{
"cells": [
{
"cell_type": "code",
"execution_count": 1,
"metadata": {
"pycharm": {
"name": "#%% Imporintg packages\n"
}
},
"outputs": [],
"source": [
"from sklearn.model_selection import train_test_split\n",
"import numpy as np # linear algebra\n",
"import pandas as pd # data processing, CSV file I/O (e.g. pd.read_csv)\n",
"from sklearn.neighbors import KNeighborsClassifier\n",
"from sklearn.metrics import classification_report, confusion_matrix\n",
"from sklearn.preprocessing import OrdinalEncoder\n",
"import matplotlib.pyplot as plt\n",
"from sklearn.metrics import *\n",
"import seaborn as sns"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"pycharm": {
"name": "#%% Reading befign dataset\n"
}
},
"outputs": [],
"source": [
"df = pd.read_csv('D://OneDrive - Higher Education Commission//Collaborations//Daud Khan//Paper02//CICBellEXFDNS2021//Attack_heavy_Benign - Copy//Dataset-stateless_attack_heavyAll.csv', header=0)"
]
},
{
"cell_type": "code",
"execution_count": 3,
"metadata": {
"pycharm": {
"name": "#%% Printing dataset summary\n"
}
},
"outputs": [
{
"data": {
"text/plain": " timestamp FQDN_count subdomain_length upper lower numeric \\\n0 52:31.2 25 8 0 10 9 \n1 52:31.7 25 8 0 10 9 \n2 52:31.9 15 0 11 0 3 \n3 52:32.1 24 7 0 10 8 \n4 52:32.5 24 7 0 10 8 \n... ... ... ... ... ... ... \n433359 53:18.0 26 9 0 10 10 \n433360 53:18.4 27 10 0 10 11 \n433361 53:18.8 27 10 0 10 11 \n433362 53:20.1 24 7 0 10 8 \n433363 53:20.5 24 7 0 10 8 \n\n entropy special labels labels_max labels_average longest_word \\\n0 2.556642 6 6 7 3.333333 2 \n1 2.556642 6 6 7 3.333333 2 \n2 3.625000 1 1 15 15.000000 C \n3 2.054029 6 6 7 3.166667 4 \n4 2.054029 6 6 7 3.166667 4 \n... ... ... ... ... ... ... \n433359 2.742338 6 6 7 3.500000 2 \n433360 2.767195 6 6 7 3.666667 2 \n433361 2.767195 6 6 7 3.666667 2 \n433362 2.054029 6 6 7 3.166667 4 \n433363 2.054029 6 6 7 3.166667 4 \n\n sld len subdomain Class \n0 192 12 1 1 \n1 192 12 1 1 \n2 DESKTOP-3JF04TC 16 0 1 \n3 224 11 1 1 \n4 224 11 1 1 \n... ... ... ... ... \n433359 192 13 1 0 \n433360 192 14 1 0 \n433361 192 14 1 0 \n433362 224 11 1 0 \n433363 224 11 1 0 \n\n[433364 rows x 16 columns]",
"text/html": "\n\n
\n \n \n | \n timestamp | \n FQDN_count | \n subdomain_length | \n upper | \n lower | \n numeric | \n entropy | \n special | \n labels | \n labels_max | \n labels_average | \n longest_word | \n sld | \n len | \n subdomain | \n Class | \n
\n \n \n \n | 0 | \n 52:31.2 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 192 | \n 12 | \n 1 | \n 1 | \n
\n \n | 1 | \n 52:31.7 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 192 | \n 12 | \n 1 | \n 1 | \n
\n \n | 2 | \n 52:31.9 | \n 15 | \n 0 | \n 11 | \n 0 | \n 3 | \n 3.625000 | \n 1 | \n 1 | \n 15 | \n 15.000000 | \n C | \n DESKTOP-3JF04TC | \n 16 | \n 0 | \n 1 | \n
\n \n | 3 | \n 52:32.1 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 1 | \n
\n \n | 4 | \n 52:32.5 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 1 | \n
\n \n | ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n
\n \n | 433359 | \n 53:18.0 | \n 26 | \n 9 | \n 0 | \n 10 | \n 10 | \n 2.742338 | \n 6 | \n 6 | \n 7 | \n 3.500000 | \n 2 | \n 192 | \n 13 | \n 1 | \n 0 | \n
