From f8f669a7ce92da582f0dbef7337639bf060ef47d Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Thu, 11 Apr 2024 13:36:26 +0200 Subject: Add extra entropy checks and more precise(?) analysis. Signed-off-by: Toni Uhlig --- tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out') diff --git a/tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out b/tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out index 33ea136ca..7671287b3 100644 --- a/tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out +++ b/tests/cfgs/disable_protocols/result/quic-mvfst-27.pcapng.out @@ -26,4 +26,4 @@ Facebook 20 11399 1 Fun 20 11399 1 - 1 UDP 10.0.2.15:35957 <-> 69.171.250.15:443 [proto: 119/Facebook][IP: 119/Facebook][Encrypted][Confidence: Match by IP][DPI packets: 12][cat: SocialNetwork/6][7 pkts/3196 bytes <-> 13 pkts/8203 bytes][Goodput ratio: 79/85][8.96 sec][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1782/811 8808/8827 3513/2535][Pkt Len c2s/s2c min/avg/max/stddev: 128/115 457/631 1326/1346 492/540][Risk: ** Susp Entropy **][Risk Score: 50][Risk Info: Entropy 7.86][PLAIN TEXT (Xic gcl)][Plen Bins: 20,25,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,5,20,0,0,0,0,0,0,0,0] + 1 UDP 10.0.2.15:35957 <-> 69.171.250.15:443 [proto: 119/Facebook][IP: 119/Facebook][Encrypted][Confidence: Match by IP][DPI packets: 12][cat: SocialNetwork/6][7 pkts/3196 bytes <-> 13 pkts/8203 bytes][Goodput ratio: 79/85][8.96 sec][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1782/811 8808/8827 3513/2535][Pkt Len c2s/s2c min/avg/max/stddev: 128/115 457/631 1326/1346 492/540][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.857 (Encrypted or Random?)][PLAIN TEXT (Xic gcl)][Plen Bins: 20,25,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,5,20,0,0,0,0,0,0,0,0] -- cgit v1.2.3