Deep packet inspection

[4] DPI is used in a wide range of applications, at the so-called "enterprise" level (corporations and larger institutions), in telecommunications service providers, and in governments.

The technology traces its roots back over 30 years, when many of the pioneers contributed their inventions for use among industry participants, such as through common standards and early innovation, such as the following: Essential DPI functionality includes analysis of packet headers and protocol fields.

in a legacy telephone environment, this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment.

The acquisition component of this functionality may be provided in many ways, including DPI, DPI-enabled products that are "LI or CALEA-compliant" can be used – when directed by a court order – to access a user's datastream.

DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail, to websites, to sharing of music, video and software downloads".

Due to the frequently large size of media files being transferred, P2P drives increasing traffic loads, requiring additional network capacity.

Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as e-mail or Web browsing which use less bandwidth.

Additionally, a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not.

[19] By being able to charge for a "walled garden", per application, per service, or "all-you-can-eat" rather than a "one-size-fits-all" package, the operator can tailor their offerings to the individual subscriber and increase their average revenue per user (ARPU).

In 2006, one of Denmark's largest ISPs, Tele2, was given a court injunction and told it must block its customers from accessing The Pirate Bay, a launching point for BitTorrent.

The Motion Picture Association of America (MPAA), which aims to enforce movie copyrights, has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy techniques such as deep packet inspection and other forms of filtering.

People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence, Falun Gong, the Dalai Lama, the Tiananmen Square protests and massacre of 1989, political parties that oppose that of the ruling Communist party, or a variety of anti-Communist movements[26] as those materials were signed as DPI sensitive keywords already.

[28] Since 2015, Egypt reportedly started to join the list which was constantly being denied by the Egyptian National Telecom Regulatory Authority (NTRA) officials.

The Indian ISP Jio, which is also the largest network operator in India has been known to employ sophisticated DPI techniques like SNI-based filtering to enforce censorship.

[31][32] The Indonesian government via Telkom Indonesia,[33] supported by Cisco Meraki DPI technology, perform country-wide surveillance by the way of deep packet inspection,[34] and map it into SSN/NIK (Nomor Induk Kependudukan) of its citizens that registered to the state-owned ISP.

The purpose of deep packet inspection including filtering porn, hates speech, and reducing tension in West Papua.

[37] According to unnamed experts cited in the article, the system "enables authorities to not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes".

[citation needed] That relates to intercepting data for the purposes of combating terrorism, child pornography, drug trafficking, and other criminal activities carried out online, a capability that most if not all telecom companies have, he said....

The joint venture exited the business that included the monitoring equipment, what it called 'intelligence solution,' at the end of March, by selling it to Perusa[38] Partners Fund 1 LP, a Munich-based investment firm, Mr. Roome said.

[43] The incumbent Malaysian government, headed by Barisan Nasional, was said to be using DPI against a political opponent during the run-up to the 13th general elections held on 5 May 2013.

Federal Law No.139 enforces blocking websites on the Russian Internet blacklist using IP filtering, but does not force ISPs into analyzing the data part of packets.

For 2019, the governmental agency Roskomnadzor is planning a nationwide rollout of DPI after the pilot project in one of the country's regions, at an estimated cost of 20 billion roubles (US$300M).

consider Deep Packet inspection contrary to Article 23 of the Constitution of the Russian Federation, though a legal process to prove or refute that has never taken place.

The National Security Agency (NSA), with cooperation from AT&T Inc., has used Deep Packet Inspection to make internet traffic surveillance, sorting, and forwarding more intelligent.

According to an affidavit by expert witness J. Scott Marcus, a former senior advisor for Internet Technology at the US Federal Communications Commission, the diverted traffic "represented all, or substantially all, of AT&T's peering traffic in the San Francisco Bay area", and thus, "the designers of the…configuration made no attempt, in terms of location or position of the fiber split, to exclude data sources comprised primarily of domestic data".

[55] Vietnam launched its network security center and required ISPs to upgrade their hardware systems to use deep packet inspection to block Internet traffic.

[56] People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive,[13] saying for example, "the 'Net was built on open access and non-discrimination of packets!

It is just a proof of concept application and currently supports approximately 15 application/protocols such as eDonkey Obfuscation traffic, Skype UDP and TCP, BitTorrent, IMAP, IRC, MSN, and others.

[75] A French company called Amesys, designed and sold an intrusive and massive internet monitoring system Eagle to Muammar Gaddafi.

[77] There is a greater emphasis being placed on deep packet inspection - this comes in light[clarification needed] after the rejection of both the SOPA and PIPA bills.