DIFFUSE enables FreeBSD's IPFW firewall subsystem to classify IP traffic based on statistical traffic properties. With DIFFUSE, IPFW computes statistics (such as packet lengths or inter-packet time intervals) for observed flows, and uses ML (machine learning) techniques to assign flows into classes. In addition to traditional packet inspection rules, IPFW rules may now also be expressed in terms of traffic statistics or classes identified by ML classification. This can be helpful when direct packet inspection is problematic (perhaps for administrative reasons, or because port numbers do not reliably identify classes of applications). DIFFUSE also enables one instance of IPFW to send flow information and classes to other IPFW instances, which then can act on such traffic (e.g. to prioritize, accept, or deny) according to its class. This allows for distributed architectures, where classification at one location in your network is used to control firewalling or rate-shaping actions at other locations.
|Tags||Firewall Traffic Classification Network|
|Operating Systems||FreeBSD Linux|
Release Notes: A few minor bugs were fixed, and a script for offline analysis was added.
Release Notes: A small number of bug fixes and tweaks were made.
Release Notes: This release contains a number of bug fixes as well as a number of new features. Most notably, this version now contains tools to build classifier models, a feature module and classifier model to classify Skype version 3/4 traffic, and new first person shooter game traffic classifier models. Furthermore, based on a modified version of Luigi Rizzo's IPFW/Dummynet for Linux, there is a Linux version of DIFFUSE now.