aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/WebattackXSS.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2022-09-30 18:42:10 +0200
committerToni Uhlig <matzeton@googlemail.com>2022-09-30 19:28:49 +0200
commit14f6b87551c1d03837f25755abbc8eb71d958e3e (patch)
tree6b7f1a3e481f61e726486c8d255b14e0d9e83f12 /test/results/flow-info/WebattackXSS.pcap.out
parent74f71643da536c6798d077dc1d9b13d56a9afc5d (diff)
Added nDPIsrvd-analysed to generate CSV files from analyse events.
* nDPIsrvd.h: iterate over JSON arrays * nDPId: calculate l3 payload packet entropies for analysis Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/WebattackXSS.pcap.out')
-rw-r--r--test/results/flow-info/WebattackXSS.pcap.out171
1 files changed, 95 insertions, 76 deletions
diff --git a/test/results/flow-info/WebattackXSS.pcap.out b/test/results/flow-info/WebattackXSS.pcap.out
index a891c05a6..f3a126fe8 100644
--- a/test/results/flow-info/WebattackXSS.pcap.out
+++ b/test/results/flow-info/WebattackXSS.pcap.out
@@ -14,14 +14,15 @@
new: [.....7] [ip4][..tcp] [.....172.16.0.1][52220] -> [..192.168.10.50][...80]
new: [.....8] [ip4][..tcp] [.....172.16.0.1][52222] -> [..192.168.10.50][...80]
analyse: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.805| 0.259| 0.699|488344.093| 0.000]
- [PKTLEN......: 66.000| 7992.000| 586.000| 1374.100|1888110.100| 3.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 2.805| 0.259| 0.699| 488344.093| 2.400]
+ [PKTLEN......: 52.000| 7978.000| 572.000| 1374.100| 1888110.000| 3.400]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,2,2,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,0,0,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1]
[IATS(ms)....: 0.1,0.9,0.0,0.9,1.5,2.3,23.6,26.5,34.2,32.2,1.1,1.0,0.2,0.9,0.2,0.4,39.8,69.9,111.2,1.1,61.6,62.7,1.1,842.7,846.6,3.8,131.7,132.7,1.1,2804.2,2805.2]
- [PKTLENS.....: 74,74,66,375,66,578,66,408,1198,431,807,454,1514,7992,66,66,66,66,377,571,66,407,571,66,625,429,66,423,587,66,66,66]
+ [PKTLENS.....: 60,60,52,361,52,564,52,394,1184,417,793,440,1500,7978,52,52,52,52,363,557,52,393,557,52,611,415,52,409,573,52,52,52]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,5.8,4.9,6.0,7.5,6.0,7.3,5.9,7.6,8.0,4.9,4.9,4.9,4.9,6.0,5.8,5.0,6.0,5.8,4.9,5.9,5.7,4.9,6.0,5.8,5.0,5.1,4.9]
new: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80]
detected: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
@@ -29,14 +30,15 @@
new: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80]
new: [....12] [ip4][..tcp] [.....172.16.0.1][52320] -> [..192.168.10.50][...80]
analyse: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.856| 0.080| 0.207|42651.251| 0.000]
- [PKTLEN......: 66.000| 4410.000| 627.000| 1050.300|1103191.500| 3.800]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.856| 0.080| 0.207| 42651.251| 2.700]
+ [PKTLEN......: 52.000| 4396.000| 613.000| 1050.300| 1103191.500| 3.700]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,2,2,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,1,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,3]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,1,1,0,0,0,0,1,0,0,1,0,0,1,0,0,1,0]
[IATS(ms)....: 0.2,0.9,0.0,0.9,1.5,2.1,20.7,25.9,42.5,6.0,44.4,1.3,0.2,1.3,0.1,0.1,1.2,0.3,0.4,68.6,70.5,37.8,60.4,98.3,1.1,851.7,856.3,4.6,109.7,139.3,29.5]
- [PKTLENS.....: 74,74,66,375,66,578,66,408,1200,66,431,807,66,454,4410,4410,752,66,66,66,377,571,66,407,571,66,625,429,66,449,1870,66]
+ [PKTLENS.....: 60,60,52,361,52,564,52,394,1186,52,417,793,52,440,4396,4396,738,52,52,52,363,557,52,393,557,52,611,415,52,435,1856,52]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.8,5.7,4.9,5.9,7.4,4.9,5.9,7.2,4.9,5.9,7.9,7.9,7.7,4.9,4.9,4.8,5.9,5.8,4.8,5.9,5.8,4.8,5.9,5.7,4.9,5.9,7.8,5.0]
