From 8ebaccc27d779e981b500e80b69f62396dcaa0ca Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Thu, 9 Nov 2023 23:18:55 +0100 Subject: py-flow-info: Improved analyse result printing. Signed-off-by: Toni Uhlig --- test/results/flow-info/default/ethereum.pcap.out | 198 +++++++++++------------ 1 file changed, 99 insertions(+), 99 deletions(-) (limited to 'test/results/flow-info/default/ethereum.pcap.out') diff --git a/test/results/flow-info/default/ethereum.pcap.out b/test/results/flow-info/default/ethereum.pcap.out index 9195c369f..d27ecd6ad 100644 --- a/test/results/flow-info/default/ethereum.pcap.out +++ b/test/results/flow-info/default/ethereum.pcap.out @@ -42,9 +42,9 @@ new: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] detected: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.063| 0.008| 0.018| 335.828| 2.400] - [PKTLEN......: 46.000| 547.000| 91.200| 114.100| 13011.400| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.063| 0.008| 0.018| 335.828| 2.400] + [PKTLEN......: 46.000| 547.000| 91.200| 114.100| 13011.400| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -54,9 +54,9 @@ new: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] detected: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] analyse: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.063| 0.009| 0.019| 355.411| 2.700] - [PKTLEN......: 52.000| 598.000| 107.800| 122.800| 15078.800| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.063| 0.009| 0.019| 355.411| 2.700] + [PKTLEN......: 52.000| 598.000| 107.800| 122.800| 15078.800| 4.400] [BINS(c->s)..: 14,3,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,1] @@ -71,9 +71,9 @@ new: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] detected: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] analyse: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.070| 0.011| 0.024| 583.849| 2.400] - [PKTLEN......: 46.000| 564.000| 90.300| 111.300| 12394.700| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.070| 0.011| 0.024| 583.849| 2.400] + [PKTLEN......: 46.000| 564.000| 90.300| 111.300| 12394.700| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -87,9 +87,9 @@ detected: [....32] [ip4][..udp] [..192.168.1.184][30303] -> [...209.97.143.1][50000] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] analyse: [....25] [ip4][..tcp] [..192.168.1.184][56629] -> [....51.38.60.79][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.073| 0.008| 0.018| 321.083| 2.400] - [PKTLEN......: 46.000| 473.000| 85.000| 93.300| 8701.200| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.073| 0.008| 0.018| 321.083| 2.400] + [PKTLEN......: 46.000| 473.000| 85.000| 93.300| 8701.200| 4.500] [BINS(c->s)..: 15,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 11,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1] @@ -107,9 +107,9 @@ detected: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] analyse: [....28] [ip4][..tcp] [..192.168.1.184][56632] -> [...51.38.81.180][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.079| 0.012| 0.027| 705.641| 2.400] - [PKTLEN......: 46.000| 531.000| 90.400| 111.100| 12335.600| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.079| 0.012| 0.027| 705.641| 2.400] + [PKTLEN......: 46.000| 531.000| 90.400| 111.100| 12335.600| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -117,9 +117,9 @@ [PKTLENS.....: 64,60,52,531,52,491,84,52,52,53,54,65,52,52,52,68,52,52,52,84,53,176,55,68,84,53,54,65,68,52,46,46] [ENTROPIES...: 4.4,5.3,5.0,7.6,5.2,7.6,6.0,5.2,5.1,5.3,5.3,5.6,5.1,5.1,5.1,5.6,5.3,5.1,5.1,5.9,5.2,6.8,5.3,5.6,5.9,5.1,5.2,5.5,5.6,5.1,3.9,3.9] analyse: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.077| 0.012| 0.026| 688.970| 2.400] - [PKTLEN......: 46.000| 494.000| 87.100| 105.300| 11090.000| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.077| 0.012| 0.026| 688.970| 2.400] + [PKTLEN......: 46.000| 494.000| 87.100| 105.300| 11090.000| 4.400] [BINS(c->s)..: 