summaryrefslogtreecommitdiff
path: root/test/results/flow-info/1kxun.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/1kxun.pcap.out')
-rw-r--r--test/results/flow-info/1kxun.pcap.out198
1 files changed, 110 insertions, 88 deletions
diff --git a/test/results/flow-info/1kxun.pcap.out b/test/results/flow-info/1kxun.pcap.out
index 17e357fae..1d62bb6e7 100644
--- a/test/results/flow-info/1kxun.pcap.out
+++ b/test/results/flow-info/1kxun.pcap.out
@@ -70,50 +70,55 @@
detected: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
detected: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.056| 0.011| 0.020| 413.706| 0.000]
- [PKTLEN......: 54.000| 1314.000| 835.900| 585.300|342554.800| 4.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.056| 0.011| 0.020| 413.706| 3.100]
+ [PKTLEN......: 40.000| 1300.000| 821.900| 585.300| 342554.800| 4.500]
[BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,0,0,1,1,1,1,1,1]
[IATS(ms)....: 0.0,52.1,52.2,0.0,5.5,0.0,48.2,11.6,0.8,0.1,0.1,0.0,0.3,0.0,0.0,0.0,0.5,56.2,0.0,50.5,3.5,0.1,0.1,53.9,0.0,17.7,0.1,0.1,0.1,0.0,0.1]
- [PKTLENS.....: 66,66,66,54,54,414,414,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314]
+ [PKTLENS.....: 52,52,52,40,40,400,400,46,359,1300,1300,1300,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300,40,40,1300,1300,1300,1300,1300,1300]
+ [ENTROPIES...: 4.5,4.5,5.0,4.8,4.8,5.8,5.8,4.2,5.6,7.5,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,4.7,4.7,7.8,7.8,7.8,7.8,4.7,4.7,7.8,7.8,7.8,7.8,7.9,7.8]
analyse: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.066| 0.012| 0.024| 579.055| 0.000]
- [PKTLEN......: 54.000| 1314.000| 757.100| 600.300|360321.400| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.066| 0.012| 0.024| 579.055| 2.800]
+ [PKTLEN......: 40.000| 1300.000| 743.100| 600.300| 360321.400| 4.400]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,0,0,1,1,1,1,1,1,0,0]
[IATS(ms)....: 0.0,54.6,54.7,0.0,4.2,0.1,64.5,0.1,0.0,0.0,0.1,0.0,0.7,0.1,0.1,0.1,61.7,0.0,0.9,65.4,0.1,66.2,0.1,0.5,2.9,0.6,0.1,0.1,0.1,3.9,0.0]
- [PKTLENS.....: 66,66,66,54,54,413,413,60,373,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,54,54]
+ [PKTLENS.....: 52,52,52,40,40,399,399,46,359,1300,1300,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,40,40,1300,1300,1300,1300,1300,1300,40,40]
+ [ENTROPIES...: 4.5,4.5,5.0,4.7,4.7,5.8,5.8,4.4,5.6,7.5,7.8,7.8,7.8,7.8,7.8,7.8,7.8,4.8,4.8,7.8,7.8,7.8,4.8,4.8,7.8,7.8,7.8,7.8,7.8,7.8,4.8,4.8]
analyse: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.067| 0.012| 0.023| 544.113| 0.000]
- [PKTLEN......: 54.000| 1314.000| 757.200| 600.200|360235.600| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.067| 0.012| 0.023| 544.113| 2.900]
+ [PKTLEN......: 40.000| 1300.000| 743.200| 600.200| 360235.600| 4.400]
[BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,0,0,1,1,1,1,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1]
[IATS(ms)....: 0.0,53.2,53.3,0.0,4.6,0.1,61.5,0.0,0.3,0.1,57.3,0.0,5.1,0.1,0.3,0.0,0.3,0.1,5.9,0.0,1.4,65.1,0.1,0.1,0.1,66.8,0.0,3.8,0.1,0.8,0.1]
- [PKTLENS.....: 66,66,66,54,54,415,415,60,373,1314,1314,54,54,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314]
+ [PKTLENS.....: 52,52,52,40,40,401,401,46,359,1300,1300,40,40,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300]
+ [ENTROPIES...: 4.5,4.5,5.0,4.8,4.8,5.8,5.8,4.3,5.6,7.5,7.8,4.7,4.7,7.8,7.8,7.8,7.8,7.8,7.8,4.7,4.7,7.8,7.8,7.8,7.8,7.8,4.8,4.8,7.8,7.8,7.8,7.8]