detected: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
detected: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -78,14 +80,15 @@
new: [....45] [ip4][..tcp] [.....172.16.0.1][52978] -> [..192.168.10.50][...80]
new: [....46] [ip4][..tcp] [.....172.16.0.1][53004] -> [..192.168.10.50][...80]
analyse: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.809| 0.610| 0.941|885441.823| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.800| 755.700|571022.800| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.809| 0.610| 0.941| 885441.823| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571022.900| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.8,3808.1,3808.9,3.1,3.9,1010.4,1014.2,3.8,247.0,250.6,3.6,1037.9,1041.6,3.8,265.4,269.2,3.7,1020.1,1024.5,4.4,240.9,244.6,3.7,1033.1,1036.8,3.7,252.8,256.5,3.7,1006.2]
- [PKTLENS.....: 74,74,66,651,66,1933,66,449,1836,66,651,1934,66,449,1836,66,651,1935,66,449,1836,66,651,1934,66,449,1836,66,651,1932,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1919,52,435,1822,52,637,1920,52,435,1822,52,637,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1918,52,435]
+ [ENTROPIES...: 4.5,5.0,4.8,6.0,4.9,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.7,6.0,7.8,4.7,5.9,7.7,4.8,6.0,7.8,4.9,5.9]
new: [....47] [ip4][..tcp] [.....172.16.0.1][53018] -> [..192.168.10.50][...80]
new: [....48] [ip4][..tcp] [.....172.16.0.1][53032] -> [..192.168.10.50][...80]
new: [....49] [ip4][..tcp] [.....172.16.0.1][53058] -> [..192.168.10.50][...80]
@@ -143,14 +146,15 @@
new: [....83] [ip4][..tcp] [.....172.16.0.1][53678] -> [..192.168.10.50][...80]
new: [....84] [ip4][..tcp] [.....172.16.0.1][53692] -> [..192.168.10.50][...80]
analyse: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.899| 0.653| 1.186|1406566.662| 0.000]
- [PKTLEN......: 66.000| 1934.000| 727.700| 750.900|563862.600| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.899| 0.653| 1.186| 1406566.662| 3.500]
+ [PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.500| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.7,4897.8,4898.5,8.6,9.4,243.2,246.7,3.6,1041.2,1044.8,3.8,241.2,245.3,4.0,1005.5,1009.5,4.0,241.0,244.6,3.6,1008.9,1012.5,3.7,268.3,273.7,5.3,1005.6,1009.6,4.1,266.0]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1933,66,449,1836,66,651,1934,66,449,1836,66,651,1932,66,449,1836,66,651,1933,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0]
end: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
end: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -267,14 +271,15 @@
end: [....48] [ip4][..tcp] [.....172.16.0.1][53032] -> [..192.168.10.50][...80]
new: [...119] [ip4][..tcp] [.....172.16.0.1][54362] -> [..192.168.10.50][...80]
analyse: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.827| 0.609| 0.943|889903.972| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.800| 755.600|570947.800| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.827| 0.609| 0.943| 889903.972| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.800| 755.600| 570947.800| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,3826.3,3827.2,3.1,3.9,1023.0,1026.9,3.9,268.2,273.7,5.4,1005.2,1009.2,4.0,256.2,259.9,3.6,1006.9,1010.6,3.7,250.1,253.8,3.8,1011.3,1016.1,4.8,241.0,244.7,3.6,1020.5]
- [PKTLENS.....: 74,74,66,651,66,1935,66,449,1836,66,651,1934,66,449,1836,66,651,1934,66,449,1836,66,651,1933,66,449,1836,66,651,1931,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1920,52,435,1822,52,637,1919,52,435,1822,52,637,1917,52,435]
+ [ENTROPIES...: 4.6,5.0,4.9,6.0,4.9,7.8,5.0,5.9,7.7,4.9,6.1,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.1,7.8,5.0,5.9,7.7,4.9,6.1,7.8,4.9,5.9]
new: [...120] [ip4][..tcp] [.....172.16.0.1][54376] -> [..192.168.10.50][...80]
