aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/netflix.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2022-09-30 18:42:10 +0200
committerToni Uhlig <matzeton@googlemail.com>2022-09-30 19:28:49 +0200
commit14f6b87551c1d03837f25755abbc8eb71d958e3e (patch)
tree6b7f1a3e481f61e726486c8d255b14e0d9e83f12 /test/results/flow-info/netflix.pcap.out
parent74f71643da536c6798d077dc1d9b13d56a9afc5d (diff)
Added nDPIsrvd-analysed to generate CSV files from analyse events.
* nDPIsrvd.h: iterate over JSON arrays * nDPId: calculate l3 payload packet entropies for analysis Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/netflix.pcap.out')
-rw-r--r--test/results/flow-info/netflix.pcap.out324
1 files changed, 180 insertions, 144 deletions
diff --git a/test/results/flow-info/netflix.pcap.out b/test/results/flow-info/netflix.pcap.out
index c03fdc0b6..0953d09ec 100644
--- a/test/results/flow-info/netflix.pcap.out
+++ b/test/results/flow-info/netflix.pcap.out
@@ -34,23 +34,25 @@
detection-update: [.....8] [ip4][..tcp] [....192.168.1.7][53117] -> [...52.32.196.36][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [.....4] [ip4][..tcp] [....192.168.1.7][53105] -> [..54.69.204.241][..443] [TLS.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.364| 0.040| 0.082| 6699.630| 0.000]
- [PKTLEN......: 66.000| 1514.000| 279.200| 396.800|157454.800| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.364| 0.040| 0.082| 6699.630| 3.200]
+ [PKTLEN......: 52.000| 1500.000| 265.200| 396.800| 157454.800| 3.900]
[BINS(c->s)..: 11,1,1,0,0,0,1,0,0,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,4,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,1,1,0,1,0,0,0,1,1,1,1,0,0,0]
[IATS(ms)....: 46.0,48.6,0.6,54.0,1.6,1.0,54.9,11.1,13.5,9.4,0.3,0.4,58.7,4.6,50.8,1.9,0.2,59.5,0.6,62.1,8.5,4.7,310.9,0.6,363.7,5.8,0.1,0.1,58.1,0.2,0.1]
- [PKTLENS.....: 78,74,66,274,66,1514,1514,66,229,66,141,72,111,66,117,66,422,376,66,1006,66,126,66,422,375,66,1006,121,100,66,66,66]
+ [PKTLENS.....: 64,60,52,260,52,1500,1500,52,215,52,127,58,97,52,103,52,408,362,52,992,52,112,52,408,361,52,992,107,86,52,52,52]
+ [ENTROPIES...: 4.6,5.3,5.1,5.7,5.2,7.3,7.3,5.1,6.9,5.2,6.4,5.1,6.1,5.2,5.9,5.2,7.5,7.4,5.2,7.8,5.1,6.1,5.1,7.4,7.4,5.2,7.8,6.1,5.8,5.2,5.2,5.1]
analyse: [.....7] [ip4][..tcp] [....192.168.1.7][53116] -> [...52.32.196.36][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.200| 0.035| 0.048| 2263.883| 0.000]
- [PKTLEN......: 66.000| 1514.000| 444.800| 557.400|310647.700| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.200| 0.035| 0.048| 2263.883| 3.800]
+ [PKTLEN......: 52.000| 1500.000| 430.800| 557.400| 310647.700| 4.000]
[BINS(c->s)..: 10,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0]
[BINS(s->c)..: 5,2,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,1,1,1,1,0,1,0,1,0,1,0,0,0,1]
[IATS(ms)....: 45.5,51.8,0.3,66.4,0.5,13.8,75.5,25.6,26.5,15.6,0.3,0.2,61.0,0.4,44.1,5.1,0.2,57.7,67.8,0.2,2.7,131.0,13.8,8.4,10.0,8.1,2.4,2.3,141.1,1.2,199.9]
- [PKTLENS.....: 78,74,66,298,66,1514,1514,66,259,66,141,72,111,66,117,66,1514,742,66,1514,429,1514,66,1130,66,275,66,115,66,1450,581,66]
+ [PKTLENS.....: 64,60,52,284,52,1500,1500,52,245,52,127,58,97,52,103,52,1500,728,52,1500,415,1500,52,1116,52,261,52,101,52,1436,567,52]
+ [ENTROPIES...: 4.6,5.3,5.2,5.9,5.2,7.2,7.3,5.2,7.1,5.1,6.3,5.1,6.0,5.1,6.0,5.2,7.9,7.7,5.2,7.9,7.5,7.9,5.2,7.8,5.1,7.1,5.1,6.1,5.2,7.9,7.6,5.2]
detection-update: [.....7] [ip4][..tcp] [....192.168.1.7][53116] -> [...52.32.196.36][..443] [TLS.NetFlix][Video][Fun]
new: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443]
detected: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443] [TLS.NetFlix][Video][Fun]
@@ -87,14 +89,15 @@
detection-update: [....16] [ip4][..tcp] [....192.168.1.7][53134] -> [...52.89.39.139][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....15] [ip4][..tcp] [....192.168.1.7][53133] -> [...52.89.39.139][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.350| 0.041| 0.077| 5966.970| 0.000]
- [PKTLEN......: 66.000| 1514.000| 544.200| 630.500|397553.600| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.350| 0.041| 0.077| 5966.970| 3.500]
+ [PKTLEN......: 52.000| 1500.000| 530.200| 630.500| 397553.600| 4.000]
[BINS(c->s)..: 11,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 4,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,7,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,1,1,1,0,1,1,0,1,0,1,0,1,1,0]
[IATS(ms)....: 50.8,52.1,3.9,68.9,0.5,14.7,80.5,16.9,16.6,16.1,0.4,0.2,66.7,0.8,50.7,3.2,0.3,61.4,291.2,0.1,350.1,11.8,12.8,24.1,12.5,12.3,13.9,13.7,2.7,13.3,16.3]
- [PKTLENS.....: 78,74,66,274,66,1514,1514,66,259,66,141,72,111,66,117,66,1514,686,66,1514,1514,66,1514,1416,66,1514,66,251,66,1514,1033,66]
+ [PKTLENS.....: 64,60,52,260,52,1500,1500,52,245,52,127,58,97,52,103,52,1500,672,52,1500,1500,52,1500,1402,52,1500,52,237,52,1500,1019,52]
+ [ENTROPIES...: 4.6,5.2,5.1,6.0,5.2,7.3,7.3,5.1,7.0,5.1,6.3,5.0,6.0,5.2,5.9,5.1,7.9,7.7,5.2,7.9,7.9,5.1,7.9,7.9,5.1,7.9,5.0,7.1,5.1,7.9,7.8,5.1]
detection-update: [....15] [ip4][..tcp] [....192.168.1.7][53133] -> [...52.89.39.139][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
new: [....17] [ip4][..udp] [....192.168.1.7][57719] -> [....192.168.1.1][...53]
@@ -105,23 +108,25 @@
detection-update: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Video][Fun]
detection-update: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Video][Fun]
analyse: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.040| 0.008| 0.010| 109.761| 0.000]
- [PKTLEN......: 66.000| 1514.000| 269.300| 414.200|171525.600| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.040| 0.008| 0.010| 109.761| 3.900]
+ [PKTLEN......: 52.000| 1500.000| 255.300| 414.200| 171525.600| 3.900]
[BINS(c->s)..: 8,5,6,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,2,1,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0]
