https://github.com/muayyad-alsadi/flowvis

visualize netflows using t-SNE
https://github.com/muayyad-alsadi/flowvis

botnets netflow

Last synced: about 1 year ago
JSON representation

visualize netflows using t-SNE

• Host: GitHub
• URL: https://github.com/muayyad-alsadi/flowvis
• Owner: muayyad-alsadi
• License: apache-2.0
• Created: 2017-07-26T19:12:16.000Z (almost 9 years ago)
• Default Branch: master
• Last Pushed: 2017-07-26T19:27:50.000Z (almost 9 years ago)
• Last Synced: 2025-02-16T20:14:52.009Z (over 1 year ago)
• Topics: botnets, netflow
• Language: JavaScript
• Size: 172 KB
• Stars: 3
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# FlowVis

Visualize netflows using t-SNE

## Input

Prepare you netflows in the form of CSV having the following columns

```

StartTime,Dur,Proto,SrcAddr,Sport,Dir,DstAddr,Dport,State,sTos,dTos,TotPkts,TotBytes,SrcBytes,Label

```

If you don't have labels put any thing as last column like `NA` or `OTHER` or `None`

You can use any file that have the above format like 

* [CTU-Malware-Capture-Botnet-46 or Scenario 5 in the CTU-13 dataset.](https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-46/detailed-bidirectional-flow-labels/capture20110815-2.binetflow)

## Usage

```

python flowvis.py [pca|tsne] [id|tanh|range|std] inputfile.csv

```

we recommend using `tsne` and `tanh` (other methods are used for comparison)

```

python flowvis.py tsne tanh inputfile.csv

```

this would output resulted images and `data.js` which can be viewed using `flowvis.html`

## Results

![results](/results/tsne-tanh.png)