How to differentiate between DDoS communications and benign communications?
I'm using the DDoS data available https://data.mendeley.com/datasets/8n...
The first 115,116 are categorized as DoS attacks because the three-way handshake is not satisfied; this is intuitive. However, row number 115124 does not satisfy the condition and is categorized as benign. There are several rows similar to this case. Can anyone elaborate on this?
Comments