Vo
l.
9
,
No
.
1
,
Ma
r
ch
20
20
:
137
–
1
4
5
144
T
ab
le
4
.
Data
s
et
d
etail
D
a
t
a
se
t
N
u
mb
e
r
D
a
t
a
se
t
D
D
o
S
T
r
a
i
n
i
n
g
5
8
9
9
T
e
st
i
n
g
3
0
%
1
7
7
0
Fig
u
r
e
4
.
A
cc
u
r
ac
y
d
etec
tio
n
g
r
ap
h
ic
T
h
e
h
ig
h
est
lev
e
l
o
f
ac
c
u
r
ac
y
f
o
r
d
etec
tin
g
DDo
S
a
ttack
s
is
u
s
i
n
g
t
h
e
R
a
n
d
o
m
Fo
r
est
alg
o
r
ith
m
a
n
d
t
h
e
Neu
r
al
Net
w
o
r
k
o
f
9
8
.
7
0
%.
Fig
u
r
e
5
.
P
r
ec
is
io
n
d
etec
tio
n
g
r
ap
h
ic
Fig
u
r
e
6
.
R
ec
all
d
etec
tio
n
g
r
a
p
h
ic
Fig
u
r
e
7
.
F
-
Me
as
u
r
e
d
etec
tio
n
g
r
ap
h
ic
Evaluation Warning : The document was created with Spire.PDF for Python.
I
n
t J
A
r
ti
f
I
n
tell
I
SS
N:
2252
-
8938
F
ea
tu
r
e
s
elec
tio
n
fo
r
DDo
S
d
e
tectio
n
u
s
in
g
cla
s
s
ifica
tio
n
ma
ch
in
e
lea
r
n
in
g
...
(
A
n
d
i Ma
s
la
n
)
145
4.
CO
NCLU
SI
O
N
I
n
th
is
p
ap
er
,
w
e
p
u
t to
g
et
h
er
a
n
e
w
d
atase
t t
h
at
co
v
er
s
th
e
t
y
p
e
s
o
f
m
o
d
er
n
at
tack
s
,
w
h
ich
w
er
e
n
o
t
u
s
ed
in
p
r
ev
io
u
s
s
tu
d
ie
s
.
T
h
e
d
ataset
co
n
tai
n
s
2
5
f
ea
t
u
r
es
an
d
f
iv
e
clas
s
es.
A
ttac
k
s
ar
e
ca
r
r
ied
o
u
t
d
ir
ec
tl
y
to
th
e
tar
g
e
t
s
er
v
er
a
n
d
ca
p
tu
r
e
p
ac
k
et
d
ata
u
s
in
g
a
h
ig
h
-
tr
u
s
t
W
ir
esh
ar
k
ap
p
licatio
n
b
ec
a
u
s
e
o
f
it
s
ab
ilit
y
to
p
r
o
d
u
ce
v
alid
r
esu
lts
t
h
at
r
ef
le
ct
th
e
r
ea
l
en
v
ir
o
n
m
en
t.
C
o
lle
ct
ed
d
ata
h
as
b
ee
n
r
ec
o
r
d
ed
f
o
r
v
ar
io
u
s
t
y
p
e
s
o
f
attac
k
s
t
h
at
tar
g
et
t
h
e
n
et
w
o
r
k
A
p
p
licatio
n
la
y
er
.
Fro
m
t
h
e
d
atasets
,
th
er
e
i
s
a
tr
ain
i
n
g
an
d
test
i
n
g
o
f
d
ata
u
s
i
n
g
f
iv
e
tech
n
iq
u
es
cla
s
s
i
f
ic
atio
n
:
Ne
u
r
al
Net
w
o
r
k
,
Naï
v
e
B
ay
e
s
a
n
d
R
a
n
d
o
m
Fo
r
est,
KNN,
an
d
S
u
p
p
o
r
t
Vec
to
r
Ma
ch
in
e
(
S
VM
)
,
d
atasets
p
r
o
ce
s
s
ed
h
a
v
e
d
i
f
f
er
e
n
t
p
er
ce
n
ta
g
es,
w
it
h
t
h
e
ai
m
o
f
f
ac
il
itati
n
g
in
class
i
f
y
in
g
.
Fro
m
th
is
s
tu
d
y
it
ca
n
b
e
co
n
cl
u
d
ed
th
at
f
r
o
m
t
h
e
f
iv
e
cla
s
s
i
f
ica
tio
n
tec
h
n
iq
u
es
u
s
ed
,
th
e
Fo
r
est
r
an
d
o
m
clas
s
i
f
icatio
n
tec
h
n
iq
u
e
ac
h
iev
ed
t
h
e
h
i
g
h
est
lev
el
o
f
ac
cu
r
ac
y
(
9
8
.
