summaryrefslogtreecommitdiff
path: root/test/results/flow-info/1kxun.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2022-09-22 19:07:08 +0200
committerToni Uhlig <matzeton@googlemail.com>2022-09-22 19:07:08 +0200
commit9a28475bba88b711b7075b58473b7e5b5df1f393 (patch)
tree73cdf56320f14b5fe0fbfb2e930cf7ea025f9117 /test/results/flow-info/1kxun.pcap.out
parent28971cd7647a79253000fb33e52b5d2129e5ba62 (diff)
Improved flown analyse event:
* store packet directions * merged direction based IATs * merged direction based PKTLENs Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/1kxun.pcap.out')
-rw-r--r--test/results/flow-info/1kxun.pcap.out220
1 files changed, 132 insertions, 88 deletions
diff --git a/test/results/flow-info/1kxun.pcap.out b/test/results/flow-info/1kxun.pcap.out
index d37d56a59..af07ac0f0 100644
--- a/test/results/flow-info/1kxun.pcap.out
+++ b/test/results/flow-info/1kxun.pcap.out
@@ -70,40 +70,50 @@
detected: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
detected: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.056| 0.011| 0.020]
- [IAT(c->s)...: 0.000| 0.056| 0.019| 0.025][IAT(s->c)...: 0.000| 0.052| 0.008| 0.017]
- [PKTLEN(c->s): 54.000| 414.000| 128.400| 142.900][PKTLEN(s->c): 60.000|1314.000|1157.500| 397.500]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.056| 0.011| 0.020| 413.706| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 835.900| 585.300|342554.800| 4.500]
[BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,0,0,1,1,1,1,1,1]
+ [IATS........: 26,52106,52225,22,5484,34,48207,11555,801,69,59,49,273,37,27,28,464,56171,23,50473,3499,84,64,53877,45,17726,143,82,52,49,50,0]
+ [PKTLENS.....: 66,66,66,54,54,414,414,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314]
analyse: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.066| 0.012| 0.024]
- [IAT(c->s)...: 0.000| 0.066| 0.017| 0.027][IAT(s->c)...: 0.000| 0.065| 0.010| 0.022]
- [PKTLEN(c->s): 54.000| 413.000| 115.800| 133.000][PKTLEN(s->c): 60.000|1314.000|1141.800| 413.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.066| 0.012| 0.024| 579.055| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 757.100| 600.300|360321.400| 4.400]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,0,0,1,1,1,1,1,1,0,0]
+ [IATS........: 30,54573,54712,41,4152,56,64506,68,36,30,74,39,719,84,86,86,61743,22,885,65392,59,66248,63,504,2917,559,54,52,83,3871,32,0]
+ [PKTLENS.....: 66,66,66,54,54,413,413,60,373,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,54,54]
analyse: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.067| 0.012| 0.023]
- [IAT(c->s)...: 0.000| 0.067| 0.017| 0.026][IAT(s->c)...: 0.000| 0.065| 0.010| 0.021]
- [PKTLEN(c->s): 54.000| 415.000| 116.200| 133.700][PKTLEN(s->c): 60.000|1314.000|1141.800| 413.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.067| 0.012| 0.023| 544.113| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 757.200| 600.200|360235.600| 4.400]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,0,0,1,1,1,1,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1]
+ [IATS........: 36,53209,53269,23,4558,53,61521,40,293,57,57277,26,5093,104,312,45,266,88,5943,34,1372,65090,55,53,50,66840,34,3844,90,757,80,0]
+ [PKTLENS.....: 66,66,66,54,54,415,415,60,373,1314,1314,54,54,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314]
analyse: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.096| 0.013| 0.026]
- [IAT(c->s)...: 0.000| 0.096| 0.023| 0.034][IAT(s->c)...: 0.000| 0.072| 0.008| 0.021]
- [PKTLEN(c->s): 54.000| 423.000| 202.200| 176.700][PKTLEN(s->c): 60.000|1314.000|1140.100| 398.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.096| 0.013| 0.026| 693.255| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 847.000| 555.000|308021.300| 4.600]
[BINS(c->s)..: 6,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0]
