# Network Traffic Dataset - Column Descriptions

## 1. frame.time
- **Description:** The timestamp when the network packet was captured.
- **Type:** Datetime/String
- **Example:** `2024-03-08 12:34:56.789`

## 2. ip.src_host
- **Description:** The source IP address of the packet sender.
- **Type:** String (IP Address)
- **Example:** `192.168.1.1`

## 3. ip.dst_host
- **Description:** The destination IP address of the packet receiver.
- **Type:** String (IP Address)
- **Example:** `192.168.1.100`

## 4. arp.dst.proto_ipv4
- **Description:** The destination IPv4 address in an ARP (Address Resolution Protocol) request.
- **Type:** String (IP Address)
- **Example:** `192.168.1.2`

## 5. arp.opcode
- **Description:** Specifies the type of ARP message (e.g., request or reply).
- **Type:** Integer
- **Example:** `1` (Request), `2` (Reply)

## 6. arp.hw.size
- **Description:** The size (in bytes) of the hardware address in the ARP packet.
- **Type:** Integer
- **Example:** `6`

## 7. arp.src.proto_ipv4
- **Description:** The source IPv4 address in an ARP request or reply.
- **Type:** String (IP Address)
- **Example:** `192.168.1.3`

## 8. icmp.checksum
- **Description:** The checksum value for error detection in ICMP (Internet Control Message Protocol) packets.
- **Type:** Hexadecimal/String
- **Example:** `0x3f2a`

## 9. icmp.seq_le
- **Description:** The sequence number in ICMP echo (ping) requests and replies.
- **Type:** Integer
- **Example:** `42`

## 10. icmp.transmit_timestamp
- **Description:** The timestamp when an ICMP packet is sent.
- **Type:** Integer (Milliseconds since epoch)
- **Example:** `1678901234567`

## 11. icmp.unused
- **Description:** A field in ICMP packets that is reserved for future use.
- **Type:** Integer/Hexadecimal
- **Example:** `0x0000`

## 12. http.file_data
- **Description:** The actual file data transmitted in an HTTP request or response.
- **Type:** String/Binary
- **Example:** `index.html content`

## 13. http.content_length
- **Description:** The length (in bytes) of the HTTP message body.
- **Type:** Integer
- **Example:** `1024`

## 14. http.request.uri.query
- **Description:** The query parameters in an HTTP request URI.
- **Type:** String
- **Example:** `?id=123&user=admin`

## 15. http.request.method
- **Description:** The HTTP request method used (GET, POST, PUT, etc.).
- **Type:** String
- **Example:** `GET`

## 16. http.referer
- **Description:** The referring URL from which the HTTP request originated.
- **Type:** String
- **Example:** `https://example.com/home`

## 17. http.request.full_uri
- **Description:** The full URI of the requested HTTP resource.
- **Type:** String
- **Example:** `https://example.com/api/data?id=123`

## 18. http.request.version
- **Description:** The HTTP version used in the request.
- **Type:** String
- **Example:** `HTTP/1.1`

## 19. http.response
- **Description:** The HTTP response code returned by the server.
- **Type:** Integer
- **Example:** `200`

## 20. http.tls_port
- **Description:** The port number used for TLS-secured HTTP communication.
- **Type:** Integer
- **Example:** `443`

## 21. tcp.ack
- **Description:** The acknowledgment number in a TCP packet.
- **Type:** Integer
- **Example:** `1203948`

## 22. tcp.ack_raw
- **Description:** The raw acknowledgment number in the TCP packet.
- **Type:** Integer
- **Example:** `1203948`

## 23. tcp.checksum
- **Description:** The checksum value for error detection in a TCP packet.
- **Type:** Hexadecimal/String
- **Example:** `0x5a6f`

## 24. tcp.connection.fin
- **Description:** A flag indicating if the TCP connection is being finished (FIN flag set).
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 25. tcp.connection.rst
- **Description:** A flag indicating if the TCP connection was reset (RST flag set).
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 26. tcp.connection.syn
- **Description:** A flag indicating if the TCP connection is being initiated (SYN flag set).
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 27. tcp.connection.synack
- **Description:** A flag indicating if the TCP connection is completing the handshake (SYN-ACK flag set).
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 28. tcp.dstport
- **Description:** The destination port number in the TCP packet.
- **Type:** Integer
- **Example:** `80`

## 29. tcp.flags
- **Description:** The flags set in the TCP header (e.g., SYN, ACK, FIN).
- **Type:** String
- **Example:** `SYN-ACK`

## 30. tcp.flags.ack
- **Description:** Indicates if the ACK flag is set in the TCP packet.
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 31. tcp.len
- **Description:** The length of the TCP segment data.
- **Type:** Integer
- **Example:** `512`