new: [...121] [ip4][..tcp] [.....172.16.0.1][54390] -> [..192.168.10.50][...80]
new: [...122] [ip4][..tcp] [.....172.16.0.1][54416] -> [..192.168.10.50][...80]
@@ -386,14 +391,15 @@
new: [...156] [ip4][..tcp] [.....172.16.0.1][55024] -> [..192.168.10.50][...80]
new: [...157] [ip4][..tcp] [.....172.16.0.1][55038] -> [..192.168.10.50][...80]
analyse: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.643| 0.568| 0.904|816455.025| 0.000]
- [PKTLEN......: 66.000| 1935.000| 727.700| 750.800|563712.500| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.643| 0.568| 0.904| 816455.025| 3.600]
+ [PKTLEN......: 52.000| 1921.000| 713.700| 750.800| 563712.500| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.7,3641.9,3642.6,3.1,4.1,234.1,238.5,4.2,1006.1,1011.0,4.9,233.1,236.8,3.8,1005.6,1010.7,5.0,236.2,239.8,3.6,1006.8,1010.5,3.7,232.6,236.3,3.6,1034.9,1038.9,4.1,256.3]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1933,66,449,1836,66,651,1929,66,449,1836,66,651,1935,66,449,1836,66,651,1933,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1919,52,435,1822,52,637,1915,52,435,1822,52,637,1921,52,435,1822,52,637,1919,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0,7.8,4.9,5.9,7.7,4.9,6.1]
new: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80]
new: [...159] [ip4][..tcp] [.....172.16.0.1][55078] -> [..192.168.10.50][...80]
new: [...160] [ip4][..tcp] [.....172.16.0.1][55092] -> [..192.168.10.50][...80]
@@ -501,14 +507,15 @@
new: [...194] [ip4][..tcp] [.....172.16.0.1][55700] -> [..192.168.10.50][...80]
new: [...195] [ip4][..tcp] [.....172.16.0.1][55726] -> [..192.168.10.50][...80]
analyse: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.785| 0.602| 0.936|875951.489| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.900| 755.900|571323.500| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.785| 0.602| 0.936| 875951.489| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.900| 755.900| 571323.500| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,3784.1,3784.9,3.1,3.8,1004.0,1007.6,3.7,223.7,227.4,3.7,1007.8,1011.6,3.8,255.8,259.5,3.6,1007.9,1012.0,4.2,230.4,234.8,4.3,1037.5,1041.9,4.5,238.3,242.0,3.7,1009.9]
- [PKTLENS.....: 74,74,66,651,66,1935,66,449,1836,66,651,1934,66,449,1836,66,651,1935,66,449,1836,66,651,1934,66,449,1836,66,651,1934,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1920,52,435]
+ [ENTROPIES...: 4.6,5.0,4.9,6.0,4.9,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.1,7.8,5.0,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...196] [ip4][..tcp] [.....172.16.0.1][55740] -> [..192.168.10.50][...80]
guessed: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
end: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80]
@@ -633,14 +640,15 @@
guessed: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
end: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80]
analyse: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.805| 0.635| 1.170|1368332.173| 0.000]
- [PKTLEN......: 66.000| 1934.000| 709.600| 708.000|501313.900| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.805| 0.635| 1.170| 1368332.173| 3.400]
+ [PKTLEN......: 52.000| 1920.000| 695.600| 708.000| 501313.900| 4.200]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,7]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,1,0,0,1,0,0,1,1,0,0,1,0,0,1,0,0,1]
[IATS(ms)....: 0.1,0.7,4804.7,4805.4,3.1,3.8,248.6,252.2,3.7,1022.4,1026.2,3.8,225.2,229.2,0.0,4.0,1026.8,1030.9,4.2,232.5,236.2,0.1,3.6,1006.0,1010.7,4.8,233.2,236.8,3.6,1008.0,1011.7]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1934,66,449,1836,66,651,1514,486,66,449,1836,66,651,1514,486,66,449,1836,66,651,1934,66,449,1836]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1920,52,435,1822,52,637,1500,472,52,435,1822,52,637,1500,472,52,435,1822,52,637,1920,52,435,1822]
