summaryrefslogtreecommitdiff
path: root/test/results/flow-info/alexa-app.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/alexa-app.pcapng.out')
-rw-r--r--test/results/flow-info/alexa-app.pcapng.out96
1 files changed, 48 insertions, 48 deletions
diff --git a/test/results/flow-info/alexa-app.pcapng.out b/test/results/flow-info/alexa-app.pcapng.out
index db6167c71..7269ea261 100644
--- a/test/results/flow-info/alexa-app.pcapng.out
+++ b/test/results/flow-info/alexa-app.pcapng.out
@@ -122,13 +122,13 @@
detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.091| 0.022| 0.031| 964.249| 0.000]
[PKTLEN......: 66.000| 1514.000| 594.300| 637.000|405792.100| 4.100]
[BINS(c->s)..: 11,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,1,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,1,1,1,1,1,1,1,0,0,0]
- [IATS........: 46971,52965,277,73178,134,18906,393,341,423,88175,318,744,233,8121,32759,75313,63701,49446,70919,806,90510,2043,419,465,407,524,703,47,5315,294,1129,0]
+ [IATS(ms)....: 47.0,53.0,0.3,73.2,0.1,18.9,0.4,0.3,0.4,88.2,0.3,0.7,0.2,8.1,32.8,75.3,63.7,49.4,70.9,0.8,90.5,2.0,0.4,0.5,0.4,0.5,0.7,0.0,5.3,0.3,1.1,0.0]
[PKTLENS.....: 74,74,66,268,66,66,1514,1514,1514,833,66,66,66,66,192,1096,308,66,66,1514,1514,66,1514,1514,1514,464,1514,1126,100,66,66,66]
detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
@@ -137,13 +137,13 @@
detected: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
ERROR-EVENT: Unknown packet type
analyse: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.016| 0.161| 0.286|81844.249| 0.000]
[PKTLEN......: 54.000| 1514.000| 380.200| 485.100|235358.500| 4.000]
[BINS(c->s)..: 12,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,1,1,0,0,1,0,1,0]
- [IATS........: 55686,59305,1428,66601,358,70,64102,4784,271,2661,66908,3070,100753,8343,108356,5909,66864,500848,354092,941132,3002,88712,111843,176480,211,64686,9150,104205,1015894,966451,45639,0]
+ [IATS(ms)....: 55.7,59.3,1.4,66.6,0.4,0.1,64.1,4.8,0.3,2.7,66.9,3.1,100.8,8.3,108.4,5.9,66.9,500.8,354.1,941.1,3.0,88.7,111.8,176.5,0.2,64.7,9.2,104.2,1015.9,966.5,45.6,0.0]
[PKTLENS.....: 74,62,54,261,1514,1514,399,54,54,54,380,60,113,54,1136,60,955,54,1120,1120,60,507,54,1168,60,891,54,54,60,54,60,54]
detection-update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443]
@@ -181,13 +181,13 @@
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.836| 0.167| 0.244|59552.047| 0.000]
[PKTLEN......: 54.000| 1514.000| 401.000| 534.600|285800.000| 3.900]
[BINS(c->s)..: 10,0,0,1,0,0,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,1,0]
- [IATS........: 54151,55408,518,50304,258867,520111,785264,3831,152,61,38,60785,290,133,140,52112,10967,286978,223908,2741,139187,177,171943,179936,143,402714,22375,216464,783828,835939,50504,0]
+ [IATS(ms)....: 54.2,55.4,0.5,50.3,258.9,520.1,785.3,3.8,0.2,0.1,0.0,60.8,0.3,0.1,0.1,52.1,11.0,287.0,223.9,2.7,139.2,0.2,171.9,179.9,0.1,402.7,22.4,216.5,783.8,835.9,50.5,0.0]
[PKTLENS.....: 74,62,54,259,60,259,259,60,1514,1514,1514,688,54,54,54,54,180,1514,105,482,60,60,480,54,1514,1210,60,357,54,54,60,54]
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
new: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443]
@@ -211,13 +211,13 @@
detection-update: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.352| 0.044| 0.079| 6215.196| 0.000]