analyse: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.096| 0.013| 0.026| 693.255| 0.000]
- [PKTLEN......: 54.000| 1314.000| 847.000| 555.000|308021.300| 4.600]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.096| 0.013| 0.026| 693.255| 2.700]
+ [PKTLEN......: 40.000| 1300.000| 833.000| 555.000| 308021.300| 4.600]
[BINS(c->s)..: 6,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0]
[IATS(ms)....: 0.0,50.7,50.8,0.0,5.7,0.0,60.3,0.1,0.1,0.1,0.0,0.1,0.7,0.0,0.0,0.1,0.3,56.3,0.0,72.3,0.1,0.0,0.1,0.2,0.1,0.1,0.1,0.3,0.0,96.5,0.1]
- [PKTLENS.....: 66,66,66,54,54,414,414,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,1314,1314,1314,932,423,423]
+ [PKTLENS.....: 52,52,52,40,40,400,400,46,359,1300,1300,1300,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300,1300,1300,1300,1300,1300,918,409,409]
+ [ENTROPIES...: 4.5,4.5,5.0,4.9,4.9,5.8,5.8,4.4,5.7,7.5,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,4.8,4.8,7.8,7.8,7.8,7.8,7.8,7.9,7.8,7.9,7.8,7.7,5.8,5.8]
analyse: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.142| 0.016| 0.032| 1046.271| 0.000]
- [PKTLEN......: 54.000| 1314.000| 836.000| 585.200|342449.500| 4.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.142| 0.016| 0.032| 1046.271| 2.800]
+ [PKTLEN......: 40.000| 1300.000| 822.000| 585.200| 342449.500| 4.500]
[BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1]
[IATS(ms)....: 0.1,51.9,52.1,0.0,5.2,0.1,60.5,0.9,0.0,0.0,0.1,0.0,0.4,0.1,0.0,0.1,0.2,85.1,142.0,0.0,40.8,2.5,0.1,0.1,0.1,43.6,0.1,0.4,0.1,0.1,0.0]
- [PKTLENS.....: 66,66,66,54,54,416,416,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314]
+ [PKTLENS.....: 52,52,52,40,40,402,402,46,359,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300]
+ [ENTROPIES...: 4.5,4.5,5.0,4.8,4.8,5.8,5.8,4.3,5.6,6.7,7.7,7.8,7.7,7.7,7.7,7.7,7.6,4.1,6.3,4.8,4.8,7.7,7.8,7.7,7.7,7.7,4.8,4.8,7.7,7.7,5.6,3.0]
new: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138]
detected: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
RISK: Unsafe Protocol
@@ -122,14 +127,15 @@
detected: [....36] [ip4][..tcp] [..192.168.115.8][49605] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
detected: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.147| 0.015| 0.033| 1100.854| 0.000]
- [PKTLEN......: 54.000| 1314.000| 707.600| 612.000|374554.600| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.147| 0.015| 0.033| 1100.854| 2.600]
+ [PKTLEN......: 40.000| 1300.000| 693.600| 612.000| 374554.600| 4.300]
[BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,0,0,1,1,1,1,0,0,1,1,1,0,0,1,1,0,0,1,1,1,1,1]
[IATS(ms)....: 0.1,37.8,38.0,0.1,1.8,0.1,39.0,109.8,0.2,146.8,0.0,0.3,0.1,0.1,0.1,0.5,0.0,0.2,0.1,0.1,0.4,0.0,0.2,36.3,36.5,0.0,0.4,0.1,0.5,0.1,0.1]
- [PKTLENS.....: 66,66,66,54,54,411,411,60,1314,1314,54,54,1314,1314,1314,1314,54,54,1314,1314,1314,54,54,1314,1314,54,54,1314,1314,1314,1314,1314]
+ [PKTLENS.....: 52,52,52,40,40,397,397,46,1300,1300,40,40,1300,1300,1300,1300,40,40,1300,1300,1300,40,40,1300,1300,40,40,1300,1300,1300,1300,1300]
+ [ENTROPIES...: 4.5,4.5,5.0,4.8,4.8,5.8,5.8,4.3,5.6,5.0,4.8,4.8,4.8,5.3,5.2,5.1,4.7,4.7,6.0,5.1,5.2,4.8,4.8,5.8,5.1,4.7,4.7,4.5,4.7,4.7,5.6,5.2]
new: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099]
detected: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Web][Acceptable]
RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
