Abstract
Network traffic analysis was traditionally limited to packet header, because the transport protocol and application ports were usually sufficient to identify the application protocol. With the advent of port-independent, peer-to-peer, and encrypted protocols, the task of identifying application protocols became increasingly challenging, thus creating a motivation for creating tools and libraries for network protocol classification. This paper covers the design and implementation of nDPI, an open-source library for protocol classification using both packet header and payload. nDPI was extensively validated in various monitoring projects ranging from Linux kernel protocol classification, to analysis of 10 Gbit traffic, reporting both high protocol detection accuracy and efficiency.
Original language | English |
---|---|
Title of host publication | Wireless Communications and Mobile Computing Conference (IWCMC), 2014 International |
Publisher | IEEE |
Publication date | 2014 |
Pages | 617-622 |
ISBN (Print) | 978-1-4799-7324-8 |
DOIs | |
Publication status | Published - 2014 |
Event | International Wireless Communications and Mobile Computing Conference - Nicosia, Cyprus Duration: 4 Aug 2014 → 8 Aug 2014 Conference number: 10th |
Conference
Conference | International Wireless Communications and Mobile Computing Conference |
---|---|
Number | 10th |
Country/Territory | Cyprus |
City | Nicosia |
Period | 04/08/2014 → 08/08/2014 |
Series | International Wireless Communications and Mobile Computing Conference (IWCMC) |
---|---|
ISSN | 2376-6506 |