gfwleak/grityu-model-duplication
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
1356963111b39cf9dd3b4a04e9aa1aa6c94ce0fc
grityu-model-duplication/test_5.py

233 lines
6.6 KiB
Python
Raw Normal View History

five modes duplication
2023-03-16 22:42:35 +08:00
# Name:fang xiaoyu
# Time: 2023/3/11 20:10
'''
import cicflowmeter
from scapy.all import *
import requests
#import pypcap
import scipy
cfm = cicflowmeter.CFM()
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
print(packets)
for ts, pkt in packets:
cfm.flow_handler(pkt)
result = cfm.get_result()
'''
'''
from cicflowmeter.flow import Flow
#from cicflowmeter.pcapy_reader import PcapyReader
from scapy.all import *
import csv
# 定义pcap文件路径
pcap_file = 'sample.pcap'
# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')
# 定义输出CSV文件路径
output_file = 'output.csv'
# 创建CSV文件对象并定义列名
csv_file = open(output_file, 'w', newline='')
csv_writer = csv.writer(csv_file)
csv_writer.writerow(['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start', 'timestamp_end', 'flags'])
# 循环遍历每个数据包并提取流特征并将特征写入CSV文件
for pkt in pcap:
flow = Flow(pkt, direction='B2A')
features = flow.features()
csv_writer.writerow([features['src_ip'], features['dst_ip'], features['src_port'], features['dst_port'], features['proto'], features['num_packets'], features['bytes'], features['duration'], features['timestamp_start'], features['timestamp_end'], features['flags']])
# 关闭CSV文件
csv_file.close()
'''
from datetime import datetime
from pathlib import Path
from cicflowmeter.flow import Flow
#from cicflowmeter.reader import Reader
from scapy.all import *
import csv
# 设置输入文件路径
# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')
# 设置输出文件路径
output_file_path = "output.csv"
# 创建CSV输出文件
with open(output_file_path, mode='w', newline='') as output_file:
writer = csv.writer(output_file)
# 写入标题行
writer.writerow(
['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start',
'timestamp_end', 'flags'])
# 打开pcap文件并逐个处理数据包
#with Reader(input_file_path) as reader:
for pkt in pcap:
# 仅处理IP数据包
if pkt.haslayer('IP'):
# 创建Flow对象
flow = Flow(pkt,direction='B2A')
# 获取特征值列表
feature_values = flow.get_features()
# 将特征值列表写入CSV文件
writer.writerow(feature_values)
'''
from scapy.all import *
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 定义字典存储特征
features = {}
# 统计每个协议的数据包数量
protocols = {}
for pkt in packets:
if pkt.haslayer(IP):
protocol = pkt[IP].proto
if protocol not in protocols:
protocols[protocol] = 0
protocols[protocol] += 1
for p in protocols:
features['protocol_{}'.format(p)] = protocols[p]
# 统计每个源IP地址的数据包数量和大小
src_ips = {}
for pkt in packets:
if pkt.haslayer(IP):
src_ip = pkt[IP].src
if src_ip not in src_ips:
src_ips[src_ip] = {'count': 0, 'size': 0}
src_ips[src_ip]['count'] += 1
src_ips[src_ip]['size'] += len(pkt)
for ip in src_ips:
features['src_ip_{}_count'.format(ip)] = src_ips[ip]['count']
features['src_ip_{}_size'.format(ip)] = src_ips[ip]['size']
# 统计每个目的IP地址的数据包数量和大小
dst_ips = {}
for pkt in packets:
if pkt.haslayer(IP):
dst_ip = pkt[IP].dst
if dst_ip not in dst_ips:
dst_ips[dst_ip] = {'count': 0, 'size': 0}
dst_ips[dst_ip]['count'] += 1
dst_ips[dst_ip]['size'] += len(pkt)
for ip in dst_ips:
features['dst_ip_{}_count'.format(ip)] = dst_ips[ip]['count']
features['dst_ip_{}_size'.format(ip)] = dst_ips[ip]['size']
# 输出特征
print(features)
'''
'''
from scapy.all import *
# 读取pcap文件
pcap = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 遍历数据包,提取流量特征
for pkt in pcap:
# 数据包大小
pkt_size = len(pkt)
# IP地址
if IP in pkt:
src_ip = pkt[IP].src
dst_ip = pkt[IP].dst
# 协议类型
if TCP in pkt:
protocol = 'TCP'
elif UDP in pkt:
protocol = 'UDP'
elif ICMP in pkt:
protocol = 'ICMP'
else:
protocol = 'Other'
# 端口号
if TCP in pkt:
src_port = pkt[TCP].sport
dst_port = pkt[TCP].dport
elif UDP in pkt:
src_port = pkt[UDP].sport
dst_port = pkt[UDP].dport
else:
src_port = 0
dst_port = 0
# 输出流量特征
print(
'Packet Size: {}, Source IP: {}, Destination IP: {}, Protocol: {}, Source Port: {}, Destination Port: {}'.format(
pkt_size, src_ip, dst_ip, protocol, src_port, dst_port))
'''
'''
from scapy.all import *
import collections
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 计算数据包总数
total_packets = len(packets)
print("Total packets:", total_packets)
# 计算不同协议类型的数据包数量
protocols = collections.Counter([packet[IP].proto for packet in packets])
print("Protocol counts:", protocols)
# 查找源IP地址和目的IP地址
for packet in packets:
if IP in packet:
src_ip = packet[IP].src
dst_ip = packet[IP].dst
print("Source IP:", src_ip)
print("Destination IP:", dst_ip)
# 查找源MAC地址和目的MAC地址
for packet in packets:
if Ether in packet:
src_mac = packet[Ether].src
dst_mac = packet[Ether].dst
print("Source MAC:", src_mac)
print("Destination MAC:", dst_mac)
# 查找源端口号和目的端口号
for packet in packets:
if TCP in packet:
src_port = packet[TCP].sport
dst_port = packet[TCP].dport
print("Source port:", src_port)
print("Destination port:", dst_port)
# 计算数据包的平均大小
total_size = sum(len(packet) for packet in packets)
avg_size = total_size / total_packets
print("Average packet size:", avg_size)
# 查找HTTP请求
for packet in packets:
if TCP in packet and packet[TCP].dport == 80 and packet.haslayer(Raw):
http_request = packet[Raw].load.decode()
print("HTTP request:", http_request)
'''
import flowcontainer
import cicflowmeter
Reference in New Issue Copy Permalink