nDPI: Open-Source High-Speed Deep Packet Inspection

Luca Deri, Maurizio Martinelli, Tomasz Bujlow, Alfredo Cardigliano

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

140 Citations (Scopus)

Abstract

Network traffic analysis was traditionally limited to packet header, because the transport protocol and application ports were usually sufficient to identify the application protocol. With the advent of port-independent, peer-to-peer, and encrypted protocols, the task of identifying application protocols became increasingly challenging, thus creating a motivation for creating tools and libraries for network protocol classification. This paper covers the design and implementation of nDPI, an open-source library for protocol classification using both packet header and payload. nDPI was extensively validated in various monitoring projects ranging from Linux kernel protocol classification, to analysis of 10 Gbit traffic, reporting both high protocol detection accuracy and efficiency.
Original languageEnglish
Title of host publicationWireless Communications and Mobile Computing Conference (IWCMC), 2014 International
PublisherIEEE
Publication date2014
Pages617-622
ISBN (Print)978-1-4799-7324-8
DOIs
Publication statusPublished - 2014
EventInternational Wireless Communications and Mobile Computing Conference - Nicosia, Cyprus
Duration: 4 Aug 20148 Aug 2014
Conference number: 10th

Conference

ConferenceInternational Wireless Communications and Mobile Computing Conference
Number10th
Country/TerritoryCyprus
CityNicosia
Period04/08/201408/08/2014
SeriesInternational Wireless Communications and Mobile Computing Conference (IWCMC)
ISSN2376-6506

Fingerprint

Dive into the research topics of 'nDPI: Open-Source High-Speed Deep Packet Inspection'. Together they form a unique fingerprint.

Cite this