they are not sorted by time, all i want is to show how long one src_ip spent on particular dest_ip

You can't know that. You can know how much time passed between the first and the last packet from a specific src_ip to a specific dst_ip for a specific arbitrary time span or a specific log file.

Example: You may have one day's worth of data. There is a packet going from ip A to ip B at 00:01. There is a second packet between A and B at 23:59. Is this (23 hours 58 mins) "how long" ip A spent on ip B?

This is exactly what I recommend to people to do if I want to lead them to learn to program.

i will take start time minus end time which equal to the difference. Is that what you mean ?

well, the details are important!

How do you find the start and end times? How do you know you have covered all the entries?

When writing some program, the first thing you need to do is to find a precise way to solve the problem. Then you can think about how to translate that into Perl (or any other language).

my idea is to loop through the data, if an destination ip appears more than once...take the least time (ex. 01:01) continue, to the end of the data and get the last time (ex.01:05). take difference of those and return one line with new time (ex 00:04)