In [3]:
import sys, os
sys.path.append(os.path.abspath('../'))

In [9]:
from src.utils.flow import *
from src.utils.flow_calculations import *
from src.utils.restoration import *
from src.utils.truncated_packet import *
from src.operations.size_perturbation_logic import *
from src.operations.timing_perturbation_logic import *
from src.operations.calculate_fitness import *

In [1]:
from scapy.all import rdpcap, wrpcap
import os

def filter_all_pcap_in_directory(directory, packet_count):
    # Check if the directory exists
    if not os.path.isdir(directory):
        raise NotADirectoryError("The specified directory does not exist.")
    
    # Create a subdirectory for filtered files
    filtered_dir = os.path.join(directory, "filtered")
    if not os.path.exists(filtered_dir):
        os.makedirs(filtered_dir)
    
    # List all pcap files in the directory
    pcap_files = [f for f in os.listdir(directory) if f.endswith('.pcap')]
    
    # Process each pcap file
    for file in pcap_files:
        file_path = os.path.join(directory, file)
        packets = rdpcap(file_path, count=packet_count)
        new_file_name = os.path.splitext(file)[0] + "_filtered.pcap"
        new_file_path = os.path.join(filtered_dir, new_file_name)
        
        # Save the filtered packets to the new file
        wrpcap(new_file_path, packets)
        print(f"Saved {len(packets)} packets to the file {new_file_path}.")

In [17]:
filter_all_pcap_in_directory("../data/raw", 2500)


Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110811-neris_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110812-rbot_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110815-fast-flux-2_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110815-fast-flux_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110816-sogou_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110816-qvod_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110815-rbot-dos_filtered.pcap.
Saved 2500 packets to the file ../data/raw/filtered/botnet-capture-20110816-donbot_filtered.pcap.


In [13]:
def analyze_directory(directory):
    for filename in os.listdir(directory):
        if filename.endswith('.pcap'):
            file_path = os.path.join(directory, filename)
            print(f"Processing: {file_path}")
            
            truncated_packets = create_truncated_packets_from_pcap(file_path)
            print(f"Total packets loaded: {len(truncated_packets)}")
            
            truncated_packets = assign_flow_ids_to_packets(truncated_packets)
            flow_counts = Counter(packet.flow_id for packet in truncated_packets if hasattr(packet, 'flow_id'))
            
            print(f"Total flows identified: {len(flow_counts)}")
            #for flow_id, count in sorted(flow_counts.items(), key=lambda x: x[1], reverse=True):
                #print(f"Flow ID: {flow_id}, Number of Packets: {count}")



In [18]:
analyze_directory("../data/raw/filtered")

Processing: ../data/raw/filtered/botnet-capture-20110816-qvod_filtered.pcap
Total packets loaded: 2455
hash groups: 48
Total flows identified: 68
Processing: ../data/raw/filtered/botnet-capture-20110811-neris_filtered.pcap
Total packets loaded: 2459
hash groups: 71
Total flows identified: 72
Processing: ../data/raw/filtered/botnet-capture-20110815-rbot-dos_filtered.pcap
Total packets loaded: 1403
hash groups: 85
Total flows identified: 87
Processing: ../data/raw/filtered/botnet-capture-20110815-fast-flux-2_filtered.pcap
Total packets loaded: 2479
hash groups: 217
Total flows identified: 243
Processing: ../data/raw/filtered/botnet-capture-20110812-rbot_filtered.pcap
Total packets loaded: 2470
hash groups: 221
Total flows identified: 421
Processing: ../data/raw/filtered/botnet-capture-20110816-sogou_filtered.pcap
Total packets loaded: 2497
hash groups: 35
Total flows identified: 49
Processing: ../data/raw/filtered/botnet-capture-20110815-fast-flux_filtered.pcap
Total packets loaded: 2468