# Intro
The CICFlowMeter is an open source tool that generates flows from .pcap files, and extracts features from these flows.
CICFlowMeter is a network traffic flow generator available from here . It can be used to generate bidirectional flows, where the first packet determines the forward (source to destination) and backward (destination to source) directions, hence the statistical time-related features can be calculated separately in the forward and backward directions. Additional functionalities include, selecting features from the list of existing features, adding new features, and controlling the duration of flow timeout.
NOTE: TCP flows are usually terminated upon connection teardown (by FIN packet) while UDP flows are terminated by a flow timeout. The flow timeout value can be assigned arbitrarily by the individual scheme e.g., 600 seconds for both TCP and UDP.
For citation in your works and also understanding CICFlowMeter (formerly ISCXFlowMeter) completely, you can find below published paper:
Gerard Drapper Gil, Arash Habibi Lashkari, Mohammad Mamun, Ali A. Ghorbani, "Characterization of Encrypted and VPN Traffic Using Time-Related Features", In Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP 2016) , pages 407-414, Rome , Italy
----------------------------------------
# Installation and executing:
Extract CICFlowMeterV3.zip
___Note: The only prerequisite is that "libpcap" library or WinPcap on windows systems, be pre-installed___
For Linux
> $ sudo apt-get install libpcap-dev
For windows
> download [winpcap](<https://www.winpcap.org/install/default.htm>)
## executing
Go to the extracted directory,enter the 'bin' folder
### linux
Open a terminal and run this command
```
sudo ./CICFlowMeter
```
### windows
Lanunch the Comand Prompt and run this command
```
CICFlowMeter.bat
```
## Get started
for offline
```
1.Select the folder that include your PCAP files
2.Select the folder that you would like to save you CSV files
3.Click OK button
```
for realtime
```
1 CLick Load button to find the list of network interfaces
2 Select the interface you would like to monitor
3 Click start button and wait for a while
4 Click stop button to stop the process and save the csv in same applcation folder/data/daily
```
--------------------------------------------------------------
Contact us at A.Habibi.L@unb.ca if there are any problems.
For citation in your works and also understanding CICFlowMeter (formerly ISCXFlowMeter) completely, you can find below published papers:
Arash Habibi Lashkari, Gerard Draper-Gil, Mohammad Saiful Islam Mamun and Ali A. Ghorbani, "Characterization of Tor Traffic Using Time Based Features", In the proceeding of the 3rd International Conference on Information System Security and Privacy, SCITEPRESS, Porto, Portugal, 2017
Gerard Drapper Gil, Arash Habibi Lashkari, Mohammad Mamun, Ali A. Ghorbani, "Characterization of Encrypted and VPN Traffic Using Time-Related Features", In Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP 2016) , pages 407-414, Rome , Italy
CICFlowMeter-3.0.zip (22个子文件) 
CICFlowMeter-3.0 bin 
CICFlowMeter.bat 3KB CICFlowMeter 6KB lib 
junit-4.12.jar 308KB HikariCP-java6-2.3.13.jar 115KB slf4j-api-1.7.25.jar 40KB native jnetpcap-pcap100.dll 51KB libjnetpcap.so 208KB jnetpcap.dll 368KB libjnetpcap-pcap100.so 12KB quartz-2.3.0.jar 675KB slf4j-log4j12-1.7.25.jar 12KB SimpleFlowMeterV2-3.0.jar 144KB commons-math3-3.5.jar 1.94MB hamcrest-core-1.3.jar 44KB c3p0-0.9.5.2.jar 486KB mchange-commons-java-0.2.11.jar 592KB commons-io-2.5.jar 204KB jnetpcap-1.4.1.jar 640KB commons-lang3-3.6.jar 483KB log4j-1.2.17.jar 478KB README.md 3KB
LICENSE.txt 2KB资源评论
