-
Notifications
You must be signed in to change notification settings - Fork 60
Home
Shane Alcock edited this page Dec 16, 2016
·
2 revisions
Libprotoident is a library that attempts to identify the application protocol being used by traffic flows, requiring no more than four bytes of application payload per packet. The aim is to support traffic classification in cases where full deep-packet inspection is not possible, e.g. packet traces captured from networks where most of the payload had to be removed for privacy reasons.
Many of the trace sets on WITS, for instance, are truncated to contain four bytes of application payload and therefore libprotoident can be used to classify traffic in these traces.
Download the latest release of libprotoident here