Browse Code
A proof-of-concept application of the Statistical Protocol IDentification (SPID) algorithm. SPID can detect the application layer protocol (layer 7) by analysing flow (packet sizes etc.) and payload statistics (byte values etc.) from pcap files.
License
GNU General Public License version 2.0 (GPLv2)Follow SPID Statistical Protocol IDentification
Other Useful Business Software
Compliant and Reliable File Transfers Backed by Top Security Certifications
Stop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
Rate This Project
Login To Rate This Project
User Reviews
-
Easy for use.
-
The program runs fine, but I had to use the compiled version. It identified everything that was not encrypted. When using encryption (in bittorrent for example) the program consider packets as 'UNKNOWN' but the amount of packets is correct. Also, I tested with big tcpdump files (1.8GB size) and the program ran without any trouble. This is a very good job, its documentation is also pretty well written. Congrats to Erik Hjelmvik!! I had trouble compiling it under visual studio express (the free version), and also with mono. The problem seemed to be some assemblies that neither visual studio express nor mono (or monodevelop) have. Maybe there is a solution for this, but I haven't found it yet.