A proof-of-concept application of the Statistical Protocol IDentification (SPID) algorithm. SPID can detect the application layer protocol (layer 7) by analysing flow (packet sizes etc.) and payload statistics (byte values etc.) from pcap files.
License
GNU General Public License version 2.0 (GPLv2)Follow SPID Statistical Protocol IDentification
Other Useful Business Software
With Red Hat Enterprise Linux on Azure, businesses can confidently modernize their IT environment, knowing they don’t have to compromise on security, scalability, reliability, and ease of management. Securely accelerate innovation and unlock a competitive edge with enterprise-grade modern cloud infrastructure.
Rate This Project
Login To Rate This Project
User Reviews
-
Easy for use.
-
The program runs fine, but I had to use the compiled version. It identified everything that was not encrypted. When using encryption (in bittorrent for example) the program consider packets as 'UNKNOWN' but the amount of packets is correct. Also, I tested with big tcpdump files (1.8GB size) and the program ran without any trouble. This is a very good job, its documentation is also pretty well written. Congrats to Erik Hjelmvik!! I had trouble compiling it under visual studio express (the free version), and also with mono. The problem seemed to be some assemblies that neither visual studio express nor mono (or monodevelop) have. Maybe there is a solution for this, but I haven't found it yet.