DEV Community

Cover image for How I Built NetNerve That Made Headlines a Day After It's Launch
Shubham Bhat
Shubham Bhat

Posted on

How I Built NetNerve That Made Headlines a Day After It's Launch

#security #cybersecurity #webdev #ai

Recently, I embarked on a quest to cure a long-time pain point of mine: packet analysis is labor-intensive and difficult to articulate to non-tech colleagues. So, I constructed NetNerve—a web application that employs LLaMA3 and FastAPI to convert raw .pcap files into plain-English security findings.

And The Next Thing I know?
There was a Flood of Articles On Internet a Day After i Launched it!

Google Search Result Of NerNerve

The Journey

a Textual Look Into Cap Files

It began with frustration: The Above Picture is how a capture file looks, the image shows just one packet , that too incomplete, this could be 100s, 1000s or even a Million packets and tedious manual sorting through Wireshark dumps, searching for odd behavior, and making it difficult to document discoveries in a manner that would be understandable to managers. I wanted something that would automate the drudge work and present me with a simple summary—quick.

Tech Stack

Frontend: Next.js for a contemporary, responsive frontend

Backend: FastAPI (Python) for strong API endpoints and file management

Packet Processing: Python's Scapy library for .pcap file parsing

AI Analysis: LLaMA3 through Groq API for natural language outputs

How It Works

Upload a .pcap file from the web interface.

Scapy interprets the packet data and pulls out important details.

FastAPI manages the workflow, passing structured data to LLaMA3.

LLaMA3 interprets the traffic and provides a summary: "Detected port scanning from 192.168.1.100," or "Unusual HTTP traffic to unknown domains."

Results are output in plain English, allowing for simple identification of threats and reporting findings.

Result Pge Of NetNerve

Challenges

Binary File Handling: Uploading and processing binary .pcap files consistently in a web app.

Performance: Initial experiments with ChatGPT API were too slow. Migrating to LLaMA 3 through Groq reduced response times to below 10 seconds.

Privacy: Data never touches disk—everything processed in memory.

Why It Matters?

NetNerve brings network security within reach. Security researchers, network administrators, and even students can now derive actionable information from packet captures without extensive technical knowledge.

Try It Out

Check out NetNerve at: https://netnerve.vercel.app
GitHub Repo:https://github.com/bhat-shubham/Traffic-Analyzer-NetNerve-
If you’re interested in the code or have a suggestion/Feedback or even want to collaborate, let me know in the comments!

Top comments (0)