Deep Packet Inspection Matthew Carson
What is Deep Packet Inspection? A form of packet filtering which examines the data portion of an internet packet as it passes an inspection point, which searches for protocol non-compliance, viruses, spam, intrusions or other specified criteria to determine whether the packet may pass through the inspection point or if it needs to be routed to a different destination.
How is it used? Network Security Network Optimization Copyright enforcement Data mining Eavesdropping Censorship
Why is it important?
How much data?? According to Intel In just 60 seconds, nearly 640 TB of IP data is transferred over the internet Amazon averages $83,000 in sales Google processes over 2 million search requests In one day, on average, nearly 900 Petabytes are sent over the internet
My information is protected… Right?
Electronic Communications Privacy Act of 1986 (ECPA) Prevents unauthorized interception of electronic communications Imposes civil liability upon those who do Includes traffic on the internet
Embarq & NebuAd In 2007 ISP Embarq authorized NebuAd to collect information about their customers Collected Browsing data as customers passed through network “checkpoints” Class Action Lawsuit filed November 2008
Legal vs Ethical
Court Ruling Embarq was not in violation of ECPA Embarq had “access” to the information through the use of devices used during the course of normal business operations Embarq had no access to the data apart from its access as an ISP
And NebuAd? SUBSEQUENTLY DISSOLVED AGREED TO A $2.4 MILLION DOLLAR SETTLEMENT ASSERTS NO WRONG DOING
Other Uses of DPI technology Security Dell utilizes a DPI technology known as Reassembly-Free Deep Packet Inspection (RFDPI) to monitor for viruses, malware, Trojans, etc. Internet Censorship China uses DPI to monitor and control the flow of information throughout the population CALEA
Communications Assistance for Law Enforcement Act (CALEA) Requires Telecommunications providers to provide the ability for law enforcement to intercept communications in the pursuit of criminal activity
Conclusion DPI is a powerful and necessary technology Mostly used for security purposes Can be misused, like all other technology Need for more detailed, up-to-date laws
References _Enforcement_Act Inspection.html nebuad-hides-link-in-5000-word-privacy-policy rt-rules-for-isp-in-deep-packet-inspection-lawsuit
References lights-nebuad m internet-640tb-data-transferred-100k-tweets-204-million- s- sent.html