13,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,2,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1] @@ -133,9 +133,9 @@ new: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] detected: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.164| 0.023| 0.053| 2778.035| 2.400] - [PKTLEN......: 46.000| 522.000| 89.000| 105.000| 11031.500| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.164| 0.023| 0.053| 2778.035| 2.400] + [PKTLEN......: 46.000| 522.000| 89.000| 105.000| 11031.500| 4.500] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,1,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -148,9 +148,9 @@ new: [....40] [ip4][..tcp] [..192.168.1.184][56642] -> [..178.62.10.218][30303] new: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] analyse: [....36] [ip4][..tcp] [..192.168.1.184][56638] -> [209.250.240.205][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.043| 0.007| 0.014| 203.606| 2.800] - [PKTLEN......: 52.000| 546.000| 106.000| 112.400| 12624.200| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.043| 0.007| 0.014| 203.606| 2.800] + [PKTLEN......: 52.000| 546.000| 106.000| 112.400| 12624.200| 4.500] [BINS(c->s)..: 13,3,0,2,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,1,1,0,0,0,1,0,0,0,0,0,0,1,1,1,1,0,0,1] @@ -160,9 +160,9 @@ new: [....42] [ip4][..tcp] [..192.168.1.184][56644] -> [..13.230.108.42][30303] detected: [....39] [ip4][..tcp] [..192.168.1.184][56641] -> [.144.91.120.135][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.158| 0.021| 0.049| 2374.200| 2.400] - [PKTLEN......: 46.000| 483.000| 87.300| 103.800| 10779.300| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.158| 0.021| 0.049| 2374.200| 2.400] + [PKTLEN......: 46.000| 483.000| 87.300| 103.800| 10779.300| 4.400] [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1] @@ -177,9 +177,9 @@ detected: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] new: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] analyse: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.202| 0.031| 0.071| 5088.628| 2.400] - [PKTLEN......: 46.000| 542.000| 91.800| 115.500| 13350.200| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.202| 0.031| 0.071| 5088.628| 2.400] + [PKTLEN......: 46.000| 542.000| 91.800| 115.500| 13350.200| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -188,9 +188,9 @@ [ENTROPIES...: 4.4,5.3,5.0,7.6,5.2,7.6,5.9,5.1,5.2,5.3,5.2,5.3,5.5,5.2,5.2,5.6,5.2,5.2,5.2,5.7,5.1,6.7,5.1,5.5,5.8,5.0,5.1,5.5,5.4,5.1,5.2,3.7] detected: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.109| 0.018| 0.040| 1575.808| 2.400] - [PKTLEN......: 46.000| 623.000| 95.600| 130.900| 17130.100| 4.300] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.109| 0.018| 0.040| 1575.808| 2.400] + [PKTLEN......: 46.000| 623.000| 95.600| 130.900| 17130.100| 4.300] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,0,1,0,1,0,1,1,0,0,0,1,0,0,0,0,0,0,1,1] @@ -200,9 +200,9 @@ new: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] new: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] analyse: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.049| 0.009| 0.018| 316.609| 2.700] - [PKTLEN......: 52.000| 521.000| 92.900| 97.800| 9570.500| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.049| 0.009| 0.018| 316.609| 2.700] + [PKTLEN......: 52.000| 521.000| 92.900| 97.800| 9570.500| 4.500] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,2,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,1] @@ -215,9 +215,9 @@ new: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] detected: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] analyse: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.052| 0.010| 0.019| 354.234| 2.800] - [PKTLEN......: 52.000| 462.000| 93.900| 97.700| 9536.300| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.052| 0.010| 0.019| 354.234| 2.800] + [PKTLEN......: 52.000| 462.000| 93.900| 97.700| 9536.300| 4.500] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,0,0,0,0,1,0,1,0,1,0,1,0,0,0,0,0,0,1,1,1,0,1] @@ -228,9 +228,9 @@ detected: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] analyse: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.262| 0.038| 0.087| 7588.779| 2.300] - [PKTLEN......: 46.000| 505.000| 90.200| 109.100| 11904.300| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.262| 0.038| 0.087| 7588.779| 2.300] + [PKTLEN......: 46.000| 505.000| 90.200| 109.100| 11904.300| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -238,9 +238,9 @@ [PKTLENS.....: 64,60,52,502,52,505,84,53,52,52,52,54,65,52,52,68,52,52,52,84,53,176,55,68,84,53,54,65,68,52,52,46] [ENTROPIES...: 4.5,5.3,5.0,7.6,5.2,7.6,5.8,5.2,5.1,5.1,5.1,5.3,5.6,5.1,5.1,5.7,5.2,5.1,5.1,5.7,5.1,6.9,5.1,5.5,5.8,5.1,5.2,5.5,5.5,5.0,5.2,3.8] analyse: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.263| 0.038| 0.087| 7624.721| 2.300] - [PKTLEN......: 46.000| 564.000| 92.100| 117.400| 13788.700| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.263| 0.038| 0.087| 7624.721| 2.300] + [PKTLEN......: 46.000| 564.000| 92.100| 117.400| 13788.700| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -251,9 +251,9 @@ new: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] new: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] analyse: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.037| 0.006| 0.012| 148.778| 2.600] - [PKTLEN......: 46.000| 469.000| 84.100| 91.500| 8376.200| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.037| 0.006| 0.012| 148.778| 2.600] + [PKTLEN......: 46.000| 469.000| 84.100| 91.500| 8376.200| 4.500] [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1] @@ -261,9 +261,9 @@ [PKTLENS.....: 64,60,52,469,52,379,52,84,52,68,52,68,52,84,53,176,55,68,84,53,54,65,68,52,52,46,46,46,46,46,46,46] [ENTROPIES...: 4.5,5.4,5.1,7.6,5.3,7.4,5.1,6.0,5.1,5.7,5.2,5.7,5.1,6.0,5.2,6.8,5.3,5.6,5.9,5.2,5.3,5.6,5.6,5.2,5.3,3.7,3.7,3.7,3.7,3.7,3.7,3.7] analyse: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.116| 0.012| 0.026| 687.065| 2.900] - [PKTLEN......: 52.000| 526.000| 102.300| 108.500| 11769.500| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.116| 0.012| 0.026| 687.065| 2.900] + [PKTLEN......: 52.000| 526.000| 102.300| 108.500| 11769.500| 4.500] [BINS(c->s)..: 14,4,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,0,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,1,1,1,1,1,1,0,0,1,0,0,0] @@ -271,9 +271,9 @@ [PKTLENS.....: 64,60,52,526,52,384,52,84,53,176,55,68,292,52,84,53,100,67,52,68,52,52,52,52,260,52,52,84,52,53,55,64] [ENTROPIES...: 4.4,5.3,5.0,7.6,5.1,7.4,5.1,5.9,5.1,6.8,5.1,5.5,7.2,5.1,5.8,5.1,5.9,5.5,5.2,5.5,5.2,5.2,5.2,5.2,7.1,5.2,5.0,5.7,5.2,5.1,5.2,5.3] analyse: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.035| 0.006| 0.012| 149.558| 2.500] - [PKTLEN......: 46.000| 583.000| 90.600| 116.900| 13676.100| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.035| 0.006| 0.012| 149.558| 2.500] + [PKTLEN......: 46.000| 583.000| 90.600| 116.900| 13676.100| 4.400] [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1] @@ -285,9 +285,9 @@ new: [....56] [ip4][..tcp] [..192.168.1.184][56662] -> [..35.229.232.19][30303] new: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] analyse: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.159| 0.026| 0.057| 3248.179| 2.500] - [PKTLEN......: 46.000| 465.000| 87.500| 99.100| 9815.100| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.159| 0.026| 0.057| 3248.179| 2.500] + [PKTLEN......: 46.000| 465.000| 87.500| 99.100| 9815.100| 4.500] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,1,0,0,1,0,0,0,0,0,0,0,1,0,1,1] @@ -295,9 +295,9 @@ [PKTLENS.....: 64,60,52,465,52,457,52,84,53,176,55,68,84,53,52,52,54,65,52,52,68,52,84,53,54,65,68,52,52,52,52,46] [ENTROPIES...: 4.4,5.3,5.1,7.5,5.2,7.5,5.0,5.9,5.2,6.9,5.2,5.5,5.9,5.2,5.0,5.1,5.3,5.6,5.1,5.0,5.6,5.0,5.7,5.1,5.1,5.3,5.5,5.1,5.2,5.1,5.2,3.8] analyse: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.131| 0.020| 0.046| 2133.935| 2.400] - [PKTLEN......: 46.000| 573.000| 93.000| 122.200| 