
Nfstream: a network data analysis framework using Python - ticohack
https://github.com/aouinizied/nfstream
======
jrmiii
This would be really cool combined with the new VPC traffic mirroring on AWS.

[https://aws.amazon.com/blogs/aws/new-vpc-traffic-
mirroring/](https://aws.amazon.com/blogs/aws/new-vpc-traffic-mirroring/)

------
cybertank
Thanks for sharing.

~~~
VvR-Ox
+1 and also I like the readme including live demo very much.

------
armitron
This is pretty much a light Python wrapper around ndpi [1] a C library that
contains all the dissectors and protocol support. Probably a very bad idea to
use a C library with hand-written parsers for that.

[1] [https://www.ntop.org/products/deep-packet-
inspection/ndpi/](https://www.ntop.org/products/deep-packet-inspection/ndpi/)

~~~
aouinizied
nDPI is used for traffic classification and metadata extraction as it's the
currently most reliable state of the art deep packet inspection library. The
"Light Python wrapper" is provided as part of nDPI (python repository under
nDPI repo).

nfstream is a framework to compute/aggregate network data in an easy manner
using Python. The main goal is to shorten the path from networking space to
data science space when building for example ML based traffic classification
or anomalies detection.

