A bit late on this talk and I'm pretty sure I've seen this talk in the past, but this is a really great use for the Raspberry Pi 3 that one just has lying around.
Essentially, the pi gets all the network traffic somehow, uses an IDS (in this case, Bro IDS), and then one does analysis on the logs from the IDS to see what's going on. In the talk, they use ELK stack, which seems pretty straightforward for setup on Raspbian. I know @mike and I know a thing or two about log aggregation and filtering, as well as the visualization setup.
This could make a good project or meetup topic in the future for those interested in network security.