CICFlowMeter icon indicating copy to clipboard operation
CICFlowMeter copied to clipboard

Published 20 hours ago verified publisher icon ahlashkari

Please explain the usage of “if ((flow.getBwdFINFlags() + flow.getBwdFINFlags()) == 2)” on FlowGenerateor.java

Open 67113513 opened this issue 2 years ago • 2 comments

The code just doubles getBwdFINFlags, could it change to flow.getBwdFINFlags()==1 ? Or should it be "if ((flow.getFwdFINFlags() + flow.getBwdFINFlags()) == 2)"?

67113513 avatar Feb 10 '23 09:02 67113513

I am so glad to see someone finding the same problem with me! I believe it must be "if ((flow.getFwdFINFlags() + flow.getBwdFINFlags()) == 2)", since the condition checks if both the forward and backward FIN flags are set. Also, I think the process handling ForwardFInFlag and BackwardFinFlag can be merged to reduce code's redundancy, but it's not a big deal.

zyzshishui avatar Jul 22 '23 09:07 zyzshishui

Thanks zyzshishui, appreciate your comment.

67113513 avatar Aug 06 '23 14:08 67113513

Hi, We are pleased to announce that the first version of the Network and Transportation Layers Flow Analyzer (NTLFlowLyzer) is now available as part of the Understanding Cybersecurity Series (UCS) knowledge mobilization program. This Python open-source project has been designed and developed to address many issues encountered with CICFlowMeter. It extracts over 300 features from TCP-based network traffic, tailored explicitly for Anomaly Profiling (AP). NTLFlowLyzer serves as a key component of the upcoming NetFlowLyzer.

https://github.com/ahlashkari/NTLFlowLyzer

Best, BCCC Team https://www.yorku.ca/research/bccc/

ahlashkari avatar Apr 13 '24 20:04 ahlashkari