@@ -160,14 +166,15 @@
RISK: HTTP Numeric IP Address
new: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80]
analyse: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] [HTTP][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.399| 0.070| 0.104|10878.943| 0.000]
- [PKTLEN......: 54.000| 1314.000| 364.600| 410.300|168364.100| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.399| 0.070| 0.104| 10878.943| 3.600]
+ [PKTLEN......: 40.000| 1300.000| 350.600| 410.300| 168364.100| 4.100]
[BINS(c->s)..: 9,0,0,0,0,0,0,4,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,0,0,0,0,1,1,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0]
[IATS(ms)....: 0.1,76.5,76.6,0.0,1.1,0.0,62.3,0.1,61.8,0.0,298.9,0.1,399.0,66.5,0.2,166.1,0.0,60.3,0.5,0.1,60.8,0.0,117.1,0.0,178.1,0.5,62.0,0.0,102.3,44.3,349.7]
- [PKTLENS.....: 66,66,62,54,54,306,306,60,79,499,499,499,499,60,1314,1314,54,54,1314,1314,542,54,54,281,281,60,79,491,491,60,747,54]
+ [PKTLENS.....: 52,52,48,40,40,292,292,46,65,485,485,485,485,46,1300,1300,40,40,1300,1300,528,40,40,267,267,46,65,477,477,46,733,40]
+ [ENTROPIES...: 4.6,4.6,5.0,5.0,5.0,5.8,5.8,4.7,5.4,6.1,6.1,6.1,6.1,4.6,5.3,4.7,4.9,4.9,4.7,5.2,4.9,4.9,4.9,5.8,5.8,4.6,5.4,6.1,6.1,4.7,5.7,4.9]
detected: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
detection-update: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
@@ -185,14 +192,15 @@
new: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67]
detected: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Network][Acceptable]
analyse: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.863| 0.183| 0.253|63925.490| 0.000]
- [PKTLEN......: 54.000| 1078.000| 383.300| 452.500|204736.500| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.863| 0.183| 0.253| 63925.490| 3.600]
+ [PKTLEN......: 40.000| 1064.000| 369.300| 452.500| 204736.500| 3.900]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,1,0,0,1,0,0]
[IATS(ms)....: 0.0,69.3,69.4,0.0,1.9,0.0,67.9,1.4,6.1,0.3,74.0,0.0,665.9,862.8,0.0,408.6,411.0,0.0,251.4,251.8,0.0,336.8,336.0,0.1,329.9,0.2,130.8,0.1,599.5,799.2,0.1]
- [PKTLENS.....: 66,66,60,54,54,557,557,60,335,1078,1078,54,54,1078,54,54,1078,54,54,1078,54,54,1078,54,54,1078,1078,54,54,1078,54,54]
+ [PKTLENS.....: 52,52,46,40,40,543,543,46,321,1064,1064,40,40,1064,40,40,1064,40,40,1064,40,40,1064,40,40,1064,1064,40,40,1064,40,40]
+ [ENTROPIES...: 4.5,4.5,4.6,4.8,4.8,5.5,5.5,4.5,5.6,3.4,2.3,4.8,4.8,2.2,4.8,4.8,2.3,4.8,4.8,2.2,4.8,4.8,2.3,4.8,4.8,2.3,2.2,4.8,4.8,2.2,4.8,4.8]
new: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947]
new: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [MIDSTREAM]
new: [....58] [ip4][..tcp] [...192.168.5.16][53613] -> [.68.233.253.133][...80] [MIDSTREAM]
@@ -332,14 +340,15 @@
update: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
update: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
analyse: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 45.001| 1.464| 7.949|63183326.806| 0.000]
- [PKTLEN......: 54.000| 1314.000| 795.600| 593.200|351838.700| 4.500]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 45.001| 1.464| 7.949| 63183326.806| 0.100]
+ [PKTLEN......: 40.000| 1300.000| 781.600| 593.200| 351838.700| 4.400]
[BINS(c->s)..: 9,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,17,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,0,0,0]