[PKTLEN......: 54.000| 1514.000| 657.200| 676.900|458225.800| 4.200]
[BINS(c->s)..: 4,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,11,0,0]
[BINS(s->c)..: 11,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,1,1,0,1,1,0,0,1,1,0]
- [IATS........: 57034,58621,1781,56791,4768,135,59291,267,22886,80040,5852,71839,321,148,565,303,201,1403,296,114,67763,34752,23901,352057,295338,129,57737,650,60553,128,59805,0]
+ [IATS(ms)....: 57.0,58.6,1.8,56.8,4.8,0.1,59.3,0.3,22.9,80.0,5.9,71.8,0.3,0.1,0.6,0.3,0.2,1.4,0.3,0.1,67.8,34.8,23.9,352.1,295.3,0.1,57.7,0.7,60.6,0.1,59.8,0.0]
[PKTLENS.....: 74,62,54,313,60,60,210,54,105,820,60,564,1514,1439,1514,1514,1514,1514,1514,1514,83,60,60,60,1514,60,60,1514,1514,60,60,1514]
new: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443]
detected: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
@@ -260,22 +260,22 @@
detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.897| 0.237| 0.560|313730.662| 0.000]
[PKTLEN......: 66.000| 1514.000| 617.100| 665.400|442821.700| 4.100]
[BINS(c->s)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,4,0,0]
[BINS(s->c)..: 7,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,5,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,1]
- [IATS........: 52937,67187,1048,63231,9607,59757,285,20918,462,225,155,1078,225,97487,133,7299,15901,484594,178,170,116007,306256,538314,1116565,2896813,279,153,126,123,583169,913790,0]
+ [IATS(ms)....: 52.9,67.2,1.0,63.2,9.6,59.8,0.3,20.9,0.5,0.2,0.2,1.1,0.2,97.5,0.1,7.3,15.9,484.6,0.2,0.2,116.0,306.3,538.3,1116.6,2896.8,0.3,0.2,0.1,0.1,583.2,913.8,0.0]
[PKTLENS.....: 74,74,66,583,66,222,66,117,1514,1514,139,1514,1514,1495,66,66,66,66,1514,1514,1223,1223,1514,1514,1514,66,78,78,78,78,66,66]
analyse: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.486| 0.102| 0.138|19130.661| 0.000]
[PKTLEN......: 54.000| 1514.000| 700.300| 682.000|465082.800| 4.200]
[BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 6,1,0,0,0,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,1,0,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1]
- [IATS........: 92394,95354,2440,97381,1862,14105,301,61,113369,268,157,49644,132555,83310,183928,260,326122,293069,272379,138,443688,400,541,41,276469,199153,505,44,713,486056,423,0]
+ [IATS(ms)....: 92.4,95.4,2.4,97.4,1.9,14.1,0.3,0.1,113.4,0.3,0.2,49.6,132.6,83.3,183.9,0.3,326.1,293.1,272.4,0.1,443.7,0.4,0.5,0.0,276.5,199.2,0.5,0.0,0.7,486.1,0.4,0.0]
[PKTLENS.....: 74,62,54,275,60,60,1514,1514,464,54,54,54,180,105,54,1514,547,60,1514,60,60,1514,1514,1514,225,1514,1514,1514,225,1514,1514,1514]
detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
@@ -376,13 +376,13 @@
detected: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
analyse: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.570| 0.289| 0.417|173871.694| 0.000]
[PKTLEN......: 54.000| 1514.000| 385.100| 516.000|266233.000| 4.000]
[BINS(c->s)..: 8,1,0,0,2,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,1,1,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0]
- [IATS........: 325447,332868,307,247719,185,241306,284,257,23807,287,429915,65,1569527,1485936,352980,706902,73800,283,358821,365,256619,3724,240,956217,948562,95336,235551,1125,68,275387,23718,0]
