vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-18 06:04:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/result/google_ssl.pcap.out
Ivan Nardi 3a087e951d
Add a "confidence" field about the reliability of the classification. (#1395) 
As a general rule, the higher the confidence value, the higher the
"reliability/precision" of the classification.

In other words, this new field provides an hint about "how" the flow
classification has been obtained.
For example, the application may want to ignore classification "by-port"
(they are not real DPI classifications, after all) or give a second
glance at flows classified via LRU caches (because of false positives).

Setting only one value for the confidence field is a bit tricky: more
work is probably needed in the next future to tweak/fix/improve the logic.
2022-01-11 15:23:39 +01:00

8 lines
616 B
Text
Raw Permalink Blame History

Guessed flow protos: 1
DPI Packets (TCP): 28 (28.00 pkts/flow)
Confidence Match by IP : 1 (flows)
Google 28 9108 1
1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][Encrypted][Confidence: Match by IP][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][Goodput ratio: 43/91][6.67 sec][bytes ratio: -0.668 (Download)][IAT c2s/s2c min/avg/max/stddev: 76/66 422/544 1185/1213 376/402][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/633 368/1484 87/622][PLAIN TEXT (@zgsiP)][Plen Bins: 8,8,0,8,0,8,0,0,0,25,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0]
Reference in a new issue View git blame Copy permalink