+ [IATS........: 37,50730,50813,26,5716,35,60276,105,70,53,49,73,718,44,49,52,342,56283,26,72323,56,48,50,164,52,68,54,259,49,96474,55,0]
+ [PKTLENS.....: 66,66,66,54,54,414,414,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,1314,1314,1314,932,423,423]
analyse: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.142| 0.016| 0.032]
- [IAT(c->s)...: 0.000| 0.142| 0.027| 0.045][IAT(s->c)...: 0.000| 0.085| 0.011| 0.024]
- [PKTLEN(c->s): 54.000| 416.000| 128.800| 143.700][PKTLEN(s->c): 60.000|1314.000|1157.500| 397.500]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.142| 0.016| 0.032| 1046.271| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 836.000| 585.200|342449.500| 4.500]
[BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1]
+ [IATS........: 54,51945,52076,32,5225,53,60454,877,31,40,63,40,400,73,48,50,170,85115,142000,23,40785,2483,129,70,65,43573,78,404,66,55,49,0]
+ [PKTLENS.....: 66,66,66,54,54,416,416,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314]
new: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138]
detected: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
RISK: Unsafe Protocol
@@ -112,12 +122,14 @@
detected: [....36] [ip4][..tcp] [..192.168.115.8][49605] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
detected: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.147| 0.015| 0.033]
- [IAT(c->s)...: 0.000| 0.147| 0.017| 0.040][IAT(s->c)...: 0.000| 0.110| 0.013| 0.027]
- [PKTLEN(c->s): 54.000| 411.000| 106.700| 124.300][PKTLEN(s->c): 60.000|1314.000|1175.000| 393.200]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.147| 0.015| 0.033| 1100.854| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 707.600| 612.000|374554.600| 4.300]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,0,0,1,1,1,1,0,0,1,1,1,0,0,1,1,0,0,1,1,1,1,1]
+ [IATS........: 56,37783,37994,70,1795,58,38952,109751,153,146838,45,329,66,113,56,463,29,236,62,115,388,44,244,36267,36544,26,410,130,482,92,113,0]
+ [PKTLENS.....: 66,66,66,54,54,411,411,60,1314,1314,54,54,1314,1314,1314,1314,54,54,1314,1314,1314,54,54,1314,1314,54,54,1314,1314,1314,1314,1314]
new: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099]
detected: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Web][Acceptable]
RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
@@ -148,12 +160,14 @@
RISK: HTTP Numeric IP Address
new: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80]
analyse: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] [HTTP][Web][Acceptable]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.399| 0.070| 0.104]
- [IAT(c->s)...: 0.000| 0.350| 0.066| 0.103][IAT(s->c)...: 0.000| 0.399| 0.076| 0.106]
- [PKTLEN(c->s): 54.000| 499.000| 245.400| 193.100][PKTLEN(s->c): 60.000|1314.000| 538.800| 555.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.399| 0.070| 0.104|10878.943| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 364.600| 410.300|168364.100| 4.200]
[BINS(c->s)..: 9,0,0,0,0,0,0,4,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,0,0,0,0,1,1,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0]
+ [IATS........: 50,76520,76599,25,1136,41,62341,85,61755,47,298859,73,398999,66467,177,166123,34,60273,507,89,60822,34,117112,46,178142,469,61984,45,102335,44259,349653,0]
+ [PKTLENS.....: 66,66,62,54,54,306,306,60,79,499,499,499,499,60,1314,1314,54,54,1314,1314,542,54,54,281,281,60,79,491,491,60,747,54]
detected: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
detection-update: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
@@ -171,12 +185,14 @@
new: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67]
detected: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Network][Acceptable]
analyse: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.863| 0.183| 0.253]
- [IAT(c->s)...: 0.000| 0.863| 0.155| 0.262][IAT(s->c)...: 0.000| 0.666| 0.228| 0.231]