+ [IATS(ms)....: 325.4,332.9,0.3,247.7,0.2,241.3,0.3,0.3,23.8,0.3,429.9,0.1,1569.5,1485.9,353.0,706.9,73.8,0.3,358.8,0.4,256.6,3.7,0.2,956.2,948.6,95.3,235.6,1.1,0.1,275.4,23.7,0.0]
[PKTLENS.....: 74,62,54,293,139,107,54,54,113,1514,188,60,60,188,60,731,54,1514,252,60,539,54,1514,220,539,54,1514,60,571,60,54,1514]
detection-update: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
@@ -400,24 +400,24 @@
new: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443]
detected: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
analyse: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.192| 0.160| 0.282|79548.359| 0.000]
[PKTLEN......: 54.000| 1514.000| 357.000| 486.700|236894.100| 4.000]
[BINS(c->s)..: 4,1,0,1,1,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[BINS(s->c)..: 10,1,1,0,1,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,0,1,1,1,0,1,1,0,0,0,1,0,1,1,1,0,0,1,1,0,0,0,1,1,1,0,0,1]
- [IATS........: 214415,219069,3661,1161828,1191626,138,43,75944,170423,352,118993,9705,7936,105518,89968,79074,135403,22399,255382,307,202303,1216,199697,125,147,204784,30,11403,221917,129,253154,0]
+ [IATS(ms)....: 214.4,219.1,3.7,1161.8,1191.6,0.1,0.0,75.9,170.4,0.4,119.0,9.7,7.9,105.5,90.0,79.1,135.4,22.4,255.4,0.3,202.3,1.2,199.7,0.1,0.1,204.8,0.0,11.4,221.9,0.1,253.2,0.0]
[PKTLENS.....: 74,62,54,293,293,60,139,107,54,60,192,54,113,1514,60,220,60,60,1147,1514,268,60,555,1514,284,176,60,60,539,1514,204,60]
detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
analyse: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.080| 0.209| 0.303|92031.574| 0.000]
[PKTLEN......: 54.000| 1514.000| 374.500| 516.500|266795.300| 3.900]
[BINS(c->s)..: 7,1,0,0,0,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,1,0,1,1,0,0,0,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,0,1,0,1]
- [IATS........: 1005698,1080313,210230,18680,169715,18028,104975,95,107187,277,11694,34788,143,215183,306,69,21708,195595,278,202797,728,212905,264,205823,10952,236264,754701,277,888900,405375,377261,0]
+ [IATS(ms)....: 1005.7,1080.3,210.2,18.7,169.7,18.0,105.0,0.1,107.2,0.3,11.7,34.8,0.1,215.2,0.3,0.1,21.7,195.6,0.3,202.8,0.7,212.9,0.3,205.8,11.0,236.3,754.7,0.3,888.9,405.4,377.3,0.0]
[PKTLENS.....: 74,74,62,54,293,62,54,139,107,54,54,113,1514,268,60,60,60,555,1514,220,60,715,1514,252,60,571,54,1514,220,60,1514,60]
new: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53]
detected: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
@@ -464,40 +464,40 @@
detection-update: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
analyse: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.326| 0.037| 0.075| 5555.152| 0.000]
[PKTLEN......: 54.000| 1514.000| 559.400| 489.800|239933.900| 4.400]
[BINS(c->s)..: 7,0,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,0,1]
- [IATS........: 55943,57350,1409,113314,370,112296,148,3166,65706,1386,70006,242,85334,246615,142,48,84,325585,285,3839,797,233,347,98,286,299,648,356,1116,6749,1201,0]
+ [IATS(ms)....: 55.9,57.4,1.4,113.3,0.4,112.3,0.1,3.2,65.7,1.4,70.0,0.2,85.3,246.6,0.1,0.0,0.1,325.6,0.3,3.8,0.8,0.2,0.3,0.1,0.3,0.3,0.6,0.4,1.1,6.7,1.2,0.0]
[PKTLENS.....: 74,62,54,265,1514,1289,54,54,380,60,113,1514,284,60,1035,603,603,603,54,54,1514,1514,755,1115,603,603,603,603,603,603,54,603]
analyse: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.933| 0.089| 0.198|39194.591| 0.000]
