grityu-model-duplication/test_5.py

# Name:fang xiaoyu
# Time: 2023/3/11 20:10
'''
import cicflowmeter
from scapy.all import *
import requests
#import pypcap
import scipy

cfm = cicflowmeter.CFM()
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')

print(packets)
for ts, pkt in packets:
    cfm.flow_handler(pkt)

result = cfm.get_result()
'''

'''
from cicflowmeter.flow import Flow
#from cicflowmeter.pcapy_reader import PcapyReader
from scapy.all import *
import csv

# 定义pcap文件路径
pcap_file = 'sample.pcap'

# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')

# 定义输出CSV文件路径
output_file = 'output.csv'

# 创建CSV文件对象并定义列名
csv_file = open(output_file, 'w', newline='')
csv_writer = csv.writer(csv_file)
csv_writer.writerow(['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start', 'timestamp_end', 'flags'])

# 循环遍历每个数据包，并提取流特征，并将特征写入CSV文件
for pkt in pcap:
    flow = Flow(pkt, direction='B2A')
    features = flow.features()
    csv_writer.writerow([features['src_ip'], features['dst_ip'], features['src_port'], features['dst_port'], features['proto'], features['num_packets'], features['bytes'], features['duration'], features['timestamp_start'], features['timestamp_end'], features['flags']])

# 关闭CSV文件
csv_file.close()
'''

from datetime import datetime
from pathlib import Path

from cicflowmeter.flow import Flow
#from cicflowmeter.reader import Reader
from scapy.all import *
import csv

# 设置输入文件路径
# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')

# 设置输出文件路径
output_file_path = "output.csv"

# 创建CSV输出文件
with open(output_file_path, mode='w', newline='') as output_file:
    writer = csv.writer(output_file)

    # 写入标题行
    writer.writerow(
        ['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start',
         'timestamp_end', 'flags'])

    # 打开pcap文件并逐个处理数据包
#with Reader(input_file_path) as reader:
for pkt in pcap:
            # 仅处理IP数据包
    if pkt.haslayer('IP'):
                # 创建Flow对象
        flow = Flow(pkt,direction='B2A')

                # 获取特征值列表
        feature_values = flow.get_features()

                # 将特征值列表写入CSV文件
        writer.writerow(feature_values)

'''
from scapy.all import *

# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')

# 定义字典存储特征
features = {}

# 统计每个协议的数据包数量
protocols = {}
for pkt in packets:
    if pkt.haslayer(IP):
        protocol = pkt[IP].proto
        if protocol not in protocols:
            protocols[protocol] = 0
        protocols[protocol] += 1
for p in protocols:
    features['protocol_{}'.format(p)] = protocols[p]

# 统计每个源IP地址的数据包数量和大小
src_ips = {}
for pkt in packets:
    if pkt.haslayer(IP):
        src_ip = pkt[IP].src
        if src_ip not in src_ips:
            src_ips[src_ip] = {'count': 0, 'size': 0}
        src_ips[src_ip]['count'] += 1
        src_ips[src_ip]['size'] += len(pkt)
for ip in src_ips:
    features['src_ip_{}_count'.format(ip)] = src_ips[ip]['count']
    features['src_ip_{}_size'.format(ip)] = src_ips[ip]['size']

# 统计每个目的IP地址的数据包数量和大小
dst_ips = {}
for pkt in packets:
    if pkt.haslayer(IP):
        dst_ip = pkt[IP].dst
        if dst_ip not in dst_ips:
            dst_ips[dst_ip] = {'count': 0, 'size': 0}
        dst_ips[dst_ip]['count'] += 1
        dst_ips[dst_ip]['size'] += len(pkt)
for ip in dst_ips:
    features['dst_ip_{}_count'.format(ip)] = dst_ips[ip]['count']
    features['dst_ip_{}_size'.format(ip)] = dst_ips[ip]['size']

# 输出特征
print(features)
'''

'''
from scapy.all import *

# 读取pcap文件
pcap = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')

# 遍历数据包，提取流量特征
for pkt in pcap:
    # 数据包大小
    pkt_size = len(pkt)

    # IP地址
    if IP in pkt:
        src_ip = pkt[IP].src
        dst_ip = pkt[IP].dst

    # 协议类型
    if TCP in pkt:
        protocol = 'TCP'
    elif UDP in pkt:
        protocol = 'UDP'
    elif ICMP in pkt:
        protocol = 'ICMP'
    else:
        protocol = 'Other'

    # 端口号
    if TCP in pkt:
        src_port = pkt[TCP].sport
        dst_port = pkt[TCP].dport
    elif UDP in pkt:
        src_port = pkt[UDP].sport
        dst_port = pkt[UDP].dport
    else:
        src_port = 0
        dst_port = 0

    # 输出流量特征
    print(
        'Packet Size: {}, Source IP: {}, Destination IP: {}, Protocol: {}, Source Port: {}, Destination Port: {}'.format(
            pkt_size, src_ip, dst_ip, protocol, src_port, dst_port))
'''

'''
from scapy.all import *
import collections

# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')

# 计算数据包总数
total_packets = len(packets)
print("Total packets:", total_packets)

# 计算不同协议类型的数据包数量
protocols = collections.Counter([packet[IP].proto for packet in packets])
print("Protocol counts:", protocols)

# 查找源IP地址和目的IP地址
for packet in packets:
    if IP in packet:
        src_ip = packet[IP].src
        dst_ip = packet[IP].dst
        print("Source IP:", src_ip)
        print("Destination IP:", dst_ip)

# 查找源MAC地址和目的MAC地址
for packet in packets:
    if Ether in packet:
        src_mac = packet[Ether].src
        dst_mac = packet[Ether].dst
        print("Source MAC:", src_mac)
        print("Destination MAC:", dst_mac)

# 查找源端口号和目的端口号
for packet in packets:
    if TCP in packet:
        src_port = packet[TCP].sport
        dst_port = packet[TCP].dport
        print("Source port:", src_port)
        print("Destination port:", dst_port)

# 计算数据包的平均大小
total_size = sum(len(packet) for packet in packets)
avg_size = total_size / total_packets
print("Average packet size:", avg_size)

# 查找HTTP请求
for packet in packets:
    if TCP in packet and packet[TCP].dport == 80 and packet.haslayer(Raw):
        http_request = packet[Raw].load.decode()
        print("HTTP request:", http_request)
'''
import  flowcontainer
import cicflowmeter