+ [ENTROPIES...: 4.6,5.1,5.0,5.9,4.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.7,7.5,4.8,5.9,7.7,5.0,6.0,7.7,7.6,5.0,5.9,7.7,5.0,6.0,7.7,4.9,5.9,7.7]
new: [...233] [ip4][..tcp] [.....172.16.0.1][56414] -> [..192.168.10.50][...80]
new: [...234] [ip4][..tcp] [.....172.16.0.1][56428] -> [..192.168.10.50][...80]
new: [...235] [ip4][..tcp] [.....172.16.0.1][56454] -> [..192.168.10.50][...80]
@@ -755,14 +763,15 @@
new: [...270] [ip4][..tcp] [.....172.16.0.1][57076] -> [..192.168.10.50][...80]
new: [...271] [ip4][..tcp] [.....172.16.0.1][57090] -> [..192.168.10.50][...80]
analyse: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.819| 0.606| 0.944|891595.915| 0.000]
- [PKTLEN......: 66.000| 1934.000| 730.700| 755.500|570797.200| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.819| 0.606| 0.944| 891595.915| 3.700]
+ [PKTLEN......: 52.000| 1920.000| 716.700| 755.500| 570797.200| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,3818.1,3819.0,2.9,3.6,1026.8,1031.2,4.4,231.9,235.6,3.8,1007.0,1010.7,3.8,236.2,239.9,3.6,1008.9,1012.8,4.2,228.6,232.8,4.0,1040.9,1048.3,7.4,251.6,255.2,3.6,1017.7]
- [PKTLENS.....: 74,74,66,651,66,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1934,66,449,1836,66,651,1932,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637,1918,52,435]
+ [ENTROPIES...: 4.6,5.0,4.9,6.0,4.9,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0,7.8,4.9,5.9]
new: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80]
new: [...273] [ip4][..tcp] [.....172.16.0.1][57130] -> [..192.168.10.50][...80]
new: [...274] [ip4][..tcp] [.....172.16.0.1][57144] -> [..192.168.10.50][...80]
@@ -876,14 +885,15 @@
new: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80]
new: [...309] [ip4][..tcp] [.....172.16.0.1][57778] -> [..192.168.10.50][...80]
analyse: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.536| 0.567| 0.877|769788.412| 0.000]
- [PKTLEN......: 66.000| 1934.000| 727.700| 750.900|563862.600| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.536| 0.567| 0.877| 769788.412| 3.700]
+ [PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.500| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,3535.3,3536.2,3.0,3.9,353.5,357.6,4.1,1009.5,1013.5,4.1,235.9,239.6,3.7,1007.5,1011.2,3.7,236.1,239.8,3.7,1007.6,1011.4,3.8,240.9,244.7,3.7,1011.7,1015.5,3.8,232.1]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1932,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1934,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.0,4.8,5.9,4.8,7.7,4.6,6.0,7.8,4.8,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.8,6.0,7.8,4.8,5.9,7.7,4.8,6.0,7.8,4.8,5.9,7.7,4.8,6.0]
new: [...310] [ip4][..tcp] [.....172.16.0.1][57792] -> [..192.168.10.50][...80]
new: [...311] [ip4][..tcp] [.....172.16.0.1][57806] -> [..192.168.10.50][...80]
guessed: [...231] [ip4][..tcp] [.....172.16.0.1][56374] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -1011,14 +1021,15 @@
guessed: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
end: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80]
analyse: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.810| 0.603| 0.941|884966.883| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.800| 755.700|571097.900| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.810| 0.603| 0.941| 884966.883| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571097.900| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.7,3808.9,3809.5,3.4,4.1,1007.1,1011.3,4.3,225.9,229.5,3.8,1021.8,1025.8,4.1,234.0,238.5,4.5,1006.3,1010.7,4.3,238.5,243.2,4.5,1006.7,1011.2,4.5,253.5,257.1,3.6,1008.0]
