search

ahlashkari / CICFlowMeter

CICFlowmeter-V4.0 (formerly known as ISCXFlowMeter) is an Ethernet traffic Bi-flow generator and analyzer for anomaly detection that has been used in many Cybersecurity datsets such as Android Adware-General Malware dataset (CICAAGM2017), IPS/IDS dataset (CICIDS2017), Android Malware dataset (CICAndMal2017) and Distributed Denial of Service (CICDDoS2019).
Other
544 stars 270 forks source link

CICFlowMeter doesn't generate output files #22

Closed kit10000000 closed 5 years ago

kit10000000 commented 5 years ago

Hi! I tried executing from jar (https://www.unb.ca/cic/_assets/documents/cicflowmeter-4.zip) and also tried to build it in IntelliJ IDEA with gradle. When I select the input pcap file/direstory, the output directory, the logger pane shows a message "CICFlowMeter has received 1 pcap file" and then nothing happens. I've tried on CSE-CIC-IDS2018 dataset.

debug_logs: 2019-04-15 17:32:35 DEBUG cic.cs.unb.ca.flow.ui.FlowOfflinePane offline select input /Users/.../.../.../Original Network Traffic and Log data/Friday-02-03-2018/pcap 2019-04-15 17:32:41 DEBUG cic.cs.unb.ca.flow.ui.FlowOfflinePane offline select output /Users/.../.../.../processed_by_me 2019-04-15 17:32:43 DEBUG cic.cs.unb.ca.jnetpcap.worker.ReadPcapFileWorker CICFlowMeter found :442 pcap files

if i'm trying to make it through terminal the following exception i get: Exception in thread "main" java.lang.UnsatisfiedLinkError: com.slytechs.library.NativeLibrary.dlopen(Ljava/lang/String;)J at com.slytechs.library.NativeLibrary.dlopen(Native Method) at com.slytechs.library.NativeLibrary.(Unknown Source) at com.slytechs.library.JNILibrary.(Unknown Source) at com.slytechs.library.JNILibrary.loadLibrary(Unknown Source) at com.slytechs.library.JNILibrary.register(Unknown Source) at com.slytechs.library.JNILibrary.register(Unknown Source) at com.slytechs.library.JNILibrary.register(Unknown Source) at org.jnetpcap.Pcap.(Unknown Source) at cic.cs.unb.ca.jnetpcap.PacketReader.config(PacketReader.java:58) at cic.cs.unb.ca.jnetpcap.PacketReader.(PacketReader.java:52) at cic.cs.unb.ca.ifm.Cmd.readPcapFile(Cmd.java:128) at cic.cs.unb.ca.ifm.Cmd.main(Cmd.java:80) i'm working on macOS

Soonmok commented 5 years ago

How did you fix this error?

kit10000000 commented 5 years ago

i used cmd windows version on virtual machine and copied jnet-pcap.dll and jnetpcap-100pcap.dll to java root folder on windows (example -C:\Program Files\Java\jdk-12\bin).

xihajun commented 5 years ago

i used cmd windows version on virtual machine and copied jnet-pcap.dll and jnetpcap-100pcap.dll to java root folder on windows (example -C:\Program Files\Java\jdk-12\bin).

Can I ask if it work on Mac

kit10000000 commented 5 years ago

i used cmd windows version on virtual machine and copied jnet-pcap.dll and jnetpcap-100pcap.dll to java root folder on windows (example -C:\Program Files\Java\jdk-12\bin).

Can I ask if it work on Mac

unfortunately, i couldn't make it work on mac.

xihajun commented 5 years ago

i used cmd windows version on virtual machine and copied jnet-pcap.dll and jnetpcap-100pcap.dll to java root folder on windows (example -C:\Program Files\Java\jdk-12\bin).

Can I ask if it work on Mac

unfortunately, i couldn't make it work on mac.

Thank you though

ahlashkari commented 7 months ago

Hi, We are pleased to announce that the first version of the Network and Transportation Layers Flow Analyzer (NTLFlowLyzer) is now available as part of the Understanding Cybersecurity Series (UCS) knowledge mobilization program. This Python open-source project has been designed and developed to address many issues encountered with CICFlowMeter. It extracts over 300 features from TCP-based network traffic, tailored explicitly for Anomaly Profiling (AP). NTLFlowLyzer serves as a key component of the upcoming NetFlowLyzer.

https://github.com/ahlashkari/NTLFlowLyzer

Best, BCCC Team https://www.yorku.ca/research/bccc/