[IATS(ms)....: 11.4,14.4,1.7,21.1,2.9,0.3,24.0,10.4,7.4,16.9,0.4,0.8,30.8,4.7,18.1,26.0,0.2,0.3,0.1,0.2,0.1,0.4,4.5,0.2,40.2,7.1,5.4,4.2,0.5,0.4,2.0]
- [PKTLENS.....: 78,74,66,293,66,1514,1514,66,584,66,141,72,111,66,117,66,119,116,108,214,155,155,155,155,154,134,66,104,104,406,1514,66]
+ [PKTLENS.....: 64,60,52,279,52,1500,1500,52,570,52,127,58,97,52,103,52,105,102,94,200,141,141,141,141,140,120,52,90,90,392,1500,52]
+ [ENTROPIES...: 4.6,5.3,5.2,5.7,5.3,7.1,7.3,5.2,7.6,5.2,6.3,5.1,6.0,5.3,5.9,5.2,6.1,6.0,6.0,6.9,6.4,6.4,6.5,6.6,6.6,6.4,5.2,6.0,6.0,7.5,7.9,5.3]
analyse: [....14] [ip4][..tcp] [....192.168.1.7][53132] -> [...52.89.39.139][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 7.508| 0.502| 1.826|3335198.867| 0.000]
- [PKTLEN......: 66.000| 1514.000| 372.800| 520.700|271128.800| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 7.508| 0.502| 1.826| 3335198.867| 1.400]
+ [PKTLEN......: 52.000| 1500.000| 358.800| 520.700| 271128.800| 3.800]
[BINS(c->s)..: 10,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 6,3,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,1,0,1,1,1,0,0,0,0,0,1,1,1,1]
[IATS(ms)....: 49.5,50.9,4.4,54.3,2.4,1.0,53.5,43.0,42.8,12.7,0.3,0.2,57.4,5.1,49.3,4.2,0.4,50.0,75.8,32.1,2.0,0.9,5.1,4.7,0.1,7402.2,0.1,7507.8,0.9,35.7,1.0]
- [PKTLENS.....: 78,74,66,274,66,1514,1514,66,259,66,141,72,111,66,117,66,1514,675,66,66,198,110,100,66,66,66,1514,803,66,66,1514,488]
+ [PKTLENS.....: 64,60,52,260,52,1500,1500,52,245,52,127,58,97,52,103,52,1500,661,52,52,184,96,86,52,52,52,1500,789,52,52,1500,474]
+ [ENTROPIES...: 4.6,5.3,5.1,6.0,5.2,7.3,7.3,5.1,7.1,5.1,6.4,5.1,6.0,5.2,6.0,5.2,7.9,7.7,5.2,5.2,6.8,6.1,5.9,5.2,5.2,5.2,7.9,7.7,5.2,5.2,7.9,7.5]
detection-update: [....14] [ip4][..tcp] [....192.168.1.7][53132] -> [...52.89.39.139][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
new: [....19] [ip4][..udp] [....192.168.1.7][59180] -> [....192.168.1.1][...53]
@@ -134,28 +139,30 @@
new: [....22] [ip4][..tcp] [....192.168.1.7][53150] -> [..184.25.204.25][...80]
detected: [....22] [ip4][..tcp] [....192.168.1.7][53150] -> [..184.25.204.25][...80] [HTTP.NetFlix][Video][Fun]
analyse: [....21] [ip4][..tcp] [....192.168.1.7][53149] -> [..184.25.204.25][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.007| 1.300| 0.097| 0.230|52797.755| 0.000]
- [PKTLEN......: 66.000| 1514.000| 1115.900| 637.700|406609.600| 4.700]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.007| 1.300| 0.097| 0.230| 52797.755| 3.400]
+ [PKTLEN......: 52.000| 1500.000| 1101.900| 637.700| 406609.600| 4.600]
[BINS(c->s)..: 6,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0]
[IATS(ms)....: 22.7,29.1,36.8,70.3,13.3,32.4,26.0,101.8,6.9,28.0,25.2,45.0,56.4,27.1,27.2,53.8,54.3,26.1,52.1,80.7,53.8,398.5,54.3,39.9,109.6,40.5,26.1,51.5,108.1,13.3,1300.1]
- [PKTLENS.....: 78,74,66,311,66,1514,1514,1514,66,66,1514,1514,66,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,94]
+ [PKTLENS.....: 64,60,52,297,52,1500,1500,1500,52,52,1500,1500,52,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,80]
+ [ENTROPIES...: 4.5,5.3,5.1,5.9,5.3,7.3,7.7,7.7,5.2,5.0,7.8,7.8,5.2,7.8,7.8,7.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.9,7.8,7.8,7.8,7.8,7.8,5.4]
new: [....23] [ip4][..udp] [....192.168.1.7][58102] -> [....192.168.1.1][...53]
detected: [....23] [ip4][..udp] [....192.168.1.7][58102] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
detection-update: [....23] [ip4][..udp] [....192.168.1.7][58102] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
new: [....24] [ip4][..tcp] [....192.168.1.7][53151] -> [.54.201.191.132][...80]
detected: [....24] [ip4][..tcp] [....192.168.1.7][53151] -> [.54.201.191.132][...80] [HTTP.NetFlix][Video][Fun]
analyse: [....24] [ip4][..tcp] [....192.168.1.7][53151] -> [.54.201.191.132][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.187| 0.029| 0.042| 1791.215| 0.000]
- [PKTLEN......: 66.000| 1514.000| 826.300| 674.900|455511.900| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.187| 0.029| 0.042| 1791.215| 4.000]
+ [PKTLEN......: 52.000| 1500.000| 812.300| 674.900| 455511.900| 4.400]
[BINS(c->s)..: 9,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,13,0,0]
[DIRECTIONS..: 0,1,0,0,0,0,1,1,1,1,1,0,1,0,1,0,1,1,0,1,0,1,1,0,1,1,1,1,1,1,1,0]
[IATS(ms)....: 44.1,45.6,3.9,10.7,0.2,60.0,5.7,1.0,135.1,0.3,187.2,5.7,5.7,13.9,14.0,13.3,14.4,27.8,13.3,13.1,9.2,13.3,22.5,13.4,39.3,13.3,13.3,13.9,13.3,13.3,124.5]
- [PKTLENS.....: 78,74,66,379,1514,917,66,66,66,728,1514,66,1514,66,1514,66,1514,1514,66,1026,66,1514,1307,66,1514,1514,1514,1514,1514,1514,1514,78]
+ [PKTLENS.....: 64,60,52,365,1500,903,52,52,52,714,1500,52,1500,52,1500,52,1500,1500,52,1012,52,1500,1293,52,1500,1500,1500,1500,1500,1500,1500,64]
+ [ENTROPIES...: 4.5,5.3,5.2,5.7,6.0,6.1,5.3,5.3,5.3,6.0,5.7,5.1,6.1,5.2,5.9,5.0,5.8,5.8,5.2,5.8,5.2,5.8,5.8,5.2,5.8,5.8,5.8,5.8,5.8,5.8,5.8,5.2]
new: [....25] [ip4][..tcp] [....192.168.1.7][53152] -> [...52.89.39.139][...80]
detected: [....25] [ip4][..tcp] [....192.168.1.7][53152] -> [...52.89.39.139][...80] [HTTP.NetFlix][Video][Fun]
detection-update: [....25] [ip4][..tcp] [....192.168.1.7][53152] -> [...52.89.39.139][...80] [HTTP.NetFlix][Video][Fun]
@@ -164,14 +171,15 @@
new: [....27] [ip4][..udp] [....192.168.1.7][52347] -> [....192.168.1.1][...53]
detected: [....27] [ip4][..udp] [....192.168.1.7][52347] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
analyse: [....20] [ip4][..tcp] [....192.168.1.7][53148] -> [..184.25.204.25][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 6.031| 0.428| 1.232|1516791.529| 0.000]
- [PKTLEN......: 66.000| 1514.000| 809.600| 706.600|499284.200| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.001| 6.031| 0.428| 1.232| 1516791.529| 2.300]
+ [PKTLEN......: 52.000| 1500.000| 795.600| 706.600| 499284.200| 4.300]
[BINS(c->s)..: 12,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,1,1]
[IATS(ms)....: 22.4,28.9,26.8,57.7,0.6,13.2,40.1,31.8,42.8,26.5,25.5,50.2,53.2,30.9,25.5,54.9,53.8,27.2,52.7,79.5,53.8,544.7,1520.0,11.6,27.4,27.3,28.8,635.4,3643.8,6030.9,1.1]
