Table 2
2) Test 2: Encrypted Traffic: In this test we repeat the above methodology, but this time using real network traffic, specifically the trace Lab1. We isolate traffic on ports 22 (SSH) and 443 (HTTPS). The results are shown in Table 3. As we can see from the table the two algorithms identify 95% and 97% of the flows in the trace as HE, a very good result.