vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-30 16:09:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Add an heuristic to detect fully encrypted flows (#2058)

Browse source 
A fully encrypted session is a flow where every bytes of the
payload is encrypted in an attempt to “look like nothing”.
The heuristic needs only the very first packet of the flow.
See: https://www.usenix.org/system/files/sec23fall-prepub-234-wu-mingshi.pdf

A basic, but generic, inplementation of the popcpunt alg has been added
This commit is contained in:
Ivan Nardi 2023-07-26 09:09:12 +02:00 committed by GitHub
parent 2b230e28e0
commit 3326fa258e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 280 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
tests/cfgs/default/pcap/shadowsocks.pcap Normal file
View file

Binary file not shown.