def print_results(ppackets, predicted):
new_predicted = []
for n, i in enumerate(predicted):
if i == 1:
new_predicted.append("Wikipedia")
elif i == 2:
new_predicted.append("Youtube")
elif i == 3:
new_predicted.append("WeatherChannel")
elif i == 4:
new_predicted.append("GoogleNews")
elif i == 5:
new_predicted.append("FruitNinja")
burst = Burst(ppackets[0])
i = 0
for ppacket in ppackets[1:]:
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
for flow in burst.flows:
flow.label = new_predicted[i]
i += 1
burst.pretty_print()
burst.clean_me()
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
def parse_live(model):
first_ppacket = True
live_cap = pyshark.LiveCapture(interface="eth1")
iterate = live_cap.sniff_continuously
for packet in iterate():
ppacket = parse_packet(packet, "Unknown")
if ppacket is not None:
if first_ppacket == True:
burst = Burst(ppacket)
test_features_non = np.array([]).reshape(0, 3)
test_labels_non = np.array([]).reshape(0, 1)
first_ppacket = False
else:
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
t_non, tl_non = burst.get_data()
if t_non is not None:
test_features_non = np.vstack(
[test_features_non, t_non])
test_labels_non = np.vstack([test_labels_non, tl_non])
predicted_non, score_non = predict(
model, test_features_non.astype("float"),
test_labels_non.astype("float"))
print_results(burst.ppackets, predicted_non)
burst.clean_me()
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
def main():
parser = argparse.ArgumentParser(description="classify flows")
parser.add_argument("-t", "--training", help="the training data, CSV")
parser.add_argument("-e", "--testing", help="the testing data, PCAP")
parser.add_argument("-l",
"--live",
action="store_true",
default=False,
help="flag to do live capturing and classification")
args = parser.parse_args()
train_features, train_labels = export_data(args.training)
for n, i in enumerate(train_labels):
if i == "Wikipedia":
train_labels[n] = 1
elif i == "Youtube":
train_labels[n] = 2
elif i == "WeatherChannel":
train_labels[n] = 3
elif i == "GoogleNews":
train_labels[n] = 4
elif i == "FruitNinja":
train_labels[n] = 5
gen = 0
if not args.live:
if os.path.dirname(args.testing).replace("Samples/",
"").replace("/", "") in [
"Wikipedia", "Youtube",
"WeatherChannel",
"GoogleNews", "FruitNinja"
]:
gen_label = os.path.dirname(args.testing).replace("/", "").replace(
"Samples", "")
if gen_label == "Wikipedia":
gen = 1
elif gen_label == "Youtube":
gen = 2
elif gen_label == "WeatherChannel":
gen = 3
elif gen_label == "GoogleNews":
gen = 4
elif gen_label == "FruitNinja":
gen = 5
else:
gen = 0
ppackets = parse_file(args.testing, gen)
burst = Burst(ppackets[0])
test_features_non = np.array([]).reshape(0, 3)
test_labels_non = np.array([]).reshape(0, 1)
for ppacket in ppackets[1:]:
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
t_non, tl_non = burst.get_data()
if t_non is not None:
test_features_non = np.vstack([test_features_non, t_non])
test_labels_non = np.vstack([test_labels_non, tl_non])
burst.clean_me()
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
model = train_model_tree(train_features.astype("float"),
train_labels.astype("float"))
predicted_non, score_non = predict(model,
test_features_non.astype("float"),
test_labels_non.astype("float"))
print_results(ppackets, predicted_non)
else:
model = train_model_tree(train_features.astype("float"),
train_labels.astype("float"))
parse_live(model)
def main():
parser = argparse.ArgumentParser(description="classify flows")
parser.add_argument("-t", "--training", help="the training data, CSV")
parser.add_argument("-e", "--testing", help="the testing data, PCAP")
args = parser.parse_args()
train_features, train_labels = export_data(args.training)
