Transcript 18 DPI

TASHKENT UNIVERSITY OF INFORMATION
TECHNOLOGIES
Lesson №18
Telecommunication software design for
analyzing and control packets on the
networks by using
DPI-technology
INTRODUCTION
 Wireless and fixed network broadband service providers
face the challenge of increasing return on investment in the
face of increasing infrastructure costs to keep up with
unprecedented data demand by subscribers while
opportunities for increasing revenues remain elusive.
 Service providers are faced with unprecedented demand for
more and higher speed bandwidth in the face of new
applications, increased video use, and subscriber growth.
 Service providers need an awareness of the applications
that use IP in order to provide the key roles of security and
fairness and DPI is the cornerstone in enabling those
through informed decisions.
Topicality of the subject
 Within increasing number of Internet users, different problems are going up on the




networks. The main problems on the communication networks are quality of service,
network security and traffic management on the today’s point.
The decision of these problems is connected with deep packet inspection technology,
which analyses data packets in “depth”. Also, security of communication systems
defines with DPI. Using DPI aplications allow security services, like control,
blocking unwanted accesses, removing malicious packets, distinguish viruses and
other services for avoiding from threads to service providers and network users. In
detail, network providers can protect and control their network with DPI.
Developing and implementing DPI security solutions in Uzbekistan improve the
national infrastructure of information and communication society. After realizing
Electron-government in Uzbekistan DPI takes main role in control and management
information resources and supports reliable and secure communication.
Because of reasons defined above now DPI systems are actual issue in the global
telecommunication market. Researchers are working to development new methods
to improve the performance of deep packet inspection applications.
Therefore, this work is devoted to development of security solution for IP-based
packet networks by using DPI.
The range of Packet Inspection by
DPI
Deep Packet Inspection
implementation
Packet inspection model and algorithm
Deep Packet Inspection software
architecture
Deep Packet Inspection software in
Windows OS
Deep Packet Inspection software in
Windows OS
Deep Packet Inspection software in Windows OS
Connections and object status window
Reports window of DPI software
Protocol inspection results
Threats of unregistrated users to
system
The performance of software
Comparison of DPI vs non-DPI
system performances
Results of testing system
 Results present, attempts to connect to system and
threats to system increase depends on the time,
effective performance of system goes down because of
unregistrated attempts to connect. Testing results
shows that software performance remains around 50%
- 60% after a half hour.
 Testing results show, Linux DPI filter application
works better then Windows application. The
performance of Linux DPI application is higher and
packet inspection, filtering processes are faster in local
machine.
Conclusion
 In research on this thesis, I used deep packet inspection techniques, algorithms
and requirements. DPI requirements specify the packet inspection function on
the entire packet content rather than just the header. To keep up with high





speed packet processing in existing networks, I proposed and used deep packet
inspection schemes that are, optimized for new technologies such as Static
Pattern Content Matching, Regular Expression Pattern Matching and multicore processors. Algorithms, I used in that work both on packet headers and
packet payload. The developed DPI system is in a cohesive and flexible
architecture that can perform high rate packet scanning and inspecting against
thousands of sophisticated patterns.
So, consistent with this thesis, the tasks have been solved:
analyzed of DPI solutions for networks security in ip-based communication
networks;
analyzed of deep packet inspection methods and algorithms;
developed algorithm and program for DPI security system in different
operation systems;
explained experimental analyses taken from real network with DPI software.
Conclusion
 Nowadays DPI systems able to deal with high packet incoming
rate, can handle such load of traffic with increase in the
classification completeness. Additionally, such modifications
empower DPI systems, in order to provide ISPs with a wider view
of what is passing through their network, aggregating a great
amount of traffic information.
 In this dissertation, I explained high speed packet processing
algorithms for new services such as network intrusion detection,
high speed firewalls and developed own DPI security software for
server. These DPI applications can reconfigure on demand and
may add thousands of known protocol patterns for rapid
scanning and analyzing data packets.
THANK YOU FOR
YOUR ATTENTION!