ksingh25 / switchtree Goto Github PK

Hello, good afternoon. I want to ask you if the PCAP (UNSW_1000_packets.pcap) has any special processing? I tried the solution with another dataset but it only counts the packets, it does not count the flows nor does it detect the attacks.
Thanks

I want to write my own randomforest.p4 file for classification on this dataset. I am using three features (Protocol, ipv4.src and ipv4.dst). How should I proceed, I already have trained the model in python.

Hi,
i am wondering could we directly read the results value from the register to extern python program for a further evaluation?
i notice that in SwitchTree, you counted the number of detected attacks and normal packets based on the port respectively. However, when i prefer to use these values to draw a result figure, i have no idea to input these value directly into the python program. Or can i only manually record them and input into the python?

Thank you~~
Best regards,
Louisa

Hello good evening, I am trying to convert my tree to P4 with your script (rftop4_v2.py).
But I have a problem, when I transform the tree to p4 some zeros are added to some values. For example, I have 234 and in the txt it appears 23400000. I can see that in commands_1_tree.txt and commands_3_tree.txt the same thing happens.

The question is: Is this a bug?
I really appreciate your help.

Becasue of fixed interface during the tcpreplay, should i modfify the ip address of host to match the pcap.file packets?
For example, in pcap.file there are some malware packets whose srcip is 175.45.176.0. However, when i makerun in mininet, the host1 ip address maybe initialized to 10.0.1.1. When i tcpreplay intf1=h1-eth0, is it ok without changing the h1 ip address?

Thank you~~~