]> An ontology for network traffic A list of Network IP addresses that were scanned with a PingScan 1 A Stream that consists of two nodes sending TCP packets A Stream that consists of two nodes sending UDP packets A Stream that consists of two nodes sending ICMP packets PingPacket are ICMPPackets with ICMPtype of 8 (echo request) One packet type for a possible Ping Flood attack 8 SmurfPacket are ICMPPackets with the last octet of destIP of 255 One packet type for a possible Ping Flood attack 255 SynPacket are TCPPackets with the SYN flag set One packet type for a possible Port Scan attack 1 FinPacket are TCPPackets with FIN flag only set One packet type for a possible Port Scan attack Typically, TCP packets with FIN flag will also have ACK flag set TCP response to FIN flag only set will tell attacker if port is open 1 0 0 0 MaskPacket are ICMPPackets with ICMPtype of 17 (netmask request) One packet type for a possible ICMP Flood attack 17