\n \n | 433360 | \n 53:18.4 | \n 27 | \n 10 | \n 0 | \n 10 | \n 11 | \n 2.767195 | \n 6 | \n 6 | \n 7 | \n 3.666667 | \n 2 | \n 192 | \n 14 | \n 1 | \n 0 | \n
\n \n | 433361 | \n 53:18.8 | \n 27 | \n 10 | \n 0 | \n 10 | \n 11 | \n 2.767195 | \n 6 | \n 6 | \n 7 | \n 3.666667 | \n 2 | \n 192 | \n 14 | \n 1 | \n 0 | \n
\n \n | 433362 | \n 53:20.1 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 0 | \n
\n \n | 433363 | \n 53:20.5 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 0 | \n
\n \n
\n
433364 rows × 16 columns
\n
\n\n
\n \n \n | \n timestamp | \n FQDN_count | \n subdomain_length | \n upper | \n lower | \n numeric | \n entropy | \n special | \n labels | \n labels_max | \n labels_average | \n longest_word | \n sld | \n len | \n subdomain | \n Class | \n
\n \n \n \n | 0 | \n 52:31.2 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 192 | \n 12 | \n 1 | \n 1 | \n
\n \n | 1 | \n 52:31.7 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 192 | \n 12 | \n 1 | \n 1 | \n
\n \n | 2 | \n 52:31.9 | \n 15 | \n 0 | \n 11 | \n 0 | \n 3 | \n 3.625000 | \n 1 | \n 1 | \n 15 | \n 15.000000 | \n C | \n DESKTOP-3JF04TC | \n 16 | \n 0 | \n 1 | \n
\n \n | 3 | \n 52:32.1 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 1 | \n
\n \n | 4 | \n 52:32.5 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 224 | \n 11 | \n 1 | \n 1 | \n
\n \n
\n
\n\n
\n \n \n | \n timestamp | \n FQDN_count | \n subdomain_length | \n upper | \n lower | \n numeric | \n entropy | \n special | \n labels | \n labels_max | \n labels_average | \n longest_word | \n sld | \n len | \n subdomain | \n Class | \n
\n \n \n \n | 0 | \n 31504.0 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 110.0 | \n 12 | \n 1 | \n 1 | \n
\n \n | 1 | \n 31509.0 | \n 25 | \n 8 | \n 0 | \n 10 | \n 9 | \n 2.556642 | \n 6 | \n 6 | \n 7 | \n 3.333333 | \n 2 | \n 110.0 | \n 12 | \n 1 | \n 1 | \n
\n \n | 2 | \n 31511.0 | \n 15 | \n 0 | \n 11 | \n 0 | \n 3 | \n 3.625000 | \n 1 | \n 1 | \n 15 | \n 15.000000 | \n 11 | \n 467.0 | \n 16 | \n 0 | \n 1 | \n
\n \n | 3 | \n 31513.0 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 178.0 | \n 11 | \n 1 | \n 1 | \n
\n \n | 4 | \n 31517.0 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 178.0 | \n 11 | \n 1 | \n 1 | \n
\n \n | ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n ... | \n
\n \n | 433359 | \n 31972.0 | \n 26 | \n 9 | \n 0 | \n 10 | \n 10 | \n 2.742338 | \n 6 | \n 6 | \n 7 | \n 3.500000 | \n 2 | \n 110.0 | \n 13 | \n 1 | \n 0 | \n
\n \n | 433360 | \n 31976.0 | \n 27 | \n 10 | \n 0 | \n 10 | \n 11 | \n 2.767195 | \n 6 | \n 6 | \n 7 | \n 3.666667 | \n 2 | \n 110.0 | \n 14 | \n 1 | \n 0 | \n
\n \n | 433361 | \n 31980.0 | \n 27 | \n 10 | \n 0 | \n 10 | \n 11 | \n 2.767195 | \n 6 | \n 6 | \n 7 | \n 3.666667 | \n 2 | \n 110.0 | \n 14 | \n 1 | \n 0 | \n
\n \n | 433362 | \n 31993.0 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 178.0 | \n 11 | \n 1 | \n 0 | \n
\n \n | 433363 | \n 31997.0 | \n 24 | \n 7 | \n 0 | \n 10 | \n 8 | \n 2.054029 | \n 6 | \n 6 | \n 7 | \n 3.166667 | \n 4 | \n 178.0 | \n 11 | \n 1 | \n 0 | \n
\n \n
\n
433354 rows × 16 columns
\n