- [PKTLENS.....: 78,74,66,312,66,1514,1514,66,1514,66,1514,1514,66,1514,1514,1514,1514,1514,1514,1514,1514,1514,94,94,94,86,78,66,66,311,1514,1514]
+ [PKTLENS.....: 64,60,52,298,52,1500,1500,52,1500,52,1500,1500,52,1500,1500,1500,1500,1500,1500,1500,1500,1500,80,80,80,72,64,52,52,297,1500,1500]
+ [ENTROPIES...: 4.6,5.2,5.1,5.9,5.3,7.5,7.8,5.1,7.8,5.0,7.8,7.8,5.2,7.8,7.8,7.8,7.8,7.8,7.8,7.9,7.9,7.9,5.4,5.2,5.3,5.4,5.3,5.2,5.2,5.8,7.2,7.8]
detection-update: [....26] [ip4][..udp] [....192.168.1.7][51728] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
new: [....28] [ip4][..tcp] [....192.168.1.7][53153] -> [..184.25.204.24][...80]
detection-update: [....27] [ip4][..udp] [....192.168.1.7][52347] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
@@ -189,47 +197,51 @@
detected: [....30] [ip4][..tcp] [....192.168.1.7][53163] -> [..23.246.11.145][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....30] [ip4][..tcp] [....192.168.1.7][53163] -> [..23.246.11.145][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.004| 0.651| 0.082| 0.154|23582.077| 0.000]
- [PKTLEN......: 66.000| 1514.000| 954.800| 683.500|467159.100| 4.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.004| 0.651| 0.082| 0.154| 23582.077| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 940.800| 683.500| 467159.100| 4.500]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,1,0,1,1,1,1,1,1,0,1,1,1,1,0,0,1,1,0,1,0,1,1]
[IATS(ms)....: 24.8,26.3,3.8,42.5,4.8,43.8,27.2,40.5,69.4,43.9,44.8,78.3,38.8,79.8,102.6,28.8,14.7,354.3,85.0,14.1,12.4,12.7,651.0,22.9,582.5,8.6,27.5,16.4,16.4,14.7,15.1]
- [PKTLENS.....: 78,74,66,422,581,1514,66,1514,1514,66,1514,66,1514,1514,1514,1514,1514,1514,94,1514,1514,1514,1514,78,66,1514,1514,66,1514,66,1514,1514]
+ [PKTLENS.....: 64,60,52,408,567,1500,52,1500,1500,52,1500,52,1500,1500,1500,1500,1500,1500,80,1500,1500,1500,1500,64,52,1500,1500,52,1500,52,1500,1500]
+ [ENTROPIES...: 4.6,5.3,5.1,6.4,5.9,3.6,5.2,2.5,2.5,5.1,2.5,5.1,2.5,2.6,2.6,3.8,3.8,3.8,5.3,3.9,3.5,3.5,3.5,5.1,5.2,3.5,3.5,5.2,3.5,5.0,3.6,3.6]
new: [....31] [ip4][..tcp] [....192.168.1.7][53164] -> [..23.246.10.139][...80]
detected: [....31] [ip4][..tcp] [....192.168.1.7][53164] -> [..23.246.10.139][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....31] [ip4][..tcp] [....192.168.1.7][53164] -> [..23.246.10.139][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 0.639| 0.088| 0.152|23073.200| 0.000]
- [PKTLEN......: 66.000| 1514.000| 865.900| 697.400|486427.500| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.001| 0.639| 0.088| 0.152| 23073.200| 3.700]
+ [PKTLEN......: 52.000| 1500.000| 851.900| 697.400| 486427.500| 4.400]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,0,1,0,1,1,1,1,1,1,1,0,1,0,1,0,1,0,0,1,0,1]
[IATS(ms)....: 18.8,21.4,5.1,35.7,1.0,5.4,35.5,13.2,14.0,20.3,20.4,13.2,116.2,170.2,28.1,56.6,51.6,31.7,27.6,12.8,327.6,131.4,638.9,580.0,19.9,15.0,30.0,13.6,42.3,118.7,118.0]
- [PKTLENS.....: 78,74,66,422,582,1514,1514,66,1514,66,1514,66,1514,66,1514,1514,1514,1514,1514,1514,1514,94,1514,94,1514,86,1514,78,66,1514,66,1514]
+ [PKTLENS.....: 64,60,52,408,568,1500,1500,52,1500,52,1500,52,1500,52,1500,1500,1500,1500,1500,1500,1500,80,1500,80,1500,72,1500,64,52,1500,52,1500]
+ [ENTROPIES...: 4.5,5.2,5.0,6.4,5.8,3.6,2.5,5.1,2.6,5.0,2.5,5.0,2.6,5.0,2.6,2.6,3.3,3.8,3.8,3.8,3.8,5.3,3.9,5.3,3.5,5.3,3.5,5.1,4.9,3.5,4.9,3.6]
new: [....32] [ip4][..tcp] [....192.168.1.7][53171] -> [...23.246.3.140][...80]
detected: [....32] [ip4][..tcp] [....192.168.1.7][53171] -> [...23.246.3.140][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....32] [ip4][..tcp] [....192.168.1.7][53171] -> [...23.246.3.140][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.002| 0.044| 0.018| 0.010| 100.655| 0.000]
- [PKTLEN......: 66.000| 1514.000| 998.900| 672.700|452466.100| 4.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.002| 0.044| 0.018| 0.010| 100.655| 4.700]
+ [PKTLEN......: 52.000| 1500.000| 984.900| 672.700| 452466.100| 4.500]
[BINS(c->s)..: 9,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,1,0,1,1,0,1,0,1,1,0,1,0,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 30.8,32.5,5.5,44.3,2.2,41.1,2.9,12.8,15.6,14.9,15.0,12.8,12.7,26.4,12.8,11.9,13.3,17.2,31.0,13.3,13.6,25.6,14.3,13.9,26.7,13.8,13.3,27.2,13.3,13.3,27.2]
- [PKTLENS.....: 78,74,66,420,585,1514,66,1514,1514,66,1514,66,1514,1514,66,1514,66,1514,1514,66,1514,66,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514]
+ [PKTLENS.....: 64,60,52,406,571,1500,52,1500,1500,52,1500,52,1500,1500,52,1500,52,1500,1500,52,1500,52,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500]
+ [ENTROPIES...: 4.5,5.3,5.1,6.4,5.8,3.6,5.2,2.5,2.6,5.2,2.6,5.0,2.6,2.6,5.2,2.5,5.0,2.6,2.6,5.2,2.5,5.1,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.9,3.5]
analyse: [....28] [ip4][..tcp] [....192.168.1.7][53153] -> [..184.25.204.24][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.003| 4.094| 0.319| 0.812|659111.739| 0.000]
- [PKTLEN......: 66.000| 1514.000| 625.100| 689.400|475329.800| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.003| 4.094| 0.319| 0.812| 659111.739| 2.800]
+ [PKTLEN......: 52.000| 1500.000| 611.100| 689.400| 475329.800| 4.000]
[BINS(c->s)..: 17,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,0,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1]
[IATS(ms)....: 24.9,27.7,3.0,28.5,27.9,27.8,80.3,56.8,57.0,49.3,90.4,82.5,40.9,66.5,53.9,192.1,80.5,134.7,711.3,23.0,31.3,47.8,1645.4,40.4,54.8,160.8,1864.4,25.7,40.5,28.5,4093.6]
- [PKTLENS.....: 78,74,66,282,66,1514,1514,66,1514,66,1514,78,1514,1514,1514,1514,1514,1514,1514,94,94,94,94,94,94,94,94,86,78,78,66,1514]
+ [PKTLENS.....: 64,60,52,268,52,1500,1500,52,1500,52,1500,64,1500,1500,1500,1500,1500,1500,1500,80,80,80,80,80,80,80,80,72,64,64,52,1500]
+ [ENTROPIES...: 4.6,5.3,5.1,5.9,5.3,5.3,5.0,5.3,6.9,5.1,7.9,5.2,7.7,7.8,7.9,7.8,7.8,7.8,7.9,5.3,5.3,5.3,5.3,5.4,5.4,5.4,5.4,5.2,5.2,5.2,5.2,7.8]
