FlowMeter is an experimental utility built for analysing and classifing packets by looking at packet headers.
FlowMeter aims to:
- Classify packets and flows as benign or malicious with high true positives (TP) and low false positives (FP).
- Use the labeled data to reduce amount of traffic requiring deeper analysis.
Additionally, Deepfence FlowMeter also categorizes packets into flows and shows a rich ensemble of flow data and statistics.
 |
|---|
| FlowMeter takes packets and returns file with statistics of flows. |
 |
|---|
| Flowmeter takes packets and returns file with statistics of flows and classifies packets as benign or malicious. |
Use FlowMeter if you wish to build and operate machine-learning models on network packet data.
For full instructions, refer to the FlowMeter Documentation.
- We use FlowMeter internally to quickly analyse and label packets. It forms one part of a project to build a fast pre-filter for packets before we conduct deeper layer-7 analysis in Deepfence ThreatMapper.
Thank you for using FlowMeter.
Start with the documentation
Got a question, need some help? Find the Deepfence team on Slack
Got a feature request or found a bug? Raise an issue
- productsecurity at deepfence dot io: Found a security issue? Share it in confidence
- Find out more at deepfence.io
For any security-related issues in the FlowMeter project, contact productsecurity at deepfence dot io.
Please file GitHub issues as needed, and join the Deepfence Community Slack channel.
The Deepfence FlowMeter project (this repository) is offered under the Apache2 license.
Contributions to Deepfence FlowMeter project are similarly accepted under the Apache2 license, as per GitHub's inbound=outbound policy.
