1. Generate a file Tranalyzer flows.txt
In linux
t2 -r ***.pcap -w ~/Downloads
2. Extract all TCP flows
tawk 'tcp()' ***_flows.txt > ***_TCP.txt
3. Extract the package before 20, and saved as csv file
-H -t TAWK '{
n-Split = ($ L2L3L4Pl_Iat, A, ";");
for (I =. 1; I <= n-; I ++) {
Split (A [I], B, "_");
the printf "% F \ D% T \ T", B [2], B [. 1];
}
the printf "\ n-";
} 'TCP.txt *** _> _ *** pl_iat.txt
// TAWK the OFS = -v ',' '{program}' ***. csv program generated using the command csv file
4. Copy
cp ***_pl_iat.txt /mnt/hgfs/share
5. Open Preprocess_dataset, the type of input traffic, the first n packets, to achieve A / B streams are combined to generate *** _ pl_iat.csv
6. Open the weka, Explorer, Open file, open the .csv file, save the file as .arff
7. re-open Preprocess_dataset, merge arff
8. The machine learning with weka