summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/wechat.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/wechat.pcap.out')
-rw-r--r--test/results/flow-info/default/wechat.pcap.out102
1 files changed, 51 insertions, 51 deletions
diff --git a/test/results/flow-info/default/wechat.pcap.out b/test/results/flow-info/default/wechat.pcap.out
index c72d396b7..52bfd3a29 100644
--- a/test/results/flow-info/default/wechat.pcap.out
+++ b/test/results/flow-info/default/wechat.pcap.out
@@ -41,9 +41,9 @@
detection-update: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
detected: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
analyse: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.411| 0.155| 0.181| 32640.860| 3.800]
- [PKTLEN......: 52.000| 5878.000| 715.500| 1101.200| 1212669.600| 3.900]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 0.411| 0.155| 0.181| 32640.860| 3.800]
+ [PKTLEN......: 52.000| 5878.000| 715.500| 1101.200| 1212669.600| 3.900]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,1,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,1,1,0,1,1,0,1,0]
@@ -74,9 +74,9 @@
detection-update: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
new: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [MIDSTREAM]
analyse: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 4.544| 0.482| 1.044| 1090167.570| 3.200]
- [PKTLEN......: 52.000| 1740.000| 523.200| 556.000| 309130.700| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 4.544| 0.482| 1.044| 1090167.570| 3.200]
+ [PKTLEN......: 52.000| 1740.000| 523.200| 556.000| 309130.700| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0]
@@ -84,9 +84,9 @@
[PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1292,527,52,1480,221,52,1225,429,52,250,1292,527,52,988,52,1292,527,52,989,52,1220]
[ENTROPIES...: 4.6,5.1,5.0,5.9,5.1,6.8,5.1,7.6,5.0,6.3,6.0,7.8,7.5,5.2,7.9,7.1,5.1,7.8,7.4,5.2,7.1,7.8,7.5,5.2,7.8,5.0,7.9,7.6,5.2,7.8,5.0,7.9]
analyse: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 3.384| 0.466| 0.827| 684250.497| 3.400]
- [PKTLEN......: 52.000| 8277.000| 746.100| 1463.300| 2141136.500| 3.600]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 3.384| 0.466| 0.827| 684250.497| 3.400]
+ [PKTLEN......: 52.000| 8277.000| 746.100| 1463.300| 2141136.500| 3.600]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,4,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,0,0,1,1,0,0,1,1,0,0,0]
@@ -94,9 +94,9 @@
[PKTLENS.....: 60,60,52,290,60,52,52,1480,52,1480,52,312,52,178,103,1139,1480,1480,52,8277,52,1292,527,52,1363,1225,429,52,250,52,1292,527]
[ENTROPIES...: 4.7,5.2,5.0,5.9,5.2,5.0,5.2,6.8,5.0,7.5,5.0,7.2,5.0,6.4,6.0,7.8,7.9,7.9,5.0,8.0,5.0,7.8,7.6,5.1,7.9,7.8,7.5,5.1,7.0,5.0,7.8,7.5]
analyse: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 11.774| 2.195| 3.338| 11139408.724| 3.800]
- [PKTLEN......: 52.000| 1240.000| 398.500| 492.500| 242574.800| 4.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 11.774| 2.195| 3.338| 11139408.724| 3.800]
+ [PKTLEN......: 52.000| 1240.000| 398.500| 492.500| 242574.800| 4.000]
[BINS(c->s)..: 8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0]
@@ -120,9 +120,9 @@
detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
analyse: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 6.862| 1.014| 1.948| 3793749.017| 3.100]
- [PKTLEN......: 52.000| 1740.000| 496.000| 523.800| 274414.800| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 6.862| 1.014| 1.948| 3793749.017| 3.100]
+ [PKTLEN......: 52.000| 1740.000| 496.000| 523.800| 274414.800| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0]
@@ -130,9 +130,9 @@
[PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1220,521,52,283,1292,527,52,988,52,1220,511,52,283,52,1292,527,52,989,52,1220,516]
[ENTROPIES...: 4.7,5.2,5.1,5.9,5.1,6.8,5.0,7.6,4.9,6.4,6.0,7.8,7.6,5.1,7.2,7.8,7.6,5.0,7.8,5.1,7.8,7.5,4.9,7.2,5.0,7.8,7.6,5.2,7.8,5.0,7.8,7.5]
analyse: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.001| 6.095| 1.335| 2.042| 4168801.845| 3.500]
- [PKTLEN......: 52.000| 1740.000| 437.700| 521.000| 271486.500| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 6.095| 1.335| 2.042| 4168801.845| 3.500]
+ [PKTLEN......: 52.000| 1740.000| 437.700| 521.000| 271486.500| 4.100]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1]
@@ -140,9 +140,9 @@
[PKTLENS.....: 60,60,52,290,60,52,52,1480,52,1740,52,178,103,52,1292,527,52,989,52,1220,508,52,283,52,1292,527,52,989,52,1220,513,52]
[ENTROPIES...: 4.8,5.2,5.0,5.9,5.3,5.1,5.1,6.8,5.0,7.6,4.9,6.4,5.9,5.0,7.8,7.6,5.0,7.8,5.0,7.8,7.6,5.1,7.2,5.1,7.8,7.5,5.1,7.8,5.1,7.8,7.6,5.1]
analyse: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 45.056| 5.827| 15.097| 227916113.773| 2.000]
- [PKTLEN......: 52.000| 1470.000| 253.200| 422.200| 178253.900| 3.700]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 45.056| 5.827| 15.097| 227916113.773| 2.000]
+ [PKTLEN......: 52.000| 1470.000| 253.200| 422.200| 178253.900| 3.700]
[BINS(c->s)..: 10,3,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,3,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,0,0,1,1,1,0,0,1,1,1,0,1,0,0,1,1,0,1,0,1]
@@ -183,9 +183,9 @@
detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
new: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443]
analyse: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.469| 0.183| 0.190| 36094.243| 4.000]
- [PKTLEN......: 52.000| 1740.000| 591.500| 612.000| 374517.100| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 0.469| 0.183| 0.190| 36094.243| 4.000]
