| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Add an heuristic to detect fully encrypted flows (#2058) | Ivan Nardi | 2023-07-26 |
| A fully encrypted session is a flow where every bytes of the payload is encrypted in an attempt to “look like nothing”. The heuristic needs only the very first packet of the flow. See: https://www.usenix.org/system/files/sec23fall-prepub-234-wu-mingshi.pdf A basic, but generic, inplementation of the popcpunt alg has been added | |||