Skip to content

DefenceTechSecurity/NetFlowMeter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
NetFlowMeter.Cli
NetFlowMeter.Cli
 
 
NetFlowMeter
NetFlowMeter
 
 
LICENSE
LICENSE
 
 
NetFlowMeter.sln
NetFlowMeter.sln
 
 
README.md
README.md
 
 

Repository files navigation

NetFlowMeter

NetFlowMeter is a cross-platform C# library and command line tool for analyzing network traffic from PCAP files. It extracts flow metadata and metrics from network packets for use in machine learning scenarios.

Features

This project is based on the popular CICFlowMeter tool but it was rewritten from the ground up to improve performances and have a cleaner codebase for future development.

The major highlights of this initial release are:

  • High Performance: The library can process large PCAP files one order of magnitude faster than CICFlowMeter on commodity hardware.
  • Reduced memory usage: In the average case, the memory usage is reduced by 75% compared to CICFlowMeter with the same input PCAP file. With some optional optimizations, the memory usage can be reduced even further.
  • Output compatibility: The goal of this initial release is to be a drop-in replacement for CICFlowMeter, as such we focused on maintaining the exact same logic when calculating flow metrics to guarantee the same output as CICFlowMeter.

In the future we plan to break the compatibility with CICFlowMeter to improve the performance and memory usage even further, as well as to add new features and fix multiple bugs that we identified in metrics calculation.

Usage

For manual operation we provide the command line tool NetFlowMeter.Cli which can be used to process PCAP files and output the flow metrics in CSV format. The only requirement is the .NET 8.0 runtime, all operating systems compatible with it should be able to run NetFlowMeter.

Minimal usage example:

dotnet NetFlowMeter.Cli.dll /path/to/your.pcap /path/to/output.csv

This will process the PCAP file located at /path/to/your.pcap and output the flow metrics to /path/to/output.csv.

For more options and configuration, you can run the command with the --help flag:

dotnet NetFlowMeter.Cli.dll --help

Development and Building

Building the project requires .NET 8.0 SDK without any additional configuration. You can build the project using the following command:

dotnet build

For development we recommend either Visual Studio or Visual Studio Code with the C# extension installed. The repository is structured as a solution with multiple projects, including the main library and the command line tool.

License

This project is licensed under the MIT License. See the LICENSE file for the full text.

About

A C# reimplementation of CICFlowMeter with focus on speed and correctness

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

Version 1.0 Latest
Oct 14, 2025

Packages

No packages published

Languages