The firewall dashboard has a window at the right lower portion of ASDM and it displays Top 10 protected servers under SYN attack. Refer to the attached picture.
In this scenario the server IP 220.127.116.11 seems to be getting SYN attacks from one of my internal network PC. This server 18.104.22.168 does not belong to us, a whois query tells me that the IP originates from Poland with no hostname address.
I should have been seeing attacks only for servers belonging to my network right? Like an attack from Outside public IP towards my Server public IP, or is it that this feature provides two way statistics where it also displays attack originating from my lan towards outside world. From what I see, I feel it displays two way attacks. Correct me if I am wrong.
Yes, it is protecting both directions of the traffic passing through the ASA, inbound and outbound by default.
It looks like your internal host is attacking the 22.214.171.124 host, or it might be some software that is trying to reach 126.96.36.199, however, this host is not responding. Might be peer to peer file sharing or other similar sort of application.
There are different types and features of threat detection, and here is more information for your reference:
Hope that helps.