Closed lisa-lthorrold closed 5 months ago
I'm implementing this project to c++ and I just found the same issue with you. I also noticed that the 6 features you listed have been set to 0 in the released cicids2017.
Hi, We are pleased to announce that the first version of the Network and Transportation Layers Flow Analyzer (NTLFlowLyzer) is now available as part of the Understanding Cybersecurity Series (UCS) knowledge mobilization program. This Python open-source project has been designed and developed to address many issues encountered with CICFlowMeter. It extracts over 300 features from TCP-based network traffic, tailored explicitly for Anomaly Profiling (AP). NTLFlowLyzer serves as a key component of the upcoming NetFlowLyzer.
https://github.com/ahlashkari/NTLFlowLyzer
Best, BCCC Team https://www.yorku.ca/research/bccc/
The src/dest values are byte arrays. This is a memory address comparison that will always return false, so everything is added to the backward bulk summary statistics. The correct comparison method should be
if (Arrays.equals(this.src, packet.getSrc()))
This has implications for 6 features:
And the datasets generated before this is fixed will not have the correct values as the author intended, I suspect