## 32. tcp.options
- **Description:** Options field in the TCP header, used for various extensions such as timestamps and window scaling.
- **Type:** String/Binary
- **Example:** `020405B401030308`

## 33. tcp.payload
- **Description:** The actual data carried within the TCP segment.
- **Type:** String/Binary
- **Example:** `GET /index.html HTTP/1.1`

## 34. tcp.seq
- **Description:** The sequence number of the TCP packet, used for ordering segments.
- **Type:** Integer
- **Example:** `123456789`

## 35. tcp.srcport
- **Description:** The source port number in the TCP packet.
- **Type:** Integer
- **Example:** `443`

## 36. udp.port
- **Description:** The port number used in the UDP packet (source or destination).
- **Type:** Integer
- **Example:** `53`

## 37. udp.stream
- **Description:** A stream index assigned to UDP packets to track connections.
- **Type:** Integer
- **Example:** `5`

## 38. udp.time_delta
- **Description:** The time difference between this UDP packet and the previous one in the same stream.
- **Type:** Float (seconds)
- **Example:** `0.002`

## 39. dns.qry.name
- **Description:** The domain name being queried in the DNS request.
- **Type:** String
- **Example:** `example.com`

## 40. dns.qry.name.len
- **Description:** The length of the domain name queried in the DNS request.
- **Type:** Integer
- **Example:** `11`

## 41. dns.qry.qu
- **Description:** Represents different types of DNS queries or flags, encoded as numerical values. These values might correspond to specific DNS query operations, transaction tracking, or custom encodings used by the dataset.
- **Type:** Categorical (Integer values representing different query types or flags)
- **Example:** `0`, `37`

## 42. dns.qry.type
- **Description:** The type of DNS query, such as A, AAAA, or MX.
- **Type:** Integer
- **Example:** `1` (A record)

## 43. dns.retransmission
- **Description:** Represents the count or category of DNS retransmissions. While `0` likely indicates no retransmission, other values (`1, 12, 28`) suggest different levels or types of retransmission behavior.
- **Type:** Categorical (Integer values representing retransmission states or counts)
- **Example:** `0, 1, 12, 28`


## 44. dns.retransmit_request
- **Description:** A flag indicating that this DNS request was retransmitted due to no response.
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 45. dns.retransmit_request_in
- **Description:** The time interval after which the DNS request was retransmitted.
- **Type:** Float (seconds)
- **Example:** `2.5`

## 46. mqtt.conack.flags
- **Description:** Flags sent in the MQTT CONNACK response after a client connection attempt.
- **Type:** Integer
- **Example:** `0`

## 47. mqtt.conflag.cleansess
- **Description:** A flag indicating whether the MQTT client requests a clean session.
- **Type:** Boolean (0 or 1)
- **Example:** `1`

## 48. mqtt.conflags
- **Description:** Flags field in the MQTT connection request packet.
- **Type:** Integer
- **Example:** `194`

## 49. mqtt.hdrflags
- **Description:** Header flags field in the MQTT message.
- **Type:** Integer
- **Example:** `32`

## 50. mqtt.len
- **Description:** The length of the MQTT message.
- **Type:** Integer
- **Example:** `24`

## 51. mqtt.msg_decoded_as
- **Description:** The decoded MQTT message type (e.g., PUBLISH, SUBSCRIBE).
- **Type:** String
- **Example:** `PUBLISH`

## 52. mqtt.msg
- **Description:** The actual MQTT message payload.
- **Type:** String
- **Example:** `temperature=25`

## 53. mqtt.msgtype
- **Description:** The type of MQTT message (CONNECT, PUBLISH, SUBSCRIBE, etc.).
- **Type:** Integer
- **Example:** `3` (PUBLISH)

## 54. mqtt.proto_len
- **Description:** The length of the MQTT protocol name field.
- **Type:** Integer
- **Example:** `4`

## 55. mqtt.protoname
- **Description:** The name of the MQTT protocol used.
- **Type:** String
- **Example:** `MQTT`

## 56. mqtt.topic
- **Description:** The topic to which the MQTT message is published.
- **Type:** String
- **Example:** `sensors/temperature`

## 57. mqtt.topic_len
- **Description:** The length of the MQTT topic.
- **Type:** Integer
- **Example:** `18`

## 58. mqtt.ver
- **Description:** The version of the MQTT protocol used.
- **Type:** Integer
- **Example:** `4`

## 59. mbtcp.len
- **Description:** The length of the Modbus TCP message.
- **Type:** Integer
- **Example:** `12`

## 60. mbtcp.trans_id
- **Description:** The transaction ID used to match requests and responses in Modbus TCP.
- **Type:** Integer
- **Example:** `1001`

## 61. mbtcp.unit_id
- **Description:** The Modbus unit identifier for the request.
- **Type:** Integer
- **Example:** `1`