[PKTLEN......: 54.000| 1514.000| 464.100| 541.500|293230.800| 4.100]
[BINS(c->s)..: 11,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[BINS(s->c)..: 4,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0]
- [IATS........: 109911,111642,1568,102004,158,101584,303,1866,56194,150,87519,19070,7646,147913,304065,639361,932653,32742,136,49,686,68,38,318,579,110731,248,1820,214,123,120,0]
+ [IATS(ms)....: 109.9,111.6,1.6,102.0,0.2,101.6,0.3,1.9,56.2,0.1,87.5,19.1,7.6,147.9,304.1,639.4,932.7,32.7,0.1,0.0,0.7,0.1,0.0,0.3,0.6,110.7,0.2,1.8,0.2,0.1,0.1,0.0]
[PKTLENS.....: 74,62,54,265,1514,1289,54,54,380,60,113,54,1514,268,60,1514,1514,60,1035,603,603,603,603,603,1483,91,54,54,54,54,54,54]
analyse: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 9.247| 1.357| 2.197|4827473.510| 0.000]
[PKTLEN......: 54.000| 1514.000| 439.800| 556.200|309356.400| 4.000]
[BINS(c->s)..: 9,1,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,1,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,1,0,1,1,0,0,0,1,1,0,0,1]
- [IATS........: 992408,1100523,1068,243574,812,17238,3008616,6019841,9247029,138,67248,300,303,66691,669495,281,275185,528033,1079938,2835215,349963,114629,72089,219293,5051089,276,5193864,64990,174211,2275400,2411210,0]
+ [IATS(ms)....: 992.4,1100.5,1.1,243.6,0.8,17.2,3008.6,6019.8,9247.0,0.1,67.2,0.3,0.3,66.7,669.5,0.3,275.2,528.0,1079.9,2835.2,350.0,114.6,72.1,219.3,5051.1,0.3,5193.9,65.0,174.2,2275.4,2411.2,0.0]
[PKTLENS.....: 74,74,62,62,54,54,293,293,293,139,107,54,54,113,60,1514,1132,1514,1514,1514,60,1132,60,955,54,1514,236,60,859,54,54,60]
analyse: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 19.096| 0.770| 3.358|11273140.961| 0.000]
[PKTLEN......: 54.000| 1514.000| 281.500| 412.900|170449.200| 4.000]
[BINS(c->s)..: 7,0,1,1,0,0,5,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 8,1,0,0,1,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,0,0]
- [IATS........: 123577,127990,5388,470526,584,630,42,1232537,1463,5048,697,664,10016,973197,496,53,32,190922,73204,348,171867,142,116971,408177,413652,66693,140934,83299,138,166304,19096185,0]
+ [IATS(ms)....: 123.6,128.0,5.4,470.5,0.6,0.6,0.0,1232.5,1.5,5.0,0.7,0.7,10.0,973.2,0.5,0.1,0.0,190.9,73.2,0.3,171.9,0.1,117.0,408.2,413.7,66.7,140.9,83.3,0.1,166.3,19096.2,0.0]
[PKTLENS.....: 74,62,54,246,60,1514,1514,536,246,246,54,54,54,180,60,60,60,99,54,1514,290,60,212,118,292,247,246,60,60,272,54,356]
detection-update: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
@@ -561,26 +561,26 @@
detected: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
analyse: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.295| 0.052| 0.098| 9533.209| 0.000]
[PKTLEN......: 66.000| 1514.000| 611.000| 635.800|404189.900| 4.200]
[BINS(c->s)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,1,1,0,0]
- [IATS........: 57953,60331,1632,154699,385,386,415,483,524,207,360,156722,299,4146,127,3380,248,131,172,143,126,121,6987,268261,295198,18253,286273,480,356,286588,4334,0]
+ [IATS(ms)....: 58.0,60.3,1.6,154.7,0.4,0.4,0.4,0.5,0.5,0.2,0.4,156.7,0.3,4.1,0.1,3.4,0.2,0.1,0.2,0.1,0.1,0.1,7.0,268.3,295.2,18.3,286.3,0.5,0.4,286.6,4.3,0.0]
[PKTLENS.....: 74,74,66,613,66,1514,1514,1514,1514,1514,1514,1514,66,66,1514,441,66,66,66,66,66,66,66,613,613,441,78,606,1514,1514,66,66]