- [PKTLENS.....: 74,74,66,651,66,1934,66,449,1836,66,651,1934,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1935,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1920,52,435,1822,52,637,1920,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1921,52,435]
+ [ENTROPIES...: 4.6,5.1,5.0,6.0,5.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.8,5.9]
new: [...348] [ip4][..tcp] [.....172.16.0.1][58468] -> [..192.168.10.50][...80]
new: [...349] [ip4][..tcp] [.....172.16.0.1][58482] -> [..192.168.10.50][...80]
new: [...350] [ip4][..tcp] [.....172.16.0.1][58496] -> [..192.168.10.50][...80]
@@ -1132,14 +1143,15 @@
end: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80]
new: [...385] [ip4][..tcp] [.....172.16.0.1][59124] -> [..192.168.10.50][...80]
analyse: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.823| 0.637| 1.173|1374936.236| 0.000]
- [PKTLEN......: 66.000| 1935.000| 709.600| 759.800|577334.100| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.823| 0.637| 1.173| 1374936.236| 3.400]
+ [PKTLEN......: 52.000| 1921.000| 695.600| 759.800| 577334.100| 4.100]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0]
[IATS(ms)....: 0.1,1.1,4821.8,4822.9,2.9,6.0,222.0,227.9,5.0,1.0,1005.0,1011.2,4.1,265.5,269.3,3.6,1019.9,1023.5,4.0,238.2,242.3,4.8,1006.0,1010.7,4.0,237.9,242.4,5.0,1011.0,1016.0,5.0]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1935,66,66,449,1836,66,651,1933,66,449,1836,66,651,1935,66,449,1836,66,651,1933,66,449,1836,66]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1921,52,52,435,1822,52,637,1919,52,435,1822,52,637,1921,52,435,1822,52,637,1919,52,435,1822,52]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.8,7.7,4.9,6.0,7.8,4.9,4.9,5.8,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.7,5.0,5.9,7.7,5.0]
new: [...386] [ip4][..tcp] [.....172.16.0.1][59150] -> [..192.168.10.50][...80]
new: [...387] [ip4][..tcp] [.....172.16.0.1][59164] -> [..192.168.10.50][...80]
new: [...388] [ip4][..tcp] [.....172.16.0.1][59178] -> [..192.168.10.50][...80]
@@ -1256,14 +1268,15 @@
new: [...423] [ip4][..tcp] [.....172.16.0.1][59812] -> [..192.168.10.50][...80]
new: [...424] [ip4][..tcp] [.....172.16.0.1][59826] -> [..192.168.10.50][...80]
analyse: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.767| 0.604| 0.933|871184.138| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.800| 755.700|571022.800| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.767| 0.604| 0.933| 871184.138| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571022.900| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.7,3766.4,3767.0,3.5,4.2,1039.9,1045.4,5.5,227.3,230.9,3.6,1037.1,1040.9,3.8,252.9,256.6,3.8,1024.0,1027.8,3.7,237.3,241.0,3.6,1007.8,1011.5,3.7,235.0,238.7,3.7,1007.2]
- [PKTLENS.....: 74,74,66,651,66,1934,66,449,1836,66,651,1932,66,449,1836,66,651,1935,66,449,1836,66,651,1933,66,449,1836,66,651,1934,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1920,52,435,1822,52,637,1918,52,435,1822,52,637,1921,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,435]
+ [ENTROPIES...: 4.6,5.1,4.9,6.0,4.9,7.8,4.9,5.9,7.7,5.0,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...425] [ip4][..tcp] [.....172.16.0.1][59852] -> [..192.168.10.50][...80]
new: [...426] [ip4][..tcp] [.....172.16.0.1][59866] -> [..192.168.10.50][...80]
guessed: [...346] [ip4][..tcp] [.....172.16.0.1][58440] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -1394,14 +1407,15 @@
end: [...389] [ip4][..tcp] [.....172.16.0.1][59192] -> [..192.168.10.50][...80]
new: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80]
analyse: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.582| 0.571| 0.887|786468.045| 0.000]
- [PKTLEN......: 66.000| 1934.000| 727.700| 750.900|563862.700| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.582| 0.571| 0.887| 786468.045| 3.700]
