In [1]:
import sys, os
sys.path.append(os.path.abspath('../'))

In [2]:
from src.utils.flow import *
from src.utils.flow_calculations import *
from src.utils.restoration import *
from src.utils.truncated_packet import *
from src.operations.size_perturbation_logic import *
from src.operations.timing_perturbation_logic import *
from src.operations.calculate_fitness import *

In [3]:
from scapy.all import rdpcap, wrpcap
import os

def filter_all_pcap_in_directory(directory, packet_count):
    # Check if the directory exists
    if not os.path.isdir(directory):
        raise NotADirectoryError("The specified directory does not exist.")
    
    # Create a subdirectory for filtered files
    filtered_dir = os.path.join(directory, "../filtered")
    if not os.path.exists(filtered_dir):
        os.makedirs(filtered_dir)
    
    # List all pcap files in the directory
    pcap_files = [f for f in os.listdir(directory) if f.endswith('.pcap')]
    
    # Process each pcap file
    for file in pcap_files:
        file_path = os.path.join(directory, file)
        packets = rdpcap(file_path, count=packet_count)
        new_file_name = os.path.splitext(file)[0] + ".pcap"
        new_file_path = os.path.join(filtered_dir, new_file_name)
        
        # Save the filtered packets to the new file
        wrpcap(new_file_path, packets)
        print(f"Saved {len(packets)} packets to the file {new_file_path}.")

In [4]:
filter_all_pcap_in_directory("../data/raw/raw", 5000)


Saved 5000 packets to the file ../data/raw/raw/../filtered/testing_medium.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110811-neris.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110812-rbot.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110815-fast-flux-2.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110815-fast-flux.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110816-sogou.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110816-qvod.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110819-bot.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110817-bot.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/botnet-capture-20110818-bot-2.pcap.
Saved 5000 packets to the file ../data/raw/raw/../filtered/bo

In [5]:
from collections import Counter

def analyze_directory(directory):
    for filename in os.listdir(directory):
        if filename.endswith('.pcap'):
            file_path = os.path.join(directory, filename)
            print(f"Processing: {file_path}")
            
            truncated_packets = create_truncated_packets_from_pcap(file_path)
            print(f"Total packets loaded: {len(truncated_packets)}")
            
            truncated_packets = assign_flow_ids_to_packets(truncated_packets)
            flow_counts = Counter(packet.flow_id for packet in truncated_packets if hasattr(packet, 'flow_id'))
            
            print(f"Total flows identified: {len(flow_counts)}")
            #for flow_id, count in sorted(flow_counts.items(), key=lambda x: x[1], reverse=True):
                #print(f"Flow ID: {flow_id}, Number of Packets: {count}")



In [6]:
analyze_directory("../data/raw/filtered")

Processing: ../data/raw/filtered/testing_medium.pcap
Total packets loaded: 4955
hash groups: 593
Total flows identified: 616
Processing: ../data/raw/filtered/botnet-capture-20110811-neris.pcap
Total packets loaded: 4955
hash groups: 593
Total flows identified: 616
Processing: ../data/raw/filtered/botnet-capture-20110812-rbot.pcap
Total packets loaded: 4958
hash groups: 449
Total flows identified: 872
Processing: ../data/raw/filtered/botnet-capture-20110815-fast-flux-2.pcap
Total packets loaded: 4973
hash groups: 366
Total flows identified: 408
Processing: ../data/raw/filtered/botnet-capture-20110815-fast-flux.pcap
Total packets loaded: 4968
hash groups: 139
Total flows identified: 216
Processing: ../data/raw/filtered/botnet-capture-20110816-sogou.pcap
Total packets loaded: 4997
hash groups: 35
Total flows identified: 50
Processing: ../data/raw/filtered/botnet-capture-20110816-qvod.pcap
Total packets loaded: 4943
hash groups: 57
Total flows identified: 83
Processing: ../data/raw/filtere