A tool for deriving statistical features from pcap data.
Project description
PRC Flowmeter v0.2.4
Flowmeter is a Scapy-based tool for deriving statistical features from PCAPs for data analysis and machine learning. The features are based on the java application CICFlowmeter
Based heavily on this flowmeter app
Usage
A Flowmeter object is created with up to three parameters:
- offline (str) - filename of a pcap file; if none provided, streams from available ports (requires run as admin in linux-based environments.)
- outfunc (function) - a csv rendition of the metered flows will be sent to this function as they are created. If none provided, will default to print().
- outfile (str) - filename to store csv flow output. If none is provided, results are not stored.
Building off of scapy Sessions, Flowmeter separates packet streams into distinct network communication 'flows', which are identified simply as communications between two endpoints (ip:port) on a given protocol within a period of time. From there it begins analyzing the flow data to derive features useful for plotting, traffic pattern analysis, and machine learning.
from flowmeter import Flowmeter
feature_gen = Flowmeter(
offline = "input.pcap",
outfunc = None,
outfile = "output.csv")
feature_gen.run()
Contributions
If you would like to contribute feel free to fork the repo, clone the project, submit pull requests, open issues, or request features/enhancements.
License
PRCFlowmeter is currently licensed under the GNU GPLv2.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for prc_flowmeter-0.2.4-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4667f20ccf7cad20f05e1d76f818a703c9067c86ef98c805d97e7e7ac1846936 |
|
| MD5 | ac12e4a326b6f7b4cf5eb698a990bc95 |
|
| BLAKE2b-256 | 40ca3f161cb58c855a9e2c461c7cb0810f253e2129441f4aa35040a966bc938f |