new: [....33] [ip4][..tcp] [....192.168.1.7][53172] -> [..23.246.11.133][...80]
new: [....34] [ip4][..tcp] [....192.168.1.7][53173] -> [..23.246.11.133][...80]
new: [....35] [ip4][..tcp] [....192.168.1.7][53174] -> [..23.246.11.141][...80]
@@ -264,113 +276,125 @@
detected: [....43] [ip4][..tcp] [....192.168.1.7][53182] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....41] [ip4][..tcp] [....192.168.1.7][53180] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.098| 0.201| 0.403|162731.114| 0.000]
- [PKTLEN......: 66.000| 1514.000| 507.700| 638.100|407212.300| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 2.098| 0.201| 0.403| 162731.114| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 493.700| 638.100| 407212.300| 3.900]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0,1,0,1,0,0,0,1,0,1]
[IATS(ms)....: 61.8,72.3,0.5,134.9,0.4,125.9,1162.3,73.6,0.9,212.9,11.5,409.2,101.1,1.9,70.9,2097.5,79.5,52.1,129.8,120.6,42.9,59.9,67.1,69.4,174.4,284.0,29.4,65.0,252.7,150.5,125.9]
- [PKTLENS.....: 78,74,66,426,584,1514,66,94,94,94,94,94,94,78,78,66,1514,66,1514,66,1514,1514,66,1514,66,1514,78,66,66,1514,66,1514]
+ [PKTLENS.....: 64,60,52,412,570,1500,52,80,80,80,80,80,80,64,64,52,1500,52,1500,52,1500,1500,52,1500,52,1500,64,52,52,1500,52,1500]
+ [ENTROPIES...: 4.6,5.3,5.0,6.3,5.8,4.4,5.1,5.2,5.2,5.3,5.3,5.4,5.3,5.2,5.2,5.2,4.8,5.2,4.8,5.1,4.8,4.8,5.2,4.8,5.0,4.8,5.2,5.2,5.2,4.6,5.0,4.6]
analyse: [....38] [ip4][..tcp] [....192.168.1.7][53177] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 1.047| 0.281| 0.301|90549.584| 0.000]
- [PKTLEN......: 66.000| 1514.000| 504.100| 638.900|408170.900| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 1.047| 0.281| 0.301| 90549.584| 4.200]
+ [PKTLEN......: 52.000| 1500.000| 490.100| 638.900| 408170.900| 3.900]
[BINS(c->s)..: 19,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,8,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,0,1,1,0,1]
[IATS(ms)....: 43.7,45.8,23.6,124.8,4.9,111.6,635.9,176.1,0.2,0.1,41.6,37.4,940.2,0.9,45.4,434.5,483.8,1047.0,74.7,202.4,418.9,472.2,955.3,169.9,525.3,694.3,167.2,252.3,98.0,326.3,148.9]
- [PKTLENS.....: 78,74,66,426,585,1514,66,86,86,78,78,78,66,102,1490,66,66,66,1514,1514,66,66,66,1514,66,66,1514,66,1514,1514,66,1514]
+ [PKTLENS.....: 64,60,52,412,571,1500,52,72,72,64,64,64,52,88,1476,52,52,52,1500,1500,52,52,52,1500,52,52,1500,52,1500,1500,52,1500]
+ [ENTROPIES...: 4.5,5.3,5.0,6.4,5.8,4.4,5.1,5.3,5.2,5.1,5.2,5.1,5.1,4.9,4.3,5.2,5.2,5.1,4.9,4.9,5.0,5.1,5.1,4.9,5.0,5.0,4.8,5.0,4.6,4.7,5.1,4.8]
analyse: [....36] [ip4][..tcp] [....192.168.1.7][53175] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 1.636| 0.284| 0.363|131453.321| 0.000]
- [PKTLEN......: 66.000| 1514.000| 550.600| 657.900|432827.800| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.001| 1.636| 0.284| 0.363| 131453.321| 4.000]
+ [PKTLEN......: 52.000| 1500.000| 536.600| 657.900| 432827.800| 3.900]
[BINS(c->s)..: 19,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,1,1,0,0,0,1,1,0,0,1,1,0,0,1,0,1,0,1]
[IATS(ms)....: 16.1,19.4,23.6,88.6,4.0,82.2,1105.3,26.9,21.8,19.6,0.6,13.1,381.6,1636.2,66.4,119.0,421.4,408.1,882.7,90.2,143.4,490.4,519.4,92.3,121.0,487.1,597.7,217.6,227.5,270.0,221.9]
- [PKTLENS.....: 78,74,66,423,584,1514,66,86,86,86,78,78,78,78,1514,1514,66,78,66,1514,1514,66,66,1514,1514,66,66,1514,66,1514,78,1514]
+ [PKTLENS.....: 64,60,52,409,570,1500,52,72,72,72,64,64,64,64,1500,1500,52,64,52,1500,1500,52,52,1500,1500,52,52,1500,52,1500,64,1500]
+ [ENTROPIES...: 4.5,5.3,5.1,6.4,5.8,4.5,5.1,5.3,5.4,5.4,5.2,5.2,5.2,5.2,3.8,4.4,5.2,5.1,5.2,4.4,4.4,5.2,5.2,4.4,4.4,5.2,5.2,4.3,5.0,4.4,5.2,4.6]
analyse: [....34] [ip4][..tcp] [....192.168.1.7][53173] -> [..23.246.11.133][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.005| 1.397| 0.291| 0.314|98805.531| 0.000]
- [PKTLEN......: 66.000| 1514.000| 730.200| 699.000|488561.800| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.005| 1.397| 0.291| 0.314| 98805.531| 4.200]
+ [PKTLEN......: 52.000| 1500.000| 716.200| 699.000| 488561.800| 4.200]
[BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,0,1,0,1,0,1,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1]
[IATS(ms)....: 23.9,25.1,18.2,72.5,4.9,71.3,152.2,249.5,985.6,26.7,1397.2,519.1,299.5,499.9,482.3,40.5,55.6,206.8,137.1,537.5,535.2,174.3,571.8,776.0,198.8,230.5,89.9,284.0,128.1,116.3,110.5]
- [PKTLENS.....: 78,74,66,423,584,1514,66,1514,66,94,94,1514,86,1514,78,1514,1514,1514,66,1514,66,1514,66,66,1514,66,1514,1514,66,1514,66,1514]
+ [PKTLENS.....: 64,60,52,409,570,1500,52,1500,52,80,80,1500,72,1500,64,1500,1500,1500,52,1500,52,1500,52,52,1500,52,1500,1500,52,1500,52,1500]
+ [ENTROPIES...: 4.6,5.3,5.0,6.4,5.8,4.5,5.0,4.2,5.0,5.3,5.3,4.4,5.3,4.4,5.2,4.3,4.5,4.3,5.1,4.3,5.1,4.3,5.1,5.2,4.5,5.0,4.7,4.7,5.1,4.7,5.2,4.7]
analyse: [....43] [ip4][..tcp] [....192.168.1.7][53182] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.716| 0.300| 0.539|290723.889| 0.000]
- [PKTLEN......: 66.000| 1514.000| 506.600| 638.800|408052.900| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 2.716| 0.300| 0.539| 290723.889| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 492.600| 638.800| 408052.900| 3.900]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,1,0,1,0,0,1,0,1,1,0]
[IATS(ms)....: 61.7,63.1,19.4,172.7,0.3,153.9,1162.5,94.2,1.4,12.3,104.3,65.9,674.7,41.5,40.0,488.9,2716.4,44.9,75.7,28.7,32.8,29.5,133.6,256.1,743.0,71.3,1131.5,569.7,135.4,73.6,104.1]
- [PKTLENS.....: 78,74,66,424,584,1514,66,94,86,86,86,86,86,86,78,66,66,1514,1514,66,1514,66,1514,66,1514,78,66,1514,66,1514,1514,66]
+ [PKTLENS.....: 64,60,52,410,570,1500,52,80,72,72,72,72,72,72,64,52,52,1500,1500,52,1500,52,1500,52,1500,64,52,1500,52,1500,1500,52]
+ [ENTROPIES...: 4.6,5.4,5.1,6.4,5.8,4.4,5.2,5.3,5.4,5.3,5.4,5.3,5.3,5.3,5.3,5.2,5.0,4.6,4.5,5.1,4.6,5.0,4.5,5.0,4.6,5.2,5.1,4.3,5.0,4.4,4.5,5.1]
analyse: [....35] [ip4][..tcp] [....192.168.1.7][53174] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.094| 0.303| 0.556|309287.715| 0.000]