[IATS(ms)....: 0.0,54.5,54.6,0.0,4.9,0.0,65.5,0.1,0.1,0.4,0.1,0.1,0.2,0.0,0.0,0.0,0.0,61.5,0.0,69.0,0.1,0.1,0.0,0.7,0.1,0.1,0.1,0.5,70.7,0.0,45001.1]
- [PKTLENS.....: 66,66,66,54,54,415,415,60,373,1314,1314,1314,1314,1314,1314,1314,1314,1314,54,54,1314,1314,1314,1314,1314,1314,1314,1314,1281,54,54,55]
+ [PKTLENS.....: 52,52,52,40,40,401,401,46,359,1300,1300,1300,1300,1300,1300,1300,1300,1300,40,40,1300,1300,1300,1300,1300,1300,1300,1300,1267,40,40,41]
+ [ENTROPIES...: 4.6,4.6,5.0,4.9,4.9,5.8,5.8,4.4,5.7,7.5,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,4.8,4.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,4.9,4.9,4.8]
new: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137]
detected: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
new: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123]
@@ -580,32 +589,35 @@
new: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.895| 0.074| 0.190|35982.832| 0.000]
- [PKTLEN......: 274.000|21666.000| 4548.200| 5608.100|31450230.000| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.895| 0.074| 0.190| 35982.832| 2.200]
+ [PKTLEN......: 260.000|21652.000| 4534.200| 5608.100| 31450232.000| 4.200]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,16]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1]
[IATS(ms)....: 356.2,0.1,308.1,0.1,2.4,3.2,0.1,200.2,0.1,0.0,0.0,0.0,0.0,0.0,1.6,0.1,0.1,0.0,0.0,0.0,0.0,0.0,0.0,895.3,372.0,0.0,1.3,0.1,1.9]
- [PKTLENS.....: 278,387,13026,14466,2946,2946,1506,7266,2946,1506,2946,2946,1506,1506,1506,1506,1506,4386,6338,2946,2946,1506,1506,1506,802,274,387,17346,21666,1506,4386,17346]
+ [PKTLENS.....: 264,373,13012,14452,2932,2932,1492,7252,2932,1492,2932,2932,1492,1492,1492,1492,1492,4372,6324,2932,2932,1492,1492,1492,788,260,373,17332,21652,1492,4372,17332]
+ [ENTROPIES...: 5.9,5.7,8.0,8.0,7.9,7.9,7.9,8.0,7.9,7.8,7.9,7.9,7.9,7.8,7.8,7.9,7.8,7.9,7.9,7.9,7.9,7.9,7.8,7.8,7.7,5.8,5.8,8.0,8.0,7.9,7.9,8.0]
analyse: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.661| 0.481| 1.215|1476638.409| 0.000]
- [PKTLEN......: 268.000|21666.000| 4999.800| 6236.200|38890032.000| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 4.661| 0.481| 1.215| 1476638.409| 2.400]
+ [PKTLEN......: 254.000|21652.000| 4985.800| 6236.200| 38890032.000| 4.100]
[BINS(c->s)..: 0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,2,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,17]
[DIRECTIONS..: 0,1,1,0,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,0,1,1,1]
[IATS(ms)....: 306.1,4.8,325.8,248.8,4660.9,4604.2,0.4,0.6,0.8,1.0,367.7,0.1,0.1,2.5,311.4,0.1,1.7,0.1,878.3,204.5,1.6,1.1,216.5,375.5,0.0,1.5]
- [PKTLENS.....: 268,384,6298,268,384,5682,278,386,1506,1506,7266,2946,5826,2946,10146,2946,1506,5826,2946,1506,8706,1506,5768,277,386,20226,21666,15363,278,387,2946,21666]
+ [PKTLENS.....: 254,370,6284,254,370,5668,264,372,1492,1492,7252,2932,5812,2932,10132,2932,1492,5812,2932,1492,8692,1492,5754,263,372,20212,21652,15349,264,373,2932,21652]
+ [ENTROPIES...: 5.9,5.7,7.9,5.8,5.7,7.9,5.9,5.8,7.5,7.9,8.0,7.9,7.9,7.9,8.0,7.9,7.9,7.9,7.9,7.9,8.0,7.9,7.9,5.9,5.7,8.0,8.0,8.0,5.9,5.7,7.8,8.0]
analyse: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.892| 0.092| 0.200|39932.170| 0.000]
- [PKTLEN......: 278.000|21666.000| 6946.200| 6776.100|45915728.000| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.892| 0.092| 0.200| 39932.170| 2.500]
