vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 07:29:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

New protocols for Amazon/AWS sub-classification (#2975)

Browse source 
Add:
* Cognito
* API Gateway
* Kinesis
* EC2
* EMR
* S3
* Cloudfront
* DynamoDB

Keep `NDPI_PROTOCOL_AMAZON_AWS` for generic AWS traffic
This commit is contained in:
Ivan Nardi 2025-10-02 11:48:25 +02:00 committed by GitHub
parent c9dfc946ff
commit 113170cca4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
93 changed files with 5121 additions and 826 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/cfgs/default/result/sites3.pcapng.out
View file

@ -35,5 +35,5 @@ JA Host Stats:
1 TCP 192.168.43.159:19191 <-> 172.67.42.21:443 [proto: 91.108/TLS.Boosteroid][Stack: TLS.Boosteroid][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][18 pkts/5432 bytes <-> 52 pkts/48162 bytes][Goodput ratio: 82/94][5.65 sec][Hostname/SNI: cloud.boosteroid.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.797 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 392/58 2816/765 785/171][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 302/926 1414/1414 445/606][nDPI Fingerprint: 609e548909eae5913f964632ede9a4a6][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,4,2,0,2,0,0,0,0,2,0,2,0,0,0,0,2,0,0,2,4,0,0,0,0,4,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,64,0,0,0,0,0]
2 TCP 192.168.43.159:19127 <-> 52.215.125.151:443 [proto: 91.107/TLS.Blacknut][Stack: TLS.Blacknut][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Game/8][Breed: Fun][24 pkts/13183 bytes <-> 41 pkts/23380 bytes][Goodput ratio: 90/90][12.69 sec][Hostname/SNI: www.blacknut.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 618/83 8607/293 2004/111][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 549/570 1414/1414 588/605][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 20,4,2,0,0,2,0,2,7,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,4,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,42,0,0,0,0,0]
2 TCP 192.168.43.159:19127 <-> 52.215.125.151:443 [proto: 91.107/TLS.Blacknut][Stack: TLS.Blacknut][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Game/8][Breed: Fun][24 pkts/13183 bytes <-> 41 pkts/23380 bytes][Goodput ratio: 90/90][12.69 sec][Hostname/SNI: www.blacknut.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 618/83 8607/293 2004/111][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 549/570 1414/1414 588/605][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 20,4,2,0,0,2,0,2,7,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,4,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,42,0,0,0,0,0]
3 TCP 192.168.43.159:19180 <-> 172.98.56.177:443 [proto: 91.446/TLS.Rumble][Stack: TLS.Rumble][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Streaming/17][Breed: Fun][8 pkts/2519 bytes <-> 7 pkts/985 bytes][Goodput ratio: 82/60][8.16 sec][Hostname/SNI: wn0.rumble.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: 0.438 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1291/186 6654/414 2404/188][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 315/141 1414/349 465/117][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,16,16,0,0,0,0,16,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0]