sf

Joy is a BSD-licensed libpcap-based software bundle for extracting information features from alive network traffic or packet capture (pcap) files, using a flow-oriented model like to that of IPFIX or Netflow, too and then representing these information features inward JSON. It also contains analysis tools that tin travel applied to these information files. Joy tin travel used to explore information at scale, peculiarly safety too threat-relevant data. JSON is used inward social club to brand the output easily consumable past times information analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, too they response good to compression. Joy tin travel configured to obtain intraflow data, that is, information too information virtually events that hap inside a network flow, including: the sequence of lengths too arrival times of IP packets, upwards to roughly configurable number of packets. the empirical probability distrib...