14931.500| 4.300] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.131| 0.020| 0.046| 2133.935| 2.400] + [PKTLEN......: 46.000| 573.000| 93.000| 122.200| 14931.500| 4.300] [BINS(c->s)..: 16,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 10,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1] @@ -305,9 +305,9 @@ [PKTLENS.....: 64,60,52,573,52,542,52,84,53,52,52,67,52,68,52,52,52,84,53,176,55,68,84,53,54,65,68,52,46,46,46,46] [ENTROPIES...: 4.5,5.3,5.0,7.6,5.2,7.5,5.1,5.9,5.2,5.0,5.0,5.5,5.1,5.6,5.1,5.2,5.0,5.9,5.1,6.8,5.1,5.6,5.7,5.1,5.1,5.4,5.6,5.1,3.9,4.0,4.0,4.0] analyse: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.057| 0.011| 0.022| 493.706| 2.800] - [PKTLEN......: 52.000| 514.000| 100.400| 109.700| 12030.800| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.057| 0.011| 0.022| 493.706| 2.800] + [PKTLEN......: 52.000| 514.000| 100.400| 109.700| 12030.800| 4.500] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,1,1,0,0,1,1] @@ -315,9 +315,9 @@ [PKTLENS.....: 64,60,52,514,52,494,52,84,52,195,53,52,52,84,53,176,55,68,68,52,84,53,100,67,68,52,84,134,52,52,82,52] [ENTROPIES...: 4.5,5.2,5.1,7.5,5.2,7.5,5.2,5.8,5.1,6.8,5.2,5.0,5.0,5.9,5.1,6.7,5.2,5.5,5.7,5.1,5.9,5.2,6.0,5.5,5.5,5.2,5.9,6.6,5.1,5.1,5.8,5.3] analyse: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.300| 0.044| 0.100| 10075.352| 2.300] - [PKTLEN......: 46.000| 583.000| 88.300| 106.200| 11275.500| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.300| 0.044| 0.100| 10075.352| 2.300] + [PKTLEN......: 46.000| 583.000| 88.300| 106.200| 11275.500| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -325,9 +325,9 @@ [PKTLENS.....: 64,60,52,583,52,370,84,52,52,53,52,54,65,52,52,68,52,52,52,84,53,176,55,68,84,53,54,65,68,52,46,46] [ENTROPIES...: 4.4,5.3,5.0,7.7,5.1,7.4,5.9,5.0,5.0,5.2,5.0,5.3,5.5,5.0,5.0,5.6,5.2,5.0,5.0,5.8,5.0,6.7,5.2,5.4,5.8,5.0,5.2,5.3,5.4,5.0,3.7,3.7] analyse: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.308| 0.045| 0.103| 10532.101| 2.400] - [PKTLEN......: 46.000| 523.000| 89.800| 108.100| 11684.800| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.308| 0.045| 0.103| 10532.101| 2.400] + [PKTLEN......: 46.000| 523.000| 89.800| 108.100| 11684.800| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,1] @@ -339,9 +339,9 @@ detected: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.339| 0.050| 0.114| 12910.542| 2.400] - [PKTLEN......: 46.000| 626.000| 92.100| 119.200| 14212.100| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.339| 0.050| 0.114| 12910.542| 2.400] + [PKTLEN......: 46.000| 626.000| 92.100| 119.200| 14212.100| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,1,1] @@ -354,9 +354,9 @@ detected: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.355| 0.054| 0.122| 14890.530| 2.400] - [PKTLEN......: 46.000| 577.000| 92.400| 118.100| 13953.700| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.355| 0.054| 0.122| 14890.530| 2.400] + [PKTLEN......: 46.000| 577.000| 92.400| 118.100| 13953.700| 4.400] [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1] @@ -373,9 +373,9 @@ detected: [....61] [ip4][..tcp] [..192.168.1.184][56670] -> [..167.86.122.50][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.147| 0.028| 0.054| 2939.853| 2.800] - [PKTLEN......: 52.000| 625.000| 100.200| 122.100| 14898.100| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.147| 0.028| 0.054| 2939.853| 2.800] + [PKTLEN......: 52.000| 625.000| 100.200| 122.100| 14898.100| 4.400] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,0,1,0,1,1,1,0,0,0,0,0,0,0,0,1,1,1,0,1] @@ -385,9 +385,9 @@ new: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] new: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] analyse: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.039| 0.010| 0.016| 256.751| 3.100] - [PKTLEN......: 52.000| 592.000| 107.000| 118.700| 14100.300| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.039| 0.010| 0.016| 256.751| 3.100] + [PKTLEN......: 52.000| 592.000| 