Packet Café is built for easy-to-use automated network traffic analysis. This platform is configured to be modular and allow for a pipeline of tools that are triggered by different inputs and outputs.
Packet Café is an analysis platform that pipelines data through a configurable suite of open source tools to better visualize and dissect PCAP data with an eye toward more intuitive analysis of network traffic data. Packet Café accomplishes this in two ways. First, the PCAP is run through a rigorous analysis pipeline using industry standard tools such as Snort and Mercury, with the raw output being made available to the user for any style of analysis they want to perform. Next, the data is used to generate a dashboard view to allow for visual exploration of the supplied data. Currently, the supplied visualizations focus on answering questions regarding the distribution of IP addresses and ports communicating in an arbitrary PCAP file. We also are exploring ways to add further visualizations and refine our dashboarding capability.