Skip to content

v0.8.0

Latest
Compare
Choose a tag to compare
@cdpxe cdpxe released this 24 Apr 08:04
· 5 commits to master since this release

Changelog for version v-0.8-alpha : 2021-04-24:

MAJOR:

  • allow parallel computation on a single slave node (tested)
  • add new script to that can detect message ordering CCs in TCP seq. #
    (Wendzel, 2019)
  • add new scripts to detect CCs embedded in MQTT topics and MQTT arti-
    ficial re-connect channels (Mileva et al., 2021)
  • add several new detection scripts written by Kevin Albrechts using
    epsilon similarity on different hiding patterns
  • substantially extended the documentation, in particular:
    • add comment on how to run parallel computations on a slave node
    • add comment on addressing errors related to limited stack size
    • several additional improvements of documentation
    • added some new readme files to describe traffic recorings and
      detection scripts
  • added "reset" functionality: remove content of slave directories in
    tmp/ and input/ on startup

MINOR:

  • support TCP ack and seq numbers by default
  • tiny improvements of code and directory structure; added some sample
    traffic recrodings
  • add kappa framelen+IAT versions that support multiple window sizes
  • allow to search for flows that are either TCP or UDP via "udp+tcp"
  • add --add-values="..." parameter to nefias_master
  • code clean-up

SECURITY FIXES:

  • none

FIXES:

  • fix handling of IPv6 flows
  • make sure ./results, $SLAVE_SCRIPT, $SLAVE_HOSTCONFIG,
    $TRAFFIC_SOURCE files exist (and that ./results is a directory)
  • fix pre-calculation of required chunks in string output
  • improved error handling in pcapng2csv.sh
  • slightly improved error checking in scripts/nefias_lib.sh
  • check whether certain provided cmdline parameters are just "param= "
    (empty)
  • check whether nefias script to be used is actually executable