7
0
%)
w
it
h
a
W
eig
h
ted
Av
er
ag
e
o
f
9
8
.
4
%.
T
h
is
m
ea
n
s
t
h
at
t
h
e
tech
n
iq
u
e
is
ab
le
to
d
etec
t
DDo
S
attac
k
s
ac
cu
r
atel
y
o
n
t
h
e
ap
p
licatio
n
t
h
at
w
il
l b
e
d
ev
elo
p
ed
ACK
NO
WL
E
D
G
M
E
NT
S
W
e
w
o
u
ld
li
k
e
to
t
h
a
n
k
all
to
th
e
Un
i
v
er
s
i
t
y
o
f
P
u
t
er
a
B
ata
m
I
n
d
o
n
e
s
ia
n
a
n
d
Un
iv
e
r
s
iti
T
u
n
Hu
s
s
ei
n
On
n
Ma
la
y
s
ia,
w
h
o
h
av
e
p
r
o
v
id
ed
p
r
ac
tice
s
p
ac
e
in
th
is
r
esear
c
h
.
RE
F
E
R
E
NC
E
S
[1
]
A
b
d
u
l
Ka
d
ir,
I
n
tro
d
u
c
ti
o
n
to
th
e
Rev
ise
d
Ed
it
i
o
n
I
n
f
o
rm
a
ti
o
n
S
y
ste
m
.
2
0
1
4
.
[2
]
M
.
M
.
Irsy
a
d
,
“
A
n
a
l
y
si
s
S
y
ste
m
A
n
o
m
a
l
y
T
ra
ff
ic
De
t
e
c
ti
o
n
w
it
h
Co
m
p
a
rin
g
T
h
e
Diff
e
r
e
n
c
e
s
o
f
T
rian
g
le
-
A
re
a
-
M
a
p
F
e
a
tu
re
s f
o
r
A
n
o
m
a
l
y
Ty
p
e
Id
e
n
ti
f
ica
ti
o
n
M
u
j
p
,
”
T
e
lko
m U
n
i
v
.
,
v
o
l.
2
,
n
o
.
1
,
p
p
.
2
5
4
–
2
6
3
,
2
0
1
5
.
[3
]
K.
Ka
to
a
n
d
V
.
Kly
u
e
v
,
“
A
n
In
telli
g
e
n
t
DD
o
S
A
tt
a
c
k
De
tec
ti
o
n
S
y
ste
m
Us
in
g
P
a
c
k
e
t
A
n
a
l
y
sis
a
n
d
S
u
p
p
o
rt
V
e
c
to
r
M
a
c
h
in
e
,
”
In
t
.
J
.
I
n
tell.
C
o
mp
u
t.
Res
.
,
v
o
l.
5
,
n
o
.
3
,
p
p
.
4
6
4
–
4
7
1
,
2
0
1
4
.
[4
]
K.
Ra
m
a
d
h
a
n
i,
M
.
Yu
s
u
f
,
a
n
d
H.
E.
W
a
h
a
n
a
n
i,
“
Cu
s
u
m
-
Ba
se
d
T
ra
ff
ic Ch
a
n
g
e
A
n
o
m
a
l
y
,
”
2
0
1
4
.
[5
]
A
.
W
.
M
u
h
a
m
m
a
d
a
n
d
I.
Riad
i,
“
De
tec
t
io
n
o
f
DD
o
S
A
tt
a
c
k
s
U
sin
g
Ne
u
ra
l
Ne
tw
o
rk
w
it
h
F
ix
e
d
M
o
v
in
g
A
v
e
r
a
g
e
W
in
d
o
w
F
u
n
c
ti
o
n
,
”
v
o
l.
1
,
n
o
.
3
,
p
p
.
1
1
5
–
1
2
2
,
2
0
1
7
.
[6
]
A
.
Oz
a
,
“
H
TT
P
A
tt
a
c
k
D
e
tec
ti
o
n
u
sin
g
N
-
g
ra
m
A
n
a
l
y
sis,”
2
0
1
3
.
[7
]
T
.
P
.
T
h
w
e
T
h
we
Oo
,
“
A
sta
ti
stica
l
a
p
p
ro
a
c
h
to
c
las
sify
a
n
d
id
e
n
ti
fy
DD
o
S
a
t
tac
k
s
u
sin
g
UC
LA
d
a
tas
e
t,
”
In
t.
J
.
Ad
v
.
Res
.
C
o
mp
u
t.
E
n
g
.
T
e
c
h
n
o
l.
,
v
o
l.
2
,
n
o
.
5
,
p
.