- [PKTLEN(c->s): 54.000| 557.000| 105.500| 150.500][PKTLEN(s->c): 60.000|1078.000| 846.400| 406.300]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.863| 0.183| 0.253|63925.490| 0.000]
+ [PKTLEN......: 54.000| 1078.000| 383.300| 452.500|204736.500| 4.000]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,1,0,0,1,0,0]
+ [IATS........: 31,69271,69368,26,1928,34,67940,1399,6083,291,73959,37,665858,862765,47,408647,411020,37,251400,251827,47,336785,335976,58,329935,190,130781,55,599505,799208,58,0]
+ [PKTLENS.....: 66,66,60,54,54,557,557,60,335,1078,1078,54,54,1078,54,54,1078,54,54,1078,54,54,1078,54,54,1078,1078,54,54,1078,54,54]
new: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947]
new: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [MIDSTREAM]
new: [....58] [ip4][..tcp] [...192.168.5.16][53613] -> [.68.233.253.133][...80] [MIDSTREAM]
@@ -316,12 +332,14 @@
update: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
update: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
analyse: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 45.001| 1.464| 7.949]
- [IAT(c->s)...: 0.000| 45.001| 4.519| 13.494][IAT(s->c)...: 0.000| 0.069| 0.009| 0.022]
- [PKTLEN(c->s): 54.000| 415.000| 121.900| 138.200][PKTLEN(s->c): 60.000|1314.000|1148.500| 404.800]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 45.001| 1.464| 7.949|63183326.806| 0.000]
+ [PKTLEN......: 54.000| 1314.000| 795.600| 593.200|351838.700| 4.500]
[BINS(c->s)..: 9,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,17,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,0,0,0]
+ [IATS........: 34,54477,54551,26,4891,45,65495,70,68,364,89,71,208,46,29,27,25,61484,19,69006,62,56,48,731,52,51,51,454,70696,24,45001141,0]
+ [PKTLENS.....: 66,66,66,54,54,415,415,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,1314,1314,1281,54,54,55]
new: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137]
detected: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
new: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123]
@@ -562,26 +580,32 @@
new: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.895| 0.074| 0.190]
- [IAT(c->s)...: 0.895| 0.895| 0.895| 0.000][IAT(s->c)...: 0.000| 0.372| 0.045| 0.111]
- [PKTLEN(c->s): 274.000| 278.000| 276.000| 2.000][PKTLEN(s->c): 387.000|21666.000|4833.000|5678.800]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.895| 0.074| 0.190|35982.832| 0.000]
+ [PKTLEN......: 274.000|21666.000| 4548.200| 5608.100|31450230.000| 4.200]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,16]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1]
+ [IATS........: 356191,54,308075,59,2442,3212,112,200163,56,36,29,26,27,25,1594,86,63,42,33,23,24,35,23,895343,371980,1,1344,81,1941,0,0,0]
+ [PKTLENS.....: 278,387,13026,14466,2946,2946,1506,7266,2946,1506,2946,2946,1506,1506,1506,1506,1506,4386,6338,2946,2946,1506,1506,1506,802,274,387,17346,21666,1506,4386,17346]
analyse: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 4.661| 0.481| 1.215]
- [IAT(c->s)...: 0.217| 4.661| 1.520| 1.830][IAT(s->c)...: 0.000| 4.604| 0.292| 0.951]
- [PKTLEN(c->s): 268.000| 278.000| 273.800| 4.800][PKTLEN(s->c): 384.000|21666.000|5875.000|6417.900]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 4.661| 0.481| 1.215|1476638.409| 0.000]
+ [PKTLEN......: 268.000|21666.000| 4999.800| 6236.200|38890032.000| 4.100]
[BINS(c->s)..: 0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,2,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,17]
+ [DIRECTIONS..: 0,1,1,0,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,0,1,1,1]
+ [IATS........: 306055,4848,325793,248766,4660887,4604216,364,552,841,1047,367664,134,94,2523,311381,119,1695,102,878348,204467,1564,1050,216537,375544,43,1531,0,0,0,0,0,0]
+ [PKTLENS.....: 268,384,6298,268,384,5682,278,386,1506,1506,7266,2946,5826,2946,10146,2946,1506,5826,2946,1506,8706,1506,5768,277,386,20226,21666,15363,278,387,2946,21666]
