• E-Shop Legal Information
  • E-Shop Terms and Conditions
  • GitHub
  • Resellers
  • Newsletter
  • Home
ntop
  • Home
  • Blog
  • Products
    • Packet Capture
      • PF_RING
      • PF_RING ZC (Zero Copy)
      • PF_RING FT (Flow Table)
      • nTap
    • Traffic Recording & Replay
      • n2disk
      • disk2n
      • nBox Recorder
    • Flow-based Traffic Analysis
      • nProbe
      • nProbe™ Cento
      • nBox NetFlow/IPFIX
    • Traffic Analysis and Enforcement
      • ntopng
      • ntopng Edge
    • Deep Packet Inspection
      • nDPI
    • DDoS Mitigation and VPN
      • nScrub
      • n2n
  • Support
    • Documentation
      • FAQs
      • User’s Guides
      • Video Tutorials
    • Need Help?
      • Bug Report
      • Contact Us
      • Community Support
      • Commercial Support
    • Training
      • Professional Training
    • Misc
      • Code Security
      • Contributor License Agreement
      • Brochures
  • GitHub
  • Get Started
  • About
    • About Us
    • The ntop Team
    • Work With Us at ntop
    • ntop Conference
    • Credits
    • Partners
    • Resellers
    • Legal Information
    • Privacy Policy
    • Locations
    • Resources
  • Shop
admin 0

HowTo Use Periodic Traffic Analysis in Cybersecurity

Posted January 3, 2023 · Add Comment

Since v5 ntopng has the ability to detect periodic activities, i.e. activities that are repeated periodically at a given pace (note that each activity can have a different frequency, and ntopng is able to detect them). Periodic activities are not … Continue reading →

Read More
Matteo Biscosi 0

What’s New in ntopng: Network Assets

Posted December 5, 2022 · Add Comment

Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about the Asset Map. … Continue reading →

Read More
Matteo Biscosi 0

What’s New in ntopng: Periodic Activities (a.k.a beaconing) !

Posted November 21, 2022 · Add Comment

Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about the Periodicity Map. … Continue reading →

Read More
admin 0

Malware Traffic Analysis in ntopng

Posted October 5, 2022 · Add Comment

ntop users have started to use our tools for malware analysis as contrary to packet sniffers or text-based security tools, ntopng comes with a web interface that simplifies the analysis. For this reason we have recently: Added the ability to … Continue reading →

Read More
admin 0

Using Blacklists to Catch Malware Communications Using ntopng

Posted September 26, 2022 · Add Comment

A category list is a control mechanism used to label traffic according to a category. In nDPI, the traffic classification engine on top of which ntop applications are built, there are various categories including (but not limited to) mining malware … Continue reading →

Read More
admin 0

What is CyberScore and How it Works: a Technical Overview

Posted July 29, 2022 · Add Comment

ntop users as familiar with concepts such as flow risk and cyberscore. This week we have presented a conference paper [slides] at 2022 IEEE International Conference on Cyber Security and Resilience where we describe in detail what is cyberscore, how … Continue reading →

Read More
admin 0

Introducing nDPI 4.4: Many New Protocols, Improvements and Cybersecurity Features

Posted July 6, 2022 · Add Comment

This is to introduce nDPI 4.4 that includes the development activities of the last six months. As with previous releases we are improving protocol support, automatic testing to harden the code for critical environments, and introducing new cybersecurity features for … Continue reading →

Read More
admin 0

How ntopng monitors IEC 60870-5-104 traffic

Posted May 18, 2022 · Add Comment

Busy times for OT analysts. Last month the number of known OT (operational technology) malware increased from five to seven. First malware discovered is Industroyer2 which was caught in the Ukraine. As nowadays popular, security companies name the malware they … Continue reading →

Read More
admin 0

Incident Analysis: How to Correlate Alerts with Flows and Packets

Posted February 18, 2022 · Add Comment

In incident analysis it is important to provide evidence of the problem  at various level of details: Alerts Alerts are the result of traffic analysis (in ntopng based on checks) that have detected specific indicators in traffic that triggered the … Continue reading →

Read More
admin 0

Short ntop Roadmap for 2022

Posted January 4, 2022 · Add Comment

Those who attended our latest 2021 webinar, had a feeling of what are ntop plans for this year. In summary we keep focusing on cybersecurity and visibility, planning to further enhance our existing tools as follows: nDPI: we plan to … Continue reading →

Read More
  • ← Previous Entries
 
  • Popular
  • Recent
  • Comments
  • Tags
  • PF_RING 6.0.3 Just ReleasedToday we have released PF_RING 6.0.3  a maintenance release that [...]
  • ntopng Deep Dive: Interview with Ivan PepelnjakLast month Ivan Pepelnjak interviewed me on Software Gone Wild [...]
  • ntop is back: ntopng 1.0 just releasedAfter 15 years since the introduction of the original ntop [...]
  • Using Python (including Jupyter Notebook) with ntopngMost programmers and network/security administrators are familiar with the Python [...]
  • Rethinking Flow Visualisation in ntopngFor years ntopng has listed flows in a tabular view. [...]
  • Scaling Up: How To Collect, Analyse, and Store Flows at Scale (100 Gbit+)Most ntop tools such as nProbe cento and n2disk have [...]
  • Using Python (including Jupyter Notebook) with ntopngMost programmers and network/security administrators are familiar with the Python [...]
  • HowTo Use Periodic Traffic Analysis in CybersecuritySince v5 ntopng has the ability to detect periodic activities [...]
active monitoring cento containers dns ebpf elasticsearch export flows fosdem hancitor icinga2 imap infection influxdb inline layer7 n2disk netflow nProbe nprobeagent ntopng ntp performance pop release round trip time rtt security themes visibility
  • Browse By Date

  • Browse By Categories

    • Announce (51)
    • cento (8)
    • Components (1)
    • Cybersecurity (21)
    • Features (3)
    • Guides (11)
    • libebpfflow (1)
    • n2disk (20)
    • n2n (7)
    • nbox (7)
    • nDPI (53)
    • nEdge (6)
    • News (15)
    • nProbe (100)
    • nScrub (3)
    • ntop (111)
    • ntopng (155)
    • PF_RING (93)
    • snort (3)
    • TNAPI (11)
    • tutorials (18)
    • vPF_RING (3)
    • Webinar (16)
    • ZC (30)
 
  • Latest Posts

    • Rethinking Flow Visualisation in ntopng
    • Scaling Up: How To Collect, Analyse, and Store Flows at Scale (100 Gbit+)
    • Using Python (including Jupyter Notebook) with ntopng
    • HowTo Use Periodic Traffic Analysis in Cybersecurity
    • Short 1Q23 Roadmap
  • Upcoming Events

    No events planned at this time.
© 1998-2023 ntop
ntop, ntopng, nDPI, PF_RING, nProbe, and n2disk are registered trademarks.