+ [PKTLEN......: 52.000| 1740.000| 591.500| 612.000| 374517.100| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,1,1,0,1,1,0]
@@ -196,9 +196,9 @@
detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
analyse: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.647| 0.130| 0.182| 33080.510| 3.500]
- [PKTLEN......: 52.000| 3120.000| 817.600| 861.600| 742326.200| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 0.647| 0.130| 0.182| 33080.510| 3.500]
+ [PKTLEN......: 52.000| 3120.000| 817.600| 861.600| 742326.200| 4.200]
[BINS(c->s)..: 11,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,2]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,1]
@@ -207,9 +207,9 @@
[ENTROPIES...: 4.7,5.2,5.0,5.9,5.1,6.8,5.1,7.5,5.0,7.3,5.0,6.4,5.8,7.9,7.9,7.9,5.1,7.9,7.9,5.0,7.9,5.0,7.9,5.0,7.8,7.9,7.9,5.0,7.9,7.9,5.1,7.9]
detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com]
analyse: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 0.952| 0.213| 0.233| 54375.543| 4.000]
- [PKTLEN......: 52.000| 1740.000| 543.300| 599.100| 358890.200| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 0.952| 0.213| 0.233| 54375.543| 4.000]
+ [PKTLEN......: 52.000| 1740.000| 543.300| 599.100| 358890.200| 4.100]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,1,0,0,0,1,1,0,0,1,0,1,0,1]
@@ -272,9 +272,9 @@
new: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443]
detected: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Unknown][Chat][Fun][res.wx.qq.com]
analyse: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 6.615| 0.560| 1.552| 2408711.979| 2.600]
- [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299293.400| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 6.615| 0.560| 1.552| 2408711.979| 2.600]
+ [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299293.400| 4.100]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,1,1,0,0,1,1]
@@ -307,9 +307,9 @@
update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable]
update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable]
analyse: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 7.807| 0.648| 1.839| 3381034.746| 2.500]
- [PKTLEN......: 52.000| 1480.000| 445.300| 494.600| 244586.200| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 7.807| 0.648| 1.839| 3381034.746| 2.500]
+ [PKTLEN......: 52.000| 1480.000| 445.300| 494.600| 244586.200| 4.200]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0]
@@ -317,9 +317,9 @@
[PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1220,524,52,283,1292,527,52,988,52,1220,519,52,283,52,1292,527,52,989,52]
[ENTROPIES...: 4.7,5.2,4.9,5.8,5.1,6.8,5.0,7.5,5.1,7.2,5.0,6.4,5.9,7.8,7.5,5.1,7.2,7.8,7.6,5.1,7.8,5.0,7.8,7.5,5.1,7.1,5.1,7.8,7.5,5.1,7.8,5.0]
analyse: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 183.801| 12.094| 33.303| 1109122757.951| 2.600]
- [PKTLEN......: 68.000| 68.000| 68.000| 0.000| 0.000| 5.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 183.801| 12.094| 33.303| 1109122757.951| 2.600]
+ [PKTLEN......: 68.000| 68.000| 68.000| 0.000| 0.000| 5.000]
[BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -327,9 +327,9 @@
[PKTLENS.....: 68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68]
[ENTROPIES...: 4.3,4.3,4.3,4.2,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.2,4.2,4.2,4.3,4.3,4.3,4.2,4.3,4.3,4.2,4.2,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.2,4.2]
analyse: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 183.800| 12.094| 33.303| 1109120811.794| 2.600]
- [PKTLEN......: 88.000| 88.000| 88.000| 0.000| 0.000| 5.000]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 183.800| 12.094| 33.303| 1109120811.794| 2.600]
+ [PKTLEN......: 88.000| 88.000| 88.000| 0.000| 0.000| 5.000]
[BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -349,9 +349,9 @@
RISK: Unsafe Protocol
update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
analyse: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 7.133| 0.619| 1.664| 2769657.004| 2.700]
- [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299307.700| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 7.133| 0.619| 1.664| 2769657.004| 2.700]
+ [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299307.700| 4.100]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0]
@@ -382,9 +382,9 @@
detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com]
detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com]
analyse: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 2.509| 0.286| 0.565| 319614.583| 3.400]
- [PKTLEN......: 52.000| 1740.000| 537.900| 561.400| 315202.600| 4.200]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 2.509| 0.286| 0.565| 319614.583| 3.400]
+ [PKTLEN......: 52.000| 1740.000| 537.900| 561.400| 315202.600| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0]
@@ -462,9 +462,9 @@
detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com]
detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com]
analyse: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun]
- min| max| avg| stddev| variance| entropy
- [IAT.........: 0.000| 1.577| 0.182| 0.352| 123851.137| 3.200]
- [PKTLEN......: 52.000| 1480.000| 545.600| 599.000| 358844.300| 4.100]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 1.577| 0.182| 0.352| 123851.137| 3.200]
+ [PKTLEN......: 52.000| 1480.000| 545.600| 599.000| 358844.300| 4.100]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,1,0,0,0,0,0,5,0,0,0]
[BINS(s->c)..: 6,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,0,0]
Powered by cgit, Themed by Ted Yin.