Skip to content

Instantly share code, notes, and snippets.

/attack_measure.py
Created Mar 16, 2017

Embed
What would you like to do?
from scapy.all import *
from collections import deque
def print_attack_measure(pcap_file):
plist = rdpcap(pcap_file)
server_ip = "127.0.0.1"
n = 300
d = deque(maxlen=n)
# If you want source/destination IP addresses
getsrcdst = lambda x:(x.src,x.dst)
# If you want MAC addresses
getmacs = lambda x:(x.addr1, x.addr2, x.addr3)
def filterpackets(ip):
for p in plist:
try:
c = getsrcdst(p)
if(ip in c[0]):
# server IP is source IP of packet
yield -1
if(ip in c[1]):
# server IP is destination IP of packet
yield 1
except AttributeError:
pass
print("This prints a measure of packets received to packets sent, using a moving average of %d packets."%(n))
print("0 indicates a perfect balance of sent-received.")
print("+1 indicates all packets are sent to the server.")
print("-1 indicates all packets are sent by the server.")
print("A larger positive number indicates an unresponsive server.")
count = 0
for pack in filterpackets(server_ip):
d.append(pack)
count += 1
if(count>n):
print("%0.4f"%(sum(d)/(1.0*n)))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.