SharkFest'24 EU

Luca Deri

Luca Deri is the leader of the ntop project (www.ntop.org), aimed at developing an open-source monitoring platform for high-speed traffic analysis and cybersecurity. He worked for the University College of London and IBM Research, before receiving his PhD at the University of Berne with a thesis about software components for traffic monitoring applications. Well-known in the open-source and Linux community, he currently shares his time between the ntop project and the University of Pisa where he has been appointed as a lecturer in the CS department.


Sessions

11-07
09:45
90min
A Deep Dive Into Traffic Fingerprints using Wireshark
Luca Deri, Ivan Nardi

Understanding network traffic fingerprints is crucial for enhancing cybersecurity and network performance. This talk provides a concise exploration of network traffic fingerprints, discussing their definition, identification methods, and practical applications. We will cover techniques like deep packet inspection, flow analysis, and machine learning to capture and analyze traffic patterns. Real-world examples using Wireshark/tshark will illustrate their use in intrusion detection, anomaly detection, and network optimization.

Challenges such as encryption and evolving threats will be addressed, alongside emerging trends in network traffic analysis. Attendees will gain actionable insights on leveraging traffic fingerprints for improved security and efficiency, making this talk essential for network administrators, security professionals, and researchers.

Presentation slides and pcaps are available at https://tinyurl.com/sf24derinardi

Intermediate
Ballroom A+B+C