1
7
6
6
,
2
0
1
3
.
[8
]
J.
Da
v
id
a
n
d
C.
T
h
o
m
a
s,
“
DD
o
S
A
tt
a
c
k
D
e
tec
ti
o
n
u
sin
g
F
a
st
En
tr
o
p
y
A
p
p
ro
a
c
h
o
n
F
lo
w
-
Ba
se
d
Ne
tw
o
rk
T
ra
ff
ic,”
Pro
c
e
d
ia
-
Pro
c
e
d
i
a
Co
m
p
u
t
.
S
c
i.
,
v
o
l.
5
0
,
p
p
.
30
–
3
6
,
2
0
1
5
.
[9
]
M
.
A
lk
a
sa
ss
b
e
h
,
A
.
B.
A
.
Ha
ss
a
n
a
t,
a
n
d
G
.
A
l
-
n
a
y
m
a
t,
“
D
e
tec
ti
n
g
Distrib
u
ted
De
n
ial
o
f
S
e
rv
ice
A
tt
a
c
k
s
Us
in
g
Da
ta M
in
in
g
T
e
c
h
n
iq
u
e
s,”
v
o
l.
7
,
n
o
.
1
,
p
p
.
4
3
6
–
4
4
5
,
2
0
1
6
.
[1
0
]
B.
A
.
P
ra
to
m
o
a
n
d
R.
M
.
Ijt
ih
a
d
i
e
,
“
S
iste
m
D
e
tek
si
In
tru
si
M
e
n
g
g
u
n
a
k
a
n
N
-
G
ra
m
D
a
n
Co
sin
e
S
im
i
larity
,
”
J
UTI
J
.
Ilm.
T
e
k
n
o
l
.
In
f.
,
v
o
l
.
1
4
,
n
o
.
1
,
p
.
1
0
8
,
2
0
1
6
.
[1
1
]
S
.
S
ri
d
h
a
ra
n
,
“
De
f
e
a
ti
n
g
n
-
g
ra
m
S
c
o
re
s f
o
r
HTT
P
A
tt
a
c
k
De
te
c
ti
o
n
,
”
2
0
1
6
.
[1
2
]
A
.
Oz
a
,
K.
Ro
ss
,
R.
M
.
L
o
w
,
a
n
d
M
.
S
tam
p
,
“
HTT
P
A
tt
a
c
k
De
te
c
ti
o
n
u
sin
g
N
-
g
ra
m
A
n
a
l
y
sis.p
d
f
,
”
Co
mp
u
t
.
{&
}
S
e
c
u
r.
,
v
o
l.
4
5
,
p
p
.
2
4
2
–
2
5
4
,
2
0
1
4
.
[1
3
]
I.
Riad
i,
A
.
W
.
M
u
h
a
m
m
a
d
,
a
n
d
S
u
n
a
rd
i,
“
Ne
u
ra
l
n
e
tw
o
rk
-
b
a
se
d
DD
o
S
d
e
tec
ti
o
n
re
g
a
rd
in
g
h
id
d
e
n
lay
e
r
v
a
riatio
n
,
”
J
.
T
h
e
o
r.
A
p
p
l
.
In
f.
T
e
c
h
n
o
l
.
,
v
o
l
.
9
5
,
n
o
.
1
5
,
p
p
.
3
6
8
4
–
3
6
9
1
,
2
0
1
7
.
[1
4
]
B.
A
.
T
a
m
a
a
n
d
K.
H.
Rh
e
e
,
“
Da
ta
m
i
n
in
g
tec
h
n
iq
u
e
s
in
Do
S
/
DD
o
S
a
tt
a
c
k
d
e
tec
ti
o
n
:
A
li
tera
t
u
re
re
v
ie
w
Da
t
a
M
in
i
n
g
T
e
c
h
n
iq
u
e
s i
n
Do
S
/
DD
o
S
A
tt
a
c
k
D
e
tec
ti
o
n
:
A
L
it
e
ra
tu
re
Re
v
ie
w
,
”
n
o
.
A
u
g
u
st 2
0
1
5
,
2
0
1
7
.
[1
5
]
U.
S
.
Uta
ra
,
U.
S
.
Uta
ra
,
a
n
d
U.
S
.
Uta
ra
,
“
Bo
tn
e
t
De
tec
ti
o
n
Us
in
g
t
h
e
K
-
Ne
a
re
st Ne
ig
h
b
o
r
A
lg
o
rit
h
m
,
”
2
0
1
8
.
[1
6
]
M
.
A
lk
a
sa
ss
b
e
h
,
G
.
A
l
-
N
a
y
m
a
t,
A
.
B.
