Possible version mismatch with CIC-IDS 2017 labeled dataset

[gerivives]

There appears to be some sort of mismatch between the CICFlowmeter version used to generated the labeled CIC-IDS 2017 dataset and the latest version available in this dataset.

When I compare a labeled CSV file from the dataset available at the CIC webpage and a CSV generated with this version of CICFlowmeter from the original PCAP file, the values from certain features do not match.

Could anyone provide any insights on the actual branch/repository that has the same CICFlowmeter version that was used to generate the dataset in order to avoid inconsistencies? Despite having thoroughly read the published paper regarding the dataset and other sources, I could not find any useful information.

[AdonayTeshome]

hello gerivives, I think this version will fix the issue you encountered https://github.com/AdonayTeshome/CICFlowMeter

[ahlashkari]

Hi, We are pleased to announce that the first version of the Network and Transportation Layers Flow Analyzer (NTLFlowLyzer) is now available as part of the Understanding Cybersecurity Series (UCS) knowledge mobilization program. This Python open-source project has been designed and developed to address many issues encountered with CICFlowMeter. It extracts over 300 features from TCP-based network traffic, tailored explicitly for Anomaly Profiling (AP). NTLFlowLyzer serves as a key component of the upcoming NetFlowLyzer.

https://github.com/ahlashkari/NTLFlowLyzer

Best, BCCC Team https://www.yorku.ca/research/bccc/