- [PKTLEN......: 66.000| 1514.000| 461.800| 616.500|380048.700| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.094| 0.303| 0.556| 309287.715| 3.700]
+ [PKTLEN......: 52.000| 1500.000| 447.800| 616.500| 380048.700| 3.800]
[BINS(c->s)..: 21,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,1,0,1,0,1,0,0,1,0,1,0]
[IATS(ms)....: 20.0,22.2,5.3,69.1,0.1,72.2,626.0,607.0,26.6,520.3,51.5,55.5,593.2,41.7,80.3,418.0,3094.3,65.6,425.7,470.0,40.8,85.0,52.1,54.3,117.7,383.1,387.3,709.4,53.7,73.8,158.6]
- [PKTLENS.....: 78,74,66,424,584,1514,66,86,86,86,86,78,78,86,78,66,66,1514,78,78,1514,1514,66,1514,66,1514,66,78,1514,78,1514,66]
+ [PKTLENS.....: 64,60,52,410,570,1500,52,72,72,72,72,64,64,72,64,52,52,1500,64,64,1500,1500,52,1500,52,1500,52,64,1500,64,1500,52]
+ [ENTROPIES...: 4.5,5.3,5.1,6.4,5.8,4.4,5.1,5.3,5.4,5.4,5.2,5.3,5.2,5.3,5.3,5.3,5.1,4.7,5.2,5.2,4.7,4.7,5.1,4.7,5.1,4.6,5.2,5.3,4.4,5.3,4.5,5.2]
analyse: [....42] [ip4][..tcp] [....192.168.1.7][53181] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.609| 0.294| 0.529|280024.056| 0.000]
- [PKTLEN......: 66.000| 1514.000| 463.200| 615.600|378913.200| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 2.609| 0.294| 0.529| 280024.056| 3.500]
+ [PKTLEN......: 52.000| 1500.000| 449.200| 615.600| 378913.200| 3.800]
[BINS(c->s)..: 21,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,1,1,0,1,0,0,0,1,0,0]
[IATS(ms)....: 61.9,63.0,9.0,155.1,0.3,150.1,1152.4,92.1,0.5,591.4,113.7,141.7,52.3,0.5,39.9,381.1,2608.5,28.2,68.2,27.2,29.6,26.6,56.5,81.7,44.8,43.7,497.4,496.6,1208.9,807.4,91.6]
- [PKTLENS.....: 78,74,66,425,583,1514,66,94,94,94,94,86,78,78,78,66,78,1514,1514,66,1514,66,1514,1514,66,1514,66,78,66,1514,86,86]
+ [PKTLENS.....: 64,60,52,411,569,1500,52,80,80,80,80,72,64,64,64,52,64,1500,1500,52,1500,52,1500,1500,52,1500,52,64,52,1500,72,72]
+ [ENTROPIES...: 4.6,5.3,5.1,6.4,5.8,4.4,5.1,5.4,5.3,5.3,5.3,5.3,5.2,5.2,5.2,5.2,5.2,5.0,5.0,5.2,5.0,5.0,5.0,5.0,5.2,5.0,5.0,5.1,5.0,4.7,5.2,5.3]
analyse: [....33] [ip4][..tcp] [....192.168.1.7][53172] -> [..23.246.11.133][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.064| 0.322| 0.577|332375.130| 0.000]
- [PKTLEN......: 66.000| 1514.000| 509.000| 637.200|406023.800| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.064| 0.322| 0.577| 332375.130| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 495.000| 637.200| 406023.800| 3.900]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,1,0,1,0,0,0,0,0,1,0,1,1]
[IATS(ms)....: 11.7,15.7,2.4,60.2,1.2,0.1,57.1,107.8,316.9,313.9,536.7,811.2,71.2,122.5,693.7,84.7,585.6,3064.5,52.8,57.9,98.4,231.5,526.2,115.1,0.7,585.7,117.7,1178.9,25.8,79.1,64.3]
- [PKTLENS.....: 78,74,66,424,584,1514,1514,66,66,1514,66,94,94,94,94,86,78,86,1514,86,1514,78,1514,94,78,66,78,66,1514,66,1514,1514]
+ [PKTLENS.....: 64,60,52,410,570,1500,1500,52,52,1500,52,80,80,80,80,72,64,72,1500,72,1500,64,1500,80,64,52,64,52,1500,52,1500,1500]
+ [ENTROPIES...: 4.5,5.2,5.0,6.3,5.8,4.5,4.2,5.1,5.0,3.8,5.0,5.1,5.1,5.2,5.2,5.2,5.1,5.2,4.3,5.2,4.2,5.0,4.3,5.1,5.1,5.1,5.1,5.1,4.5,5.1,4.5,4.5]
analyse: [....39] [ip4][..tcp] [....192.168.1.7][53178] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.546| 0.356| 0.683|466078.499| 0.000]
- [PKTLEN......: 66.000| 1514.000| 507.200| 638.400|407523.400| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 3.546| 0.356| 0.683| 466078.499| 3.500]
+ [PKTLEN......: 52.000| 1500.000| 493.200| 638.400| 407523.400| 3.900]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0,1,0,1,0,0,0,1,1]
[IATS(ms)....: 43.2,45.3,13.2,106.7,4.9,97.9,1317.7,102.1,98.2,0.2,515.8,59.8,1148.4,57.2,54.9,165.2,3546.3,68.4,92.3,156.0,131.0,70.0,95.9,104.0,104.5,205.1,729.4,92.0,551.2,1189.4,68.2]
- [PKTLENS.....: 78,74,66,423,584,1514,66,94,94,86,86,86,86,86,78,78,66,1514,66,1514,66,1514,1514,66,1514,66,1514,78,66,66,1514,1514]
+ [PKTLENS.....: 64,60,52,409,570,1500,52,80,80,72,72,72,72,72,64,64,52,1500,52,1500,52,1500,1500,52,1500,52,1500,64,52,52,1500,1500]
+ [ENTROPIES...: 4.5,5.3,5.0,6.4,5.8,4.5,5.1,5.4,5.4,5.4,5.3,5.4,5.4,5.3,5.3,5.3,5.3,4.4,5.2,4.5,5.0,4.5,4.5,5.2,4.5,5.1,4.5,5.3,5.2,5.0,4.4,4.4]
analyse: [....40] [ip4][..tcp] [....192.168.1.7][53179] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.457| 0.415| 0.811|658300.731| 0.000]
- [PKTLEN......: 66.000| 1514.000| 552.100| 656.800|431419.800| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.457| 0.415| 0.811| 658300.731| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 538.100| 656.800| 431419.800| 3.900]
[BINS(c->s)..: 19,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,0,1]
[IATS(ms)....: 41.4,43.5,2.9,82.1,0.1,78.7,1252.1,77.7,132.2,0.8,525.3,100.7,510.0,513.0,40.3,4457.1,87.0,1393.0,522.4,574.9,39.6,91.2,57.6,58.1,139.0,449.1,380.1,69.9,139.5,473.4,516.8]
- [PKTLENS.....: 78,74,66,424,584,1514,66,94,94,86,86,86,86,86,78,78,1514,1514,66,66,1514,1514,66,1514,66,1514,66,1514,1514,66,66,1514]
+ [PKTLENS.....: 64,60,52,410,570,1500,52,80,80,72,72,72,72,72,64,64,1500,1500,52,52,1500,1500,52,1500,52,1500,52,1500,1500,52,52,1500]
+ [ENTROPIES...: 4.5,5.3,5.0,6.4,5.8,4.4,5.1,5.3,5.4,5.4,5.4,5.4,5.3,5.3,5.2,5.2,4.4,4.5,5.1,5.2,4.4,4.5,5.2,4.4,5.1,4.5,5.2,4.3,4.3,5.2,5.2,4.4]
analyse: [....37] [ip4][..tcp] [....192.168.1.7][53176] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 4.432| 0.435| 0.814|663375.512| 0.000]
- [PKTLEN......: 66.000| 1514.000| 418.200| 589.200|347103.400| 3.800]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.001| 4.432| 0.435| 0.814| 663375.512| 3.600]
+ [PKTLEN......: 52.000| 1500.000| 404.200| 589.200| 347103.400| 3.700]
[BINS(c->s)..: 22,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,1,0,0,0,1,1,0,1]
[IATS(ms)....: 43.9,45.8,13.4,88.6,4.9,81.9,1250.8,92.5,118.4,0.7,544.2,69.2,495.5,501.7,62.9,1143.9,28.6,39.1,4432.0,83.0,87.8,169.9,586.4,795.5,292.9,509.0,501.2,1203.5,55.9,83.0,70.7]
- [PKTLENS.....: 78,74,66,424,583,1514,66,94,94,86,86,86,86,86,78,78,78,78,78,1514,66,1514,78,66,1514,78,66,66,1514,1514,66,1514]
