{ "cells": [ { "cell_type": "code", "execution_count": 1, "id": "97e76d73", "metadata": {}, "outputs": [], "source": [ "from scapy.all import *\n", "import numpy as np\n", "import pandas as pd\n", "import argparse\n", "import os\n", "\n", "inputfile = \"data.pcap\"\n", "outputfile = \"data.csv\"\n", "\n", "mac_to_device = {\n", " \"44:65:0d:56:cc:d3\": \"Amazon Echo\",\n", " \"e0:76:d0:3f:00:ae\": \"August Doorbell Cam\",\n", " \"70:88:6b:10:0f:c6\": \"Awair air quality monitor\",\n", " \"b4:75:0e:ec:e5:a9\": \"Belkin Camera\",\n", " \"ec:1a:59:83:28:11\": \"Belkin Motion Sensor\",\n", " \"ec:1a:59:79:f4:89\": \"Belkin Switch\",\n", " \"74:6a:89:00:2e:25\": \"Blipcare BP Meter\",\n", " \"7c:70:bc:5d:5e:dc\": \"Canary Camera\",\n", " \"30:8c:fb:2f:e4:b2\": \"Dropcam\",\n", " \"6c:ad:f8:5e:e4:61\": \"Google Chromecast\",\n", " \"28:c2:dd:ff:a5:2d\": \"Hello Barbie\",\n", " \"70:5a:0f:e4:9b:c0\": \"HP Printer\",\n", " \"74:c6:3b:29:d7:1d\": \"iHome PowerPlug\",\n", " \"d0:73:d5:01:83:08\": \"LiFX Bulb\",\n", " \"18:b4:30:25:be:e4\": \"NEST Smoke Sensor\",\n", " \"70:ee:50:18:34:43\": \"Netatmo Camera\",\n", " \"70:ee:50:03:b8:ac\": \"Netatmo Weather station\",\n", " \"00:17:88:2b:9a:25\": \"Phillip Hue Lightbulb\",\n", " \"e0:76:d0:33:bb:85\": \"Pixstart photo frame\",\n", " \"88:4a:ea:31:66:9d\": \"Ring Door Bell\",\n", " \"00:16:6c:ab:6b:88\": \"Samsung Smart Cam\",\n", " \"d0:52:a8:00:67:5e\": \"Smart Things\",\n", " \"f4:f2:6d:93:51:f1\": \"TP-Link Camera\",\n", " \"50:c7:bf:00:56:39\": \"TP-Link Plug\",\n", " \"18:b7:9e:02:20:44\": \"Triby Speaker\",\n", " \"00:24:e4:10:ee:4c\": \"Withings Baby Monitor\",\n", " \"00:24:e4:1b:6f:96\": \"Withings Scale\",\n", " \"00:24:e4:20:28:c6\": \"Withings sleep sensor\",\n", " \"00:24:e4:11:18:a8\": \"Withings\"\n", "}" ] }, { "cell_type": "code", "execution_count": 2, "id": "119623a5", "metadata": {}, "outputs": [], "source": [ "#read the pcap file and extract the features for each packet\n", "all_packets = rdpcap(inputfile)" ] }, { "cell_type": "code", "execution_count": 3, "id": "f5584562", "metadata": {}, "outputs": [], "source": [ "results = []\n", "for packet in all_packets:\n", " size = len(packet)\n", " try:\n", " proto = packet.proto\n", " except AttributeError:\n", " proto = 0\n", " try:\n", " sport = packet.sport\n", " dport = packet.dport\n", " except AttributeError:\n", " sport = 0\n", " dport = 0\n", "\n", " proto = int(proto)\n", " sport = int(sport)\n", " dport = int(dport)\n", "\n", " if \"Ether\" in packet:\n", " eth_dst = packet[\"Ether\"].dst\n", " if eth_dst in mac_to_device:\n", " classification = mac_to_device[eth_dst]\n", " else:\n", " classification = \"other\"\n", " else:\n", " classification = \"other\"\n", "\n", " metric = [proto,sport,dport,classification]\n", " results.append(metric)\n", "results = (np.array(results)).T" ] }, { "cell_type": "code", "execution_count": 4, "id": "2e04c2d1", "metadata": {}, "outputs": [], "source": [ "# store the features in the dataframe\n", "dataframe = pd.DataFrame({'protocl':results[0],'src':results[1],'dst':results[2],'classfication':results[3]})\n", "columns = ['protocl','src','dst','classfication']\n", "\n", "# save the dataframe to the csv file, if not exsit, create one.\n", "if os.path.exists(outputfile):\n", " dataframe.to_csv(outputfile,index=False,sep=',',mode='a',columns = columns, header=False)\n", "else:\n", " dataframe.to_csv(outputfile,index=False,sep=',',columns = columns)" ] } ], "metadata": { "kernelspec": { "display_name": "switch", "language": "python", "name": "python3" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.12.7" } }, "nbformat": 4, "nbformat_minor": 5 }