Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

entropy/character frequency analysis #107

Closed
mmguero opened this issue Jan 29, 2020 · 1 comment
Closed

entropy/character frequency analysis #107

mmguero opened this issue Jan 29, 2020 · 1 comment
Assignees
@mmguero

Comments

@mmguero
Copy link
Collaborator

mmguero commented Jan 29, 2020

using freq, we can do character frequency analysis on certain fields (DNS queries to begin with) to detect high-entropy/randomness.
@mmguero mmguero added enhancement New feature or request logstash Relating to Malcolm's use of Logstash labels Jan 29, 2020
@mmguero mmguero self-assigned this Jan 29, 2020
@mmguero mmguero mentioned this issue Jan 29, 2020
Closed
@mmguero
Copy link
Collaborator Author

mmguero commented Feb 24, 2020

Doing this right now for dns.host and zeek_ssl.server_name. May visit other fields in the future.

@mmguero mmguero closed this as completed Feb 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmguero mmguero

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mmguero