vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-19 07:54:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/result/ajp.pcap.out
Ivan Nardi 3a087e951d
Add a "confidence" field about the reliability of the classification. (#1395) 
As a general rule, the higher the confidence value, the higher the
"reliability/precision" of the classification.

In other words, this new field provides an hint about "how" the flow
classification has been obtained.
For example, the application may want to ignore classification "by-port"
(they are not real DPI classifications, after all) or give a second
glance at flows classified via LRU caches (because of false positives).

Setting only one value for the confidence field is a bit tricky: more
work is probably needed in the next future to tweak/fix/improve the logic.
2022-01-11 15:23:39 +01:00

17 lines
1.7 KiB
Text
Raw Permalink Blame History

Guessed flow protos: 2
DPI Packets (TCP): 8 (4.00 pkts/flow)
DPI Packets (other): 6 (3.00 pkts/flow)
Confidence Unknown : 2 (flows)
Confidence DPI : 2 (flows)
Unknown 6 2200 2
AJP 26 4446 2
1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][ClearText][Confidence: DPI][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][0.17 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)][Plen Bins: 50,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][ClearText][Confidence: DPI][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][< 1 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)][Plen Bins: 50,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][ClearText][Confidence: Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec][PLAIN TEXT (HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][ClearText][Confidence: Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink