How to read pcap files directly using matlab

103 views (last 30 days)
Hi,
I have to extract statistical features like source port, destination port, packet length, total length and round trip time from .pcap files by using Matlab. I tried some widespread ways I found on the Internet (pcap2matlab, traceplay) but I didn't make them work. Is there anyone who has a new suggestion? I will really appreciate your help.
Regards,
Asli

Accepted Answer

Samatha Aleti
Samatha Aleti on 8 May 2020
Hi Aslihan,
There is no such feature as of now, but it will be considered for a future release. Also, 'pcap2matlab' is one of the submissions in MATLAB File Exchange on MATLAB Central which is a forum for our product users to interact, exchange information and knowledge, without MathWorks' involvement.
Feel free to contact the author of this submission directly for specific questions about the implementation.
  1 Comment
Aslihan Reyhanoglu
Aslihan Reyhanoglu on 8 May 2020
Hi Samantha,
Thank you for your answer. I'll contact the author.

Sign in to comment.

More Answers (1)

michael
michael on 20 Jun 2020
To make the pcap2matlab litlle bit simple to use:
capture = pcap2matlab(filter, decodeas_and_dissector, filename_or_interface, capture_stop_criteria)
Lets say you are using a udp protocol and the data you would like to read is on top of it: data[0:1] (in packet showed below is 0x5d 0x2d)
Therfore in order to read a file you shall use:
  • filter=[]; %there is no specific filter
  • decodeas_and_dissector.somedata=base+0:base+1; (where base is the location of the 1st byte of the data (0x2a=42))
  • capture_stop_criteria=[];
Now, lets assume that your data is dissected, like udp.srcport,
Therfore in order to read a file you may use:
  • decodeas_and_dissector = {'udp.srcport'}
other option is like before
  • decodeas_and_dissector.srcport = 34:35 %locations (0x22:0x23)
  6 Comments
Buns Cutie
Buns Cutie on 2 Apr 2022
Edited: Buns Cutie on 2 Apr 2022
hello, I'm a senior from China. I have met some problems when I used above code, like following picture. I want to read a wireshark packet(.pcapng) to analysis it's feature. How should I do? Thanks for everyone.
capture = pcap2matlab([],[],'gigE_image.pcapng',[]);
Started reading captured file:
Started importing to MATLAB:
错误使用 fieldnames
'double' 类型的输入参数无效。输入必须为结构体或者 Java 或 COM 对象。
出错 pcap2matlab (210 )
FieldsofDissector = fieldnames(decodeas_and_dissector);

Sign in to comment.

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by