+ [PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.600| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,3581.2,3582.1,3.3,4.1,271.0,275.6,4.6,1007.5,1011.3,3.8,268.9,273.0,4.1,1007.5,1011.6,4.2,263.6,267.5,3.9,1019.8,1023.7,4.0,253.2,261.2,7.9,1002.9,1011.8,8.9,255.9]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1933,66,449,1836,66,651,1934,66,449,1836,66,651,1931,66,449,1836,66,651,1934,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637,1917,52,435,1822,52,637,1920,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.8,7.7,4.9,6.0]
new: [...464] [ip4][..tcp] [.....172.16.0.1][60572] -> [..192.168.10.50][...80]
new: [...465] [ip4][..tcp] [.....172.16.0.1][60598] -> [..192.168.10.50][...80]
new: [...466] [ip4][..tcp] [.....172.16.0.1][60612] -> [..192.168.10.50][...80]
@@ -1513,14 +1527,15 @@
new: [...500] [ip4][..tcp] [.....172.16.0.1][32988] -> [..192.168.10.50][...80]
new: [...501] [ip4][..tcp] [.....172.16.0.1][33002] -> [..192.168.10.50][...80]
analyse: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.862| 0.614| 0.953|908128.223| 0.000]
- [PKTLEN......: 66.000| 1935.000| 730.800| 755.600|570948.000| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.862| 0.614| 0.953| 908128.223| 3.700]
+ [PKTLEN......: 52.000| 1921.000| 716.800| 755.600| 570948.000| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.2,0.9,3861.2,3862.0,3.2,4.0,1007.4,1011.0,3.7,256.9,260.5,3.6,1018.3,1022.0,3.6,243.4,247.0,3.6,1033.5,1037.2,3.7,244.2,248.3,4.1,1037.5,1041.7,4.2,261.5,265.1,3.6,1039.0]
- [PKTLENS.....: 74,74,66,651,66,1934,66,449,1836,66,651,1934,66,449,1836,66,651,1934,66,449,1836,66,651,1930,66,449,1836,66,651,1935,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1920,52,435,1822,52,637,1920,52,435,1822,52,637,1920,52,435,1822,52,637,1916,52,435,1822,52,637,1921,52,435]
+ [ENTROPIES...: 4.5,5.1,4.9,6.0,4.9,7.8,4.9,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.9,6.1,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...502] [ip4][..tcp] [.....172.16.0.1][33028] -> [..192.168.10.50][...80]
new: [...503] [ip4][..tcp] [.....172.16.0.1][33042] -> [..192.168.10.50][...80]
new: [...504] [ip4][..tcp] [.....172.16.0.1][33068] -> [..192.168.10.50][...80]
@@ -1636,14 +1651,15 @@
new: [...536] [ip4][..tcp] [.....172.16.0.1][33648] -> [..192.168.10.50][...80]
new: [...537] [ip4][..tcp] [.....172.16.0.1][33674] -> [..192.168.10.50][...80]
analyse: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.841| 0.651| 1.171|1372280.717| 0.000]
- [PKTLEN......: 66.000| 1935.000| 727.800| 751.000|564013.300| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.841| 0.651| 1.171| 1372280.717| 3.500]
+ [PKTLEN......: 52.000| 1921.000| 713.800| 751.000| 564013.300| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.9,4839.8,4840.6,3.7,4.5,263.2,266.8,3.7,1005.3,1009.1,3.8,260.6,264.4,3.8,1025.0,1028.7,3.7,266.1,269.7,3.7,1007.6,1011.9,4.3,260.9,265.1,4.2,1006.7,1010.8,4.2,244.8]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1933,66,449,1836,66,651,1935,66,449,1836,66,651,1932,66,449,1836,66,651,1934,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1919,52,435,1822,52,637,1921,52,435,1822,52,637,1918,52,435,1822,52,637,1920,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0]
new: [...538] [ip4][..tcp] [.....172.16.0.1][33688] -> [..192.168.10.50][...80]
new: [...539] [ip4][..tcp] [.....172.16.0.1][33702] -> [..192.168.10.50][...80]
guessed: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -1753,14 +1769,15 @@
new: [...572] [ip4][..tcp] [.....172.16.0.1][34332] -> [..192.168.10.50][...80]
new: [...573] [ip4][..tcp] [.....172.16.0.1][34346] -> [..192.168.10.50][...80]
analyse: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.588| 0.498| 0.689|474371.129| 0.000]