new: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443]
detected: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
analyse: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.107| 0.141| 0.257|65864.266| 0.000]
[PKTLEN......: 54.000| 1514.000| 444.000| 555.400|308431.600| 4.000]
[BINS(c->s)..: 7,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[BINS(s->c)..: 6,2,2,1,0,0,0,0,0,0,0,0,1,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,1,1,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1]
- [IATS........: 111073,112352,831,179894,143,45,179940,2913,265,3255,516,135136,162,170164,502171,1107068,16816,231,180,41,28,24,706579,352,9657,355942,325,629177,147816,149,54,0]
+ [IATS(ms)....: 111.1,112.4,0.8,179.9,0.1,0.0,179.9,2.9,0.3,3.3,0.5,135.1,0.2,170.2,502.2,1107.1,16.8,0.2,0.2,0.0,0.0,0.0,706.6,0.4,9.7,355.9,0.3,629.2,147.8,0.1,0.1,0.0]
[PKTLENS.....: 74,62,54,297,60,139,107,54,54,113,1514,300,60,60,1514,1514,60,1514,135,1514,167,443,91,54,54,54,1514,332,60,1035,603,603]
new: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80]
new: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80]
@@ -595,13 +595,13 @@
detected: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
analyse: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.179| 0.023| 0.044| 1924.322| 0.000]
[PKTLEN......: 66.000| 1514.000| 757.400| 681.300|464196.800| 4.300]
[BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,12,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,0,1,1,0,1,1,1,1,0]
- [IATS........: 31287,34141,578,113361,46407,49,49,50,45,46,11194,1598,7176,179149,121,126,120,120,142,3369,257,407,4520,99192,277,120761,46881,156,255,789,17484,0]
+ [IATS(ms)....: 31.3,34.1,0.6,113.4,46.4,0.0,0.0,0.1,0.0,0.0,11.2,1.6,7.2,179.1,0.1,0.1,0.1,0.1,0.1,3.4,0.3,0.4,4.5,99.2,0.3,120.8,46.9,0.2,0.3,0.8,17.5,0.0]
[PKTLENS.....: 74,74,66,613,66,1514,1514,1514,1514,1514,1514,1514,1237,1237,66,66,66,66,66,66,66,66,78,613,1514,1514,66,1514,1350,1514,1514,66]
update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
@@ -620,13 +620,13 @@
update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
analyse: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.511| 0.042| 0.110|12114.281| 0.000]
[PKTLEN......: 66.000| 1514.000| 693.600| 671.900|451493.000| 4.200]
[BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,11,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,1,1]
- [IATS........: 24956,26298,431,110222,135,214,308,354,363,1114,487,409,385,114928,244,126,125,3452,97,26252,252,149,120,119,152,4719,62468,45133,368811,510931,416,0]
+ [IATS(ms)....: 25.0,26.3,0.4,110.2,0.1,0.2,0.3,0.4,0.4,1.1,0.5,0.4,0.4,114.9,0.2,0.1,0.1,3.5,0.1,26.3,0.3,0.1,0.1,0.1,0.2,4.7,62.5,45.1,368.8,510.9,0.4,0.0]
[PKTLENS.....: 74,74,66,613,66,66,1514,1514,1514,1514,1514,1514,1514,1514,66,66,66,66,1514,1309,66,66,66,66,66,66,613,1309,78,613,1514,1514]
new: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443]
detected: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
@@ -639,13 +639,13 @@
idle: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
analyse: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 120.003| 3.968| 21.185|448816230.695| 0.000]
[PKTLEN......: 66.000| 1514.000| 450.500| 570.000|324877.800| 4.000]
[BINS(c->s)..: 9,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0]
