In [1]:
import numpy as np
import pandas as pd
import matplotlib.pyplot as plt
from sklearn.preprocessing import LabelEncoder
from sklearn.model_selection import train_test_split
import seaborn as sb

In [5]:
TRAIN_PATH = "..\datasets\Imbalanced_IDS\TrafficForML_CICFlowMeter.csv"
train_df = pd.read_csv(TRAIN_PATH)
train_df = train_df.drop(columns = ['Timestamp'])
train_df = train_df.dropna()
check_nan = train_df.isnull().values.any()
count_nan = train_df.isnull().sum().sum()

print(count_nan)
X, y = train_df.values[:, :-1], train_df.values[:, -1]
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state=42, stratify=y)

0


In [6]:
print(X_train.shape)
print(X_test.shape)
print(y_train.shape)
print(y_test.shape)


(836004, 78)
(209002, 78)
(836004,)
(209002,)


In [7]:
train_df.head()

Unnamed: 0,Dst Port,Protocol,Flow Duration,Tot Fwd Pkts,Tot Bwd Pkts,TotLen Fwd Pkts,TotLen Bwd Pkts,Fwd Pkt Len Max,Fwd Pkt Len Min,Fwd Pkt Len Mean,...,Fwd Seg Size Min,Active Mean,Active Std,Active Max,Active Min,Idle Mean,Idle Std,Idle Max,Idle Min,Label
0,22,6,20553406,10,7,1063,1297,744,0,106.3,...,20,1027304.0,0.0,1027304,1027304,19526080.0,0.0,19526080,19526080,Benign
1,34989,6,790,2,0,848,0,848,0,424.0,...,20,0.0,0.0,0,0,0.0,0.0,0,0,Benign
2,500,17,99745913,5,0,2500,0,500,500,500.0,...,8,4000203.0,0.0,4000203,4000203,31915240.0,37927870.0,75584115,7200679,Benign
3,500,17,99745913,5,0,2500,0,500,500,500.0,...,8,4000189.0,0.0,4000189,4000189,31915240.0,37927880.0,75584130,7200693,Benign
4,500,17,89481361,6,0,3000,0,500,500,500.0,...,8,4000554.0,0.0,4000554,4000554,21370200.0,15281090.0,41990741,7200848,Benign


In [8]:
print(train_df.isnull().sum().sum(), train_df.isna().sum().sum())

0 0


Data has no null values and no "na" values.

In [9]:
print(train_df.columns)

Index(['Dst Port', 'Protocol', 'Flow Duration', 'Tot Fwd Pkts', 'Tot Bwd Pkts',
       'TotLen Fwd Pkts', 'TotLen Bwd Pkts', 'Fwd Pkt Len Max',
       'Fwd Pkt Len Min', 'Fwd Pkt Len Mean', 'Fwd Pkt Len Std',
       'Bwd Pkt Len Max', 'Bwd Pkt Len Min', 'Bwd Pkt Len Mean',
       'Bwd Pkt Len Std', 'Flow Byts/s', 'Flow Pkts/s', 'Flow IAT Mean',
       'Flow IAT Std', 'Flow IAT Max', 'Flow IAT Min', 'Fwd IAT Tot',
       'Fwd IAT Mean', 'Fwd IAT Std', 'Fwd IAT Max', 'Fwd IAT Min',
       'Bwd IAT Tot', 'Bwd IAT Mean', 'Bwd IAT Std', 'Bwd IAT Max',
       'Bwd IAT Min', 'Fwd PSH Flags', 'Bwd PSH Flags', 'Fwd URG Flags',
       'Bwd URG Flags', 'Fwd Header Len', 'Bwd Header Len', 'Fwd Pkts/s',
       'Bwd Pkts/s', 'Pkt Len Min', 'Pkt Len Max', 'Pkt Len Mean',
       'Pkt Len Std', 'Pkt Len Var', 'FIN Flag Cnt', 'SYN Flag Cnt',
       'RST Flag Cnt', 'PSH Flag Cnt', 'ACK Flag Cnt', 'URG Flag Cnt',
       'CWE Flag Count', 'ECE Flag Cnt', 'Down/Up Ratio', 'Pkt Size Avg',
       'Fwd Seg Siz

In [10]:
list_dtype = [train_df[i].dtype for i in train_df.columns]
dict((i, list_dtype.count(i)) for i in list_dtype)

{dtype('int64'): 54, dtype('float64'): 24, dtype('O'): 1}

All the columns are float type. Hence one hot encoding is not required.

In [13]:
print(train_df['Label'].value_counts())

Benign              1044644
Brute Force -Web        249
Brute Force -XSS         79
SQL Injection            34
Name: Label, dtype: int64


This shows the class imbalance

In [14]:
for col in train_df.columns:
    if len(train_df[col].unique()) < 5:
        print(col)
        print(train_df.groupby([col, 'Label'])['Label'].count())

Protocol
Protocol  Label           
0         Benign               16173
6         Benign              722491
          Brute Force -Web       249
          Brute Force -XSS        79
          SQL Injection           34
17        Benign              305980
Name: Label, dtype: int64
Fwd PSH Flags
Fwd PSH Flags  Label           
0              Benign              1004155
               Brute Force -Web        249
               Brute Force -XSS         79
               SQL Injection            34
1              Benign                40489
Name: Label, dtype: int64
Bwd PSH Flags
Bwd PSH Flags  Label           
0              Benign              1044644
               Brute Force -Web        249
               Brute Force -XSS         79
               SQL Injection            34
Name: Label, dtype: int64
Fwd URG Flags
Fwd URG Flags  Label           
0              Benign              1044644
               Brute Force -Web        249
               Brute Force -XSS         79
          