View
230
Download
0
Category
Tags:
Preview:
Citation preview
Deep Packet InspectionMatthew Carson
What is Deep Packet Inspection?
A form of packet filtering which examines the
data portion of an internet packet as it passes an
inspection point, which searches for protocol non-
compliance, viruses, spam, intrusions or other
specified criteria to determine whether the packet
may pass through the inspection point or if it
needs to be routed to a different destination.
How is it used?
• Network Security
• Network Optimization
• Copyright enforcement
• Data mining
• Eavesdropping
• Censorship
Why is it important?
How much data??According to Intel
• In just 60 seconds, nearly 640 TB of IP data is transferred over the internet
• Amazon averages $83,000 in sales
• Google processes over 2 million search requests
• In one day, on average, nearly 900 Petabytes are sent over the internet
My information is protected…
Right?
Electronic Communications Privacy
Act of 1986(ECPA)
• Prevents unauthorized interception of electronic communications
• Imposes civil liability upon those who do
• Includes traffi c on the internet
Embarq & NebuAd
In 2007 ISP Embarq authorized NebuAd to collect information about their customers
Collected Browsing data as customers passed through network “checkpoints”
Class Action Lawsuit fi led November 2008
Legal vs Ethical
Court Ruling
• Embarq was not in violation of ECPA
• Embarq had “access” to the information through the use of devices used during the course of normal business operations
• Embarq had no access to the data apart from its access as an ISP
And NebuAd?
SUBSEQUENTLY DISSOLVED
AGREED TO A $2.4 MILLION DOLLAR SETTLEMENT
ASSERTS NO WRONG DOING
Other Uses of DPI technology
Security• Dell utilizes a DPI technology known as
Reassembly-Free Deep Packet Inspection (RFDPI) to monitor for viruses, malware, Trojans, etc.
Internet Censorship• China uses DPI to monitor and control
the flow of information throughout the population
CALEA
Communications Assistance for Law Enforcement Act
(CALEA)
• Requires Telecommunications providers to provide the ability for law enforcement to intercept communications in the pursuit of criminal activity
Conclusion
• DPI is a powerful and necessary technology
• Mostly used for security purposes
• Can be misused, like all other technology
• Need for more detailed, up-to-date laws
Referenceshttp://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
https://www.sonicwall.com/us/en/products/Deep-Packet-Inspection.html
http://en.wikipedia.org/wiki/NebuAd
http://arstechnica.com/uncategorized/2008/07/06-opt-out-nebuad-hides-link-in-5000-word-privacy-policy
http://www.telecomlawmonitor.com/2013/01/articles/litigation/court-rules-for-isp-in-deep-packet-inspection-lawsuit
Referenceshttp://blogs.wsj.com/venturecapital/2009/05/19/turning-out-the-lights-nebuad
http://blog.ericgoldman.org/archives/2013/01/tenth_circuit_g_1.htm
http://www.techspot.com/news/52011-one-minute-on-the-internet-640tb-data-transferred-100k-tweets-204-million-e-mails-sent.html
http://www.mediapost.com/publications/article/155980
Recommended