[BINS(s->c)..: 7,3,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,0,1,1,1,1,1,0,0,0,0,1,1,1,1,0,1,1]
- [IATS........: 77142,79508,13198,60889,401,551,135,48584,1797,3570,177758,227426,44512,20026,267154,445550,122636,142,45,33,282451,8709,270484,1626,407007,145,164075,140,290013,120002762,69,0]
+ [IATS(ms)....: 77.1,79.5,13.2,60.9,0.4,0.6,0.1,48.6,1.8,3.6,177.8,227.4,44.5,20.0,267.2,445.6,122.6,0.1,0.0,0.0,282.5,8.7,270.5,1.6,407.0,0.1,164.1,0.1,290.0,120002.8,0.1,0.0]
[PKTLENS.....: 74,74,66,287,66,1514,1514,640,66,66,66,192,308,66,1430,1430,66,1514,314,110,100,66,66,1514,1017,66,66,1329,100,66,97,66]
detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
@@ -759,13 +759,13 @@
detection-update: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
new: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443]
analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 8.001| 0.664| 1.905|3629965.115| 0.000]
[PKTLEN......: 54.000| 1514.000| 438.700| 584.700|341856.600| 3.900]
[BINS(c->s)..: 9,0,0,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 8,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,0,1,0,0,1,1,0,0,0,1,0,1,0,1,1,0]
- [IATS........: 133822,140403,3233,141605,1309,112,137230,287,136,2714,82197,163,95708,410,359058,405413,633638,688626,100774,373131,50752,202632,7767064,1576,8001087,353783,410110,314766,108314,179,84048,0]
+ [IATS(ms)....: 133.8,140.4,3.2,141.6,1.3,0.1,137.2,0.3,0.1,2.7,82.2,0.2,95.7,0.4,359.1,405.4,633.6,688.6,100.8,373.1,50.8,202.6,7767.1,1.6,8001.1,353.8,410.1,314.8,108.3,0.2,84.0,0.0]
[PKTLENS.....: 74,62,54,261,1514,1514,399,54,54,54,380,60,113,1514,204,60,1514,113,54,1514,60,683,54,1514,300,60,54,60,1514,60,60,54]
detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
@@ -791,13 +791,13 @@
detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.106| 0.022| 0.031| 964.869| 0.000]
[PKTLEN......: 66.000| 1514.000| 539.800| 600.400|360465.600| 4.100]
[BINS(c->s)..: 9,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 5,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,0,1,0,0,1,1,1,0,1,1,1,1,1,1,0,1,0]
- [IATS........: 42665,43661,659,44970,3982,526,602,251,50626,787,253,1113,7308,12716,306,65597,42616,4166,48889,363,25248,76421,105973,250,551,581,305,49,101959,2918,1893,0]
+ [IATS(ms)....: 42.7,43.7,0.7,45.0,4.0,0.5,0.6,0.3,50.6,0.8,0.3,1.1,7.3,12.7,0.3,65.6,42.6,4.2,48.9,0.4,25.2,76.4,106.0,0.2,0.6,0.6,0.3,0.0,102.0,2.9,1.9,0.0]
[PKTLENS.....: 74,74,66,268,66,1514,1514,1514,833,66,66,66,66,192,1514,781,78,192,1514,78,320,66,66,1514,1514,1514,697,608,143,66,163,66]
detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
new: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53]
@@ -853,34 +853,34 @@
detection-update: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
analyse: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.262| 0.033| 0.059| 3460.134| 0.000]
[PKTLEN......: 66.000| 1514.000| 631.000| 624.900|390532.600| 4.200]
[BINS(c->s)..: 10,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,1,0,1,1,1,1,0,0,0,0,1,1,0,0,1,0,1,1]
- [IATS........: 16682,17944,1581,27330,5292,477,511,279,32463,293,12932,291,133,38969,52766,61918,541,272,54,35117,659,5109,216850,261773,199,39363,7450,74173,66612,42132,427,0]
