# Network Traffic Analysis with MITRE ATT&CK Mapping This application monitors network traffic in real-time, analyzes it using local LLMs (via Ollama), and maps suspicious behaviors to the MITRE ATT&CK framework. ## Features - Live network traffic capture and analysis - Local LLM-powered threat detection using Ollama - MITRE ATT&CK technique mapping - Real-time web interface for visualization - Session logging and replay ## Installation 1. Clone this repository 2. Install dependencies: ``` pip install -r requirements.txt ``` 3. Install Ollama following instructions at https://ollama.ai/ 4. Pull required LLM model: ``` ollama pull mistral ``` ## Usage 1. Start the application: ``` python src/app.py ``` 2. Open your browser at http://localhost:5000 3. Select a network interface to monitor 4. View real-time analysis on the dashboard ## Architecture - `src/network`: Network traffic capture and preprocessing - `src/llm`: Integration with Ollama LLMs for analysis - `src/mitre`: MITRE ATT&CK framework mapping - `src/api`: Backend API services - `src/ui`: Web interface components ## Security Considerations This tool is designed for educational and defensive purposes only. Always ensure you have proper authorization before monitoring any network. ## License MIT # FineTuneLLM