+ [PKTLEN......: 264.000|21652.000| 6932.200| 6776.100| 45915728.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,20]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 348.4,0.1,2.6,311.3,0.1,1.9,0.1,0.1,200.2,0.0,0.7,0.1,0.1,0.0,891.6,375.9,1.6,0.1,2.2,1.5,332.8,0.1,0.0,1.9,0.0,1.6,1.6]
- [PKTLENS.....: 278,386,1506,11586,1506,4386,2946,13026,7266,1506,1506,1506,1506,2946,2946,1506,4605,278,388,21666,2946,10146,11586,17346,7266,18786,5826,20226,1506,10146,11586,21666]
+ [PKTLENS.....: 264,372,1492,11572,1492,4372,2932,13012,7252,1492,1492,1492,1492,2932,2932,1492,4591,264,374,21652,2932,10132,11572,17332,7252,18772,5812,20212,1492,10132,11572,21652]
+ [ENTROPIES...: 5.9,5.7,7.4,8.0,7.8,7.9,7.9,8.0,7.9,7.8,7.8,7.8,7.9,7.9,7.9,7.8,7.9,5.9,5.7,7.2,7.8,8.0,8.0,8.0,7.9,8.0,7.9,8.0,7.8,8.0,8.0,8.0]
new: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [MIDSTREAM]
detected: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Streaming][Fun]
new: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [MIDSTREAM]
@@ -626,14 +638,15 @@
new: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [MIDSTREAM]
detected: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][Web][Acceptable]
analyse: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.409| 0.085| 0.132|17528.007| 0.000]
- [PKTLEN......: 490.000| 8706.000| 2615.900| 2200.300|4841425.000| 4.600]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.409| 0.085| 0.132| 17528.007| 3.300]
+ [PKTLEN......: 476.000| 8692.000| 2601.900| 2200.300| 4841425.000| 4.600]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,16,0,12]
[DIRECTIONS..: 0,1,1,0,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 380.4,4.6,408.6,215.7,0.5,1.0,1.0,178.5,0.3,0.5,379.6,185.4,1.4,0.7,331.7,5.7,174.2,6.1,0.3,0.9,170.5,0.4,6.0,1.1,0.3,0.7,169.5,0.5,0.6,5.3,0.4]
- [PKTLENS.....: 831,1506,1267,502,1506,1506,7266,4386,1506,1506,2518,490,2946,8706,1506,2946,8706,2946,1506,1506,7266,1506,1506,2946,1506,1506,2946,1506,1506,2946,1506,1506]
+ [PKTLENS.....: 817,1492,1253,488,1492,1492,7252,4372,1492,1492,2504,476,2932,8692,1492,2932,8692,2932,1492,1492,7252,1492,1492,2932,1492,1492,2932,1492,1492,2932,1492,1492]
+ [ENTROPIES...: 5.9,7.7,7.8,5.9,7.6,7.9,8.0,8.0,7.9,7.9,7.9,5.9,7.8,8.0,7.9,7.9,8.0,7.9,7.9,7.9,8.0,7.9,7.8,7.9,7.8,7.8,7.9,7.9,7.9,7.9,7.9,7.9]
new: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [MIDSTREAM]
detected: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [HTTP.Tencent][SocialNetwork][Acceptable]
new: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [MIDSTREAM]
@@ -654,43 +667,47 @@
new: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [MIDSTREAM]
detected: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.832| 0.077| 0.179|32207.956| 0.000]
- [PKTLEN......: 351.000|10146.000| 3118.200| 2492.500|6212617.000| 4.600]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.832| 0.077| 0.179| 32207.956| 2.400]
+ [PKTLEN......: 337.000|10132.000| 3104.200| 2492.500| 6212617.000| 4.600]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,16]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 207.0,0.4,1.1,0.7,203.5,0.4,0.5,0.8,0.4,1.2,0.6,204.0,0.5,1.9,0.8,831.8,413.6,1.5,1.6,0.4,0.9,201.6,0.4,0.6,1.0,0.9,0.4]
- [PKTLENS.....: 592,351,1506,8706,2946,1506,1506,2946,1506,1506,5826,4386,1506,1506,1506,5826,2946,2946,3956,592,351,1506,8706,10146,5826,2946,1506,1506,2946,4386,4386,1506]