+ [IATS(ms)....: 16.7,17.9,1.6,27.3,5.3,0.5,0.5,0.3,32.5,0.3,12.9,0.3,0.1,39.0,52.8,61.9,0.5,0.3,0.1,35.1,0.7,5.1,216.8,261.8,0.2,39.4,7.5,74.2,66.6,42.1,0.4,0.0]
[PKTLENS.....: 74,74,66,285,66,1514,1514,1514,764,66,66,66,66,192,324,1343,1514,1514,770,100,66,66,1308,1308,862,100,66,1319,100,78,1514,1514]
detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
analyse: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.241| 0.031| 0.057| 3274.655| 0.000]
[PKTLEN......: 66.000| 1514.000| 634.400| 578.400|334504.200| 4.400]
[BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,2,0,1,0,0,1,0,0,0,0,1,1,0,0,1,0,1,0,0,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
- [IATS........: 33996,35089,2227,37919,5059,483,236,42863,280,131,30800,68825,38426,227149,241435,50068,58385,55537,3754,2000,4418,1636,659,7796,67,79,9049,341,3084,756,10250,0]
+ [IATS(ms)....: 34.0,35.1,2.2,37.9,5.1,0.5,0.2,42.9,0.3,0.1,30.8,68.8,38.4,227.1,241.4,50.1,58.4,55.5,3.8,2.0,4.4,1.6,0.7,7.8,0.1,0.1,9.0,0.3,3.1,0.8,10.2,0.0]
[PKTLENS.....: 74,74,66,260,66,1514,1514,632,66,66,66,192,117,732,732,117,78,66,1110,441,270,829,919,455,1514,191,571,1514,1514,1514,1514,1514]
new: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53]
detected: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
analyse: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.264| 0.057| 0.086| 7393.244| 0.000]
[PKTLEN......: 66.000| 1514.000| 546.200| 595.200|354289.100| 4.200]
[BINS(c->s)..: 12,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,3,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,2,0,0,0,0,0,0,2,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,1,0,1,0,0,0,1,1,1,0,0,0,0,1,1,1,0,0]
- [IATS........: 22841,23998,943,22793,6583,564,615,276,39690,124,146,157,6771,37572,46160,226745,213104,3861,222252,264056,50,55344,103406,128,10396,183950,242536,953,71,38628,142,0]
+ [IATS(ms)....: 22.8,24.0,0.9,22.8,6.6,0.6,0.6,0.3,39.7,0.1,0.1,0.2,6.8,37.6,46.2,226.7,213.1,3.9,222.3,264.1,0.1,55.3,103.4,0.1,10.4,183.9,242.5,1.0,0.1,38.6,0.1,0.0]
[PKTLENS.....: 74,74,66,285,66,1514,1514,1514,764,66,66,66,66,192,324,1351,324,78,1351,1351,944,100,100,66,66,78,1336,1514,1514,522,66,66]
detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
@@ -888,13 +888,13 @@
detected: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
new: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443]
analyse: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 7.471| 0.614| 1.478|2183643.136| 0.000]
[PKTLEN......: 54.000| 1514.000| 540.200| 637.500|406420.100| 4.000]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,1,0,0]
[BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,0,0,0,1,0,1,1]
- [IATS........: 168457,171158,1511,108893,4406,1671,697,112679,290,4146,167,6217,127,10389,13091,1079,255,290409,42,32,60,299358,743,529311,1065924,2114234,3665356,7470598,595200,595070,1817122,0]
+ [IATS(ms)....: 168.5,171.2,1.5,108.9,4.4,1.7,0.7,112.7,0.3,4.1,0.2,6.2,0.1,10.4,13.1,1.1,0.3,290.4,0.0,0.0,0.1,299.4,0.7,529.3,1065.9,2114.2,3665.4,7470.6,595.2,595.1,1817.1,0.0]
[PKTLENS.....: 74,62,54,281,60,60,1514,1514,54,54,1514,669,54,54,180,1514,1438,374,60,60,105,60,54,1438,1438,1438,1438,54,60,1438,60,60]
detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detected: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
Powered by cgit, Themed by Ted Yin.