analyse: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.892| 0.092| 0.200]
- [IAT(c->s)...: 0.892| 0.892| 0.892| 0.000][IAT(s->c)...: 0.000| 0.376| 0.061| 0.126]
- [PKTLEN(c->s): 278.000| 278.000| 278.000| 0.000][PKTLEN(s->c): 386.000|21666.000|7390.700|6768.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.892| 0.092| 0.200|39932.170| 0.000]
+ [PKTLEN......: 278.000|21666.000| 6946.200| 6776.100|45915728.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,20]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 348410,61,2586,311307,74,1916,87,90,200152,34,703,82,83,49,891560,375934,1624,82,2179,1527,332757,94,46,1896,46,1564,1588,0,0,0,0,0]
+ [PKTLENS.....: 278,386,1506,11586,1506,4386,2946,13026,7266,1506,1506,1506,1506,2946,2946,1506,4605,278,388,21666,2946,10146,11586,17346,7266,18786,5826,20226,1506,10146,11586,21666]
new: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [MIDSTREAM]
detected: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Streaming][Fun]
new: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [MIDSTREAM]
@@ -602,12 +626,14 @@
new: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [MIDSTREAM]
detected: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][Web][Acceptable]
analyse: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.409| 0.085| 0.132]
- [IAT(c->s)...: 0.380| 0.409| 0.394| 0.014][IAT(s->c)...: 0.000| 0.380| 0.064| 0.108]
- [PKTLEN(c->s): 490.000| 831.000| 607.700| 158.000][PKTLEN(s->c): 1267.000|8706.000|2823.700|2208.900]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.409| 0.085| 0.132|17528.007| 0.000]
+ [PKTLEN......: 490.000| 8706.000| 2615.900| 2200.300|4841425.000| 4.600]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,16,0,12]
+ [DIRECTIONS..: 0,1,1,0,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 380392,4573,408625,215737,457,986,1014,178521,331,482,379636,185383,1426,654,331743,5741,174159,6079,334,924,170502,413,6008,1070,341,710,169481,463,585,5307,422,0]
+ [PKTLENS.....: 831,1506,1267,502,1506,1506,7266,4386,1506,1506,2518,490,2946,8706,1506,2946,8706,2946,1506,1506,7266,1506,1506,2946,1506,1506,2946,1506,1506,2946,1506,1506]
new: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [MIDSTREAM]
detected: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [HTTP.Tencent][SocialNetwork][Acceptable]
new: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [MIDSTREAM]
@@ -628,35 +654,43 @@
new: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [MIDSTREAM]
detected: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.832| 0.077| 0.179]
- [IAT(c->s)...: 0.832| 0.832| 0.832| 0.000][IAT(s->c)...: 0.000| 0.414| 0.048| 0.103]
- [PKTLEN(c->s): 592.000| 592.000| 592.000| 0.000][PKTLEN(s->c): 351.000|10146.000|3286.700|2484.500]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.832| 0.077| 0.179|32207.956| 0.000]
+ [PKTLEN......: 351.000|10146.000| 3118.200| 2492.500|6212617.000| 4.600]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,16]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 207030,367,1074,749,203546,401,538,843,360,1168,622,204026,463,1910,808,831841,413644,1524,1634,381,916,201620,415,562,974,897,365,0,0,0,0,0]
+ [PKTLENS.....: 592,351,1506,8706,2946,1506,1506,2946,1506,1506,5826,4386,1506,1506,1506,5826,2946,2946,3956,592,351,1506,8706,10146,5826,2946,1506,1506,2946,4386,4386,1506]
detection-update: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
detection-update: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.877| 0.084| 0.182]
- [IAT(c->s)...: 0.877| 0.877| 0.877| 0.000][IAT(s->c)...: 0.000| 0.237| 0.052| 0.091]
- [PKTLEN(c->s): 580.000| 592.000| 586.000| 6.000][PKTLEN(s->c): 351.000|15906.000|2906.900|3087.700]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.877| 0.084| 0.182|33133.681| 0.000]