+ [PKTLENS.....: 578,337,1492,8692,2932,1492,1492,2932,1492,1492,5812,4372,1492,1492,1492,5812,2932,2932,3942,578,337,1492,8692,10132,5812,2932,1492,1492,2932,4372,4372,1492]
+ [ENTROPIES...: 5.8,5.8,7.8,8.0,7.9,7.8,7.9,7.9,7.9,7.9,8.0,8.0,7.9,7.9,7.9,8.0,7.9,7.9,8.0,5.9,5.8,7.8,8.0,8.0,8.0,7.9,7.9,7.9,7.9,8.0,8.0,7.9]
detection-update: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
detection-update: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.877| 0.084| 0.182|33133.681| 0.000]
- [PKTLEN......: 351.000|15906.000| 2761.900| 3042.000|9253906.000| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.877| 0.084| 0.182| 33133.681| 2.600]
+ [PKTLEN......: 337.000|15892.000| 2747.900| 3042.000| 9253907.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,17,0,10]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1]
[IATS(ms)....: 216.8,1.3,1.2,217.6,0.4,0.8,0.7,0.8,206.4,3.2,0.7,1.4,202.1,0.5,2.9,0.4,0.4,0.6,0.7,876.5,236.5,0.0,2.1,0.9,206.1,0.4]
- [PKTLENS.....: 580,351,1506,4386,1506,5826,1506,1506,1506,1506,1506,2946,1506,4386,2946,2946,8706,1506,1506,1506,1506,1506,1506,1506,1204,592,351,7266,15906,4386,1506,1506]
+ [PKTLENS.....: 566,337,1492,4372,1492,5812,1492,1492,1492,1492,1492,2932,1492,4372,2932,2932,8692,1492,1492,1492,1492,1492,1492,1492,1190,578,337,7252,15892,4372,1492,1492]
+ [ENTROPIES...: 5.9,5.8,7.8,7.9,7.7,7.9,7.8,7.8,7.8,7.8,7.8,7.9,7.9,7.9,7.9,7.8,8.0,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,5.9,5.8,8.0,8.0,8.0,7.9,7.8]
analyse: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.887| 0.081| 0.181|32801.006| 0.000]
- [PKTLEN......: 351.000|18786.000| 3157.800| 3724.000|13867893.000| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.887| 0.081| 0.181| 32801.006| 2.600]
+ [PKTLEN......: 337.000|18772.000| 3143.800| 3724.000| 13867894.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,17,0,11]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 223.7,209.6,1.7,207.2,0.4,1.3,0.7,0.5,0.5,1.2,204.0,0.4,1.4,0.7,0.6,3.5,886.9,237.6,0.5,1.0,2.5,0.8,206.7,0.9,0.4,0.9,0.7]
- [PKTLENS.....: 580,2946,1506,1506,11586,1506,1506,2946,1506,1506,1506,7266,1506,1506,1506,1506,4386,1506,2946,4253,592,351,1506,8706,18786,1506,2946,1506,1506,5826,1506,1330]
+ [PKTLENS.....: 566,2932,1492,1492,11572,1492,1492,2932,1492,1492,1492,7252,1492,1492,1492,1492,4372,1492,2932,4239,578,337,1492,8692,18772,1492,2932,1492,1492,5812,1492,1316]
+ [ENTROPIES...: 5.9,7.9,7.8,7.8,8.0,7.8,7.9,7.9,7.9,7.9,7.8,8.0,7.8,7.8,7.8,7.9,7.9,7.8,7.9,7.9,5.9,5.8,7.8,8.0,8.0,7.9,7.9,7.9,7.9,8.0,7.9,7.9]
analyse: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.900| 0.119| 0.204|41414.242| 0.000]
- [PKTLEN......: 351.000|18786.000| 3665.900| 4182.900|17496908.000| 4.300]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.900| 0.119| 0.204| 41414.242| 3.000]
+ [PKTLEN......: 337.000|18772.000| 3651.900| 4182.900| 17496908.000| 4.300]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,14]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,0,1,1,1]
[IATS(ms)....: 205.6,2.1,0.0,224.8,0.4,0.3,1.4,193.7,0.4,0.4,1.7,1.3,1.9,226.0,899.7,238.0,0.0,2.4,199.2,0.5,1.0,1.3,407.3,371.5,1.5]
- [PKTLENS.....: 580,351,1506,4386,2946,4386,1506,1506,1506,1506,5826,1506,1506,1506,2946,4386,5826,3732,592,351,7266,15906,1506,1506,7266,1506,5826,654,580,351,7801,18786]
+ [PKTLENS.....: 566,337,1492,4372,2932,4372,1492,1492,1492,1492,5812,1492,1492,1492,2932,4372,5812,3718,578,337,7252,15892,1492,1492,7252,1492,5812,640,566,337,7787,18772]
