LinuxDays 2019

Traffic analysis with Python and DPKT
2019-10-06, 15:00–15:50, Room 107

So you collect about a Gigabyte of traffic metadata each hour and want to filter out anomalies, such as a spike in TCP RST or a host, that is surprisingly chatty with foreign hosts. A simple yet relatively performant approach is to use Python and the DPKT library. This will be a quick start tutorial and some experience with using it.


Difficulty – Intermediate
See also: Adam Kalisz - Traffic analysis with Python and DPKT