49 lines
1.6 KiB
Python
49 lines
1.6 KiB
Python
# Name:fang xiaoyu
|
||
# Time: 2023/3/10 09:17
|
||
import os
|
||
import json
|
||
import pandas as pd
|
||
from sklearn.neighbors import KNeighborsClassifier
|
||
from sklearn.model_selection import train_test_split
|
||
|
||
# 定义Tranalyzer2命令和特征提取命令
|
||
tranalyzer_cmd = "t2 -r {} -w {} -t"
|
||
feature_cmd = "t2 -r {} --bidir --tcp --protoid --statsonly --export json"
|
||
|
||
# 定义pcap文件路径和输出文件路径
|
||
pcap_file = "20230309_fxy_psiphon_operation.pcapng"
|
||
binetflow_file = "capture.binetflow"
|
||
|
||
# 转换pcap文件为binetflow格式
|
||
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
|
||
|
||
# 提取特征并保存到json文件中
|
||
os.system(feature_cmd.format(binetflow_file) + " > features.json")
|
||
|
||
# 读取json文件中的特征数据并转换为DataFrame格式
|
||
with open("features.json", "r") as f:
|
||
data = json.load(f)
|
||
df = pd.DataFrame(data)
|
||
|
||
# 将标签列转换为数值类型(0或1)
|
||
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
|
||
|
||
# 将数据集划分为训练集和测试集
|
||
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
|
||
|
||
# 创建KNN分类器对象,设置邻居数量为5
|
||
knn_model = KNeighborsClassifier(n_neighbors=5)
|
||
|
||
# 训练模型并预测测试集结果
|
||
knn_model.fit(X_train, y_train)
|
||
y_pred = knn_model.predict(X_test)
|
||
|
||
# 输出准确率和混淆矩阵等评估指标
|
||
from sklearn.metrics import accuracy_score, confusion_matrix
|
||
|
||
print("Accuracy:", accuracy_score(y_test, y_pred))
|
||
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
|
||
|
||
|
||
#$ tranalyzer2 -r sample.flow -w sample.features -t templates/plugins/ipfix-allfields.txt
|