Deep packet inspection

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship,[1] among other purposes.[2] There are multiple headers for IP packets; network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (such as TCP or UDP) is normally considered to be shallow packet inspection (usually called stateful packet inspection) despite this definition.[3]

There are multiple ways to acquire packets for deep packet inspection. Using port mirroring (sometimes called Span Port) is a very common way, as well as physically inserting a network tap which duplicates and sends the data stream to an analyzer tool for inspection.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and internet censorship. Although DPI has been used for Internet management for many years, some advocates of net neutrality fear that the technique may be used anticompetitively or to reduce the openness of the Internet.[4]

DPI is used in a wide range of applications, at the so-called "enterprise" level (corporations and larger institutions), in telecommunications service providers, and in governments.[5]

  1. ^ Duncan Geere, https://www.wired.co.uk/article/how-deep-packet-inspection-works
  2. ^ Dharmapurikarg, Sarang; Krishnamurthy, Praveen; Sproull, Todd; Lockwood, John. "Deep packet inspection using parallel bloom filters". 11th Symposium on High Performance Interconnects.
  3. ^ Thomas Porter (2005-01-11). "The Perils of Deep Packet Inspection". SecurityFocus.com. Retrieved 2008-03-02.
  4. ^ Hal Abelson; Ken Ledeen; Chris Lewis (2009). "Just Deliver the Packets, in: "Essays on Deep Packet Inspection", Ottawa". Office of the Privacy Commissioner of Canada. Retrieved 2010-01-08.
  5. ^ Ralf Bendrath (2009-03-16). "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection, Paper presented at the International Studies Annual Convention, New York City, 15–18 February 2009" (PDF). International Studies Association. Retrieved 2010-01-08.

From Wikipedia, the free encyclopedia · View on Wikipedia

Developed by razib.in