| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Keep track of how many dissectors calls we made for each flow (#1657) | Ivan Nardi | 2022-07-11 |
| | | |||
| * | Fix handling of NDPI_UNIDIRECTIONAL_TRAFFIC risk (#1636) | Ivan Nardi | 2022-07-05 |
| | | |||
| * | Added unidirectional traffic flow risk | Luca Deri | 2022-06-20 |
| | | |||
| * | Updated DNS alert triggered only with TTL == 0 | Luca Deri | 2022-06-14 |
| | | |||
| * | Restored ndpi_set_proto_defaults() prototype | Luca Deri | 2022-06-13 |
| | | | | | Updated test results | ||
| * | Improved DNS traffic analysis | Luca Deri | 2022-06-13 |
| | | | | | Added ability to identify application and network protocols | ||
| * | Updated tests results | Luca Deri | 2022-05-30 |
| | | | | | Code cleanup | ||
| * | Modified risk labels | Luca Deri | 2022-05-04 |
| | | |||
| * | Sync unit tests results (#1533) | Ivan Nardi | 2022-04-27 |
| | | |||
| * | Sync unit tests results (#1423) | Ivan Nardi | 2022-01-28 |
| | | | | Fix: 7a3aa41a | ||
| * | Add a "confidence" field about the reliability of the classification. (#1395) | Ivan Nardi | 2022-01-11 |
| | | | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic. | ||
| * | ndpiReader: slight simplificaton of the output (#1378) | Ivan Nardi | 2021-11-27 |
| | | |||
| * | Updated output | Luca Deri | 2021-08-07 |
| | | |||
| * | ndpiReader: add statistics about nDPI performance (#1240) | Ivan Nardi | 2021-07-13 |
| | | | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits. | ||
| * | Added flow risk score | Luca Deri | 2021-05-18 |
| | | |||
| * | Fixes #1029 | Luca Deri | 2020-11-27 |
| | | |||
| * | Added risks for checking | Luca Deri | 2020-09-21 |
| - invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension | |||