Abstract
As the number of cyber-attacks continue to increase, the need for data protection increases as well. Deep Packet Inspection is a highly effective way to reveal suspicious content in the headers or the payloads in any packet processing layer, except when the payload is encrypted. DPI is an essential inspector of packet payloads as it is applied to many different layers of the OSI model. The DPI tasks include intrusion detection, exfiltration detection and parental filtering. This can be a great advantage as layer-independent attacks are becoming more prevalent. It allows for inspection of all layers for attacks. However, there are challenges that come with Deep Packet Inspection. Some include the decrease of throughput of the system, attacks through the Secured Socket Layer and intrusion fingerprint matching. These challenges do not constitute as grounds to eliminate DPI as a method, but instead obstacles to be aware of in case difficulties with implementation prevails.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
G.A.P. Rodrigues, R. de Oliveira Albuquerque, F.E.G. de Deus, R.T. de Sousa Jr., G.A. de Oliveira Júnior, L.J.G. Villalba, T.-H. Kim, Cybersecurity and network forensics: Analysis of malicious traffic towards a Honeynet with Deep Packet Inspection. Appl. Sci. 7(10), 1082 (2017)
A. Kennedy, X. Wang Z. Liu, B. Liu, Ultra-high throughput string matching for Deep Packet Inspection, in 2010 Design, Automation & Test in Europe Conference & Exhibition (2010), Dresden, 2010, pp. 399–404
S. Antonatos, K.G. Anagnostakis, E.P. Markatos, Generating realistic workloads for network intrusion detection systems. SIGSOFT Softw. Eng. Notes 29(1), 207–215 (2004)
V. Martin, Why you should use SSL inspection—Fortinet Cookbook. [Online] Fortinet Cookbook (2017). http://cookbook.fortinet.com/why-you-should-use-ssl-inspection
A10 Networks, Thunder SSLi|A10 Networks (2017) [Online]. https://www. a10networks.com/products/thunder-series/ssl-decryption-encryption-and-inspection-ssl-insight
Fortinet, Next-Generation Firewalls (2017). [Online]. https://www.fortinet.com/products/next-generation-firewall.html
Solarwinds, IT Management Software & Monitoring Tools|SolarWinds (2017). [Online].~ https://www.solarwinds.com/?&CMP=KNC-TAD-GGL-SW_NA_US_PP_CPC_LD_EN_PBRDE_DWA-X-X_X_X_X-X-775928844_40237439985_g_c_Solarwinds-e~185579782075~&kwid=iDVonkDn&gclid=CjwKCAiAxarQBRAmEiwA6YcGKOxRegq5tt6yVv_1LfkFMzd51MDaZX-JCVc0l2077adKbim-1GosPhoCL58QAvD_BwE
Snort.org, What is Snort? (2017) [Online]. https://www.snort.org/faq/what-is-snort
J. Sherry, C. Lan, R.A. Popa, S. Ratnasamy, Blindbox: Deep packet inspection over encrypted traffic. Comput. Commun. Rev. 45(5), 213 (2015). https://doi.org/10.1145/2829988.2787502
M. Pyatkovskiy, Fast SSL testing using precalculated cryptographyc data (2017). Patents, [Online] p. 9. https://www.google.com/patents/US8649275
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Bartus, H. (2018). Deep Packet Inspection: A Key Issue for Network Security. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 738. Springer, Cham. https://doi.org/10.1007/978-3-319-77028-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-77028-4_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-77027-7
Online ISBN: 978-3-319-77028-4
eBook Packages: EngineeringEngineering (R0)