+ [PKTLENS.....: 64,60,52,410,569,1500,52,80,80,72,72,72,72,72,64,64,64,64,64,1500,52,1500,64,52,1500,64,52,52,1500,1500,52,1500]
+ [ENTROPIES...: 4.6,5.2,5.0,6.4,5.8,4.5,5.1,5.3,5.3,5.4,5.4,5.3,5.4,5.3,5.3,5.1,5.3,5.3,5.2,4.3,5.0,4.3,5.2,5.2,4.4,5.2,5.2,5.2,4.3,4.3,5.2,4.4]
analyse: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 30.086| 1.958| 7.380|54461959.504| 0.000]
- [PKTLEN......: 66.000| 1514.000| 394.000| 556.900|310128.200| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 30.086| 1.958| 7.380| 54461959.504| 1.100]
+ [PKTLEN......: 52.000| 1500.000| 380.000| 556.900| 310128.200| 3.800]
[BINS(c->s)..: 9,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,3,0,0]
[BINS(s->c)..: 9,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,0,1,0,0,1,1,1,1,1,0,0,0,1,1]
[IATS(ms)....: 47.0,48.4,1.7,53.1,2.6,1.0,62.3,11.1,6.0,10.8,0.3,0.3,60.3,3.4,50.1,4.4,0.9,0.6,55.9,50.5,0.3,42.7,4.0,5.1,5.2,0.1,57.7,0.3,30033.4,30086.0,0.8]
- [PKTLENS.....: 78,74,66,295,66,1514,1514,66,229,66,141,72,111,66,117,66,1416,1514,1514,66,1514,351,66,66,66,1007,126,66,66,66,97,66]
+ [PKTLENS.....: 64,60,52,281,52,1500,1500,52,215,52,127,58,97,52,103,52,1402,1500,1500,52,1500,337,52,52,52,993,112,52,52,52,83,52]
+ [ENTROPIES...: 4.5,5.3,5.1,5.8,5.1,7.3,7.3,5.1,6.9,5.1,6.1,5.0,6.0,5.2,6.0,5.2,7.9,7.9,7.9,5.2,7.8,7.4,5.1,5.1,5.1,7.8,6.3,5.2,5.1,5.1,5.8,5.1]
detection-update: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443] [TLS.NetFlix][Video][Fun]
new: [....44] [ip4][..tcp] [....192.168.1.7][53183] -> [...23.246.3.140][...80]
new: [....45] [ip4][..tcp] [....192.168.1.7][53184] -> [..23.246.11.141][...80]
@@ -385,14 +409,15 @@
detection-update: [....48] [ip4][..udp] [....192.168.1.7][60962] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
new: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443]
analyse: [....11] [ip4][..tcp] [....192.168.1.7][53119] -> [..54.69.204.241][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 30.431| 1.003| 5.373|28867930.620| 0.000]
- [PKTLEN......: 66.000| 1514.000| 393.500| 557.000|310204.400| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 30.431| 1.003| 5.373| 28867930.620| 0.200]
+ [PKTLEN......: 52.000| 1500.000| 379.500| 557.000| 310204.400| 3.800]
[BINS(c->s)..: 10,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,3,0,0]
[BINS(s->c)..: 7,3,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,0,1,0,0,1,1,1,1,1,1,0,0,0,0]
[IATS(ms)....: 44.9,46.3,7.4,58.2,1.8,1.0,55.8,12.1,9.9,9.3,0.3,0.2,60.5,0.1,50.8,11.5,0.5,0.2,72.1,60.9,0.3,50.8,0.4,15.7,16.9,0.1,0.1,82.9,0.3,0.1,30431.5]
- [PKTLENS.....: 78,74,66,295,66,1514,1514,66,229,66,141,72,111,66,117,66,1416,1514,1514,66,1514,336,66,66,66,1007,121,100,66,66,66,66]
+ [PKTLENS.....: 64,60,52,281,52,1500,1500,52,215,52,127,58,97,52,103,52,1402,1500,1500,52,1500,322,52,52,52,993,107,86,52,52,52,52]
+ [ENTROPIES...: 4.6,5.3,5.1,5.8,5.2,7.2,7.3,5.1,7.0,5.2,6.3,5.1,5.9,5.3,6.1,5.2,7.9,7.9,7.9,5.2,7.9,7.3,5.2,5.3,5.3,7.8,6.2,5.9,5.2,5.2,5.2,5.0]
detection-update: [....11] [ip4][..tcp] [....192.168.1.7][53119] -> [..54.69.204.241][..443] [TLS.NetFlix][Video][Fun]
detected: [....46] [ip4][..tcp] [....192.168.1.7][53193] -> [...54.191.17.51][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
@@ -410,67 +435,73 @@
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] [TLS.NetFlix][Video][Fun]
analyse: [....46] [ip4][..tcp] [....192.168.1.7][53193] -> [...54.191.17.51][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.266| 0.048| 0.057| 3291.764| 0.000]
- [PKTLEN......: 66.000| 1514.000| 879.400| 680.500|463015.400| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.266| 0.048| 0.057| 3291.764| 4.000]
+ [PKTLEN......: 52.000| 1500.000| 865.400| 680.500| 463015.400| 4.400]
[BINS(c->s)..: 5,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
[BINS(s->c)..: 5,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,1]
[IATS(ms)....: 53.4,54.6,4.5,73.7,0.5,53.6,123.5,11.6,72.5,62.7,1.5,55.8,52.4,2.2,0.2,0.4,0.2,96.3,96.4,0.2,0.1,0.1,82.6,81.7,0.9,0.2,0.2,38.2,40.6,146.6,266.1]
- [PKTLENS.....: 78,74,66,583,66,1514,1146,66,192,117,66,1058,120,66,1514,1514,1514,1514,66,1514,1514,1514,1514,66,1514,1514,1514,1514,1514,1514,1514,86]
+ [PKTLENS.....: 64,60,52,569,52,1500,1132,52,178,103,52,1044,106,52,1500,1500,1500,1500,52,1500,1500,1500,1500,52,1500,1500,1500,1500,1500,1500,1500,72]
+ [ENTROPIES...: 4.6,5.3,5.2,4.4,5.2,7.2,7.6,5.2,6.6,6.0,5.2,7.8,6.2,5.2,7.9,7.9,7.9,7.9,5.3,7.9,7.9,7.9,7.9,5.2,7.9,7.9,7.9,7.9,7.9,7.9,7.9,5.4]
detection-update: [....46] [ip4][..tcp] [....192.168.1.7][53193] -> [...54.191.17.51][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.282| 0.053| 0.058| 3383.537| 0.000]
- [PKTLEN......: 66.000| 1514.000| 566.500| 629.700|396553.700| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.282| 0.053| 0.058| 3383.537| 4.200]
+ [PKTLEN......: 52.000| 1500.000| 552.500| 629.700| 396553.700| 4.000]
[BINS(c->s)..: 10,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 5,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,0,1,0,0,0,0,0,1,0,0,1,1,1,0,1,1,0,1,0,0,0]
[IATS(ms)....: 50.8,52.1,6.3,61.1,40.7,74.7,170.4,11.8,79.4,67.6,2.0,57.4,55.8,1.7,0.8,0.2,0.2,82.5,79.7,0.2,94.6,127.5,60.6,282.5,10.6,27.6,38.0,39.9,42.9,7.7,0.7]
- [PKTLENS.....: 78,74,66,583,66,1514,1146,66,192,117,66,1057,120,66,1514,1514,1514,1514,66,1514,401,66,66,1257,66,1514,1500,66,115,66,97,66]
+ [PKTLENS.....: 64,60,52,569,52,1500,1132,52,178,103,52,1043,106,52,1500,1500,1500,1500,52,1500,387,52,52,1243,52,1500,1486,52,101,52,83,52]
+ [ENTROPIES...: 4.6,5.4,5.2,4.4,5.2,7.2,7.7,5.2,6.5,6.0,5.1,7.8,6.2,5.2,7.9,7.9,7.9,7.9,5.1,7.9,7.4,5.2,5.2,7.8,5.2,7.9,7.9,5.2,6.2,5.2,5.8,5.1]
detection-update: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.333| 0.059| 0.083| 6944.879| 0.000]
- [PKTLEN......: 66.000| 1514.000| 760.100| 703.800|495333.000| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.333| 0.059| 0.083| 6944.879| 3.800]
