0
votes

I am doing a project in machine learning course on internet traffic classification. I have downloaded the trace file (in pcap format) from http://wand.net.nz/wits/. Now, I want to do supervised classification of the same data set and classify traffic as FTP, Mail, HTTP etc.

All this traffic classifcation I want to do in Matlab and use Naive Bayes classifier for the same. Now, I am stuck - how should I procees this pcap file in Matlab and obtain the class variables (like FTP, Mail, HTTP) in training phase.

Problems facing:

  1. Unable to convert this pcap file into human readable format like CSV.
  2. I open the pcap file in Wireshark and I am able to identify the traces, but how should I save it in a format so that Matlab can Process it.

Any help will be greatly appreciated.

1

1 Answers

1
votes

It appears that you need to pre-process the data into a format that your models can better handle.

I have used a Library for C# before called Pcap.Net. This can allow you to read offline PCAP Files and then acquire and process the data you need for your Matlab models.

A tutorial for reading an offline PCAP File can be found here. From there, you can get the segments of the packets that you need and format them according to the model that you are designing.

Hope this helps!