Skip to content
/ flowmeter Public

A tool for deriving statistical features from PCAP data

License

GPL-2.0 license
12 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alekzandr/flowmeter

BranchesTags

Repository files navigation

Flowmeter v0.0.3

Flowmeter is a Scapy-based tool for deriving statistical features from PCAPs for data analysis and machine learning. The features are based on the java application Netflowmeter.

Installation

pip install flowmeter

Usage

A Flowmeter object is created by taking in a PCAP file as a parameter. Using the build_feature method, Flowmeter separates out the PCAP into distinct TCP and UDP flows. From there it begins analyzing the flow data to derive features useful for plotting, traffic pattern analysis, and machine learning.

from flowmeter.flowmeter import Flowmeter
import pandas as pd

feature_gen = Flowmeter("1548216696.814641.pcap")
df = feature_gen.build_feature_dataframe()

df.to_csv("1548216696.814641.csv")

Note:

The current implementaion is still in its early versions and inefficient at handling memory. We are currently beginning optimizations to reduce memory usage and provide a more stable process. Processing a large PCAP can be very MEMORY INTENSIVE. Additionally, Flowmeter does not work in jupyter notebooks due to how notebooks handle multiprocesses pooling.

Contributions

If you would like to contribute feel free to fork the repo, clone the project, submit pull requests, open issues, or request features/enhancements.

License

Flowmeter is currently licensed under the GNU GPLv2.

About

A tool for deriving statistical features from PCAP data

Topics

cybersecurity python-3

Resources

Readme

License

GPL-2.0 license
Activity

Stars

12 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages