I. Introduction
Network traffic has changed significantly in terms of network protocols and behaviour. Today most of the network traffic is encrypted. As encryption is now pervasive in Internet traffic, it is becoming important to provide network visibility in this new changed scenario where clear-text protocols are used less frequently even though they are still relatively popular in LAN networks where obsolete operating systems and outdated IoT devices will be used for some more years. This means that we need to complement existing techniques with new measurements metrics able to inspect and characterise encrypted traffic for the purpose of identifying threats and changes in network traffic behaviour. In home networks the widespread use of IoT and healthcare devices that operate using cloud services has created new security issues as users no longer interact directly with the device but only through cloud services. This trend towards cloud-based security is present also on products manufactured by leading firewall vendors that can be accessed solely using a cloud console and no longer connecting to the firewall sitting on the company premises.