Coder Social home page Coder Social logo

p2p_botnet_detection_ensemble_learning's Introduction

Peer to Peer Botnet Detection

This project aims to detect infected hosts and identify malicious traffic associated with botnets from network dumps captured on a machine.

Dependencies

The program is tested on Python 3.8, but it should work on versions above 3.6 as well. To install the dependencies, use the following commands:

sudo apt-get install wireshark
sudo apt-get install -y tshark
sudo apt-get install libmagic-dev
pip3 install -r requirements.txt

Structure

botnetdetect.py

This is the main program responsible for detecting botnets and training the Machine Learning model for botnet detection.

Usage

Botnet Detection

Botnet detection works on a pre-captured pcap file:

python3 botnet-detect.py <path to pcap file>

Processes pcap file to produce extracted_features.csv which contains the features extracted from the pcap

results are stored in output.txt

Analysis of more than one pcap files yet to be done, although the functionality has been written.

Train model

python3 botnet_train.py train model_name

Generates filtered csv files in filtered_data directory in current working directory All the csv files will be further collected in a training.csv

Result format

The results are stored in output.txt
If no botnet is detected, the result would be No Botnets detected in a single line Otherwise, the contents of output.txt would be

----------Detected Botnet Hosts----------
host1  
host2  
...  
host n  
----------Malicious Flows----------
source ip1:source port1 -> destination ip1:destination port1 ; protocol  
source ip2:source port2 -> destination ip2:destination port2 ; protocol  
...  
source ipn:source portn -> destination ipn:destination portn ; protocol

p2p_botnet_detection_ensemble_learning's People

Contributors

iampkumar02 avatar

Stargazers

Luv avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.