+ [PKTLEN......: 52.000| 1500.000| 746.100| 703.800| 495333.000| 4.200]
[BINS(c->s)..: 6,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,12,0,0]
[BINS(s->c)..: 6,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0]
[IATS(ms)....: 69.5,71.0,2.6,55.6,49.1,64.4,167.9,331.9,332.6,26.5,0.7,0.7,87.7,0.5,60.7,8.8,7.1,0.4,81.1,62.8,0.8,0.2,0.1,68.1,67.1,0.8,0.2,0.1,111.2,109.6,2.5]
- [PKTLENS.....: 78,74,66,295,66,1514,1514,66,229,66,141,72,111,66,117,66,1417,1514,1514,66,1514,1514,1514,1514,66,1514,1514,1514,1514,66,1514,1514]
+ [PKTLENS.....: 64,60,52,281,52,1500,1500,52,215,52,127,58,97,52,103,52,1403,1500,1500,52,1500,1500,1500,1500,52,1500,1500,1500,1500,52,1500,1500]
+ [ENTROPIES...: 4.6,5.3,5.2,5.8,5.1,7.2,7.3,5.2,6.9,5.2,6.2,5.1,6.1,5.2,6.0,5.2,7.9,7.9,7.9,5.2,7.9,7.8,7.9,7.9,5.2,7.9,7.9,7.9,7.9,5.2,7.9,7.9]
detection-update: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] [TLS.NetFlix][Video][Fun]
analyse: [....45] [ip4][..tcp] [....192.168.1.7][53184] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.003| 0.472| 0.093| 0.119|14235.635| 0.000]
- [PKTLEN......: 66.000| 1514.000| 698.800| 659.100|434476.800| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.003| 0.472| 0.093| 0.119| 14235.635| 4.100]
+ [PKTLEN......: 52.000| 1500.000| 684.800| 659.100| 434476.800| 4.200]
[BINS(c->s)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,1,0,1,1,0,1,0,0,1,1,0,1,0,1,0,0,0,1,1]
[IATS(ms)....: 26.1,27.5,2.6,46.5,5.4,49.4,29.6,29.5,8.5,38.4,5.4,39.8,38.4,39.7,140.3,138.3,356.6,206.9,472.0,29.3,417.4,40.8,81.5,44.0,43.4,83.0,187.8,28.6,25.2,184.4,25.5]
- [PKTLENS.....: 78,74,66,575,635,1514,66,677,66,581,643,1514,66,1514,66,1514,1514,94,1514,78,66,1514,1514,66,1514,66,1514,86,78,66,1514,1514]
+ [PKTLENS.....: 64,60,52,561,621,1500,52,663,52,567,629,1500,52,1500,52,1500,1500,80,1500,64,52,1500,1500,52,1500,52,1500,72,64,52,1500,1500]
+ [ENTROPIES...: 4.6,5.3,5.1,6.3,5.8,4.5,5.1,4.2,5.1,6.3,5.8,3.8,5.1,6.9,5.0,7.6,7.9,5.2,7.9,5.2,5.1,7.9,7.9,5.1,7.9,5.0,7.9,5.3,5.1,5.1,7.9,7.9]
analyse: [....44] [ip4][..tcp] [....192.168.1.7][53183] -> [...23.246.3.140][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.005| 0.731| 0.102| 0.156|24231.225| 0.000]
- [PKTLEN......: 66.000| 1514.000| 662.300| 653.400|426995.300| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.005| 0.731| 0.102| 0.156| 24231.225| 4.000]
+ [PKTLEN......: 52.000| 1500.000| 648.300| 653.400| 426995.300| 4.200]
[BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,1,1,0,0,0,1,1,0,1,0,1,1,0,1,0,1,0,0,0,0]
[IATS(ms)....: 30.5,31.5,13.2,64.0,5.3,56.4,6.1,68.2,5.4,71.5,109.5,202.7,164.8,560.3,47.3,79.0,279.5,27.7,94.5,26.6,26.1,15.8,70.5,85.9,39.5,39.8,41.6,84.4,730.9,41.5,39.7]
- [PKTLENS.....: 78,74,66,571,632,965,66,578,642,1514,66,1514,1514,1514,86,78,66,1514,1514,66,1514,66,1514,1514,66,1514,66,1514,78,86,78,66]
+ [PKTLENS.....: 64,60,52,557,618,951,52,564,628,1500,52,1500,1500,1500,72,64,52,1500,1500,52,1500,52,1500,1500,52,1500,52,1500,64,72,64,52]
+ [ENTROPIES...: 4.5,5.2,5.2,6.2,5.8,3.9,5.1,6.2,5.7,3.2,5.1,7.9,7.8,7.8,5.3,5.2,5.1,7.8,7.8,5.1,7.8,5.0,5.9,7.8,5.1,7.8,5.0,7.8,5.0,5.2,5.1,5.1]
new: [....50] [ip4][..tcp] [....192.168.1.7][53210] -> [..23.246.11.133][...80]
detected: [....50] [ip4][..tcp] [....192.168.1.7][53210] -> [..23.246.11.133][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....50] [ip4][..tcp] [....192.168.1.7][53210] -> [..23.246.11.133][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.004| 0.530| 0.111| 0.160|25664.158| 0.000]
- [PKTLEN......: 66.000| 1514.000| 786.900| 666.800|444580.800| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.004| 0.530| 0.111| 0.160| 25664.158| 3.900]
+ [PKTLEN......: 52.000| 1500.000| 772.900| 666.800| 444580.800| 4.300]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,1,0,1,1,0,1,1,1,1,0,1,0,1,0,1,1,0,1,0]
[IATS(ms)....: 18.4,19.9,3.7,28.9,18.1,45.8,41.6,39.6,18.5,45.3,5.4,31.7,29.4,29.5,41.1,41.1,82.2,87.7,42.1,64.3,51.5,299.9,159.8,515.7,436.0,526.6,530.0,40.0,69.9,40.4,40.4]
- [PKTLENS.....: 78,74,66,575,634,1514,66,635,66,581,643,1514,66,1514,66,1514,1514,66,1514,1514,1514,1514,94,1514,78,1514,66,1514,1514,66,1514,66]
+ [PKTLENS.....: 64,60,52,561,620,1500,52,621,52,567,629,1500,52,1500,52,1500,1500,52,1500,1500,1500,1500,80,1500,64,1500,52,1500,1500,52,1500,52]
+ [ENTROPIES...: 4.5,5.3,5.2,6.3,5.8,4.5,5.2,4.2,5.2,6.2,5.8,3.4,5.2,7.0,5.1,6.3,3.9,5.1,7.9,7.8,7.8,7.9,5.4,7.9,5.2,7.9,5.2,7.9,7.9,5.2,7.8,5.1]
update: [....10] [ip4][..udp] [....192.168.1.7][53776] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
update: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
update: [....13] [ip4][..udp] [....192.168.1.7][51949] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
@@ -481,14 +512,15 @@
detected: [....51] [ip4][..tcp] [....192.168.1.7][53217] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
RISK: HTTP Numeric IP Address
analyse: [....51] [ip4][..tcp] [....192.168.1.7][53217] -> [..23.246.11.141][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.286| 0.030| 0.050| 2491.019| 0.000]
- [PKTLEN......: 66.000| 1514.000| 833.000| 665.800|443241.700| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.286| 0.030| 0.050| 2491.019| 4.000]
+ [PKTLEN......: 52.000| 1500.000| 819.000| 665.800| 443241.700| 4.400]
[BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,1,1,0,1,0,1,1,0,1,0,1,1,0,1,0,1,1,1,1,1,1,0]
[IATS(ms)....: 13.0,14.8,4.0,30.3,0.8,3.7,30.3,0.2,16.5,35.6,2.0,21.5,3.2,3.3,13.3,13.3,26.5,13.3,13.5,13.8,42.7,56.4,14.7,15.2,71.0,25.5,25.5,25.5,51.6,55.2,286.1]
- [PKTLENS.....: 78,74,66,575,634,1514,677,66,66,584,643,1514,66,1514,66,1514,1514,66,1514,66,1514,1514,66,1514,66,1514,1514,1514,1514,1514,1514,86]
+ [PKTLENS.....: 64,60,52,561,620,1500,663,52,52,570,629,1500,52,1500,52,1500,1500,52,1500,52,1500,1500,52,1500,52,1500,1500,1500,1500,1500,1500,72]
+ [ENTROPIES...: 4.5,5.3,5.2,6.3,5.8,4.4,4.2,5.0,5.1,6.2,5.8,4.3,5.1,7.1,5.0,7.9,7.9,5.2,7.9,5.0,7.9,7.9,5.2,7.9,5.0,7.9,7.9,7.9,7.9,7.9,7.9,5.4]
