I'm using the DDoS data available https://data.mendeley.com/datasets/8nb4cdwc9h/1
The first 115,116 are categorized as DoS attacks because the three-way handshake is not satisfied; this is intuitive. However, row number 115124 does not satisfy the condition and is categorized as benign. There are several rows similar to this case. Can anyone elaborate on this?
