For years network traffic monitoring has focused on protocols, and IP address/ports. Today users demand more behaviour-oriented tools able to characterise user traffic, and prevent device/Iot-specific data exchanges. This talk show how to achieve this using open source software on embedded systems.
ntopng is an open source network traffic application based on nDPI a library for deep-packet inspection (both available as open source at http://github.com/ntop ). The talk describes the challenges of modern, content/user-oriented network traffic monitoring where we need to move from the traditional packet-oriented paradigm (IP X contacted host Y) to user-oriented (user A is talking on Skype call with user B) and IoT-aware (my television is trying to send an email, is this allowed?) traffic patterns. This talk describes the challenges of these monitoring activities, and how to make them efficient enough to be run on cheap embedded devices. The core talk topics include network traffic monitoring, Linux netfilter, embedded devices (including RaspberryPI).
Embedded
45 min
English
Intermediate