We have created nDPI to label network traffic and extract metadata such as the URL or TLS certificate information. nDPI is the layer on top of which ntop applications are sitting. This time we do not want to talk about nDPI internals but rather use it to monitor Internet traffic. For this reason we have taken traffic from an Italian broadband (no mobile) ISP, and used ntopng + nDPI to monitor the Internet traffic produced by residential and business users. Below you can find the results for social networks and streaming services.
We believe these numbers will change according to the country and customer types, but we present them here because:
- Not everyone knows that nDPI is a first class DPI toolkit that includes all modern application protocols ranging from business protocols, to social, streaming, IoT and peer-to-peer.
- nDPI is able to classify not just the main protocol (e.g. Facebook) but also sub-protocols (e.g. Facebook Reels, Stories, chat and images).
- nDPI can detect both plain Internet and mobile network encapsulated traffic (GTP).
- The nDPI maintainers and contributors are very active and basically every day contribute to make nDPI better.
- We have implemented various techniques including fuzzing to make sure nDPI is robust and ready for business environments.
1. Social Networks