1

Topic: The signature analyzer on the network traffic

All greetings! There is a task to make the signature analyzer for the analysis  traffics. ,  and  I know. To study and  source codes somehow not so it would be desirable. It would be desirable to investigate properly. Therefore it would be desirable to esteem something to begin with... Who Can that advises and  references on the theory and , if any? In advance qualitative !

2

Re: The signature analyzer on the network traffic

Hello, - prus - you wrote: P> in advance qualitative ! While here only found it.

3

Re: The signature analyzer on the network traffic

Hello, - prus - you wrote: P> All greetings! P> there is a task to make the signature analyzer for the analysis  traffics. ,  and  I know. To study and  source codes somehow not so it would be desirable. P> it would be desirable to investigate properly. Therefore it would be desirable to esteem something to begin with... P> who Can that advises and  references on the theory and , if any? P> in advance qualitative ! Can dig aside ML  to ids - it is possible to begin here. Now it is fashionable.

4

Re: The signature analyzer on the network traffic

Hello, Sharov, you wrote: S> Can dig aside ML  to ids - it is possible to begin here. Now it is fashionable. Yes, thanks. As a whole while the task not IDS/IPS to do, and something like Fingerprint'a

5

Re: The signature analyzer on the network traffic

Hello, - prus - you wrote: P> There is a task to make the signature analyzer for the analysis  traffics. And sense? Usage in websites As of June 2017, 21.7 % of Alexa top 1,000,000 websites use HTTPS as default, [14 43.1 % of the Internet's 141,387 most popular websites have a secure implementation of HTTPS, [15] and 45 % of page loads (measured by Firefox Telemetry) use HTTPS. [16] According to Mozilla since January 2017 more than half of the Web traffic is encrypted Eksploit boots through HTTPS, installs  which with  will drive the data too on the tunnel. Also the certificate  that MITM to eliminate with substitution.

6

Re: The signature analyzer on the network traffic

Hello, IID, you wrote: IID> Hello, - prus - you wrote: P>> There is a task to make the signature analyzer for the analysis  traffics. IID> and sense? IID> Eksploit boots through HTTPS, installs  which with  will drive the data too on the tunnel. Also the certificate  that MITM to eliminate with substitution. To load  there seven more seas - it is necessary to start to scan accurately a network \host about a triggered software. Here just NDS also fulfills.

7

Re: The signature analyzer on the network traffic

Hello, Sharov, you wrote: S> to load  there seven more seas - it is necessary to start to scan accurately a network \host about a triggered software. Here just NDS also fulfills. Optionally. The host itself much enough  gives, for example in useragent fingerpring. Draws even more out JS. Can even ASLR bypass at good luck. And all it will be on HTTPS to the channel, and the site domain can be quite safe. Moreover, to scan outside - confused enough occupation. All sit for NAT th, moreover and  are covered, already 10 + years as.