+ [PKTLEN......: 351.000|15906.000| 2761.900| 3042.000|9253906.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,17,0,10]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1]
+ [IATS........: 216812,1301,1174,217584,379,838,730,814,206371,3184,729,1431,202135,477,2906,412,436,624,742,876517,236517,1,2089,899,206105,416,0,0,0,0,0,0]
+ [PKTLENS.....: 580,351,1506,4386,1506,5826,1506,1506,1506,1506,1506,2946,1506,4386,2946,2946,8706,1506,1506,1506,1506,1506,1506,1506,1204,592,351,7266,15906,4386,1506,1506]
analyse: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.887| 0.081| 0.181]
- [IAT(c->s)...: 0.887| 0.887| 0.887| 0.000][IAT(s->c)...: 0.000| 0.238| 0.050| 0.090]
- [PKTLEN(c->s): 580.000| 592.000| 586.000| 6.000][PKTLEN(s->c): 351.000|18786.000|3329.200|3784.500]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.887| 0.081| 0.181|32801.006| 0.000]
+ [PKTLEN......: 351.000|18786.000| 3157.800| 3724.000|13867893.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,17,0,11]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 223740,209594,1687,207155,354,1309,724,462,462,1177,203967,420,1398,676,628,3543,886861,237591,464,978,2452,823,206716,876,409,919,651,0,0,0,0,0]
+ [PKTLENS.....: 580,2946,1506,1506,11586,1506,1506,2946,1506,1506,1506,7266,1506,1506,1506,1506,4386,1506,2946,4253,592,351,1506,8706,18786,1506,2946,1506,1506,5826,1506,1330]
analyse: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.900| 0.119| 0.204]
- [IAT(c->s)...: 0.407| 0.900| 0.654| 0.246][IAT(s->c)...: 0.000| 0.372| 0.073| 0.113]
- [PKTLEN(c->s): 580.000| 592.000| 584.000| 5.700][PKTLEN(s->c): 351.000|18786.000|3984.800|4268.800]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.900| 0.119| 0.204|41414.242| 0.000]
+ [PKTLEN......: 351.000|18786.000| 3665.900| 4182.900|17496908.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,14]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,0,1,1,1]
+ [IATS........: 205636,2121,1,224803,394,328,1444,193718,403,372,1728,1281,1888,225980,899707,237971,1,2439,199154,468,952,1305,407339,371504,1478,0,0,0,0,0,0,0]
+ [PKTLENS.....: 580,351,1506,4386,2946,4386,1506,1506,1506,1506,5826,1506,1506,1506,2946,4386,5826,3732,592,351,7266,15906,1506,1506,7266,1506,5826,654,580,351,7801,18786]
new: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [MIDSTREAM]
detected: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Web][Acceptable]
new: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [MIDSTREAM]
@@ -670,12 +704,14 @@
new: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [MIDSTREAM]
detected: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 6.045| 1.119| 2.029]
- [IAT(c->s)...: 0.186| 6.045| 2.305| 2.460][IAT(s->c)...: 0.000| 5.959| 0.742| 1.706]
- [PKTLEN(c->s): 500.000|1180.000| 900.200| 214.900][PKTLEN(s->c): 709.000|14466.000|3469.900|3207.100]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 6.045| 1.119| 2.029|4116996.948| 0.000]
+ [PKTLEN......: 500.000|14466.000| 2827.500| 2993.900|8963654.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,0,0,7,0,13]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,1,0,1,1,1,0,1]
+ [IATS........: 188503,1,1404,179436,1430,692,418,2433,676,270050,61,644,3892849,3428911,186128,186289,192621,208977,367165,352334,5253796,5339015,3643,6045020,5959115,408,493,194856,189377,0,0,0]
+ [PKTLENS.....: 500,2946,2946,8706,2946,7266,1506,1506,14466,1506,2946,2946,7266,7266,4092,817,709,819,1525,821,1415,817,1530,1079,2946,1144,1169,1506,1506,1589,1180,1097]
new: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
new: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [MIDSTREAM]
@@ -683,19 +719,23 @@
new: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 39.120| 3.011| 10.152]
- [IAT(c->s)...: 0.393| 39.120| 13.465| 18.142][IAT(s->c)...: 0.000| 38.675| 1.705| 7.710]
- [PKTLEN(c->s): 273.000| 278.000| 275.500| 2.500][PKTLEN(s->c): 386.000|23106.000|5905.000|6635.000]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 39.120| 3.011| 10.152|103072311.280| 0.000]
