Ask Your Question
0

Is there any possibilities to extract pcap files to get 5 tuples then change it into txt file for Statistical Machine Learning?

asked 2018-12-15 15:59:03 +0000

bobabaw gravatar image

updated 2018-12-16 05:09:45 +0000

Hello,

For introduction I'm a newbie here and need some lead of you guys.

Okay, i would like to ask if there's any possibilities for me to do statistical machine learning on WEKA by extracting the pcap files format to get the 5 tuples using wireshark?

I want to do the classification of traffic network using supervised data and statistical machine learning method but get stuck on getting the 5 tuples of the whole pcap files.

Thank you so much, much appreciated!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2018-12-15 21:20:55 +0000

grahamb gravatar image

updated 2018-12-16 16:10:44 +0000

Use tshark and the -T fields option to extract the 5-tuple, i.e.

tshark -r your.pcap -T fields -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2018-12-15 15:59:03 +0000

Seen: 1,153 times

Last updated: Dec 16 '18