| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | Reworked ndpi flow risk score adding client and server score | Luca | 2021-06-01 | |
| | | ||||
| * | Added flow risk score | Luca Deri | 2021-05-18 | |
| | | ||||
| * | Typo | Luca Deri | 2021-05-18 | |
| | | ||||
| * | Added risk/score dump (ndpiReader -h) | Luca Deri | 2021-05-18 | |
| | | | | | Added ndpi_dump_risks_score() API score | |||
| * | Reworked human readeable string search in flows | Luca Deri | 2021-05-17 | |
| | | | | | Removed fragment manager code | |||
| * | Added browser TLS heuristic | Luca Deri | 2021-05-13 | |
| | | ||||
| * | Implemented heuristic to detect Safari and Firefox TLS browsing | Luca Deri | 2021-05-13 | |
| | | ||||
| * | Fixed obsolete error printing if CTRL-C is pressed. #1165 (#1184) | Toni | 2021-05-11 | |
| | | | | | | * This fix was proposed by @robertsong2019 Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Implemented flow score in Wireshark integration | Luca Deri | 2021-05-10 | |
| | | ||||
| * | Initial work towards detection via TLS of browser types | Luca | 2021-05-06 | |
| | | ||||
| * | Compilation fix | Luca Deri | 2021-04-27 | |
| | | ||||
| * | Updated code due to https://github.com/ntop/nDPI/pull/1175 | Luca Deri | 2021-04-27 | |
| | | ||||
| * | Added flow risk to wireshark dissection | Luca Deri | 2021-04-26 | |
| | | ||||
| * | Fix some warnings about unused variables/functions (#1160) | Ivan Nardi | 2021-04-05 | |
| | | ||||
| * | Trace fix | Luca Deri | 2021-04-02 | |
| | | ||||
| * | Fixed incapoatibilities with the latest extcap/wireshark | Luca Deri | 2021-04-01 | |
| | | ||||
| * | Fixed invalid guess stats | Luca Deri | 2021-03-30 | |
| | | ||||
| * | ndpiReader: print an error msg if we found an unsupported datalink type (#1157) | Ivan Nardi | 2021-03-23 | |
| | | ||||
| * | Refactored nDPI subprotocol handling and aimini protocol detection. (#1156) | Toni | 2021-03-23 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored and merged callback buffer routines for non-udp-tcp / udp / tcp / tcp-wo-payload. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Try to detect one subprotocol if a detected protocol can have one. * This adds a performance overhead due to much more protocol detection routine calls. See #1148 for more information. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactor subprotocol handling (1/2). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactor subprotocol handling (2/2). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Prevent some code duplication by using macros for ndpi_int_one_line_struct string comparision. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactored aimini HTTP detection parts (somehow related to #1148). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Added aimini client/server test pcap. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Removed master protocol as it was only used for STUN and via also removed API function ndpi_get_protocol_id_master_proto * Adjusted Python code to conform to the changes made during the refactoring process. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Better DGA detection (slightly decreased accuracy) | Luca Deri | 2021-03-20 | |
| | | ||||
| * | Added % of flows with risks | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Added in stats the number of flows with risks | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Added flows risks report | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Reworked extendal dependency across testing tools | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Help crash fix | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Implemented square erro rollup to avoid overflow | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Added double exponential smoothing implementation | Luca | 2021-03-11 | |
| | | ||||
| * | Added single exponential smoothing API | Luca Deri | 2021-03-11 | |
| | | | | | | int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance); int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const u_int32_t _value, double *forecast, double *confidence_band); | |||
| * | Added experiemntal JA3+ implementation that can be used with -z i ndpiReader | Luca Deri | 2021-03-09 | |
| | | ||||
| * | Add support for Snapchat voip calls (#1147) | Ivan Nardi | 2021-03-06 | |
| | | | | | | | | | | * Add support for Snapchat voip calls Snapchat multiplexes some of its audio/video real time traffic with QUIC sessions. The peculiarity of these sessions is that they are Q046 and don't have any SNI. * Fix tests with libgcrypt disabled | |||
| * | Improved DGA detection | Luca Deri | 2021-03-03 | |
| | | | | | | | | | Before Accuracy 66%, Precision 86%, Recall 38% After Accuracy 71%, Precision 89%, Recall 49% | |||
| * | Improved DGA detection with trigrams. Disadvantage: slower startup time | Luca Deri | 2021-03-03 | |
| | | | | | | Reworked Tor dissector embedded in TLS (fixes #1141) Removed false positive on HTTP User-Agent | |||
| * | Holt-Winters calculation improvement | Luca Deri | 2021-02-27 | |
| | | ||||
| * | Added NDPI_MALICIOUS_SHA1 flow risk. (#1142) | Toni | 2021-02-26 | |
| | | | | | | | * An external file which contains known malicious SSL certificate SHA-1 hashes can be loaded via ndpi_load_malicious_sha1_file(...) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added NDPI_MALICIOUS_JA3 flow risk | Luca Deri | 2021-02-22 | |
| | | | | | Added ndpi_load_malicious_ja3_file() API call | |||
| * | Implemented TLS Certificate Sibject matching | Luca Deri | 2021-02-22 | |
| | | | | | Improved AnyDesk detection | |||
| * | Added risky domain flow-risk support | Luca Deri | 2021-02-21 | |
| | | ||||
| * | Fix small memory leak (#1133) | Ivan Nardi | 2021-02-10 | |
| | | | | Now function definition matches the prototype in ndpi_api.h.in | |||
| * | Extended the API to calculate jitter | Luca Deri | 2021-02-09 | |
| | | | | | | | - ndpi_jitter_init() - ndpi_jitter_free() - ndpi_jitter_add_value() | |||
| * | Removed debug statement | Luca Deri | 2021-02-09 | |
| | | ||||
| * | Added timeseries forecasting support implementing Holt-Winters with ↵ | Luca Deri | 2021-02-08 | |
| | | | | | | | | | | confidence interval New API calls added - ndpi_hw_init() - ndpi_hw_add_value() - ndpi_hw_free() | |||
| * | Implemented more efficient and memory savvy RSI | Luca Deri | 2021-02-05 | |
| | | ||||
| * | RSI enhancements | Luca Deri | 2021-02-05 | |
| | | ||||
| * | Implemented API for computing RSI (Relative Strenght Index) | Luca Deri | 2021-02-04 | |
| | | | | | | | void ndpi_init_rsi(struct ndpi_rsi_struct *s, u_int16_t num_learning_values); void ndpi_free_rsi(struct ndpi_rsi_struct *s); float ndpi_rsi_add_value(struct ndpi_rsi_struct *s, const u_int32_t value); | |||
| * | Added simple hash implementation to the nDPI API | Luca Deri | 2021-01-20 | |
| | | ||||
| * | Code cleanup: third party uthash is at the right place | Luca Deri | 2021-01-20 | |
| | | ||||
| * | (C) Update | Luca Deri | 2021-01-07 | |
| | | ||||
| * | Split HTTP request from response Content-Type. Request Content-Type should ↵ | Luca Deri | 2021-01-06 | |
| | | | | | be present with POSTs and not with other methods such as GET | |||
| * | Fix some warnings when compiling with "-W -Wall" flags (#1103) | Ivan Nardi | 2021-01-04 | |
| | | ||||
| * | Added --ignore-vlanid / -I to exclude VLAN ids for flow hash calculation. ↵ | Toni | 2020-12-11 | |
| | | | | | | #1073 (#1085) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||