You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Shane Alcock edited this page Dec 16, 2016
·
2 revisions
Libprotoident
Libprotoident is a library that attempts to identify the application protocol being used by traffic flows, requiring no more than four bytes of application payload per packet. The aim is to support traffic classification in cases where full deep-packet inspection is not possible, e.g. packet traces captured from networks where most of the payload had to be removed for privacy reasons.
Many of the trace sets on WITS, for instance, are truncated to contain four bytes of application payload and therefore libprotoident can be used to classify traffic in these traces.