107.000| 118.700| 14100.300| 4.400] [BINS(c->s)..: 17,5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,0,1,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0] @@ -400,9 +400,9 @@ detected: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....66] [ip4][..tcp] [..192.168.1.184][56675] -> [..35.235.37.216][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] analyse: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.184| 0.035| 0.071| 5044.452| 2.600] - [PKTLEN......: 52.000| 635.000| 100.100| 121.000| 14650.900| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.184| 0.035| 0.071| 5044.452| 2.600] + [PKTLEN......: 52.000| 635.000| 100.100| 121.000| 14650.900| 4.400] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,2,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,0] @@ -412,9 +412,9 @@ detected: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] new: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] analyse: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.042| 0.007| 0.015| 228.263| 2.600] - [PKTLEN......: 46.000| 438.000| 84.000| 90.700| 8221.200| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.042| 0.007| 0.015| 228.263| 2.600] + [PKTLEN......: 46.000| 438.000| 84.000| 90.700| 8221.200| 4.500] [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1] @@ -423,9 +423,9 @@ [ENTROPIES...: 4.5,5.4,5.1,7.5,5.1,7.5,5.0,5.9,5.0,5.7,5.0,5.6,5.0,5.7,5.1,6.8,5.2,5.4,5.8,5.1,5.1,5.4,5.5,5.1,5.2,3.7,3.7,3.7,3.7,3.7,3.7,3.7] new: [....68] [ip4][..tcp] [..192.168.1.184][56679] -> [..35.228.158.52][30303] analyse: [....55] [ip4][..tcp] [..192.168.1.184][56661] -> [....52.9.128.68][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.194| 0.037| 0.074| 5538.541| 2.700] - [PKTLEN......: 52.000| 524.000| 100.200| 109.000| 11872.900| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.194| 0.037| 0.074| 5538.541| 2.700] + [PKTLEN......: 52.000| 524.000| 100.200| 109.000| 11872.900| 4.500] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,1,1,0,1,0,1,1,0] @@ -439,9 +439,9 @@ detected: [....71] [ip4][..udp] [..192.168.1.184][30303] -> [..167.86.122.50][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] detected: [....70] [ip4][..tcp] [..192.168.1.184][56681] -> [207.180.206.216][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.075| 0.014| 0.028| 803.714| 2.700] - [PKTLEN......: 52.000| 599.000| 105.000| 126.800| 16079.300| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.075| 0.014| 0.028| 803.714| 2.700] + [PKTLEN......: 52.000| 599.000| 105.000| 126.800| 16079.300| 4.400] [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,1,1,0,0,1] @@ -450,9 +450,9 @@ [ENTROPIES...: 4.4,5.3,5.0,7.6,5.2,7.6,5.8,5.0,5.0,6.9,5.0,5.5,5.0,5.7,5.1,6.8,5.1,5.5,5.9,5.2,6.1,5.6,5.5,5.2,5.2,5.8,5.0,6.4,5.9,5.0,5.0,5.1] new: [....72] [ip4][..tcp] [..192.168.1.184][56684] -> [...51.83.237.44][30303] analyse: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.263| 0.042| 0.096| 9182.918| 2.400] - [PKTLEN......: 46.000| 591.000| 91.400| 121.500| 14755.200| 4.300] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.263| 0.042| 0.096| 9182.918| 2.400] + [PKTLEN......: 46.000| 591.000| 91.400| 121.500| 14755.200| 4.300] [BINS(c->s)..: 13,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1] @@ -467,9 +467,9 @@ detected: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] detected: [....74] [ip4][..tcp] [..192.168.1.184][56686] -> [.206.189.107.35][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] analyse: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.286| 0.027| 0.065| 4262.303| 2.600] - [PKTLEN......: 52.000| 619.000| 109.600| 120.400| 14503.600| 4.500] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.286| 0.027| 0.065| 4262.303| 2.600] + [PKTLEN......: 52.000| 619.000| 109.600| 120.400| 14503.600| 4.500] [BINS(c->s)..: 16,5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,1,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,0,0,0,0,0,0,1,0,0] -- cgit v1.2.3