User login

Weekly Report -- 25/11/2011




Continued looking into properties of sleeper traffic, primarily the rate at which sleeper traffic quantities degrade as the host continues to be idle. This has proved a bit tricky to visualise well, but finally managed to come up with what I think should be a useful graphing approach. This did require a lot of battling with R, though.

The fixed version of NAVL was not available last week, but I was able to continue looking at cases where PACE was able to identify traffic that libprotoident could not. Brad set me up with a Windows VM so that I could download various apps and capture traffic while using them, so that I can confirm PACE's classifications and add or update libprotoident's rules so that we can match the traffic as well. This meant I got to have a bit of fun playing Second Life and hanging out in chatrooms....

Started moving towards a new release of libprotoident, seeing as I've now added or updated the rules for quite a few protocols.