First time here? Check out the FAQ!

THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.

Is there any possibilities to extract pcap files to get 5 tuples then change it into txt file for Statistical Machine Learning?

classification
pcap
extract
tuples
WEKA
retag add tags

Hello,

For introduction I'm a newbie here and need some lead of you guys.

Okay, i would like to ask if there's any possibilities for me to do statistical machine learning on WEKA by extracting the pcap files format to get the 5 tuples using wireshark?

I want to do the classification of traffic network using supervised data and statistical machine learning method but get stuck on getting the 5 tuples of the whole pcap files.

Thank you so much, much appreciated!

bobabaw

asked 2018-12-15 15:59:03 +0000, updated 2018-12-16 05:09:45 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

Sort by

oldest

newest

most voted

Use tshark and the -T fields option to extract the 5-tuple, i.e.

tshark -r your.pcap -T fields -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport

23.8k

grahamb

answered 2018-12-15 21:20:55 +0000, updated 2018-12-16 16:10:44 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer

Is there any possibilities to extract pcap files to get 5 tuples then change it into txt file for Statistical Machine Learning? edit

Comments

1 Answer

Comments