Projects / DIFFUSE

DIFFUSE

DIFFUSE enables FreeBSD's IPFW firewall subsystem to classify IP traffic based on statistical traffic properties. With DIFFUSE, IPFW computes statistics (such as packet lengths or inter-packet time intervals) for observed flows, and uses ML (machine learning) techniques to assign flows into classes. In addition to traditional packet inspection rules, IPFW rules may now also be expressed in terms of traffic statistics or classes identified by ML classification. This can be helpful when direct packet inspection is problematic (perhaps for administrative reasons, or because port numbers do not reliably identify classes of applications). DIFFUSE also enables one instance of IPFW to send flow information and classes to other IPFW instances, which then can act on such traffic (e.g. to prioritize, accept, or deny) according to its class. This allows for distributed architectures, where classification at one location in your network is used to control firewalling or rate-shaping actions at other locations.

Tags
Licenses
Operating Systems
Implementation
Translations

RSS Recent releases

  •  11 May 2011 09:17

    Release Notes: A few minor bugs were fixed, and a script for offline analysis was added.

    •  18 Feb 2011 10:24

      Release Notes: A small number of bug fixes and tweaks were made.

      •  02 Feb 2011 14:06

        Release Notes: This release contains a number of bug fixes as well as a number of new features. Most notably, this version now contains tools to build classifier models, a feature module and classifier model to classify Skype version 3/4 traffic, and new first person shooter game traffic classifier models. Furthermore, based on a modified version of Luigi Rizzo's IPFW/Dummynet for Linux, there is a Linux version of DIFFUSE now.

        Screenshot

        Project Spotlight

        abcm2ps

        A music typesetter, based on the ABC language.

        Screenshot

        Project Spotlight

        g7ctrl

        A daemon for the GM7 GPS Tracker.