1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [....10.64.0.127][51053] -> [.....10.64.0.72][.4880]
detected: [.....1] [ip4][..tcp] [....10.64.0.127][51053] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
new: [.....2] [ip4][..tcp] [....10.64.0.127][51054] -> [.....10.64.0.72][.4880]
detected: [.....2] [ip4][..tcp] [....10.64.0.127][51054] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
new: [.....3] [ip4][..tcp] [....10.64.0.127][51055] -> [.....10.64.0.72][.4880]
detected: [.....3] [ip4][..tcp] [....10.64.0.127][51055] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
new: [.....4] [ip4][..tcp] [....10.64.0.127][51056] -> [.....10.64.0.72][.4880]
detected: [.....4] [ip4][..tcp] [....10.64.0.127][51056] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
analyse: [.....4] [ip4][..tcp] [....10.64.0.127][51056] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 19.039| 5.872| 6.792| 46137172.034| 3.900]
[PKTLEN......: 40.000| 94.000| 52.400| 10.800| 117.400| 5.000]
[BINS(c->s)..: 20,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.2,0.3,14.8,15.0,0.3,0.3,217.9,3286.1,3504.1,208.2,10280.3,10488.4,202.6,18835.9,19038.6,211.1,3164.6,3375.7,204.9,18603.8,18610.2,8174.3,8385.6,202.7,7510.4,7713.1,211.3,16164.1,16375.4,215.5,6808.2]
[PKTLENS.....: 52,52,40,56,56,64,64,40,56,56,40,56,56,40,94,56,40,56,56,40,56,40,56,56,40,56,56,40,56,56,40,56]
[ENTROPIES...: 4.2,4.9,4.2,3.8,4.2,3.5,4.0,4.2,3.8,4.0,4.2,3.7,4.1,4.2,4.8,4.0,4.2,3.8,4.0,4.2,4.3,4.2,3.7,4.1,4.2,4.0,3.9,4.2,4.0,3.9,4.2,4.0]
analyse: [.....2] [ip4][..tcp] [....10.64.0.127][51054] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 30.221| 11.502| 11.630| 135266715.042| 4.100]
[PKTLEN......: 40.000| 94.000| 51.800| 10.700| 114.400| 5.000]
[BINS(c->s)..: 18,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,0,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0,1]
[IATS(ms)....: 0.2,0.3,14.8,15.1,0.4,0.3,217.9,13272.9,13259.6,13350.3,13554.9,221.3,22465.6,22686.9,200.5,2983.6,3184.1,214.3,30221.2,30007.2,24848.2,24848.5,211.0,6444.7,6655.7,200.7,18636.3,18641.5,30200.4,29994.8,30014.7]
[PKTLENS.....: 52,52,40,56,56,64,64,40,56,40,56,56,40,56,56,40,94,56,40,46,52,56,56,40,56,56,40,56,40,46,52,46]
[ENTROPIES...: 4.2,4.7,4.3,3.9,4.1,3.5,3.9,4.3,4.3,4.3,3.8,4.0,4.2,4.0,4.0,4.3,4.9,4.0,4.2,4.1,4.4,4.1,3.9,4.2,4.1,4.0,4.2,4.2,4.2,4.1,4.4,4.1]
analyse: [.....3] [ip4][..tcp] [....10.64.0.127][51055] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 30.224| 10.753| 11.914| 141939022.234| 4.000]
[PKTLEN......: 40.000| 81.000| 55.100| 11.500| 131.200| 5.000]
[BINS(c->s)..: 19,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,0,0,1]
[IATS(ms)....: 0.2,0.4,15.4,15.6,202.7,30224.3,30021.9,21890.5,21890.7,221.3,2690.2,2911.5,0.2,0.4,30016.5,30016.5,22101.3,22101.6,211.1,5004.6,5215.8,205.6,30216.1,30010.9,15065.1,15272.5,6292.5,6085.3,219.3,2500.5,2719.8]
[PKTLENS.....: 52,52,40,63,56,40,46,52,66,69,40,66,56,81,40,46,52,66,69,40,66,69,40,46,52,56,46,66,69,40,66,56]
[ENTROPIES...: 4.2,4.8,4.2,4.3,3.9,4.2,4.1,4.2,4.4,4.6,4.2,4.5,4.2,5.1,4.2,4.1,4.2,4.5,4.6,4.2,4.5,4.6,4.2,4.0,4.3,4.1,4.1,4.4,4.7,4.2,4.4,4.2]
analyse: [.....1] [ip4][..tcp] [....10.64.0.127][51053] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 30.237| 14.395| 13.485| 181848479.105| 4.100]
[PKTLEN......: 40.000| 103.000| 54.900| 14.000| 195.000| 5.000]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 11,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,0,1,1,0,1,0,1,0,1,0]
[IATS(ms)....: 0.2,0.4,10.8,11.1,202.7,4710.7,4913.4,218.8,8156.7,8375.5,0.2,0.5,7975.4,7975.7,215.7,30237.0,30021.5,30014.8,30014.8,29999.1,29999.1,21560.7,21561.0,0.2,0.5,30013.1,30013.1,30014.7,30014.7,29999.2,29999.2]
[PKTLENS.....: 52,52,40,63,56,40,62,103,40,66,56,81,40,66,69,40,46,52,46,52,46,52,66,56,81,40,46,52,46,52,46,52]
[ENTROPIES...: 4.2,4.8,4.3,4.4,4.1,4.3,4.3,5.3,4.1,4.5,4.3,5.1,4.2,4.5,4.7,4.1,3.9,4.2,3.9,4.2,3.9,4.2,4.4,4.3,5.1,4.2,4.1,4.3,4.1,4.3,4.1,4.3]
end: [.....1] [ip4][..tcp] [....10.64.0.127][51053] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
end: [.....2] [ip4][..tcp] [....10.64.0.127][51054] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
end: [.....3] [ip4][..tcp] [....10.64.0.127][51055] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
end: [.....4] [ip4][..tcp] [....10.64.0.127][51056] -> [.....10.64.0.72][.4880] [HiSLIP][Unknown][IoT-Scada][Acceptable]
DAEMON-EVENT: shutdown
|