Weekly Report -- 29/07/2016




Started working on integrating some of the STRATUS metrics into NNTSC so that we can explore using time-series based event detection to highlight potentially interesting file interactions. Going forward, I'm going to be splitting my time 50:50 between STRATUS development and WAND research work -- existing research might progress a bit slower as a result.

Continued poking at unknown flows in the July trace data. Added protocols for Final Fantasy XIV and Facebook Messenger. Noticed that we are still having issues with the vDAG pipe on the probe that services wdcap dropping packets so our captures are sometimes missing packets. Moving IP encryption off onto wraith seems to have helped with this, but is not an ideal solution.