Last week during SharkFest Europe 2024 we have presented what are network fingerprints and how they work.
During the talk we (Luca and Ivan) have described how we have extended nDPI with support of network fingerprints, and how this work has been also integrated in Wireshark. We believe that fingerprints are an interesting technology that can help in better understanding the nature of traffic flows, detect inconsistencies on crafted traffic (e.g. a Windows box that pretends to impersonate an iOS device), and of course in cybersecurity. In the coming months we plan to do a native Wireshark integration and also to use them in ntop tools such as ntopng.
For those how didn’t have the chance to attend the presentation, these are the presentation slides.
Enjoy !