Network traffic sampler Sketch Guided Sampling, Packet Sampling, Random Sampling, Fast Filtered Sampling, Selective Flow Sampling
This repo is C++ version of intrusion-sampling
Datasets we are using ISCX-2014-Bot, CIC-IDS-2017,CIC-IDS-2018 comes with 80 flow features
Among them we can estimate 9 of them with samplers, because other time related feautures such as IAT(InterArrivalTime) of neightboring packets cannot be estimated.
Although for sketchflow we can calculate IAT of two packets and divide them by sampling rate, it might be considered unfair because other samplers cannot estimate it well.
Sketchflow
Compilingg++ -std=c++11 -o sketchflow sketchflow.cpp collector.cpp helper.c -lm -lpcap -lpthread -msse4.2
Call
python scripts/sample_ids-2018_sketchflow.py
sFlow
Compilingg++ -std=c++11 -o sflow sflow.cpp collector.cpp helper.c -lm -lpcap -lpthread -msse4.2
Call
python scripts/sample_ids-2018_sflow.py
SGS
Compilingg++ -std=c++11 -o sgs sgs.cpp collector.cpp helper.c -lm -lpcap -lpthread -msse4.2
Call
python scripts/sample_ids-2018_sgs.py
Fast Filtered Sampling
Compilingg++ -std=c++11 -o ffs ffs.cpp collector.cpp helper.c -lm -lpcap -lpthread -msse4.2
Call
python scripts/sample_ids-2018_ffs.py
Selective Flow Sampling
Compilingg++ -std=c++11 -o selective_flow selective_flow.cpp collector.cpp helper.c -lm -lpcap -lpthread -msse4.2
Call
python scripts/sample_ids-2018_selective_flow.py