update: [....26] [ip4][..udp] [....192.168.1.7][51728] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
update: [....23] [ip4][..udp] [....192.168.1.7][58102] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
update: [....27] [ip4][..udp] [....192.168.1.7][52347] -> [....192.168.1.1][...53] [DNS.NetFlix][Video][Fun]
@@ -529,14 +561,15 @@
detection-update: [....58] [ip4][..tcp] [....192.168.1.7][53250] -> [.....52.41.30.5][..443] [TLS.NetFlix][Video][Fun]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....57] [ip4][..tcp] [....192.168.1.7][53249] -> [.....52.41.30.5][..443] [TLS.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.141| 0.020| 0.029| 838.464| 0.000]
- [PKTLEN......: 66.000| 1514.000| 434.800| 506.400|256458.000| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.141| 0.020| 0.029| 838.464| 3.900]
+ [PKTLEN......: 52.000| 1500.000| 420.800| 506.400| 256458.000| 4.100]
[BINS(c->s)..: 12,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 4,0,0,0,1,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 52.7,54.2,4.7,50.1,0.9,46.0,1.1,0.4,2.3,0.6,48.9,36.1,58.6,0.1,1.0,141.4,13.3,12.2,4.7,8.7,8.5,4.5,3.7,4.5,12.4,12.8,15.2,13.9,6.1,6.2,6.8]
- [PKTLENS.....: 78,74,66,274,66,211,66,72,111,1514,564,66,66,1514,227,1514,66,559,66,1005,66,439,66,1306,66,1406,66,660,66,808,66,721]
+ [PKTLENS.....: 64,60,52,260,52,197,52,58,97,1500,550,52,52,1500,213,1500,52,545,52,991,52,425,52,1292,52,1392,52,646,52,794,52,707]
+ [ENTROPIES...: 4.5,5.3,5.1,6.0,5.2,6.5,5.1,5.2,6.0,7.9,7.6,5.1,5.2,7.9,7.0,7.8,5.1,7.6,5.1,7.8,5.2,7.5,5.1,7.8,5.2,7.9,5.1,7.7,5.1,7.8,5.1,7.7]
new: [....59] [ip4][..udp] [....192.168.1.7][57093] -> [....192.168.1.1][...53]
detected: [....59] [ip4][..udp] [....192.168.1.7][57093] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
detection-update: [....59] [ip4][..udp] [....192.168.1.7][57093] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
@@ -545,33 +578,36 @@
detected: [....60] [ip4][..tcp] [....192.168.1.7][53251] -> [..184.25.204.10][...80] [HTTP.NetFlix][Video][Fun]
detected: [....61] [ip4][..tcp] [....192.168.1.7][53252] -> [..184.25.204.10][...80] [HTTP.NetFlix][Video][Fun]
analyse: [....55] [ip4][..tcp] [....192.168.1.7][53239] -> [.....52.41.30.5][..443]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.501| 0.064| 0.122|14766.799| 0.000]
- [PKTLEN......: 66.000| 1514.000| 456.800| 552.300|305076.800| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.501| 0.064| 0.122| 14766.799| 3.300]
+ [PKTLEN......: 52.000| 1500.000| 442.800| 552.300| 305076.800| 4.000]
[BINS(c->s)..: 10,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 5,2,0,0,0,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,0,0,1,1,0,0,0,1,1,1,0,1,0,1,0,1,0,0,0,1,1]
[IATS(ms)....: 58.3,61.2,1.8,70.6,2.9,1.0,71.3,11.6,12.3,13.1,0.1,0.1,65.7,0.8,52.3,3.6,0.2,91.6,51.8,0.3,140.2,3.7,3.4,3.9,5.5,6.4,5.0,437.2,0.9,500.9,291.9]
- [PKTLENS.....: 78,74,66,583,66,1514,1514,66,259,66,141,72,111,66,117,66,1514,803,66,1514,490,66,462,66,765,66,100,66,1514,686,66,1514]
+ [PKTLENS.....: 64,60,52,569,52,1500,1500,52,245,52,127,58,97,52,103,52,1500,789,52,1500,476,52,448,52,751,52,86,52,1500,672,52,1500]
+ [ENTROPIES...: 4.6,5.3,5.2,4.1,5.0,7.3,7.3,5.2,7.0,5.2,6.3,5.1,6.0,5.1,6.0,5.2,7.9,7.8,5.2,7.9,7.5,5.2,7.6,5.1,7.7,5.2,6.0,5.2,7.9,7.7,5.0,7.9]
detection-update: [....55] [ip4][..tcp] [....192.168.1.7][53239] -> [.....52.41.30.5][..443] [TLS.NetFlix][Video][Fun]
analyse: [....61] [ip4][..tcp] [....192.168.1.7][53252] -> [..184.25.204.10][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 0.100| 0.036| 0.022| 464.586| 0.000]
- [PKTLEN......: 66.000| 1514.000| 1160.700| 613.300|376142.500| 4.700]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.001| 0.100| 0.036| 0.022| 464.586| 4.700]
+ [PKTLEN......: 52.000| 1500.000| 1146.700| 613.300| 376142.500| 4.700]
[BINS(c->s)..: 5,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 16.7,17.7,12.0,38.5,0.5,12.7,40.1,27.1,27.1,58.5,99.8,81.1,33.9,23.7,53.8,53.8,65.1,48.0,65.4,13.9,30.9,13.3,28.7,40.4,54.5,28.8,29.4,29.4,27.5,25.5,25.5]
- [PKTLENS.....: 78,74,66,311,66,1514,1514,66,1514,66,1514,78,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514,1514]
+ [PKTLENS.....: 64,60,52,297,52,1500,1500,52,1500,52,1500,64,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500]
+ [ENTROPIES...: 4.5,5.2,5.2,5.9,5.3,7.0,7.5,5.1,7.7,5.1,7.7,5.2,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.9,7.8,7.9,7.8,7.9,7.8,7.9,7.9,7.8,7.8]
analyse: [....60] [ip4][..tcp] [....192.168.1.7][53251] -> [..184.25.204.10][...80] [HTTP.NetFlix][Video][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 1.416| 0.126| 0.341|116136.157| 0.000]
- [PKTLEN......: 66.000| 1514.000| 781.500| 698.900|488505.900| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 1.416| 0.126| 0.341| 116136.157| 2.600]
+ [PKTLEN......: 52.000| 1500.000| 767.500| 698.900| 488505.900| 4.300]
[BINS(c->s)..: 12,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,1,1,0,0,1,1,1,0,0,1,1,0,1,0,1,1,0,1,0]
[IATS(ms)....: 15.4,16.8,2.1,27.2,1.0,1.1,27.3,38.1,39.4,39.9,44.7,83.4,40.7,236.7,277.7,1389.8,1416.3,0.3,12.8,48.7,0.2,12.8,12.8,15.9,13.8,16.3,12.8,12.7,23.2,13.3,13.2]
- [PKTLENS.....: 78,74,66,311,66,1514,1514,66,1514,66,1514,1514,66,1514,733,66,311,1514,1514,1514,66,66,1514,1514,66,1514,66,1514,1514,66,1514,66]
+ [PKTLENS.....: 64,60,52,297,52,1500,1500,52,1500,52,1500,1500,52,1500,719,52,297,1500,1500,1500,52,52,1500,1500,52,1500,52,1500,1500,52,1500,52]
+ [ENTROPIES...: 4.5,5.2,5.1,5.9,5.3,7.3,7.8,5.2,7.8,5.0,7.8,7.8,5.1,7.8,7.7,5.2,5.8,6.9,7.5,7.8,5.1,5.0,7.8,7.8,5.0,7.9,4.9,7.8,7.8,5.1,7.8,5.1]
end: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Video][Fun]
idle: [....12] [ip4][....2] [....192.168.1.7] -> [239.255.255.250] [IGMP][Network][Acceptable]
idle: [....59] [ip4][..udp] [....192.168.1.7][57093] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
Powered by cgit, Themed by Ted Yin.