A
,
a
n
d
M
.
A
lm
s
e
id
in
,
“
D
e
tec
ti
n
g
Distrib
u
ted
De
n
ial
o
f
S
e
rv
ice
A
tt
a
c
k
s
Us
in
g
Da
ta M
in
in
g
T
e
c
h
n
iq
u
e
s,”
In
t.
J
.
Ad
v
.
C
o
mp
u
t.
S
c
i.
A
p
p
l
.
,
v
o
l.
7
,
n
o
.
1
,
2
0
1
6
.
[1
7
]
C.
M
a
x
-
d
e
p
e
n
d
e
n
c
y
,
“
F
e
a
tu
re
S
e
lec
ti
o
n
Ba
se
d
o
n
M
u
t
u
a
l
In
f
o
rm
a
ti
o
n
:” v
o
l
.
2
7
,
n
o
.
8
,
p
p
.
1
2
2
6
–
1
2
3
8
,
2
0
0
5
.
[1
8
]
E.
M
a
n
a
lu
,
F
.
A
.
S
ian
tu
ri,
a
n
d
M
.
R.
M
a
n
a
l
u
,
“
A
p
p
li
c
a
ti
o
n
o
f
Na
iv
e
Ba
y
e
s
A
lg
o
rit
h
m
T
o
P
re
d
ict
T
h
e
P
ro
d
u
c
ti
o
n
Am
o
u
n
t
Ba
se
d
On
In
v
e
n
t
o
ry
Da
t
a
A
n
d
th
e
n
u
m
b
e
r
o
f
o
rd
e
rin
g
o
n
c
v
.
P
a
p
a
d
a
n
M
a
m
a
P
a
stries
,
”
v
o
l.
1
,
n
o
.
2
,
2
0
1
7
.
[1
9
]
T
.
M
a
h
jab
in
,
Y.
Xia
o
,
G
.
S
u
n
,
a
n
d
W
.
Jia
n
g
,
“
A
su
rv
e
y
o
f
a
d
ist
rib
u
te
d
d
e
n
ial
-
of
-
se
rv
ice
a
tt
a
c
k
,
p
re
v
e
n
ti
o
n
,
a
n
d
m
it
ig
a
ti
o
n
tec
h
n
iq
u
e
s,”
v
o
l.
1
3
,
n
o
.
1
3
9
,
2
0
1
7
.
[2
0
]
M
.
2
0
0
6
.
D.
M
.
C
.
a
n
d
T
.
N.
Y.
M
.
K.
P
.
Ha
n
,
J.,
&
Ka
m
b
e
r,
Da
ta
min
i
n
g
Co
n
c
e
p
t
a
n
d
T
e
c
h
n
i
q
u
e
s.
Ne
w
Y
o
rk
.
2
0
0
6
.
[2
1
]
S
iri
n
g
o
ri
n
g
o
,
“
Co
m
p
a
ra
ti
v
e
A
n
a
ly
sis
o
f
Clu
ste
r
P
r
o
c
e
ss
Us
in
g
K
-
M
e
a
n
s
Clu
ste
rin
g
a
n
d
K
-
Ne
a
re
st
Ne
ig
h
b
o
r
i
n
Dia
b
e
tes
M
e
ll
it
u
s,”
2
0
1
6
.
[2
2
]
K.
Ke
p
e
m
il
ik
a
n
a
n
d
K.
Be
m
o
to
r,
“
A
p
p
li
c
a
ti
o
n
o
f
k
-
n
e
a
re
st
n
e
i
g
h
b
o
r
a
lg
o
rit
h
m
f
o
r
d
e
term
in
in
g
c
re
d
it
risk
o
f
m
o
to
rize
d
v
e
h
icle
o
w
n
e
rsh
ip
,
”
v
o
l.
1
,
n
o
.
1
,
p
p
.
6
5
–
7
6
,
2
0
1
3
.
[2
3
]
U.
S
.
Uta
ra
,
“
Un
iv
e
rsitas
S
u
m
a
ter
a
Uta
ra
,
”
2
0
1
5
.
[2
4
]
L
.
M
.
S
h
i
,
A
.
M
u
sta
p
h
a
,
Y.
M
a
z
w
in
,
a
n
d
M
.
Ha
ss
im
,
“
P
re
d
icti
n
g
fa
talit
ies
a
m
o
n
g
sh
a
rk
a
tt
a
c
k
s
:
c
o
m
p
a
riso
n
o
f
c
las
si
f
iers
,
”
v
o
l.
8
,
n
o
.
4
,
p
p
.
3
6
0
–
3
6
6
,
2
0
1
9
.
Evaluation Warning : The document was created with Spire.PDF for Python.