In [None]:
from scapy.all import *
import os
from sklearn.ensemble import RandomForestClassifier
from sklearn.metrics import confusion_matrix, accuracy_score, precision_score, recall_score, f1_score
from sklearn.model_selection import train_test_split

# Read and parse malware dataset
malware_dir = 'C:/Users/14802/Desktop/Mal'
malware_data = []
for file in os.listdir(malware_dir):
    if file.endswith('.pcap'):
        file_path = os.path.join(malware_dir, file)
        try:
            packets = rdpcap(file_path)
            malware_data.extend([(packet,1) for packet in packets])
        except:
            print(f"Error reading file {file}")

# Read and parse benign network traffic dataset
traffic_path = 'C:/Users/14802/Desktop/Traffic/traffic.pcapng'
try:
    packets = rdpcap(traffic_path)
    print(f"File {traffic_path} has {len(packets)} packets")
    malware_data.extend([(packet,0) for packet in packets])
except:
    print(f"Error reading file {traffic_path}")

# Split into training and testing set
train_data, test_data = train_test_split(malware_data, test_size=0.2, random_state=42)

# Extract features from the packets
def extract_features(packet):
    # Implement your feature extraction logic here
    return []

# Extract features and labels from the training and testing data
X_train = [extract_features(packet) for packet,_ in train_data]
y_train = [label for _,label in train_data]
X_test = [extract_features(packet) for packet,_ in test_data]
y_test = [label for _,label in test_data]

# Train a random forest classifier
rf = RandomForestClassifier(n_estimators=100, random_state=42)
rf.fit(X_train, y_train)

# Test the accuracy of the model on the test set
y_pred = rf.predict(X_test)
conf_matrix = confusion_matrix(y_test, y_pred)
accuracy = accuracy_score(y_test, y_pred)
precision = precision_score(y_test, y_pred)
recall = recall_score(y_test, y_pred)
f1 = f1_score(y_test, y_pred)

print("Confusion Matrix:", conf_matrix)
print("Accuracy:", accuracy)
print("Precision:", precision)
print("Recall:", recall)
print("F1 Score:", f1)