- [PKTLEN......: 66.000| 1934.000| 718.700| 762.800|581830.000| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 2.588| 0.498| 0.689| 474371.129| 3.700]
+ [PKTLEN......: 52.000| 1920.000| 704.700| 762.800| 581830.000| 4.100]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,0,1,0,0,1,0]
[IATS(ms)....: 0.2,0.7,2587.7,2588.4,3.7,4.5,1020.5,1024.9,4.4,244.7,248.4,3.7,1042.3,1047.0,4.6,242.3,246.0,3.7,1031.2,1034.9,3.7,241.4,245.1,3.6,0.5,1025.2,1029.3,3.8,251.3,255.5,4.2]
- [PKTLENS.....: 74,74,66,651,66,1932,66,449,1836,66,651,1932,66,449,1836,66,651,1933,66,449,1836,66,651,1934,66,66,449,1836,66,651,1932,66]
+ [PKTLENS.....: 60,60,52,637,52,1918,52,435,1822,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,52,435,1822,52,637,1918,52]
+ [ENTROPIES...: 4.6,5.0,5.0,6.0,4.9,7.8,4.9,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,4.9,5.9,7.7,4.8,6.0,7.7,4.9]
guessed: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
end: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80]
guessed: [...499] [ip4][..tcp] [.....172.16.0.1][32974] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
@@ -1887,14 +1904,15 @@
new: [...611] [ip4][..tcp] [.....172.16.0.1][35034] -> [..192.168.10.50][...80]
new: [...612] [ip4][..tcp] [.....172.16.0.1][35048] -> [..192.168.10.50][...80]
analyse: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.897| 0.655| 1.187|1408178.323| 0.000]
- [PKTLEN......: 66.000| 1934.000| 727.800| 751.000|564013.200| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.897| 0.655| 1.187| 1408178.323| 3.500]
+ [PKTLEN......: 52.000| 1920.000| 713.800| 751.000| 564013.200| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.2,0.9,4896.4,4897.2,3.1,3.9,250.4,254.5,4.1,1006.9,1011.0,4.1,267.3,271.2,3.9,1008.0,1012.0,4.0,246.8,250.4,3.6,1038.7,1042.4,3.7,241.6,245.2,3.6,1046.3,1049.9,3.8,242.0]
- [PKTLENS.....: 74,74,66,449,66,1837,66,651,1934,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1934,66,449,1836,66,651]
+ [PKTLENS.....: 60,60,52,435,52,1823,52,637,1920,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637]
+ [ENTROPIES...: 4.6,5.1,5.0,5.9,4.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,4.9,5.9,7.7,5.0,6.0]
new: [...613] [ip4][..tcp] [.....172.16.0.1][35074] -> [..192.168.10.50][...80]
new: [...614] [ip4][..tcp] [.....172.16.0.1][35088] -> [..192.168.10.50][...80]
new: [...615] [ip4][..tcp] [.....172.16.0.1][35114] -> [..192.168.10.50][...80]
@@ -2003,14 +2021,15 @@
new: [...648] [ip4][..tcp] [.....172.16.0.1][35696] -> [..192.168.10.50][...80]
new: [...649] [ip4][..tcp] [.....172.16.0.1][35722] -> [..192.168.10.50][...80]
analyse: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.954| 0.620| 0.972|945707.024| 0.000]
- [PKTLEN......: 66.000| 1934.000| 730.700| 755.500|570797.200| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.954| 0.620| 0.972| 945707.024| 3.700]
+ [PKTLEN......: 52.000| 1920.000| 716.700| 755.500| 570797.200| 4.200]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.1,0.7,3953.2,3953.8,3.0,3.8,1020.6,1024.3,3.7,248.2,252.3,4.2,1041.7,1046.0,4.3,255.1,258.8,3.6,1007.1,1010.8,3.7,252.7,256.2,3.6,1010.5,1014.2,3.8,262.9,266.7,3.8,1039.9]
- [PKTLENS.....: 74,74,66,651,66,1934,66,449,1836,66,651,1932,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449,1836,66,651,1933,66,449]
+ [PKTLENS.....: 60,60,52,637,52,1920,52,435,1822,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435,1822,52,637,1919,52,435]
+ [ENTROPIES...: 4.6,5.1,5.0,6.0,4.9,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...650] [ip4][..tcp] [.....172.16.0.1][35736] -> [..192.168.10.50][...80]
new: [...651] [ip4][..tcp] [.....172.16.0.1][35762] -> [..192.168.10.50][...80]
guessed: [...574] [ip4][..tcp] [.....172.16.0.1][34372] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
Powered by cgit, Themed by Ted Yin.