for n, i in enumerate(train_labels):
if i == "Wikipedia":
train_labels[n] = 1
elif i == "Youtube":
train_labels[n] = 2
elif i == "WeatherChannel":
train_labels[n] = 3
elif i == "GoogleNews":
train_labels[n] = 4
elif i == "FruitNinja":
train_labels[n] = 5
gen = 0
if os.path.dirname(args.testing).replace("Samples/",
"").replace("/", "") in [
"Wikipedia", "Youtube",
"WeatherChannel",
"GoogleNews", "FruitNinja"
]:
gen_label = os.path.dirname(args.testing).replace("/", "").replace(
"Samples", "")
if gen_label == "Wikipedia":
gen = 1
elif gen_label == "Youtube":
gen = 2
elif gen_label == "WeatherChannel":
gen = 3
elif gen_label == "GoogleNews":
gen = 4
elif gen_label == "FruitNinja":
gen = 5
else:
gen = 0
ppackets = parse_file(args.testing, gen)
burst = Burst(ppackets[0])
csv_file = open("giventraffic.csv", "wb")
writer = csv.writer(csv_file, delimiter=',')
test_features_non = np.array([]).reshape(0, 3)
test_labels_non = np.array([]).reshape(0, 1)
for ppacket in ppackets[1:]:
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
burst.write_to_csv(writer)
t_non, tl_non = burst.get_data()
test_features_non = np.vstack([test_features_non, t_non])
test_labels_non = np.vstack([test_labels_non, tl_non])
burst.clean_me()
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
csv_file.close()
test_features, test_labels = export_data("giventraffic.csv")
model = train_model_tree(train_features.astype("float"),
train_labels.astype("float"))
predicted, score = predict(model, test_features.astype("float"),
test_labels.astype("float"))
# predicted_non, score_non = predict(model, test_features_non.astype("float"), test_labels_non.astype("float"))
print_results(ppackets, predicted)
def main():
parser = argparse.ArgumentParser(description="parse pcap files")
parser.add_argument("-l",
"--liveparse",
action="store_true",
help="live parse packets")
parser.add_argument("-f", "--file", help="the file to parse")
parser.add_argument("-d",
"--directory",
help="the directory of files to parse")
args = parser.parse_args()
csv_file = open("traffic.csv", "wb")
writer = csv.writer(csv_file, delimiter=',')
# see the google doc for the csv rows
if args.liveparse:
parse_live(writer)
elif args.file is not None:
if not os.path.exists(args.file):
logging.error("input a valid file to be parsed")
exit()
ppackets = parse_file(
args.file,
os.path.dirname(args.file).replace("Samples/", ""))
burst = Burst(ppackets[0])
for ppacket in ppackets[1:]:
# print ppacket.timestamp
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
burst.pretty_print()
burst.write_to_csv(writer)
burst.clean_me()
# del burst.flows
burst = copy.deepcopy([])
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
csv_file.close()
else:
for dirname, subdirlist, filelist in os.walk(args.directory):
for file in filelist:
ppackets = parse_file(os.path.join(dirname, file),
dirname.replace("Samples/", ""))
print dirname.replace("Samples/", "")
burst = Burst(ppackets[0])
for ppacket in ppackets[1:]:
# print ppacket.timestamp
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
burst.pretty_print()
burst.write_to_csv(writer)
burst.clean_me()
# del burst.flows
burst = copy.deepcopy([])
burst = Burst(ppacket)
else:
burst.add_ppacket(ppacket)
csv_file.close()
def parse_live(writer):
first_ppacket = True
live_cap = pyshark.LiveCapture(interface="eth1")
iterate = live_cap.sniff_continuously
for packet in iterate():
ppacket = parse_packet(packet)
if ppacket is not None:
if first_ppacket == True:
burst = Burst(ppacket)
first_ppacket = False
else:
if ppacket.timestamp >= burst.timestamp_lastrecvppacket + 1.0:
burst.pretty_print()
burst.write_to_csv(writer)
burst.clean_me()
burst = Burst(ppacket)
else:
burst.write_to_csv(ppacket)