DEEP PACKET INSPECTION

Data on the Internet is sent in “packets”, which are basically small blocks of data. Each packet has a header that describes its origin and destination (like an envelope with a sender and recipient address). This information allows the network equipment to determine the best path to send a packet at given moment.

Historically, network equipment only looked at origin and destination information. But with rapid increase of malicious activity network owners decided that they need to look at more details of each packet to distinguish “safe” packets from those being part of hacking or denial of service attacks.

For example, network security programs (“firewalls”) could initially only block a packet travelling from a specific origin, to a specific destination and to a specific service. Using these criteria you could block all incoming service requests to your office’s network, because you make no services available for general public. And you could still enjoy all other services available on Internet by allowing service requests originating from your office network.At some point you might decide to start a web server at your network to publish documents. You would need to modify your firewall settings to allow incoming service request, but only for the web service. But then, there are numerous attacks against web servers that look quite innocent from firewall’s point of view. It is impossible to distinguish legitimate packets from malicious ones based just on origin and destination details.

Network engineers soon realised that it would be easier to detect attacks if the network equipment started looking a bit deeper into the packets. In theory it is easy – the headers in packet are not “separated” in any other way than logical definition of boundaries. It’s just a matter of analysing a few next bytes than we were analysing so far e.g. for routing purposes. Or go even deeper and look inside the block of data in the packet.
Devices that started doing that were initially called Intrusion Prevention Systems (IPS) and soon these features were introduced into most network equipment. When it was used to block hacking attacks, this caused no controversy.
TAKING A LOOK AT YOUR INTERNET TRAFFIC
DEEP PACKET INSPECTION
However, over time, governments, content providers and network operators started to realise that the technique – in general use called deep packet inspection (DPI) – gives them much more control over the network users’ data than it was possible before. DPI techniques are already in use for law enforcement (surveillance, blocking, etc), market profiling, and advertisement targeting, service level agreement enforcement and is being proposed for copyright enforcement.
From a user’s point of view DPI techniques can be blocked by using encryption – the “deep” contents of an encrypted packet is completely opaque to the operator.

Thanks

DEEP PACKET INSPECTION

Facebook Seo Tips 2016

What is Web

How work internet

Who Pay for the internet?

What is the World Wide Web?

What is ENCRYPTION