Please refer to "readme.pdf" for this project's documentation, and the "Demo" folder in order to select between streaming packets from Tcpdump to demo traffic collection, or parsing pcap files in order to demo detection. Also, please replace the "detect.py" script in either of these choices with the version that is inside the "Demo" folder to enable blocking of VM's with suspicious behaviour.
Open the following link for a video presenting our project: https://drive.google.com/folderview?id=0BwsjHRX0wSCHUVVpQ2c2RWgzMmc&usp=sharing
readme.pdf: https://github.com/BU-NU-CLOUD-SP16/Network-traffic-collection/blob/master/readme.pdf