+ [ENTROPIES...: 5.9,5.9,7.3,7.9,7.9,7.9,7.8,7.8,7.8,7.9,8.0,7.8,7.8,7.8,7.9,7.9,7.9,7.9,5.9,5.8,8.0,8.0,7.9,7.9,8.0,7.9,8.0,7.7,5.9,5.9,7.9,8.0]
new: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [MIDSTREAM]
detected: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Web][Acceptable]
new: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [MIDSTREAM]
@@ -704,14 +721,15 @@
new: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [MIDSTREAM]
detected: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 6.045| 1.119| 2.029|4116996.948| 0.000]
- [PKTLEN......: 500.000|14466.000| 2827.500| 2993.900|8963654.000| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 6.045| 1.119| 2.029| 4116996.948| 3.000]
+ [PKTLEN......: 486.000|14452.000| 2813.500| 2993.900| 8963654.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,0,0,7,0,13]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,1,0,1,1,1,0,1]
[IATS(ms)....: 188.5,0.0,1.4,179.4,1.4,0.7,0.4,2.4,0.7,270.1,0.1,0.6,3892.8,3428.9,186.1,186.3,192.6,209.0,367.2,352.3,5253.8,5339.0,3.6,6045.0,5959.1,0.4,0.5,194.9,189.4]
- [PKTLENS.....: 500,2946,2946,8706,2946,7266,1506,1506,14466,1506,2946,2946,7266,7266,4092,817,709,819,1525,821,1415,817,1530,1079,2946,1144,1169,1506,1506,1589,1180,1097]
+ [PKTLENS.....: 486,2932,2932,8692,2932,7252,1492,1492,14452,1492,2932,2932,7252,7252,4078,803,695,805,1511,807,1401,803,1516,1065,2932,1130,1155,1492,1492,1575,1166,1083]
+ [ENTROPIES...: 5.9,7.8,7.9,8.0,7.9,8.0,7.9,7.9,8.0,7.9,7.9,7.9,8.0,8.0,8.0,5.9,6.4,5.9,7.5,5.9,6.2,5.9,6.5,5.8,6.5,6.8,5.8,6.4,7.8,7.9,5.8,6.9]
new: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
new: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [MIDSTREAM]
@@ -719,23 +737,25 @@
new: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
analyse: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 39.120| 3.011| 10.152|103072311.280| 0.000]
- [PKTLEN......: 273.000|23106.000| 5201.300| 6479.700|41986288.000| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 39.120| 3.011| 10.152| 103072311.280| 1.300]
+ [PKTLEN......: 259.000|23092.000| 5187.300| 6479.700| 41986280.000| 4.100]
[BINS(c->s)..: 0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,7,0,16]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1]
[IATS(ms)....: 353.7,3.8,0.1,303.7,4.3,0.1,205.8,0.1,881.0,368.9,0.0,5.1,392.9,352.2,1.6,0.1,2.3,0.1,1.5,285.7,2.1,39119.7,38675.2,0.0,2.9,335.4,3.7]
- [PKTLENS.....: 278,386,1506,1506,10146,2946,2946,23106,1506,1506,1172,273,386,18786,7757,278,387,1506,21666,4386,17346,4386,10146,5826,1506,5159,273,388,1506,11586,2946,2946]
+ [PKTLENS.....: 264,372,1492,1492,10132,2932,2932,23092,1492,1492,1158,259,372,18772,7743,264,373,1492,21652,4372,17332,4372,10132,5812,1492,5145,259,374,1492,11572,2932,2932]
+ [ENTROPIES...: 5.8,5.8,7.2,7.6,7.9,7.9,7.9,8.0,7.8,7.8,7.8,5.9,5.7,8.0,8.0,5.9,5.7,7.0,8.0,7.9,8.0,7.9,8.0,7.9,7.9,7.9,5.8,5.8,7.5,7.9,7.9,7.9]
analyse: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 1.361| 0.129| 0.285|81120.911| 0.000]
- [PKTLEN......: 273.000|15906.000| 6044.500| 5319.900|28301384.000| 4.400]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 1.361| 0.129| 0.285| 81120.911| 2.500]
+ [PKTLEN......: 259.000|15892.000| 6030.500| 5319.900| 28301380.000| 4.400]
[BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,21]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 326.1,0.2,328.8,0.2,2.7,177.6,0.5,1.3,2.9,0.1,0.2,0.8,2.3,401.3,1361.5,293.5,0.0,1.1,2.1,2.8,0.1,0.2,2.8,309.6,1.5]
- [PKTLENS.....: 273,388,1506,1506,2946,7266,1506,8706,2946,15906,1506,1506,4386,13026,8706,2946,1506,15906,13200,273,388,1506,5826,15906,11586,10146,4386,14466,2946,2946,13026,4386]
+ [PKTLENS.....: 259,374,1492,1492,2932,7252,1492,8692,2932,15892,1492,1492,4372,13012,8692,2932,1492,15892,13186,259,374,1492,5812,15892,11572,10132,4372,14452,2932,2932,13012,4372]
+ [ENTROPIES...: 5.9,5.7,7.5,7.9,7.9,7.9,7.8,8.0,7.9,8.0,7.8,7.8,7.9,7.9,7.9,7.9,7.8,8.0,8.0,5.8,5.7,7.5,7.9,8.0,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9]
new: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [MIDSTREAM]
detected: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Web][Acceptable]
new: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [MIDSTREAM]
@@ -772,24 +792,26 @@
new: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [MIDSTREAM]
detected: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
analyse: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.015| 0.003| 0.003| 10.814| 0.000]
- [PKTLEN......: 249.000| 7206.000| 4110.800| 1776.800|3156934.000| 4.800]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.015| 0.003| 0.003| 10.814| 3.800]
+ [PKTLEN......: 235.000| 7192.000| 4096.800| 1776.800| 3156934.000| 4.800]
[BINS(c->s)..: 0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,27]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 14.9,0.6,0.6,2.5,3.6,0.1,0.9,2.5,9.2,0.0,0.1,6.5,0.1,1.6,3.0,1.6,0.1,1.5,0.1,0.1,2.8,6.5,3.1,2.4,1.8,2.8,0.1]
- [PKTLENS.....: 249,797,1494,2922,4350,4350,4350,4350,2922,1494,4350,4350,2922,4350,4350,2922,4350,5778,5778,5778,5778,4350,5778,1494,5778,4350,2922,7206,4350,7206,7206,2922]
+ [PKTLENS.....: 235,783,1480,2908,4336,4336,4336,4336,2908,1480,4336,4336,2908,4336,4336,2908,4336,5764,5764,5764,5764,4336,5764,1480,5764,4336,2908,7192,4336,7192,7192,2908]
+ [ENTROPIES...: 6.0,5.8,7.2,7.3,7.2,7.5,7.7,7.9,7.8,7.9,7.8,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.8,7.8,7.9,7.9,7.9,7.8,7.9,7.8,7.8]
detection-update: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
analyse: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.021| 0.003| 0.005| 24.604| 0.000]
- [PKTLEN......: 563.000| 5778.000| 3473.000| 1697.900|2882863.000| 4.800]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.021| 0.003| 0.005| 24.604| 3.600]
+ [PKTLEN......: 549.000| 5764.000| 3459.000| 1697.900| 2882863.000| 4.800]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,1,21]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 21.0,0.2,0.1,3.1,1.7,3.1,15.8,2.2,2.0,2.7,0.1,1.5,0.6,2.9,1.6,1.5,0.1,0.1,3.5,1.6,2.8,10.5,1.4,0.1,1.6]
- [PKTLENS.....: 563,1494,1494,2922,1494,2922,1494,4350,4350,4350,2922,1494,4350,1494,4350,4350,4350,5778,5778,4350,1494,1494,1494,4350,5778,5778,3214,4202,5590,1538,5778,5778]
+ [PKTLENS.....: 549,1480,1480,2908,1480,2908,1480,4336,4336,4336,2908,1480,4336,1480,4336,4336,4336,5764,5764,4336,1480,1480,1480,4336,5764,5764,3200,4188,5576,1524,5764,5764]
+ [ENTROPIES...: 5.8,7.8,7.8,7.9,7.8,7.9,7.9,7.9,8.0,8.0,7.9,7.9,7.9,7.8,7.9,8.0,7.9,8.0,8.0,7.9,7.8,7.8,7.8,7.9,8.0,8.0,7.9,7.9,8.0,7.9,8.0,8.0]
new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM]
detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM]
Powered by cgit, Themed by Ted Yin.