+ [PKTLEN......: 273.000|23106.000| 5201.300| 6479.700|41986288.000| 4.100]
[BINS(c->s)..: 0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,7,0,16]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1]
+ [IATS........: 353699,3771,104,303718,4300,92,205833,106,880957,368900,1,5053,392939,352227,1591,70,2344,55,1451,285655,2146,39119714,38675191,1,2923,335353,3681,0,0,0,0,0]
+ [PKTLENS.....: 278,386,1506,1506,10146,2946,2946,23106,1506,1506,1172,273,386,18786,7757,278,387,1506,21666,4386,17346,4386,10146,5826,1506,5159,273,388,1506,11586,2946,2946]
analyse: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 1.361| 0.129| 0.285]
- [IAT(c->s)...: 1.361| 1.361| 1.361| 0.000][IAT(s->c)...: 0.000| 0.401| 0.077| 0.136]
- [PKTLEN(c->s): 273.000| 273.000| 273.000| 0.000][PKTLEN(s->c): 388.000|15906.000|6429.300|5274.400]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 1.361| 0.129| 0.285|81120.911| 0.000]
+ [PKTLEN......: 273.000|15906.000| 6044.500| 5319.900|28301384.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,21]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 326102,180,328843,179,2720,177591,469,1313,2855,118,155,777,2306,401346,1361476,293524,1,1093,2137,2758,88,201,2770,309632,1485,0,0,0,0,0,0,0]
+ [PKTLENS.....: 273,388,1506,1506,2946,7266,1506,8706,2946,15906,1506,1506,4386,13026,8706,2946,1506,15906,13200,273,388,1506,5826,15906,11586,10146,4386,14466,2946,2946,13026,4386]
new: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [MIDSTREAM]
detected: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Web][Acceptable]
new: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [MIDSTREAM]
@@ -732,20 +772,24 @@
new: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [MIDSTREAM]
detected: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
analyse: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.015| 0.003| 0.003]
- [IAT(c->s)...: 0.000| 0.000| 0.000| 0.000][IAT(s->c)...: 0.000| 0.015| 0.003| 0.003]
- [PKTLEN(c->s): 249.000| 249.000| 249.000| 0.000][PKTLEN(s->c): 797.000|7206.000|4235.400|1662.000]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.015| 0.003| 0.003| 10.814| 0.000]
+ [PKTLEN......: 249.000| 7206.000| 4110.800| 1776.800|3156934.000| 4.800]
[BINS(c->s)..: 0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,27]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 14880,612,571,2499,3579,106,930,2545,9210,1,87,6481,115,1571,2984,1607,79,1540,90,67,2792,6531,3088,2380,1844,2843,73,0,0,0,0,0]
+ [PKTLENS.....: 249,797,1494,2922,4350,4350,4350,4350,2922,1494,4350,4350,2922,4350,4350,2922,4350,5778,5778,5778,5778,4350,5778,1494,5778,4350,2922,7206,4350,7206,7206,2922]
detection-update: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
analyse: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
- [min|max|avg|stddev]
- [IAT(flow)...: 0.000| 0.021| 0.003| 0.005]
- [IAT(c->s)...: 0.000| 0.000| 0.000| 0.000][IAT(s->c)...: 0.000| 0.021| 0.003| 0.005]
- [PKTLEN(c->s): 563.000| 563.000| 563.000| 0.000][PKTLEN(s->c): 1494.000|5778.000|3566.900|1641.300]
+ [min|max|avg|stddev|variance|entropy]
+ [IAT.........: 0.000| 0.021| 0.003| 0.005| 24.604| 0.000]
+ [PKTLEN......: 563.000| 5778.000| 3473.000| 1697.900|2882863.000| 4.800]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,1,21]
+ [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
+ [IATS........: 21003,154,129,3134,1686,3067,15801,2210,2030,2737,73,1485,603,2873,1573,1531,81,114,3525,1587,2816,10499,1437,55,1612,0,0,0,0,0,0,0]
+ [PKTLENS.....: 563,1494,1494,2922,1494,2922,1494,4350,4350,4350,2922,1494,4350,1494,4350,4350,4350,5778,5778,4350,1494,1494,1494,4350,5778,5778,3214,4202,5590,1538,5778,5778]
new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM]
detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM]
Powered by cgit, Themed by Ted Yin.