代码拉取完成,页面将自动刷新
import os
import time
import pandas as pd
import numpy as np
import joblib
import threading
import re
from scapy.all import *
features=['Bwd PSH Flags','Bwd IAT Mean','PSH Flag Cnt','Bwd IAT Max','Flow IAT Min','Bwd Pkt Len Max',
'Fwd IAT Mean','Bwd IAT Tot','Bwd IAT Std','Bwd Header Len','Subflow Bwd Byts','TotLen Bwd Pkts',
'Pkt Len Var','Flow IAT Std','Pkt Len Std','Pkt Len Min','Pkt Len Mean','Fwd IAT Max','Pkt Size Avg',
'Active Min','Bwd IAT Min','Init Bwd Win Byts','Active Std','Fwd Act Data Pkts','Idle Mean','Idle Max']
match_str='\"method\" ?: ?\"(mining\.authorize|mining\.get_transactions' \
'|mining\.subscribe|mining\.submit|getblocktemplate|submitblock' \
'|authorize|get_transactions|subscribe|submit|mining\.notify|mining\.set_difficulty' \
'|notify|set_difficulty)\"'
model_cart = joblib.load('cart.dat')
model_id3 = joblib.load('id3.dat')
def os_cmd(i):
cmd_tshark='sudo tshark -i eno2np1 -a duration:600 -f "net 10.201.0.0/16" -F pcap -w number'+str(i)+'.pcap'
print(cmd_tshark)
os.system(cmd_tshark)
cmd_cic='cd /home/test1/CICFlowMeter-4.0/bin && ./cfm '+'data/number'+str(i)+'.pcap'+' data/csv/'
print(cmd_cic)
os.system(cmd_cic)
testdf='/home/test1/CICFlowMeter-4.0/bin/data/csv/number'+str(i)+'.pcap'+'_Flow.csv'
print(testdf)
df=pd.read_csv(testdf)
nan_list = df.isnull().sum().tolist() # 把每一列的空值个数加起来
print(nan_list)
print(sum(nan_list))
# 无穷值排查
inf_list = np.isinf(df.drop(['Flow ID', 'Src IP', 'Dst IP', 'Timestamp','Label'], axis=1)).sum().tolist() # 把每一列的无穷值个数加起来
print(inf_list)
print(sum(inf_list))
# 删除空行,无穷值
df = df.replace([np.inf, -np.inf], np.nan).dropna(axis=0)
inf_list = np.isinf(df.drop(['Flow ID', 'Src IP', 'Dst IP', 'Timestamp','Label'], axis=1)).sum().tolist()
print(sum(inf_list))
X_test = df[features]
Y_cart = model_cart.predict(X_test)
Y_id3 = model_id3.predict(X_test)
Y = []
for a in range(0, X_test.shape[0]):
if Y_id3[a] == 0 or Y_cart[a] == 0:
Y.append(0)
else:
Y.append(Y_cart[a])
flowID=[]
rule=''
for a in range(0,X_test.shape[0]):
if Y[a] == 1:
flowID.append(df['Flow ID'][a])
mark=df.iloc[a:a+1,:]
mark.to_csv('result.csv',mode='a')
# filename='selection'+str(i)+'.txt'
# f=open(filename,'w')
# f.write(str(flowID))
# f.close()
# print(filename)
for a in flowID:
mark=a.split('-')
rule=rule+'(ip.addr=='+mark[0]+' && ip.addr=='+mark[1]+' && tcp.port=='+mark[2]+' && tcp.port=='+mark[3]+') || '
if flowID:
rule = rule[:-4]
cmd_select = 'sudo tshark -r number' + str(i) + '.pcap' + ' -Y' + ' "' + rule + '"' + ' -w' + ' selection' + str(i) + '.pcap'
print(cmd_select)
os.system(cmd_select)
pkts_name='selection'+str(i)+'.pcap'
new_name='detection'+str(i)+'.pcap'
pkts=rdpcap(pkts_name)
for pkt in pkts.res:
pkt_load = pkt.getlayer('Raw')
if re.search(match_str, str(pkt_load)):
rename_cmd='mv '+pkts_name+' '+new_name
os.system(rename_cmd)
break
cmd_delpcap = 'sudo rm number' + str(i) + '.pcap'
print(cmd_delpcap)
os.system(cmd_delpcap)
cmd_delcsv = 'sudo rm csv/number' + str(i) + '.pcap' + '_Flow.csv'
print(cmd_delcsv)
os.system(cmd_delcsv)
i=1
while True:
th=threading.Thread(target=os_cmd,args=(i,))
th.start()
i=i+1
time.sleep(180)
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手
