| December 2022 |
Web interface has been updated. |
|
An interactive report has been added for the “Analysis of the list of IP addresses”. |
|
The “IP List Analysis” results report can now be exported to HTML. |
|
New feeds have been added to the sources for checking against reputation lists from the statistics service. |
|
In the report for the analysis method “TLS (for ATLS countermeasure)” an optional output of all User Agents for each analyzed JA3 fingerprint has been added. |
| October 2022 |
Performance of the “Analysis of the list of IP addresses” has been improved. |
| August 2022 |
Content visualization for “Experimental analysis” is now displayed in the browser window. |
| July 2022 |
User input of IP addresses, UserAgents and JA3 fingerprints added. |
|
A choice of reputation lists against which IP addresses from the dump are checked added in “Experimental analysis”. |
|
In the “Experimental analysis” report a section with a list of IP-addresses noted at least in one of the reputation lists is added. |
| May 2022 |
The output of “Experimental analysis” report on reputation lists is consistent with the output for “Analysis of the list of IP addresses”. |
| April 2022 |
A banner with the name of the service and a list of parameters with which the analysis was launched has been added to the beginning of reports for all analysis methods. |
| March 2022 |
The functionality of “Analysis of the list of IP addresses” has been expanded. New sections of the report have been added. The ability to choose which sections to include in the final report has been added. |
|
A new way of analysis “Identifying patterns using a decision tree” added. |
| February 2022 |
Added analysis method “Analysis of the list of IP addresses”. |
| December 2021 |
The “Experimental analysis” report now lists the names of all L4 protocols. The number of packets and the proportion of the total number of packets for the protocol is indicated even if the five percent threshold is not exceeded. |
|
Signature generation in “Experimental analysis” is now performed only for packets with a zero offset value in the IP header. |
|
The “Experimental analysis” report shows the distribution of fragmented packets with a non-zero IP header offset and the number of unique non-zero offsets. |
|
Hints for the “Experimental analysis” fields appear when you hover over the fields themselves. |
| November 2021 |
Added generation of signatures for similar packages in “Experimental analysis”. |
| October 2021 |
The color scheme of the lengthgram has been updated. |
|
Added DTLS analysis to “Experimental analysis”. |
| September 2021 |
Analysis by DNS query and DNS response for TCP and UDP has been added to “Experimental analysis” mode. |
|
Added MD5 hash for TLS to the “Experimental analysis” report. |
|
The “Experimental analysis” report does not display the names of sections for which there was no analysis. |
|
The maximum length of a lengthgram is limited. |
| June 2021 |
Added sampling to build visualization. |
| (Change log |
A multi-threaded signature generation algorithm has been implemented. |
| start ) |
Added TLS section to the “Experimental analysis” report. |